From patchwork Tue Jul 18 22:33:18 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Thomas Garnier <thgarnie@google.com>
X-Patchwork-Id: 9850031
Return-Path: 
 <kernel-hardening-return-9006-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	D4AFC60392 for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Tue, 18 Jul 2017 22:35:41 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C0662285B7
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Tue, 18 Jul 2017 22:35:41 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id B4250285CD; Tue, 18 Jul 2017 22:35:41 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00,
	DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, RCVD_IN_DNSWL_MED,
	T_DKIM_INVALID autolearn=ham version=3.3.1
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by mail.wl.linuxfoundation.org (Postfix) with SMTP id EEE0F285B7
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Tue, 18 Jul 2017 22:35:40 +0000 (UTC)
Received: (qmail 26363 invoked by uid 550); 18 Jul 2017 22:34:35 -0000
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:kernel-hardening@lists.openwall.com>
List-Help: <mailto:kernel-hardening-help@lists.openwall.com>
List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com>
List-ID: <kernel-hardening.lists.openwall.com>
Delivered-To: mailing list kernel-hardening@lists.openwall.com
Received: (qmail 26289 invoked from network); 18 Jul 2017 22:34:32 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=google.com; s=20161025;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=Ia/+UcPfZ5JrPnjOstPd62ub5trdLlvtCdxYFUk0+G8=;
	b=ToG1NsPe95LWg7nXxbp6TUifW8z9GT77PKlecGtIYRBozQ9P4F1cBijfXi27qJJSej
	xT/opHZNmjAO80azomeUcOHJc/O95vTgQs/vgxEj6siBYRTzHFCAlof6MbfoQA1luYoU
	Xu/pTjCizhRL6KXs5tazgCyKBOMHCITsRQmFjkewzrpZqsQM211pdzZDMj23UyPmruT3
	5ooiRDlBGvtl3LMgSU0FAzmNNbwLNhzBxg8xCMGAZmFxjEGcZ+VKC62iIc23lj8OoNLB
	SDdGGQmDv8JfRu3GzD+5UYlTun7L0EVIwTWvUkChsKCG8wn4pIO5IszraVfdDIQ5Tbkq
	Gw8Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=Ia/+UcPfZ5JrPnjOstPd62ub5trdLlvtCdxYFUk0+G8=;
	b=PBoUTV1vgwWX2VGtW8j+emCU9zoriG33Ng9akH1GHGvNHGNSGfEDEfEwbVBMyU3bP2
	2wILjgu9ms81kSZCOnzSDCqlkMObhEcqfxabM2VsxboNGO8gM2cPpcfrIIIk7KZ0zLPA
	jUWffh5XwyaF7TBRpJ2pOgc6XAeb3tc4jFGvVKdxm/OyWIkWMVfbRWMkwDojAB4JJFnr
	gSVC36XBI8JA1eZ+zkZnbfR6bgOJVdmjGQGqwin7tpaRCWObUeti0Ps8awLK5PuGIhtn
	jC1nIVGKiHc2XheO5o7E4DYQFaVvBB2UqDpnOsBv++CgK6VcmbNp8PSjPDWlvjYixsG/
	HSJw==
X-Gm-Message-State: AIVw111WMkbX7Riu3UGisD0YHlHl7SVt1/q2h3e1h/EHl7kHyo6qhY1H
	8kuVV5U47rj9J9o2
X-Received: by 10.84.210.40 with SMTP id z37mr3948390plh.265.1500417260501;
	Tue, 18 Jul 2017 15:34:20 -0700 (PDT)
From: Thomas Garnier <thgarnie@google.com>
To: Herbert Xu <herbert@gondor.apana.org.au>,
	"David S . Miller" <davem@davemloft.net>,
	Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>,
	"H . Peter Anvin" <hpa@zytor.com>, Peter Zijlstra <peterz@infradead.org>,
	Josh Poimboeuf <jpoimboe@redhat.com>,
	Thomas Garnier <thgarnie@google.com>, Arnd Bergmann <arnd@arndb.de>,
