From patchwork Fri Apr 28 09:51:09 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88556 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp816963vqo; Fri, 28 Apr 2023 03:03:20 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4RE/+66mgWIoN7XBT3FopVoxz0gFbyc/elLW9cPJDKHIepE/Z55LYRMB2kO+KEIgZShbdA X-Received: by 2002:a17:902:cecc:b0:1a5:253f:ace7 with SMTP id d12-20020a170902cecc00b001a5253face7mr5733837plg.29.1682676199931; Fri, 28 Apr 2023 03:03:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676199; cv=none; d=google.com; s=arc-20160816; b=PZ8lxWL0IvqafloCWIO0RTVUNorrDKmUBCqxIimbascACGMkbTlpHtWnaZiRvzF81r 0/uQavt95P17g9OOQVzdVGk6/3nqS9Bxa9weIcRXARi8v3z1CqG3p+ipJFnINs0R55Vw bP+OF7g3kqUSa7KctKhROT/q0qMwdMTTvJENmvQB8GlK9+VHypJMFuDftzQ90JhkvGv+ m3NEQh6HaQbgvTUyB0uDYTXdTlH+oIQIN27BHbTEtSOUxGV3ZlIRRbnAb8ogfo4givVG t7BI7B5Jj7jOeiYZnqaZr3ip5PK6rm7IVS77uEchrDMB4VV23A0fr7N6qDfvSpPSmYnB cwEQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=51/FQ4zkwcwR/0MnjLC0NwLWMGFqipuUNM9vI6hbY4k=; b=pk3l009tJlD9FIXnR/t/35s9kPqdH8aKGunHkZO84Pw//sBfT0blpU6410Lhpslhti 1on5+FqtTuZA5sfW7XiDOPpja8sE1X9M7UkgJwuhl+OaaaobPO1/KbAWg09l7WgXw5Vm bZXRCb+Nfwm+fH5Rq+1ryLCiyO/hZJYApPMtHfUEZQh0ShkgO39ChbitmriE5StCwIpB n+z+WevJ6bHCdfQrqZZQleB/qa8RZ2Y/F8oINhW1qSqz/QXaf0+lqkyBYhi5U8QVOa3T nzf9C5oIkKgrcw5uQ9/S8XTwmDS21O78WdcJPHfV3OZUpvXMWgAzp6++G1AWSX6PbxWD OKOw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e17-20020a170902cf5100b001a9785282f5si11241613plg.287.2023.04.28.03.03.07; Fri, 28 Apr 2023 03:03:19 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345982AbjD1J4e (ORCPT + 99 others); Fri, 28 Apr 2023 05:56:34 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36560 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345981AbjD1Jz4 (ORCPT ); Fri, 28 Apr 2023 05:55:56 -0400 Received: from out187-16.us.a.mail.aliyun.com (out187-16.us.a.mail.aliyun.com [47.90.187.16]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DE2866181; Fri, 28 Apr 2023 02:55:15 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R211e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047212;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=17;SR=0;TI=SMTPD_---.STFoGYl_1682675602; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STFoGYl_1682675602) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:53:23 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Juergen Gross" , "Boris Ostrovsky" , "Darren Hart" , "Andy Shevchenko" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , , Subject: [PATCH RFC 29/43] x86/PVH: Adapt PVH booting for PIE support Date: Fri, 28 Apr 2023 17:51:09 +0800 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764413878538002507?= X-GMAIL-MSGID: =?utf-8?q?1764413878538002507?= If PIE is enabled, all symbol references would be RIP-relative. However, PVH booting runs in low address space, which could cause wrong x86_init callbacks assignment. Since init_top_pgt has building high kernel address mapping, let PVH booting runs in high address space to make all things right. PVH booting assumes that no relocation happened. Since the kernel compile address is still in top 2G, so it is allowed to use R_X86_64_32S for symbol references in pvh_start_xen(). Signed-off-by: Hou Wenlong Cc: Thomas Garnier Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/platform/pvh/head.S | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/arch/x86/platform/pvh/head.S b/arch/x86/platform/pvh/head.S index 5842fe0e4f96..09518d4de042 100644 --- a/arch/x86/platform/pvh/head.S +++ b/arch/x86/platform/pvh/head.S @@ -94,6 +94,13 @@ SYM_CODE_START_LOCAL(pvh_start_xen) /* 64-bit entry point. */ .code64 1: +#ifdef CONFIG_X86_PIE + movabs $2f, %rax + ANNOTATE_RETPOLINE_SAFE + jmp *%rax +2: + ANNOTATE_NOENDBR // above +#endif /* Set base address in stack canary descriptor. */ mov $MSR_GS_BASE,%ecx #if defined(CONFIG_STACKPROTECTOR_FIXED) @@ -149,9 +156,15 @@ SYM_CODE_END(pvh_start_xen) .section ".init.data","aw" .balign 8 SYM_DATA_START_LOCAL(gdt) + /* + * Use an ASM_PTR (quad on x64) for _pa(gdt_start) because PIE requires + * a pointer size storage value before applying the relocation. On + * 32-bit _ASM_PTR will be a long which is aligned the space needed for + * relocation. + */ .word gdt_end - gdt_start - .long _pa(gdt_start) - .word 0 + _ASM_PTR _pa(gdt_start) + .balign 8 SYM_DATA_END(gdt) SYM_DATA_START_LOCAL(gdt_start) .quad 0x0000000000000000 /* NULL descriptor */