diff mbox series

[RFC,35/43] x86/pie: Build the kernel as PIE

Message ID	bb082963f83e7b273d2e2044deffd76f38a1d92e.1682673543.git.houwenlong.hwl@antgroup.com
State	New
Headers	Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; From: "Hou Wenlong" <houwenlong.hwl@antgroup.com> To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" <thgarnie@chromium.org>, "Lai Jiangshan" <jiangshan.ljs@antgroup.com>, "Kees Cook" <keescook@chromium.org>, "Hou Wenlong" <houwenlong.hwl@antgroup.com>, "Thomas Gleixner" <tglx@linutronix.de>, "Ingo Molnar" <mingo@redhat.com>, "Borislav Petkov" <bp@alien8.de>, "Dave Hansen" <dave.hansen@linux.intel.com>, <x86@kernel.org>, "H. Peter Anvin" <hpa@zytor.com> Subject: [PATCH RFC 35/43] x86/pie: Build the kernel as PIE Date: Fri, 28 Apr 2023 17:51:15 +0800 Message-Id: <bb082963f83e7b273d2e2044deffd76f38a1d92e.1682673543.git.houwenlong.hwl@antgroup.com> In-Reply-To: <cover.1682673542.git.houwenlong.hwl@antgroup.com> References: <cover.1682673542.git.houwenlong.hwl@antgroup.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	x86/pie: Make kernel image's virtual address flexible \| [RFC,00/43] x86/pie: Make kernel image's virtual address flexible [RFC,01/43] x86/crypto: Adapt assembly for PIE support [RFC,02/43] x86: Add macro to get symbol address for PIE support [RFC,03/43] x86: relocate_kernel - Adapt assembly for PIE support [RFC,04/43] x86/entry/64: Adapt assembly for PIE support [RFC,05/43] x86: pm-trace: Adapt assembly for PIE support [RFC,06/43] x86/CPU: Adapt assembly for PIE support [RFC,07/43] x86/acpi: Adapt assembly for PIE support [RFC,09/43] x86/power/64: Adapt assembly for PIE support [RFC,10/43] x86/alternatives: Adapt assembly for PIE support [RFC,11/43] x86/irq: Adapt assembly for PIE support [RFC,12/43] x86,rethook: Adapt assembly for PIE support [RFC,13/43] x86/paravirt: Use relative reference for original instruction [RFC,14/43] x86/Kconfig: Introduce new Kconfig for PIE kernel building [RFC,15/43] x86/PVH: Use fixed_percpu_data to set up GS base [RFC,17/43] x86/pie: Enable stack protector only if per-cpu stack canary is supported [RFC,19/43] x86/tools: Explicitly include autoconf.h for hostprogs [RFC,21/43] x86/ftrace: Adapt assembly for PIE support [RFC,22/43] x86/ftrace: Adapt ftrace nop patching for PIE support [RFC,23/43] x86/pie: Force hidden visibility for all symbol references [RFC,24/43] x86/boot/compressed: Adapt sed command to generate voffset.h when PIE is enabled [RFC,27/43] x86/relocs: Handle PIE relocations [RFC,28/43] KVM: x86: Adapt assembly for PIE support [RFC,29/43] x86/PVH: Adapt PVH booting for PIE support [RFC,31/43] x86/modules: Adapt module loading for PIE support [RFC,32/43] x86/boot/64: Use data relocation to get absloute address when PIE is enabled [RFC,33/43] objtool: Add validation for x86 PIE support [RFC,34/43] objtool: Adapt indirect call of __fentry__() for PIE support [RFC,35/43] x86/pie: Build the kernel as PIE [RFC,36/43] x86/vsyscall: Don't use set_fixmap() to map vsyscall page [RFC,37/43] x86/xen: Pin up to VSYSCALL_ADDR when vsyscall page is out of fixmap area [RFC,39/43] x86/fixmap: Unify FIXADDR_TOP [RFC,40/43] x86/boot: Fill kernel image puds dynamically [RFC,41/43] x86/mm: Sort address_markers array when X86 PIE is enabled

Commit Message

Hou Wenlong April 28, 2023, 9:51 a.m. UTC

  The kernel is currently build with mcmode=kernel option which forces it
to stay on the top 2G of the virtual address space. For PIE, use -fPIE
option to build the kernel as a Position Independent Executable (PIE),
which uses RIP-relative addressing and could be able to move below the
top 2G.

The --emit-relocs linker option was kept instead of using -pie to limit
the impact on mapped sections. Any incompatible relocation will be catch
by the objtool at compile time.

Suggested-by: Lai Jiangshan <jiangshan.ljs@antgroup.com>
Signed-off-by: Hou Wenlong <houwenlong.hwl@antgroup.com>
Cc: Thomas Garnier <thgarnie@chromium.org>
Cc: Kees Cook <keescook@chromium.org>
---
 arch/x86/Kconfig  | 8 ++++++--
 arch/x86/Makefile | 9 +++++++--
 2 files changed, 13 insertions(+), 4 deletions(-)

diff mbox series

Patch

diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 5ac5f335855e..9f8020991184 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -2222,10 +2222,14 @@  config RELOCATABLE
 	  (CONFIG_PHYSICAL_START) is used as the minimum location.
 
 config X86_PIE
-	def_bool n
-	depends on X86_64
+	bool "Build a PIE kernel"
+	default n
+	depends on X86_64 && !XEN
 	select OBJTOOL if HAVE_OBJTOOL
 	select DYNAMIC_FTRACE if FUNCTION_TRACER && RETPOLINE
+	help
+	  This builds a PIE kernel image that could be put at any
+	  virtual address.
 
 config RANDOMIZE_BASE
 	bool "Randomize the address of the kernel image (KASLR)"
diff --git a/arch/x86/Makefile b/arch/x86/Makefile
index 81500011396d..6631974e2003 100644
--- a/arch/x86/Makefile
+++ b/arch/x86/Makefile
@@ -160,10 +160,15 @@  else
         KBUILD_CFLAGS += -mno-red-zone
 
 ifdef CONFIG_X86_PIE
-        PIE_CFLAGS := -include $(srctree)/include/linux/hidden.h
+        PIE_CFLAGS := -fPIE -include $(srctree)/include/linux/hidden.h
         KBUILD_CFLAGS += $(PIE_CFLAGS)
-endif
+        # Relax relocation in both CFLAGS and LDFLAGS to support older compilers
+        KBUILD_CFLAGS += $(call cc-option,-Wa$(comma)-mrelax-relocations=no)
+        LDFLAGS_vmlinux += $(call ld-option,--no-relax)
+        KBUILD_LDFLAGS_MODULE += $(call ld-option,--no-relax)
+else
         KBUILD_CFLAGS += -mcmodel=kernel
+endif
         KBUILD_RUSTFLAGS += -Cno-redzone=y
         KBUILD_RUSTFLAGS += -Ccode-model=kernel