	Matthias Kaehlcke <mka@chromium.org>,
	Boris Ostrovsky <boris.ostrovsky@oracle.com>,
	Juergen Gross <jgross@suse.com>, Paolo Bonzini <pbonzini@redhat.com>,
	=?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= <rkrcmar@redhat.com>,
	Joerg Roedel <joro@8bytes.org>, Andy Lutomirski <luto@kernel.org>,
	Borislav Petkov <bp@alien8.de>,
	"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
	Brian Gerst <brgerst@gmail.com>, Borislav Petkov <bp@suse.de>,
	Christian Borntraeger <borntraeger@de.ibm.com>,
	"Rafael J . Wysocki" <rjw@rjwysocki.net>,
	Len Brown <len.brown@intel.com>, Pavel Machek <pavel@ucw.cz>,
	Tejun Heo <tj@kernel.org>, Christoph Lameter <cl@linux.com>,
	Kees Cook <keescook@chromium.org>,
	Paul Gortmaker <paul.gortmaker@windriver.com>,
	Chris Metcalf <cmetcalf@mellanox.com>,
	"Paul E . McKenney" <paulmck@linux.vnet.ibm.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	Christopher Li <sparse@chrisli.org>,
	Dou Liyang <douly.fnst@cn.fujitsu.com>,
	Masahiro Yamada <yamada.masahiro@socionext.com>,
	Daniel Borkmann <daniel@iogearbox.net>,
	Markus Trippelsdorf <markus@trippelsdorf.de>,
	Peter Foley <pefoley2@pefoley.com>, Steven Rostedt <rostedt@goodmis.org>,
	Tim Chen <tim.c.chen@linux.intel.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Catalin Marinas <catalin.marinas@arm.com>,
	Matthew Wilcox <mawilcox@microsoft.com>, Michal Hocko <mhocko@suse.com>,
	Rob Landley <rob@landley.net>, Jiri Kosina <jkosina@suse.cz>,
	"H . J . Lu" <hjl.tools@gmail.com>, Paul Bolle <pebolle@tiscali.nl>,
	Baoquan He <bhe@redhat.com>, Daniel Micay <danielmicay@gmail.com>
Cc: x86@kernel.org, linux-crypto@vger.kernel.org,
	linux-kernel@vger.kernel.org, xen-devel@lists.xenproject.org,
	kvm@vger.kernel.org, linux-pm@vger.kernel.org,
	linux-arch@vger.kernel.org, linux-sparse@vger.kernel.org,
	kernel-hardening@lists.openwall.com
Date: Tue, 18 Jul 2017 15:33:18 -0700
Message-Id: <20170718223333.110371-8-thgarnie@google.com>
X-Mailer: git-send-email 2.13.2.932.g7449e964c-goog
In-Reply-To: <20170718223333.110371-1-thgarnie@google.com>
References: <20170718223333.110371-1-thgarnie@google.com>
Subject: [kernel-hardening] [RFC 07/22] x86: relocate_kernel - Adapt
	assembly for PIE support
X-Virus-Scanned: ClamAV using ClamSMTP

Change the assembly code to use only relative references of symbols for the
kernel to be PIE compatible.

Position Independent Executable (PIE) support will allow to extended the
KASLR randomization range below the -2G memory limit.

Signed-off-by: Thomas Garnier <thgarnie@google.com>
---
 arch/x86/kernel/relocate_kernel_64.S | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/x86/kernel/relocate_kernel_64.S b/arch/x86/kernel/relocate_kernel_64.S
index 98111b38ebfd..da817d1628ac 100644
--- a/arch/x86/kernel/relocate_kernel_64.S
+++ b/arch/x86/kernel/relocate_kernel_64.S
@@ -186,7 +186,7 @@ identity_mapped:
 	movq	%rax, %cr3
 	lea	PAGE_SIZE(%r8), %rsp
 	call	swap_pages
-	movq	$virtual_mapped, %rax
+	leaq	virtual_mapped(%rip), %rax
 	pushq	%rax
 	ret