From patchwork Thu Jan 31 19:24:12 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Thomas Garnier <thgarnie@chromium.org>
X-Patchwork-Id: 10791331
Return-Path: 
 <kernel-hardening-return-15041-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
 [172.30.200.125])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id BC79D1390
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Thu, 31 Jan 2019 19:42:55 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B367031524
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Thu, 31 Jan 2019 19:42:55 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id A749831545; Thu, 31 Jan 2019 19:42:55 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-5.3 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham
	version=3.3.1
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by mail.wl.linuxfoundation.org (Postfix) with SMTP id D346C31524
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Thu, 31 Jan 2019 19:42:54 +0000 (UTC)
Received: (qmail 1767 invoked by uid 550); 31 Jan 2019 19:42:36 -0000
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:kernel-hardening@lists.openwall.com>
List-Help: <mailto:kernel-hardening-help@lists.openwall.com>
List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com>
List-ID: <kernel-hardening.lists.openwall.com>
Delivered-To: mailing list kernel-hardening@lists.openwall.com
Delivered-To: moderator for kernel-hardening@lists.openwall.com
Received: (qmail 19508 invoked from network); 31 Jan 2019 19:28:33 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=chromium.org; s=google;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=DJgFQQGso2AQAqZQWeq4F9wumM3n4pqOxB47BGoIwq8=;
        b=KKWeXWC0H0HMb7XrlA5idIUyJpQLvicgZstR6GDtON3d12RIT8JjjqDIf3nsNpa2pE
         k7fHuqsT5mzEOVQ7HcuHrxMiIPWmMZHaP0RyaJ75TpBq6xO7/Ez1gZssxNxpw8FwWSsj
         rcw7yh1u1TZMsP8AXO74gtzZ9HgnIvX7ACf0E=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=DJgFQQGso2AQAqZQWeq4F9wumM3n4pqOxB47BGoIwq8=;
        b=SC5yo6gt1OgkEpccDyABvTDuCiV+VDIil4nGPSQC7p2sd27GAYF5oOR7GeBvej1JDi
         ohNXfKrEXJKBu09eIdkr+PWXwSKrIwlsBzdMg4sDQwbFIm3/qywL4ZX5Ib5TugFfZ/wW
         UbR8BcpFEvWisq9VW7q2SMLKCiGw9UF/KL7muKlw+tDfLGe4EGpPREZInb2zqd8ALxyF
         NHI6pBG5G2HK109Ec0FBGVJ0ajpIHP7slVSx1+5bhd+YWcyuUo5dvVlBGvMLOAVNuzNt
         AYUgPu69BE3cqQV7wKoBkNNqOQsW2KsK3oDB8JtthpUFU5mxiEMQ35hENx17uLwgLzh6
         pzkA==
X-Gm-Message-State: AJcUukcfh2mcx3FrqyNkWVDXdcJ8fso1TRq6uCNqLRcWciwYBiXrXBvh
	JIvMg199e5YM45S5w19O0KzYKctMA1Y=
X-Google-Smtp-Source: 
 ALg8bN5cZoHg+TGmTwqCDB4t3GL+EoaTUEAN1ziXwRUBdlB7cJ4P81Jd9eQZJQObQCzEbtMIUzCtCQ==
X-Received: by 2002:a63:5664:: with SMTP id
 g36mr32274176pgm.313.1548962901890;
        Thu, 31 Jan 2019 11:28:21 -0800 (PST)
From: Thomas Garnier <thgarnie@chromium.org>
To: kernel-hardening@lists.openwall.com
Cc: kristen@linux.intel.com,
	Thomas Garnier <thgarnie@chromium.org>,
	Andy Lutomirski <luto@kernel.org>,
	Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@redhat.com>,
	Borislav Petkov <bp@alien8.de>,
	"H. Peter Anvin" <hpa@zytor.com>,
	x86@kernel.org,
	linux-kernel@vger.kernel.org
Subject: [PATCH v6 05/27] x86/entry/64: Adapt assembly for PIE support
Date: Thu, 31 Jan 2019 11:24:12 -0800
Message-Id: <20190131192533.34130-6-thgarnie@chromium.org>
X-Mailer: git-send-email 2.20.1.495.gaa96b0ce6b-goog
In-Reply-To: <20190131192533.34130-1-thgarnie@chromium.org>
References: <20190131192533.34130-1-thgarnie@chromium.org>
MIME-Version: 1.0
X-Virus-Scanned: ClamAV using ClamSMTP

Change the assembly code to use only relative references of symbols for the
kernel to be PIE compatible.

Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range below 0xffffffff80000000.

Signed-off-by: Thomas Garnier <thgarnie@chromium.org>
---
 arch/x86/entry/entry_64.S | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S
index 1f0efdb7b629..16a93eb4c11f 100644
--- a/arch/x86/entry/entry_64.S
+++ b/arch/x86/entry/entry_64.S
@@ -1269,7 +1269,8 @@ ENTRY(error_entry)
 	movl	%ecx, %eax			/* zero extend */
 	cmpq	%rax, RIP+8(%rsp)
 	je	.Lbstep_iret
-	cmpq	$.Lgs_change, RIP+8(%rsp)
+	leaq	.Lgs_change(%rip), %rcx
+	cmpq	%rcx, RIP+8(%rsp)
 	jne	.Lerror_entry_done
 
 	/*
@@ -1466,10 +1467,10 @@ ENTRY(nmi)
 	 * resume the outer NMI.
 	 */
 
-	movq	$repeat_nmi, %rdx
+	leaq	repeat_nmi(%rip), %rdx
 	cmpq	8(%rsp), %rdx
 	ja	1f
-	movq	$end_repeat_nmi, %rdx
+	leaq	end_repeat_nmi(%rip), %rdx
 	cmpq	8(%rsp), %rdx
 	ja	nested_nmi_out
 1:
@@ -1523,7 +1524,8 @@ nested_nmi:
 	pushq	%rdx
 	pushfq
 	pushq	$__KERNEL_CS
-	pushq	$repeat_nmi
+	leaq	repeat_nmi(%rip), %rdx
+	pushq	%rdx
 
 	/* Put stack back */
 	addq	$(6*8), %rsp
@@ -1562,7 +1564,11 @@ first_nmi:
 	addq	$8, (%rsp)	/* Fix up RSP */
 	pushfq			/* RFLAGS */
 	pushq	$__KERNEL_CS	/* CS */
-	pushq	$1f		/* RIP */
+	pushq	$0		/* Futur return address */
+	pushq	%rax		/* Save RAX */
+	leaq	1f(%rip), %rax	/* RIP */
+	movq    %rax, 8(%rsp)   /* Put 1f on return address */
+	popq	%rax		/* Restore RAX */
 	iretq			/* continues at repeat_nmi below */
 	UNWIND_HINT_IRET_REGS
 1: