From patchwork Fri Apr 28 09:50:41 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88563 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp818788vqo; Fri, 28 Apr 2023 03:06:47 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4BbxpvMKxT+KzvfQvyjoL4N4hEdXjkL9mqTjn4JLjkIWy9GevteTHHo94nT5cnuuMX9K5o X-Received: by 2002:a05:6a20:7d9e:b0:ee:786b:d6f3 with SMTP id v30-20020a056a207d9e00b000ee786bd6f3mr6505764pzj.9.1682676406954; Fri, 28 Apr 2023 03:06:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676406; cv=none; d=google.com; s=arc-20160816; b=eqn+HtC7iZmlE6nmNSjudbwqwyh352WiJ6dAljMTRZJm0CwXYB6onJqjcQI9IdI5jF RObVDpLJs9lNrTIHS3pUrmOYf7pkvlIReyuWzjgAtJgyaG4xeYaBi8J0YLqnDYJXgV7d l8XsTUGa17Qrxaw7lOGbmGAWfNxvQN99kpfw5BlrefR+IpEMKCoWrfraqzGcjV9nDE6V 2zJGew/DzxmGWVhmfkDLQDrBFrDraaL3bLv+YZHVWh8LaRGQlA+nqdQaQ8Wlpb5DH1LW Rogqx9KlDb6fDcsJ9bCGP1qNHHg3s75WWfHakpAgfffwIzrOCSp7ImHlPGH3AIvpMr2m 5C7g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=+jL5sLKp5VXVHgq9Tu6r1L6EeNVea5iYddJBD/vLkmo=; b=ZklK2+SqQ0/B9nhpcNjMace4wg6a8nqXdrgNEk4LjXt8i/J9Gks7zSstUw+av1ur6v 6Ws26StIyIZOYCH05Yb9F1I28Gs9uS2Nr331dJtflh3iljH5K41yEakpfsX1bE3LJXgl hdQpwnGvSYEJ2m4ZZ32OxaGVFS0LChlj0SSJEXMG+W6I835GJlUtlnhT4VV6fz1Rdukn 74CqCpv9+rWBwsOD0yW73uC4gCEz0bvSOp544TZ1bNy1THHrFLrJagC8iq/E17pTB6Js 8UJL3dFUDtRsyyZahgYLxB8AowBOx/k2tZhkoJiYMVMoORw8Bhr8lx5koKLQDDyhXsZs cgeA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b10-20020aa7950a000000b0063b7f1093e1si5166589pfp.110.2023.04.28.03.06.33; Fri, 28 Apr 2023 03:06:46 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345690AbjD1Jv6 (ORCPT + 99 others); Fri, 28 Apr 2023 05:51:58 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59938 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229556AbjD1Jvx (ORCPT ); Fri, 28 Apr 2023 05:51:53 -0400 Received: from out0-195.mail.aliyun.com (out0-195.mail.aliyun.com [140.205.0.195]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A50D72726; Fri, 28 Apr 2023 02:51:49 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R181e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047212;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=14;SR=0;TI=SMTPD_---.STCEPFd_1682675501; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STCEPFd_1682675501) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:51:42 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Herbert Xu" , "David S. Miller" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , Subject: [PATCH RFC 01/43] x86/crypto: Adapt assembly for PIE support Date: Fri, 28 Apr 2023 17:50:41 +0800 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764414096254375042?= X-GMAIL-MSGID: =?utf-8?q?1764414096254375042?= From: Thomas Garnier From: Thomas Garnier Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. [Hou Wenlong: Adapt new assembly code in x86/crypto] Signed-off-by: Thomas Garnier Co-developed-by: Hou Wenlong Signed-off-by: Hou Wenlong Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/crypto/aegis128-aesni-asm.S | 6 +- arch/x86/crypto/aesni-intel_asm.S | 2 +- arch/x86/crypto/aesni-intel_avx-x86_64.S | 3 +- arch/x86/crypto/aria-aesni-avx-asm_64.S | 30 +++--- arch/x86/crypto/camellia-aesni-avx-asm_64.S | 30 +++--- arch/x86/crypto/camellia-aesni-avx2-asm_64.S | 30 +++--- arch/x86/crypto/camellia-x86_64-asm_64.S | 8 +- arch/x86/crypto/cast5-avx-x86_64-asm_64.S | 50 +++++----- arch/x86/crypto/cast6-avx-x86_64-asm_64.S | 44 +++++---- arch/x86/crypto/crc32c-pcl-intel-asm_64.S | 3 +- arch/x86/crypto/des3_ede-asm_64.S | 96 +++++++++++++------- arch/x86/crypto/ghash-clmulni-intel_asm.S | 4 +- arch/x86/crypto/sha256-avx2-asm.S | 18 ++-- 13 files changed, 187 insertions(+), 137 deletions(-) diff --git a/arch/x86/crypto/aegis128-aesni-asm.S b/arch/x86/crypto/aegis128-aesni-asm.S index cdf3215ec272..ad7f4c891625 100644 --- a/arch/x86/crypto/aegis128-aesni-asm.S +++ b/arch/x86/crypto/aegis128-aesni-asm.S @@ -201,8 +201,8 @@ SYM_FUNC_START(crypto_aegis128_aesni_init) movdqa KEY, STATE4 /* load the constants: */ - movdqa .Laegis128_const_0, STATE2 - movdqa .Laegis128_const_1, STATE1 + movdqa .Laegis128_const_0(%rip), STATE2 + movdqa .Laegis128_const_1(%rip), STATE1 pxor STATE2, STATE3 pxor STATE1, STATE4 @@ -682,7 +682,7 @@ SYM_TYPED_FUNC_START(crypto_aegis128_aesni_dec_tail) punpcklbw T0, T0 punpcklbw T0, T0 punpcklbw T0, T0 - movdqa .Laegis128_counter, T1 + movdqa .Laegis128_counter(%rip), T1 pcmpgtb T1, T0 pand T0, MSG diff --git a/arch/x86/crypto/aesni-intel_asm.S b/arch/x86/crypto/aesni-intel_asm.S index 837c1e0aa021..ca99a2274d55 100644 --- a/arch/x86/crypto/aesni-intel_asm.S +++ b/arch/x86/crypto/aesni-intel_asm.S @@ -2717,7 +2717,7 @@ SYM_FUNC_END(aesni_cts_cbc_dec) * BSWAP_MASK == endian swapping mask */ SYM_FUNC_START_LOCAL(_aesni_inc_init) - movaps .Lbswap_mask, BSWAP_MASK + movaps .Lbswap_mask(%rip), BSWAP_MASK movaps IV, CTR pshufb BSWAP_MASK, CTR mov $1, TCTR_LOW diff --git a/arch/x86/crypto/aesni-intel_avx-x86_64.S b/arch/x86/crypto/aesni-intel_avx-x86_64.S index 0852ab573fd3..9f3a2fc56c24 100644 --- a/arch/x86/crypto/aesni-intel_avx-x86_64.S +++ b/arch/x86/crypto/aesni-intel_avx-x86_64.S @@ -649,7 +649,8 @@ _get_AAD_rest0\@: vpshufb and an array of shuffle masks */ movq %r12, %r11 salq $4, %r11 - vmovdqu aad_shift_arr(%r11), \T1 + leaq aad_shift_arr(%rip), %rax + vmovdqu (%rax,%r11,), \T1 vpshufb \T1, \T7, \T7 _get_AAD_rest_final\@: vpshufb SHUF_MASK(%rip), \T7, \T7 diff --git a/arch/x86/crypto/aria-aesni-avx-asm_64.S b/arch/x86/crypto/aria-aesni-avx-asm_64.S index 9243f6289d34..e4f9b624d98c 100644 --- a/arch/x86/crypto/aria-aesni-avx-asm_64.S +++ b/arch/x86/crypto/aria-aesni-avx-asm_64.S @@ -80,7 +80,7 @@ transpose_4x4(c0, c1, c2, c3, a0, a1); \ transpose_4x4(d0, d1, d2, d3, a0, a1); \ \ - vmovdqu .Lshufb_16x16b, a0; \ + vmovdqu .Lshufb_16x16b(%rip), a0; \ vmovdqu st1, a1; \ vpshufb a0, a2, a2; \ vpshufb a0, a3, a3; \ @@ -132,7 +132,7 @@ transpose_4x4(c0, c1, c2, c3, a0, a1); \ transpose_4x4(d0, d1, d2, d3, a0, a1); \ \ - vmovdqu .Lshufb_16x16b, a0; \ + vmovdqu .Lshufb_16x16b(%rip), a0; \ vmovdqu st1, a1; \ vpshufb a0, a2, a2; \ vpshufb a0, a3, a3; \ @@ -300,11 +300,11 @@ x4, x5, x6, x7, \ t0, t1, t2, t3, \ t4, t5, t6, t7) \ - vmovdqa .Ltf_s2_bitmatrix, t0; \ - vmovdqa .Ltf_inv_bitmatrix, t1; \ - vmovdqa .Ltf_id_bitmatrix, t2; \ - vmovdqa .Ltf_aff_bitmatrix, t3; \ - vmovdqa .Ltf_x2_bitmatrix, t4; \ + vmovdqa .Ltf_s2_bitmatrix(%rip), t0; \ + vmovdqa .Ltf_inv_bitmatrix(%rip), t1; \ + vmovdqa .Ltf_id_bitmatrix(%rip), t2; \ + vmovdqa .Ltf_aff_bitmatrix(%rip), t3; \ + vmovdqa .Ltf_x2_bitmatrix(%rip), t4; \ vgf2p8affineinvqb $(tf_s2_const), t0, x1, x1; \ vgf2p8affineinvqb $(tf_s2_const), t0, x5, x5; \ vgf2p8affineqb $(tf_inv_const), t1, x2, x2; \ @@ -324,13 +324,13 @@ x4, x5, x6, x7, \ t0, t1, t2, t3, \ t4, t5, t6, t7) \ - vmovdqa .Linv_shift_row, t0; \ - vmovdqa .Lshift_row, t1; \ - vbroadcastss .L0f0f0f0f, t6; \ - vmovdqa .Ltf_lo__inv_aff__and__s2, t2; \ - vmovdqa .Ltf_hi__inv_aff__and__s2, t3; \ - vmovdqa .Ltf_lo__x2__and__fwd_aff, t4; \ - vmovdqa .Ltf_hi__x2__and__fwd_aff, t5; \ + vmovdqa .Linv_shift_row(%rip), t0; \ + vmovdqa .Lshift_row(%rip), t1; \ + vpbroadcastd .L0f0f0f0f(%rip), t6; \ + vmovdqa .Ltf_lo__inv_aff__and__s2(%rip), t2; \ + vmovdqa .Ltf_hi__inv_aff__and__s2(%rip), t3; \ + vmovdqa .Ltf_lo__x2__and__fwd_aff(%rip), t4; \ + vmovdqa .Ltf_hi__x2__and__fwd_aff(%rip), t5; \ \ vaesenclast t7, x0, x0; \ vaesenclast t7, x4, x4; \ @@ -1035,7 +1035,7 @@ SYM_FUNC_START_LOCAL(__aria_aesni_avx_ctr_gen_keystream_16way) /* load IV and byteswap */ vmovdqu (%r8), %xmm8; - vmovdqa .Lbswap128_mask (%rip), %xmm1; + vmovdqa .Lbswap128_mask(%rip), %xmm1; vpshufb %xmm1, %xmm8, %xmm3; /* be => le */ vpcmpeqd %xmm0, %xmm0, %xmm0; diff --git a/arch/x86/crypto/camellia-aesni-avx-asm_64.S b/arch/x86/crypto/camellia-aesni-avx-asm_64.S index 4a30618281ec..646477a13e11 100644 --- a/arch/x86/crypto/camellia-aesni-avx-asm_64.S +++ b/arch/x86/crypto/camellia-aesni-avx-asm_64.S @@ -52,10 +52,10 @@ /* \ * S-function with AES subbytes \ */ \ - vmovdqa .Linv_shift_row, t4; \ - vbroadcastss .L0f0f0f0f, t7; \ - vmovdqa .Lpre_tf_lo_s1, t0; \ - vmovdqa .Lpre_tf_hi_s1, t1; \ + vmovdqa .Linv_shift_row(%rip), t4; \ + vbroadcastss .L0f0f0f0f(%rip), t7; \ + vmovdqa .Lpre_tf_lo_s1(%rip), t0; \ + vmovdqa .Lpre_tf_hi_s1(%rip), t1; \ \ /* AES inverse shift rows */ \ vpshufb t4, x0, x0; \ @@ -68,8 +68,8 @@ vpshufb t4, x6, x6; \ \ /* prefilter sboxes 1, 2 and 3 */ \ - vmovdqa .Lpre_tf_lo_s4, t2; \ - vmovdqa .Lpre_tf_hi_s4, t3; \ + vmovdqa .Lpre_tf_lo_s4(%rip), t2; \ + vmovdqa .Lpre_tf_hi_s4(%rip), t3; \ filter_8bit(x0, t0, t1, t7, t6); \ filter_8bit(x7, t0, t1, t7, t6); \ filter_8bit(x1, t0, t1, t7, t6); \ @@ -83,8 +83,8 @@ filter_8bit(x6, t2, t3, t7, t6); \ \ /* AES subbytes + AES shift rows */ \ - vmovdqa .Lpost_tf_lo_s1, t0; \ - vmovdqa .Lpost_tf_hi_s1, t1; \ + vmovdqa .Lpost_tf_lo_s1(%rip), t0; \ + vmovdqa .Lpost_tf_hi_s1(%rip), t1; \ vaesenclast t4, x0, x0; \ vaesenclast t4, x7, x7; \ vaesenclast t4, x1, x1; \ @@ -95,16 +95,16 @@ vaesenclast t4, x6, x6; \ \ /* postfilter sboxes 1 and 4 */ \ - vmovdqa .Lpost_tf_lo_s3, t2; \ - vmovdqa .Lpost_tf_hi_s3, t3; \ + vmovdqa .Lpost_tf_lo_s3(%rip), t2; \ + vmovdqa .Lpost_tf_hi_s3(%rip), t3; \ filter_8bit(x0, t0, t1, t7, t6); \ filter_8bit(x7, t0, t1, t7, t6); \ filter_8bit(x3, t0, t1, t7, t6); \ filter_8bit(x6, t0, t1, t7, t6); \ \ /* postfilter sbox 3 */ \ - vmovdqa .Lpost_tf_lo_s2, t4; \ - vmovdqa .Lpost_tf_hi_s2, t5; \ + vmovdqa .Lpost_tf_lo_s2(%rip), t4; \ + vmovdqa .Lpost_tf_hi_s2(%rip), t5; \ filter_8bit(x2, t2, t3, t7, t6); \ filter_8bit(x5, t2, t3, t7, t6); \ \ @@ -443,7 +443,7 @@ SYM_FUNC_END(roundsm16_x4_x5_x6_x7_x0_x1_x2_x3_y4_y5_y6_y7_y0_y1_y2_y3_ab) transpose_4x4(c0, c1, c2, c3, a0, a1); \ transpose_4x4(d0, d1, d2, d3, a0, a1); \ \ - vmovdqu .Lshufb_16x16b, a0; \ + vmovdqu .Lshufb_16x16b(%rip), a0; \ vmovdqu st1, a1; \ vpshufb a0, a2, a2; \ vpshufb a0, a3, a3; \ @@ -482,7 +482,7 @@ SYM_FUNC_END(roundsm16_x4_x5_x6_x7_x0_x1_x2_x3_y4_y5_y6_y7_y0_y1_y2_y3_ab) #define inpack16_pre(x0, x1, x2, x3, x4, x5, x6, x7, y0, y1, y2, y3, y4, y5, \ y6, y7, rio, key) \ vmovq key, x0; \ - vpshufb .Lpack_bswap, x0, x0; \ + vpshufb .Lpack_bswap(%rip), x0, x0; \ \ vpxor 0 * 16(rio), x0, y7; \ vpxor 1 * 16(rio), x0, y6; \ @@ -533,7 +533,7 @@ SYM_FUNC_END(roundsm16_x4_x5_x6_x7_x0_x1_x2_x3_y4_y5_y6_y7_y0_y1_y2_y3_ab) vmovdqu x0, stack_tmp0; \ \ vmovq key, x0; \ - vpshufb .Lpack_bswap, x0, x0; \ + vpshufb .Lpack_bswap(%rip), x0, x0; \ \ vpxor x0, y7, y7; \ vpxor x0, y6, y6; \ diff --git a/arch/x86/crypto/camellia-aesni-avx2-asm_64.S b/arch/x86/crypto/camellia-aesni-avx2-asm_64.S index deaf62aa73a6..a0eb94e53b1b 100644 --- a/arch/x86/crypto/camellia-aesni-avx2-asm_64.S +++ b/arch/x86/crypto/camellia-aesni-avx2-asm_64.S @@ -64,12 +64,12 @@ /* \ * S-function with AES subbytes \ */ \ - vbroadcasti128 .Linv_shift_row, t4; \ - vpbroadcastd .L0f0f0f0f, t7; \ - vbroadcasti128 .Lpre_tf_lo_s1, t5; \ - vbroadcasti128 .Lpre_tf_hi_s1, t6; \ - vbroadcasti128 .Lpre_tf_lo_s4, t2; \ - vbroadcasti128 .Lpre_tf_hi_s4, t3; \ + vbroadcasti128 .Linv_shift_row(%rip), t4; \ + vpbroadcastd .L0f0f0f0f(%rip), t7; \ + vbroadcasti128 .Lpre_tf_lo_s1(%rip), t5; \ + vbroadcasti128 .Lpre_tf_hi_s1(%rip), t6; \ + vbroadcasti128 .Lpre_tf_lo_s4(%rip), t2; \ + vbroadcasti128 .Lpre_tf_hi_s4(%rip), t3; \ \ /* AES inverse shift rows */ \ vpshufb t4, x0, x0; \ @@ -115,8 +115,8 @@ vinserti128 $1, t2##_x, x6, x6; \ vextracti128 $1, x1, t3##_x; \ vextracti128 $1, x4, t2##_x; \ - vbroadcasti128 .Lpost_tf_lo_s1, t0; \ - vbroadcasti128 .Lpost_tf_hi_s1, t1; \ + vbroadcasti128 .Lpost_tf_lo_s1(%rip), t0; \ + vbroadcasti128 .Lpost_tf_hi_s1(%rip), t1; \ vaesenclast t4##_x, x2##_x, x2##_x; \ vaesenclast t4##_x, t6##_x, t6##_x; \ vinserti128 $1, t6##_x, x2, x2; \ @@ -131,16 +131,16 @@ vinserti128 $1, t2##_x, x4, x4; \ \ /* postfilter sboxes 1 and 4 */ \ - vbroadcasti128 .Lpost_tf_lo_s3, t2; \ - vbroadcasti128 .Lpost_tf_hi_s3, t3; \ + vbroadcasti128 .Lpost_tf_lo_s3(%rip), t2; \ + vbroadcasti128 .Lpost_tf_hi_s3(%rip), t3; \ filter_8bit(x0, t0, t1, t7, t6); \ filter_8bit(x7, t0, t1, t7, t6); \ filter_8bit(x3, t0, t1, t7, t6); \ filter_8bit(x6, t0, t1, t7, t6); \ \ /* postfilter sbox 3 */ \ - vbroadcasti128 .Lpost_tf_lo_s2, t4; \ - vbroadcasti128 .Lpost_tf_hi_s2, t5; \ + vbroadcasti128 .Lpost_tf_lo_s2(%rip), t4; \ + vbroadcasti128 .Lpost_tf_hi_s2(%rip), t5; \ filter_8bit(x2, t2, t3, t7, t6); \ filter_8bit(x5, t2, t3, t7, t6); \ \ @@ -475,7 +475,7 @@ SYM_FUNC_END(roundsm32_x4_x5_x6_x7_x0_x1_x2_x3_y4_y5_y6_y7_y0_y1_y2_y3_ab) transpose_4x4(c0, c1, c2, c3, a0, a1); \ transpose_4x4(d0, d1, d2, d3, a0, a1); \ \ - vbroadcasti128 .Lshufb_16x16b, a0; \ + vbroadcasti128 .Lshufb_16x16b(%rip), a0; \ vmovdqu st1, a1; \ vpshufb a0, a2, a2; \ vpshufb a0, a3, a3; \ @@ -514,7 +514,7 @@ SYM_FUNC_END(roundsm32_x4_x5_x6_x7_x0_x1_x2_x3_y4_y5_y6_y7_y0_y1_y2_y3_ab) #define inpack32_pre(x0, x1, x2, x3, x4, x5, x6, x7, y0, y1, y2, y3, y4, y5, \ y6, y7, rio, key) \ vpbroadcastq key, x0; \ - vpshufb .Lpack_bswap, x0, x0; \ + vpshufb .Lpack_bswap(%rip), x0, x0; \ \ vpxor 0 * 32(rio), x0, y7; \ vpxor 1 * 32(rio), x0, y6; \ @@ -565,7 +565,7 @@ SYM_FUNC_END(roundsm32_x4_x5_x6_x7_x0_x1_x2_x3_y4_y5_y6_y7_y0_y1_y2_y3_ab) vmovdqu x0, stack_tmp0; \ \ vpbroadcastq key, x0; \ - vpshufb .Lpack_bswap, x0, x0; \ + vpshufb .Lpack_bswap(%rip), x0, x0; \ \ vpxor x0, y7, y7; \ vpxor x0, y6, y6; \ diff --git a/arch/x86/crypto/camellia-x86_64-asm_64.S b/arch/x86/crypto/camellia-x86_64-asm_64.S index 347c059f5940..b7c822d813a8 100644 --- a/arch/x86/crypto/camellia-x86_64-asm_64.S +++ b/arch/x86/crypto/camellia-x86_64-asm_64.S @@ -77,11 +77,13 @@ #define RXORbl %r9b #define xor2ror16(T0, T1, tmp1, tmp2, ab, dst) \ + leaq T0(%rip), tmp1; \ movzbl ab ## bl, tmp2 ## d; \ + xorq (tmp1, tmp2, 8), dst; \ + leaq T1(%rip), tmp2; \ movzbl ab ## bh, tmp1 ## d; \ - rorq $16, ab; \ - xorq T0(, tmp2, 8), dst; \ - xorq T1(, tmp1, 8), dst; + xorq (tmp2, tmp1, 8), dst; \ + rorq $16, ab; /********************************************************************** 1-way camellia diff --git a/arch/x86/crypto/cast5-avx-x86_64-asm_64.S b/arch/x86/crypto/cast5-avx-x86_64-asm_64.S index 0326a01503c3..438c404a03bc 100644 --- a/arch/x86/crypto/cast5-avx-x86_64-asm_64.S +++ b/arch/x86/crypto/cast5-avx-x86_64-asm_64.S @@ -83,16 +83,20 @@ #define lookup_32bit(src, dst, op1, op2, op3, interleave_op, il_reg) \ - movzbl src ## bh, RID1d; \ - movzbl src ## bl, RID2d; \ - shrq $16, src; \ - movl s1(, RID1, 4), dst ## d; \ - op1 s2(, RID2, 4), dst ## d; \ - movzbl src ## bh, RID1d; \ - movzbl src ## bl, RID2d; \ - interleave_op(il_reg); \ - op2 s3(, RID1, 4), dst ## d; \ - op3 s4(, RID2, 4), dst ## d; + movzbl src ## bh, RID1d; \ + leaq s1(%rip), RID2; \ + movl (RID2, RID1, 4), dst ## d; \ + movzbl src ## bl, RID2d; \ + leaq s2(%rip), RID1; \ + op1 (RID1, RID2, 4), dst ## d; \ + shrq $16, src; \ + movzbl src ## bh, RID1d; \ + leaq s3(%rip), RID2; \ + op2 (RID2, RID1, 4), dst ## d; \ + movzbl src ## bl, RID2d; \ + leaq s4(%rip), RID1; \ + op3 (RID1, RID2, 4), dst ## d; \ + interleave_op(il_reg); #define dummy(d) /* do nothing */ @@ -151,15 +155,15 @@ subround(l ## 3, r ## 3, l ## 4, r ## 4, f); #define enc_preload_rkr() \ - vbroadcastss .L16_mask, RKR; \ + vbroadcastss .L16_mask(%rip), RKR; \ /* add 16-bit rotation to key rotations (mod 32) */ \ vpxor kr(CTX), RKR, RKR; #define dec_preload_rkr() \ - vbroadcastss .L16_mask, RKR; \ + vbroadcastss .L16_mask(%rip), RKR; \ /* add 16-bit rotation to key rotations (mod 32) */ \ vpxor kr(CTX), RKR, RKR; \ - vpshufb .Lbswap128_mask, RKR, RKR; + vpshufb .Lbswap128_mask(%rip), RKR, RKR; #define transpose_2x4(x0, x1, t0, t1) \ vpunpckldq x1, x0, t0; \ @@ -235,9 +239,9 @@ SYM_FUNC_START_LOCAL(__cast5_enc_blk16) movq %rdi, CTX; - vmovdqa .Lbswap_mask, RKM; - vmovd .Lfirst_mask, R1ST; - vmovd .L32_mask, R32; + vmovdqa .Lbswap_mask(%rip), RKM; + vmovd .Lfirst_mask(%rip), R1ST; + vmovd .L32_mask(%rip), R32; enc_preload_rkr(); inpack_blocks(RL1, RR1, RTMP, RX, RKM); @@ -271,7 +275,7 @@ SYM_FUNC_START_LOCAL(__cast5_enc_blk16) popq %rbx; popq %r15; - vmovdqa .Lbswap_mask, RKM; + vmovdqa .Lbswap_mask(%rip), RKM; outunpack_blocks(RR1, RL1, RTMP, RX, RKM); outunpack_blocks(RR2, RL2, RTMP, RX, RKM); @@ -308,9 +312,9 @@ SYM_FUNC_START_LOCAL(__cast5_dec_blk16) movq %rdi, CTX; - vmovdqa .Lbswap_mask, RKM; - vmovd .Lfirst_mask, R1ST; - vmovd .L32_mask, R32; + vmovdqa .Lbswap_mask(%rip), RKM; + vmovd .Lfirst_mask(%rip), R1ST; + vmovd .L32_mask(%rip), R32; dec_preload_rkr(); inpack_blocks(RL1, RR1, RTMP, RX, RKM); @@ -341,7 +345,7 @@ SYM_FUNC_START_LOCAL(__cast5_dec_blk16) round(RL, RR, 1, 2); round(RR, RL, 0, 1); - vmovdqa .Lbswap_mask, RKM; + vmovdqa .Lbswap_mask(%rip), RKM; popq %rbx; popq %r15; @@ -504,8 +508,8 @@ SYM_FUNC_START(cast5_ctr_16way) vpcmpeqd RKR, RKR, RKR; vpaddq RKR, RKR, RKR; /* low: -2, high: -2 */ - vmovdqa .Lbswap_iv_mask, R1ST; - vmovdqa .Lbswap128_mask, RKM; + vmovdqa .Lbswap_iv_mask(%rip), R1ST; + vmovdqa .Lbswap128_mask(%rip), RKM; /* load IV and byteswap */ vmovq (%rcx), RX; diff --git a/arch/x86/crypto/cast6-avx-x86_64-asm_64.S b/arch/x86/crypto/cast6-avx-x86_64-asm_64.S index 82b716fd5dba..180fb9c78de2 100644 --- a/arch/x86/crypto/cast6-avx-x86_64-asm_64.S +++ b/arch/x86/crypto/cast6-avx-x86_64-asm_64.S @@ -83,16 +83,20 @@ #define lookup_32bit(src, dst, op1, op2, op3, interleave_op, il_reg) \ - movzbl src ## bh, RID1d; \ - movzbl src ## bl, RID2d; \ - shrq $16, src; \ - movl s1(, RID1, 4), dst ## d; \ - op1 s2(, RID2, 4), dst ## d; \ - movzbl src ## bh, RID1d; \ - movzbl src ## bl, RID2d; \ - interleave_op(il_reg); \ - op2 s3(, RID1, 4), dst ## d; \ - op3 s4(, RID2, 4), dst ## d; + movzbl src ## bh, RID1d; \ + leaq s1(%rip), RID2; \ + movl (RID2, RID1, 4), dst ## d; \ + movzbl src ## bl, RID2d; \ + leaq s2(%rip), RID1; \ + op1 (RID1, RID2, 4), dst ## d; \ + shrq $16, src; \ + movzbl src ## bh, RID1d; \ + leaq s3(%rip), RID2; \ + op2 (RID2, RID1, 4), dst ## d; \ + movzbl src ## bl, RID2d; \ + leaq s4(%rip), RID1; \ + op3 (RID1, RID2, 4), dst ## d; \ + interleave_op(il_reg); #define dummy(d) /* do nothing */ @@ -175,10 +179,10 @@ qop(RD, RC, 1); #define shuffle(mask) \ - vpshufb mask, RKR, RKR; + vpshufb mask(%rip), RKR, RKR; #define preload_rkr(n, do_mask, mask) \ - vbroadcastss .L16_mask, RKR; \ + vbroadcastss .L16_mask(%rip), RKR; \ /* add 16-bit rotation to key rotations (mod 32) */ \ vpxor (kr+n*16)(CTX), RKR, RKR; \ do_mask(mask); @@ -258,9 +262,9 @@ SYM_FUNC_START_LOCAL(__cast6_enc_blk8) movq %rdi, CTX; - vmovdqa .Lbswap_mask, RKM; - vmovd .Lfirst_mask, R1ST; - vmovd .L32_mask, R32; + vmovdqa .Lbswap_mask(%rip), RKM; + vmovd .Lfirst_mask(%rip), R1ST; + vmovd .L32_mask(%rip), R32; inpack_blocks(RA1, RB1, RC1, RD1, RTMP, RX, RKRF, RKM); inpack_blocks(RA2, RB2, RC2, RD2, RTMP, RX, RKRF, RKM); @@ -284,7 +288,7 @@ SYM_FUNC_START_LOCAL(__cast6_enc_blk8) popq %rbx; popq %r15; - vmovdqa .Lbswap_mask, RKM; + vmovdqa .Lbswap_mask(%rip), RKM; outunpack_blocks(RA1, RB1, RC1, RD1, RTMP, RX, RKRF, RKM); outunpack_blocks(RA2, RB2, RC2, RD2, RTMP, RX, RKRF, RKM); @@ -306,9 +310,9 @@ SYM_FUNC_START_LOCAL(__cast6_dec_blk8) movq %rdi, CTX; - vmovdqa .Lbswap_mask, RKM; - vmovd .Lfirst_mask, R1ST; - vmovd .L32_mask, R32; + vmovdqa .Lbswap_mask(%rip), RKM; + vmovd .Lfirst_mask(%rip), R1ST; + vmovd .L32_mask(%rip), R32; inpack_blocks(RA1, RB1, RC1, RD1, RTMP, RX, RKRF, RKM); inpack_blocks(RA2, RB2, RC2, RD2, RTMP, RX, RKRF, RKM); @@ -332,7 +336,7 @@ SYM_FUNC_START_LOCAL(__cast6_dec_blk8) popq %rbx; popq %r15; - vmovdqa .Lbswap_mask, RKM; + vmovdqa .Lbswap_mask(%rip), RKM; outunpack_blocks(RA1, RB1, RC1, RD1, RTMP, RX, RKRF, RKM); outunpack_blocks(RA2, RB2, RC2, RD2, RTMP, RX, RKRF, RKM); diff --git a/arch/x86/crypto/crc32c-pcl-intel-asm_64.S b/arch/x86/crypto/crc32c-pcl-intel-asm_64.S index ec35915f0901..5f843dce77f1 100644 --- a/arch/x86/crypto/crc32c-pcl-intel-asm_64.S +++ b/arch/x86/crypto/crc32c-pcl-intel-asm_64.S @@ -168,7 +168,8 @@ continue_block: xor crc2, crc2 ## branch into array - mov jump_table(,%rax,8), %bufp + leaq jump_table(%rip), %bufp + mov (%bufp,%rax,8), %bufp JMP_NOSPEC bufp ################################################################ diff --git a/arch/x86/crypto/des3_ede-asm_64.S b/arch/x86/crypto/des3_ede-asm_64.S index f4c760f4cade..cf21b998e77c 100644 --- a/arch/x86/crypto/des3_ede-asm_64.S +++ b/arch/x86/crypto/des3_ede-asm_64.S @@ -129,21 +129,29 @@ movzbl RW0bl, RT2d; \ movzbl RW0bh, RT3d; \ shrq $16, RW0; \ - movq s8(, RT0, 8), RT0; \ - xorq s6(, RT1, 8), to; \ + leaq s8(%rip), RW1; \ + movq (RW1, RT0, 8), RT0; \ + leaq s6(%rip), RW1; \ + xorq (RW1, RT1, 8), to; \ movzbl RW0bl, RL1d; \ movzbl RW0bh, RT1d; \ shrl $16, RW0d; \ - xorq s4(, RT2, 8), RT0; \ - xorq s2(, RT3, 8), to; \ + leaq s4(%rip), RW1; \ + xorq (RW1, RT2, 8), RT0; \ + leaq s2(%rip), RW1; \ + xorq (RW1, RT3, 8), to; \ movzbl RW0bl, RT2d; \ movzbl RW0bh, RT3d; \ - xorq s7(, RL1, 8), RT0; \ - xorq s5(, RT1, 8), to; \ - xorq s3(, RT2, 8), RT0; \ + leaq s7(%rip), RW1; \ + xorq (RW1, RL1, 8), RT0; \ + leaq s5(%rip), RW1; \ + xorq (RW1, RT1, 8), to; \ + leaq s3(%rip), RW1; \ + xorq (RW1, RT2, 8), RT0; \ load_next_key(n, RW0); \ xorq RT0, to; \ - xorq s1(, RT3, 8), to; \ + leaq s1(%rip), RW1; \ + xorq (RW1, RT3, 8), to; \ #define load_next_key(n, RWx) \ movq (((n) + 1) * 8)(CTX), RWx; @@ -355,65 +363,89 @@ SYM_FUNC_END(des3_ede_x86_64_crypt_blk) movzbl RW0bl, RT3d; \ movzbl RW0bh, RT1d; \ shrq $16, RW0; \ - xorq s8(, RT3, 8), to##0; \ - xorq s6(, RT1, 8), to##0; \ + leaq s8(%rip), RT2; \ + xorq (RT2, RT3, 8), to##0; \ + leaq s6(%rip), RT2; \ + xorq (RT2, RT1, 8), to##0; \ movzbl RW0bl, RT3d; \ movzbl RW0bh, RT1d; \ shrq $16, RW0; \ - xorq s4(, RT3, 8), to##0; \ - xorq s2(, RT1, 8), to##0; \ + leaq s4(%rip), RT2; \ + xorq (RT2, RT3, 8), to##0; \ + leaq s2(%rip), RT2; \ + xorq (RT2, RT1, 8), to##0; \ movzbl RW0bl, RT3d; \ movzbl RW0bh, RT1d; \ shrl $16, RW0d; \ - xorq s7(, RT3, 8), to##0; \ - xorq s5(, RT1, 8), to##0; \ + leaq s7(%rip), RT2; \ + xorq (RT2, RT3, 8), to##0; \ + leaq s5(%rip), RT2; \ + xorq (RT2, RT1, 8), to##0; \ movzbl RW0bl, RT3d; \ movzbl RW0bh, RT1d; \ load_next_key(n, RW0); \ - xorq s3(, RT3, 8), to##0; \ - xorq s1(, RT1, 8), to##0; \ + leaq s3(%rip), RT2; \ + xorq (RT2, RT3, 8), to##0; \ + leaq s1(%rip), RT2; \ + xorq (RT2, RT1, 8), to##0; \ xorq from##1, RW1; \ movzbl RW1bl, RT3d; \ movzbl RW1bh, RT1d; \ shrq $16, RW1; \ - xorq s8(, RT3, 8), to##1; \ - xorq s6(, RT1, 8), to##1; \ + leaq s8(%rip), RT2; \ + xorq (RT2, RT3, 8), to##1; \ + leaq s6(%rip), RT2; \ + xorq (RT2, RT1, 8), to##1; \ movzbl RW1bl, RT3d; \ movzbl RW1bh, RT1d; \ shrq $16, RW1; \ - xorq s4(, RT3, 8), to##1; \ - xorq s2(, RT1, 8), to##1; \ + leaq s4(%rip), RT2; \ + xorq (RT2, RT3, 8), to##1; \ + leaq s2(%rip), RT2; \ + xorq (RT2, RT1, 8), to##1; \ movzbl RW1bl, RT3d; \ movzbl RW1bh, RT1d; \ shrl $16, RW1d; \ - xorq s7(, RT3, 8), to##1; \ - xorq s5(, RT1, 8), to##1; \ + leaq s7(%rip), RT2; \ + xorq (RT2, RT3, 8), to##1; \ + leaq s5(%rip), RT2; \ + xorq (RT2, RT1, 8), to##1; \ movzbl RW1bl, RT3d; \ movzbl RW1bh, RT1d; \ do_movq(RW0, RW1); \ - xorq s3(, RT3, 8), to##1; \ - xorq s1(, RT1, 8), to##1; \ + leaq s3(%rip), RT2; \ + xorq (RT2, RT3, 8), to##1; \ + leaq s1(%rip), RT2; \ + xorq (RT2, RT1, 8), to##1; \ xorq from##2, RW2; \ movzbl RW2bl, RT3d; \ movzbl RW2bh, RT1d; \ shrq $16, RW2; \ - xorq s8(, RT3, 8), to##2; \ - xorq s6(, RT1, 8), to##2; \ + leaq s8(%rip), RT2; \ + xorq (RT2, RT3, 8), to##2; \ + leaq s6(%rip), RT2; \ + xorq (RT2, RT1, 8), to##2; \ movzbl RW2bl, RT3d; \ movzbl RW2bh, RT1d; \ shrq $16, RW2; \ - xorq s4(, RT3, 8), to##2; \ - xorq s2(, RT1, 8), to##2; \ + leaq s4(%rip), RT2; \ + xorq (RT2, RT3, 8), to##2; \ + leaq s2(%rip), RT2; \ + xorq (RT2, RT1, 8), to##2; \ movzbl RW2bl, RT3d; \ movzbl RW2bh, RT1d; \ shrl $16, RW2d; \ - xorq s7(, RT3, 8), to##2; \ - xorq s5(, RT1, 8), to##2; \ + leaq s7(%rip), RT2; \ + xorq (RT2, RT3, 8), to##2; \ + leaq s5(%rip), RT2; \ + xorq (RT2, RT1, 8), to##2; \ movzbl RW2bl, RT3d; \ movzbl RW2bh, RT1d; \ do_movq(RW0, RW2); \ - xorq s3(, RT3, 8), to##2; \ - xorq s1(, RT1, 8), to##2; + leaq s3(%rip), RT2; \ + xorq (RT2, RT3, 8), to##2; \ + leaq s1(%rip), RT2; \ + xorq (RT2, RT1, 8), to##2; #define __movq(src, dst) \ movq src, dst; diff --git a/arch/x86/crypto/ghash-clmulni-intel_asm.S b/arch/x86/crypto/ghash-clmulni-intel_asm.S index 257ed9446f3e..99cb983ded9e 100644 --- a/arch/x86/crypto/ghash-clmulni-intel_asm.S +++ b/arch/x86/crypto/ghash-clmulni-intel_asm.S @@ -93,7 +93,7 @@ SYM_FUNC_START(clmul_ghash_mul) FRAME_BEGIN movups (%rdi), DATA movups (%rsi), SHASH - movaps .Lbswap_mask, BSWAP + movaps .Lbswap_mask(%rip), BSWAP pshufb BSWAP, DATA call __clmul_gf128mul_ble pshufb BSWAP, DATA @@ -110,7 +110,7 @@ SYM_FUNC_START(clmul_ghash_update) FRAME_BEGIN cmp $16, %rdx jb .Lupdate_just_ret # check length - movaps .Lbswap_mask, BSWAP + movaps .Lbswap_mask(%rip), BSWAP movups (%rdi), DATA movups (%rcx), SHASH pshufb BSWAP, DATA diff --git a/arch/x86/crypto/sha256-avx2-asm.S b/arch/x86/crypto/sha256-avx2-asm.S index 3eada9416852..10a3396bad35 100644 --- a/arch/x86/crypto/sha256-avx2-asm.S +++ b/arch/x86/crypto/sha256-avx2-asm.S @@ -589,19 +589,23 @@ last_block_enter: .align 16 loop1: - vpaddd K256+0*32(SRND), X0, XFER + leaq K256(%rip), INP + vpaddd 0*32(INP, SRND), X0, XFER vmovdqa XFER, 0*32+_XFER(%rsp, SRND) FOUR_ROUNDS_AND_SCHED _XFER + 0*32 - vpaddd K256+1*32(SRND), X0, XFER + leaq K256(%rip), INP + vpaddd 1*32(INP, SRND), X0, XFER vmovdqa XFER, 1*32+_XFER(%rsp, SRND) FOUR_ROUNDS_AND_SCHED _XFER + 1*32 - vpaddd K256+2*32(SRND), X0, XFER + leaq K256(%rip), INP + vpaddd 2*32(INP, SRND), X0, XFER vmovdqa XFER, 2*32+_XFER(%rsp, SRND) FOUR_ROUNDS_AND_SCHED _XFER + 2*32 - vpaddd K256+3*32(SRND), X0, XFER + leaq K256(%rip), INP + vpaddd 3*32(INP, SRND), X0, XFER vmovdqa XFER, 3*32+_XFER(%rsp, SRND) FOUR_ROUNDS_AND_SCHED _XFER + 3*32 @@ -611,11 +615,13 @@ loop1: loop2: ## Do last 16 rounds with no scheduling - vpaddd K256+0*32(SRND), X0, XFER + leaq K256(%rip), INP + vpaddd 0*32(INP, SRND), X0, XFER vmovdqa XFER, 0*32+_XFER(%rsp, SRND) DO_4ROUNDS _XFER + 0*32 - vpaddd K256+1*32(SRND), X1, XFER + leaq K256(%rip), INP + vpaddd 1*32(INP, SRND), X1, XFER vmovdqa XFER, 1*32+_XFER(%rsp, SRND) DO_4ROUNDS _XFER + 1*32 add $2*32, SRND From patchwork Fri Apr 28 09:50:42 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88550 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp812449vqo; Fri, 28 Apr 2023 02:53:32 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ628OV4cn7YNWgDq3ETAQPOTthYYuXnDzApXa2EP2QytfmMaupejZ5sBLffHWzF4MonJXmc X-Received: by 2002:a62:1bcd:0:b0:63d:40bb:a88b with SMTP id b196-20020a621bcd000000b0063d40bba88bmr8316146pfb.14.1682675611740; Fri, 28 Apr 2023 02:53:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682675611; cv=none; d=google.com; s=arc-20160816; b=Y32V0YEKjF1saEuDZ7Ak3AR2YLFH13vv4oQeMkAnk4edUkdxYbKKenPYn3jzQLFyWC PtCEqsTV7+3NTcnqyCVGJIj4otxb9f8FcnNzwr9g/QLVjgxek6PuOzVd/gtelQm/GRo+ K3AZUEH+MCP9cdj5urK9N2TzzwcBVYOG4nzJnYTfxPxMln5pASn4b7v20/sokmDP3uhG vwhiv4brct52VvW7nP/ETS/5Egn3oaFy0/9BiDMQIWS2KzEbb846mNxYzmqv0tItjZ0J 6+SQROZ/0EeNOTnI+/YZYpDI/m1Qudv2Gh1r3G8x6b2p8E8lhs68sejiw5PUG1ZcoVfc iRPQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=ggxuzpee8soAzYDjYhn3CvpzzmPCoGjgXu2bQ6UwUmA=; b=gNBAo6o3qKVl3KQ3wQ7JRV26s2jXim2sZuSqN9Z5KhVtOhjCM02D2FssE/aUSM8iYe DmVElX0OtBOKSiZfPB47YV/50uxMWy3SvPZQn8l+jQh89JJhgC0Gx2cPnV/ZumH3+EvF HRRGiM8969LuwcFoNQKvzyAddDF0a1Y/lA4zWlCShcMK0fmIdiGDUW0tqlrfKuQwdTu/ nmLefpaTPgPMuLdSeuTDYwJ2aUNw/VmwEccCVNH6nR0vE5axVKUgLYq3nDgRIpxllHzb cB1K9y/jxI3pHQ8JSRkKMo9hfLjOZ1PCtBab3YogTdJkjeLFkcCaqYdU6Jn7FNlTqRpU +nUw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id a3-20020aa79703000000b0063d19a45a93si20759840pfg.280.2023.04.28.02.53.15; Fri, 28 Apr 2023 02:53:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345689AbjD1JwD (ORCPT + 99 others); Fri, 28 Apr 2023 05:52:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59952 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345628AbjD1Jvy (ORCPT ); Fri, 28 Apr 2023 05:51:54 -0400 Received: from out0-218.mail.aliyun.com (out0-218.mail.aliyun.com [140.205.0.218]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5F77149D5 for ; Fri, 28 Apr 2023 02:51:52 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R101e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047194;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=11;SR=0;TI=SMTPD_---.STFoG4E_1682675505; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STFoG4E_1682675505) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:51:45 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" Subject: [PATCH RFC 02/43] x86: Add macro to get symbol address for PIE support Date: Fri, 28 Apr 2023 17:50:42 +0800 Message-Id: <637c162d03b2c04f443d4308749fbffcb5093c63.1682673543.git.houwenlong.hwl@antgroup.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764413262296562423?= X-GMAIL-MSGID: =?utf-8?q?1764413262296562423?= From: Thomas Garnier From: Thomas Garnier Add a new _ASM_MOVABS macro to fetch a symbol address. Replace "_ASM_MOV $, %dst" code construct that are not compatible with PIE. Signed-off-by: Thomas Garnier Signed-off-by: Hou Wenlong Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/include/asm/asm.h | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/include/asm/asm.h b/arch/x86/include/asm/asm.h index fbcfec4dc4cc..05974cc060c6 100644 --- a/arch/x86/include/asm/asm.h +++ b/arch/x86/include/asm/asm.h @@ -35,6 +35,7 @@ #define _ASM_ALIGN __ASM_SEL(.balign 4, .balign 8) #define _ASM_MOV __ASM_SIZE(mov) +#define _ASM_MOVABS __ASM_SEL(movl, movabsq) #define _ASM_INC __ASM_SIZE(inc) #define _ASM_DEC __ASM_SIZE(dec) #define _ASM_ADD __ASM_SIZE(add) From patchwork Fri Apr 28 09:50:43 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88572 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp821659vqo; Fri, 28 Apr 2023 03:12:11 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ5Y70YRk83qVUjaxF7lS1SONVjdoLEqJITiqahYCW3ETW4tgGbS/Aa07jzlRsomdrNhZ0IH X-Received: by 2002:aa7:88c7:0:b0:63b:5f78:d6db with SMTP id k7-20020aa788c7000000b0063b5f78d6dbmr6672234pff.21.1682676731655; Fri, 28 Apr 2023 03:12:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676731; cv=none; d=google.com; s=arc-20160816; b=CzkwjKygEPM/2TTA7QT2M6QtaDKczYeu3VaoCm1eZC8sum9S+TtsMpR8YIyhx1Rzr1 wH/QqYp+EecCw2R+IUgoJxOlBb6GD+lp5Dr9g7NX/aujPuQfXBu3AqsYBveadspqTUqL lCmmL0/JPm1DTlSYH4tGO7nyycLtknXf9XrQyXBH2ckGkKxXmru81SzyxnZuc8NMZY3P 37wVVbOw8MY5CBv+bjLDo2qwLOZk2r4ICxVMcpUsDedQrofwvMN0VPx8V55wN56XTlu1 73+uqEEDrslH0rlKlVeIZ0bc6SXoL5tNkP7VuJiYCT9yLYqROHbJIo6wZEA8/feVCvNI JJkA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=SuGEPPR0BEZ6H4/WwAPmBpJv/32hD1Vv44O7qBAYt3g=; b=PuarJO4QbfLSbxgITsRNKNK33IKGh7MebCyIwvnf2quk4/lutDc14c+hwNsRMvOnuD TuVfuLq3sgyexTXX2Lh4kynWxhFrobTwRi6UqEafFa42y13EcTxJdfJg45Wr5EzNe0lK M2OT6U+5+RnSjvKidwnzypTGjfJHV6vtQxRTo+TqCGmaMj7uG0RVXacpK3mLpJ7otLzZ /HsEJOVAZYIVS0P6A/MpSbmc/tmWAsrz8B9FzWv5EFBuqB1xJtnUct64yaWAiKRzr+Em RArHBp774T3NAhyc5Qs7U3OwOcONreT0YJ8YR0UpzjlWhRca7M5e9zFg1mhCukho4uQD QVBg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b10-20020aa7950a000000b0063b7f1093e1si5166589pfp.110.2023.04.28.03.11.59; Fri, 28 Apr 2023 03:12:11 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345489AbjD1JwO (ORCPT + 99 others); Fri, 28 Apr 2023 05:52:14 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60148 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345704AbjD1JwB (ORCPT ); Fri, 28 Apr 2023 05:52:01 -0400 Received: from out0-201.mail.aliyun.com (out0-201.mail.aliyun.com [140.205.0.201]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4DF244699 for ; Fri, 28 Apr 2023 02:51:56 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R511e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047202;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=15;SR=0;TI=SMTPD_---.STFQG9j_1682675508; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STFQG9j_1682675508) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:51:49 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , " =?utf-8?q?Peter_Zijlstra_=28Intel=29?= " , "Alexandre Chartre" , "Josh Poimboeuf" , "Konrad Rzeszutek Wilk" Subject: [PATCH RFC 03/43] x86: relocate_kernel - Adapt assembly for PIE support Date: Fri, 28 Apr 2023 17:50:43 +0800 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764414436564618698?= X-GMAIL-MSGID: =?utf-8?q?1764414436564618698?= From: Thomas Garnier From: Thomas Garnier Change the assembly code to use only absolute references of symbols for the kernel to be PIE compatible. Signed-off-by: Thomas Garnier Signed-off-by: Hou Wenlong Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/kernel/relocate_kernel_64.S | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kernel/relocate_kernel_64.S b/arch/x86/kernel/relocate_kernel_64.S index 56cab1bb25f5..05d916e9df47 100644 --- a/arch/x86/kernel/relocate_kernel_64.S +++ b/arch/x86/kernel/relocate_kernel_64.S @@ -223,7 +223,7 @@ SYM_CODE_START_LOCAL_NOALIGN(identity_mapped) movq %rax, %cr3 lea PAGE_SIZE(%r8), %rsp call swap_pages - movq $virtual_mapped, %rax + movabsq $virtual_mapped, %rax pushq %rax ANNOTATE_UNRET_SAFE ret From patchwork Fri Apr 28 09:50:44 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88562 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp818482vqo; Fri, 28 Apr 2023 03:06:10 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ6rbhraRDzBRITk7XRjF+ba0hU937mCHF034Xvg5YBZx2IilZIj5nwIb5x0xg7tAy7ypzy0 X-Received: by 2002:a05:6a20:a10c:b0:f2:f747:2140 with SMTP id q12-20020a056a20a10c00b000f2f7472140mr5342277pzk.2.1682676369752; Fri, 28 Apr 2023 03:06:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676369; cv=none; d=google.com; s=arc-20160816; b=s5i272R7pEU2Ni42iTchRZIVPck3/wVvyLs1jjHTo9xdm5ZvM4nXSnXvMKqTEcPrhk H9iHWWAyTkYizB8B5XvUpiML2fq90/eTHgW0EvHlu+tyVNdWgM9J2NhHczubPM0msjMb Kn6pPN8m5uVyWz3MU5ovwxUm/11QyC3R3UyeogrbeprBMmwfb1urOICFc1u1Vg5jPf/B EAqa7PZDKNsm9US361EPliBP08eZSywy0p4MNBa85JjkoFGgYoE1YgL5PjRO7qNJCj46 /hqKk0MTPH/hmRWLcnzrAiLbDsFtMq9HqO4JTKYQUjsCaKiDEZOS+RpWQsv35Up4+eK8 JxPg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=J571jEdKvPNqfirNKuGvEZmzb9tRdJ6Sr/xTamafYoE=; b=TkWXr7PT4A7QrTj5EANAF25OJxqAhwvAiz0WyF1x4G1ER+HFfreuB45X+SG6vBTOaP jFA2AYLsvbcGRkadFiOJo698uOJzElrIih6JkJYoXDOxcCWGylGtFmVxWuu6LDYdA8ue eUULchZK+fR1cf5zu+zQi8vmXuidKcfpBqpgQarPYK02Wur88rD6gsKIgfR7r4rRNN6/ gsXARLsvquaf8Zg98AcsQwtON8SqsB5iBcQt+b2MzweYB0DRbk+wb8EbzaMNFmWtp5ko r8ELYKwjZGHiy4rxHrBVR7uqUfJhz5Qwjc+LA+5jIgd1uvCqFPMyXg+GThkAdRwcGj7/ kU9Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e16-20020aa798d0000000b0063b84b5b53asi20319527pfm.9.2023.04.28.03.05.55; Fri, 28 Apr 2023 03:06:09 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229680AbjD1JwU (ORCPT + 99 others); Fri, 28 Apr 2023 05:52:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60164 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345711AbjD1JwC (ORCPT ); Fri, 28 Apr 2023 05:52:02 -0400 Received: from out0-214.mail.aliyun.com (out0-214.mail.aliyun.com [140.205.0.214]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BB907468C for ; Fri, 28 Apr 2023 02:51:56 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R121e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047203;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=12;SR=0;TI=SMTPD_---.STFoG5h_1682675510; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STFoG5h_1682675510) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:51:51 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Andy Lutomirski" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" Subject: [PATCH RFC 04/43] x86/entry/64: Adapt assembly for PIE support Date: Fri, 28 Apr 2023 17:50:44 +0800 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764414056790134833?= X-GMAIL-MSGID: =?utf-8?q?1764414056790134833?= From: Thomas Garnier From: Thomas Garnier Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Signed-off-by: Thomas Garnier Signed-off-by: Hou Wenlong Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/entry/entry_64.S | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S index 21dca946955e..6f2297ebb15f 100644 --- a/arch/x86/entry/entry_64.S +++ b/arch/x86/entry/entry_64.S @@ -1089,7 +1089,8 @@ SYM_CODE_START(error_entry) movl %ecx, %eax /* zero extend */ cmpq %rax, RIP+8(%rsp) je .Lbstep_iret - cmpq $.Lgs_change, RIP+8(%rsp) + leaq .Lgs_change(%rip), %rcx + cmpq %rcx, RIP+8(%rsp) jne .Lerror_entry_done_lfence /* @@ -1302,10 +1303,10 @@ SYM_CODE_START(asm_exc_nmi) * resume the outer NMI. */ - movq $repeat_nmi, %rdx + leaq repeat_nmi(%rip), %rdx cmpq 8(%rsp), %rdx ja 1f - movq $end_repeat_nmi, %rdx + leaq end_repeat_nmi(%rip), %rdx cmpq 8(%rsp), %rdx ja nested_nmi_out 1: @@ -1359,7 +1360,8 @@ nested_nmi: pushq %rdx pushfq pushq $__KERNEL_CS - pushq $repeat_nmi + leaq repeat_nmi(%rip), %rdx + pushq %rdx /* Put stack back */ addq $(6*8), %rsp @@ -1398,7 +1400,11 @@ first_nmi: addq $8, (%rsp) /* Fix up RSP */ pushfq /* RFLAGS */ pushq $__KERNEL_CS /* CS */ - pushq $1f /* RIP */ + pushq $0 /* Space for RIP */ + pushq %rdx /* Save RDX */ + leaq 1f(%rip), %rdx /* Put the address of 1f label into RDX */ + movq %rdx, 8(%rsp) /* Store it in RIP field */ + popq %rdx /* Restore RDX */ iretq /* continues at repeat_nmi below */ UNWIND_HINT_IRET_REGS 1: From patchwork Fri Apr 28 09:50:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88551 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp812511vqo; Fri, 28 Apr 2023 02:53:44 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4u4422kL6xH10FFU/ndntxN/AUn4knVpITuZQtaJ7m7Rt1xjZleZGeUMwi8uVPYfZYHlIx X-Received: by 2002:a05:6a20:7f92:b0:f0:916:e5d with SMTP id d18-20020a056a207f9200b000f009160e5dmr5663750pzj.42.1682675624333; Fri, 28 Apr 2023 02:53:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682675624; cv=none; d=google.com; s=arc-20160816; b=pQJ+uimGlrFV2t5Hg9XQiUR/zo1849RPX85vlmXzkmCHGgIrzEY5kORvneAbYJdPLc DIiZB0gdjMb8vDm8j8mEDFyPA3WXrad3pdi53K6etJIbSUTXFYwhSTupbUN8jejYRtRv czRVICqhER9aQQdLiuGPrMTGPAPc6AiIhnYb5wscR9V0wHkXmGeSie5s81ou/ufyIvnT 5qLx3PqiiHdvm/Y9SkL/WWqiJzIVuM5inMFmE0ZNfqPu862DPYK71dzVmlrtTWhIJyeC ymgU5BmsVDl1KRKNzxndRWX9Yo+mMRn5dhYHQk5t98RevBuKti2xTW9d2+7to0Rw0zWl m7XA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=VtHyvyd+h4I56mLQ8MQqUwbUEUpPiJqEGHwuJdwQGiw=; b=wq7U7cRxglPOJpnlW47OAJRtYpYsrtnY83vAA5JOP0pcHxxaH+PzZ5EKs/LoqdU1yn vkRqpvj0utLMnAQMFdkjhQ00R54EtEz+JVKGJJoTMlXgL+An9l9S4mRibxYHjCJt4FAR kATP3hCDYy3LEfhO70VcIq9MsKxp1Dw3Z1RqMeXCmOKVgxAsBxndHnQvaxjFXufSi1eu L7RjUq+B5ak/APSEAVsUhKC2B61pUqfl8nDuitp5JBqwGqpRfM6/30vvlI2QUluDiDsg vXKu/XI0tYaZs4J+WdNuH8suWS12GrhQATEF8bTs+8Lvt9FtOZcK1HMPhJq7z2DlQH+C neKQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id n7-20020a6546c7000000b0050c0e269719si21150984pgr.513.2023.04.28.02.53.28; Fri, 28 Apr 2023 02:53:44 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345748AbjD1JwZ (ORCPT + 99 others); Fri, 28 Apr 2023 05:52:25 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60170 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345743AbjD1JwO (ORCPT ); Fri, 28 Apr 2023 05:52:14 -0400 Received: from out0-198.mail.aliyun.com (out0-198.mail.aliyun.com [140.205.0.198]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A15045263 for ; Fri, 28 Apr 2023 02:52:03 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R271e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047213;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=11;SR=0;TI=SMTPD_---.STDfrtZ_1682675513; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STDfrtZ_1682675513) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:51:54 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" Subject: [PATCH RFC 05/43] x86: pm-trace: Adapt assembly for PIE support Date: Fri, 28 Apr 2023 17:50:45 +0800 Message-Id: <49a5d885f8cc02048a979ced4bf7e54f700ecb94.1682673543.git.houwenlong.hwl@antgroup.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764413275352200464?= X-GMAIL-MSGID: =?utf-8?q?1764413275352200464?= From: Thomas Garnier From: Thomas Garnier Change assembly to use the new _ASM_MOVABS macro instead of _ASM_MOV for the assembly to be PIE compatible. Signed-off-by: Thomas Garnier Signed-off-by: Hou Wenlong Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/include/asm/pm-trace.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/include/asm/pm-trace.h b/arch/x86/include/asm/pm-trace.h index bfa32aa428e5..972070806ce9 100644 --- a/arch/x86/include/asm/pm-trace.h +++ b/arch/x86/include/asm/pm-trace.h @@ -8,7 +8,7 @@ do { \ if (pm_trace_enabled) { \ const void *tracedata; \ - asm volatile(_ASM_MOV " $1f,%0\n" \ + asm volatile(_ASM_MOVABS " $1f,%0\n" \ ".section .tracedata,\"a\"\n" \ "1:\t.word %c1\n\t" \ _ASM_PTR " %c2\n" \ From patchwork Fri Apr 28 09:50:46 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88564 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp819334vqo; Fri, 28 Apr 2023 03:07:54 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ5LWMxTqVHs+ZhJ/NY7BtmFjznR7YEI2qZ8uqvtgugy6CmFNdh0dnONmS4bayTIuwE6XpdM X-Received: by 2002:a05:6a20:1455:b0:ee:d266:32b9 with SMTP id a21-20020a056a20145500b000eed26632b9mr6294303pzi.10.1682676473695; Fri, 28 Apr 2023 03:07:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676473; cv=none; d=google.com; s=arc-20160816; b=VDtakxni9BLmgoUHwAa7UtD8387ccKdVNlPiHG8jveuivdfBW6faQP16I2QORxx1Qx ykJ1IBNYV2TNz99Zt1h/CRx0F549yL3jSY5KjAKRTF+dqBPTB8OUPb/SMvqC8aylKrNR S8/3A1FI4ppupYUKkyGC3zZKWYCtlGXL9OzjL2PinpUAvP8pTyQdSIvzIFb7ShAsSXjw nwdzGmI4ObbZWHI8ce/bjJCvkEmCGkFvYZ9qwUlJvYMDb75rHWiYi4WOunSonZcRZr86 oDHISw9ERDFhQBvKk3CksAHpRiPRGtKtGTEwfy4ghULrL7i0gNq9lY3pdqlPwwkbNLGK hGOA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=PBYiiSI3kD7uz/xUeuO8fV8NvPtrztGj5TD65Y8Qtu0=; b=XuHN3KkIlSPLAm9rG2Jn8PGsNvFlo/3DetzzLCoNioAXnVfM2mmMTln0gMi5JF9cUo /Tq7SaHLgWHWsyt4xMl11rj+mjk/s+8Cd0j9jXLiWcKwL7Nz9t3Rnt+UPoOwrqaRguqI vqkdkXZYs1KB+1LGu368C307V/ENsAI+e15S04XZ1xSc8r0bIQ3KKtcLTiJlKCmGa2JX +1g4wxSXK0PlhePGOlGfSZxV81BASkwlGSzAOYiuIw33yhd9P1DR2rKD+oYV6DbexIhS uZXZeuapN7y4T478xaElAUkhR3jSU7o8pMq2rH8uSe5gqrqYebeLGbYOypH489t6opWB b9gg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id w190-20020a6382c7000000b0050fb7c5a656si21350952pgd.190.2023.04.28.03.07.38; Fri, 28 Apr 2023 03:07:53 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345403AbjD1Jw2 (ORCPT + 99 others); Fri, 28 Apr 2023 05:52:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60678 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345760AbjD1JwP (ORCPT ); Fri, 28 Apr 2023 05:52:15 -0400 Received: from out0-201.mail.aliyun.com (out0-201.mail.aliyun.com [140.205.0.201]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0A67755BD for ; Fri, 28 Apr 2023 02:52:03 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R471e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047205;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=11;SR=0;TI=SMTPD_---.STDfru9_1682675517; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STDfru9_1682675517) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:51:57 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" Subject: [PATCH RFC 06/43] x86/CPU: Adapt assembly for PIE support Date: Fri, 28 Apr 2023 17:50:46 +0800 Message-Id: <86defd5e8ee1328bbfbe7f6b293bacb4f1b7d23a.1682673543.git.houwenlong.hwl@antgroup.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764414165979378386?= X-GMAIL-MSGID: =?utf-8?q?1764414165979378386?= From: Thomas Garnier From: Thomas Garnier Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Signed-off-by: Thomas Garnier Signed-off-by: Hou Wenlong Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/include/asm/sync_core.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/sync_core.h b/arch/x86/include/asm/sync_core.h index ab7382f92aff..fa5b1fe1a692 100644 --- a/arch/x86/include/asm/sync_core.h +++ b/arch/x86/include/asm/sync_core.h @@ -31,10 +31,12 @@ static inline void iret_to_self(void) "pushfq\n\t" "mov %%cs, %0\n\t" "pushq %q0\n\t" - "pushq $1f\n\t" + "leaq 1f(%%rip), %q0\n\t" + "pushq %q0\n\t" "iretq\n\t" "1:" - : "=&r" (tmp), ASM_CALL_CONSTRAINT : : "cc", "memory"); + : "=&r" (tmp), ASM_CALL_CONSTRAINT + : : "cc", "memory"); } #endif /* CONFIG_X86_32 */ From patchwork Fri Apr 28 09:50:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88561 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp818467vqo; Fri, 28 Apr 2023 03:06:06 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ5eAHliw+Jchm1giZNZ7k127zelli4kX7LhxMYXVqOWKNPgylOnoNWEssYICKX39/KcoS39 X-Received: by 2002:a05:6a21:398e:b0:ee:7694:f069 with SMTP id ad14-20020a056a21398e00b000ee7694f069mr5404912pzc.41.1682676365919; Fri, 28 Apr 2023 03:06:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676365; cv=none; d=google.com; s=arc-20160816; b=eePYlbSdzBwWOMwvl6q/XJ+5V6vRUeVwbDML2K5zWQBh0qIrZzRxxmpkQYlsvrzsOT HGwHiDZ99WxcOO5BuTlImzqbgHSBN4INexE2SVY1pl8GqxdGOanZaN5aLEgUoUrpO94d QJdLq5QmYKP0DN1t8WETlaiRAjyB3MxYiVrQ1BUs12rg7zMAkuAGjNQqT6nvWKOxS/R3 MDyugpoBHRDL5yhJbY2n03K17sQaOnb7t80pyQK2ICf+iIbjF85E7FfKiy4eU3+/Z3gP 5dkxnhgYzPbwANktknAcQzrHvHd3TtjeV1hWzVMZu7Am2A23Q50v4tMSnUHweai3kO0K 49gw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=JHz4rktsjMBkmXN5gXY4fWOXWZpj6qs1BumvDReuGe4=; b=T/HcPEOMnHldPa2KPs7jh/MdWl+VudUPNrsDphTsaaPSaKwukEIVQvlMWQ88xjvgqm D6CMDg1ZQuW/hqPrQ/3pcytXo43/BhsQHigm09h82tvKQg5ULj4DZUA7QnuUT85kllRk 4qO3b2JLtYQFOMG/zdC43mXplcSo3lGxJ4kfM1troURueGw42Seovlsnbkp/Q5ah3jys Qd01QDUMy34bYDpeXacXl4jQ7urQvkj2IPR8L5UEhvFzHtxzltKiWRK0q9iXX0TX1Qzm OByvjXCdIkynngBTl7gwkA1JkQPqk851r5q6RtOXaSgNAolPYNuk6uffABtCyJBlZZqF kjWA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k190-20020a6384c7000000b0051a42b37d68si21417708pgd.772.2023.04.28.03.05.50; Fri, 28 Apr 2023 03:06:05 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345428AbjD1Jwi (ORCPT + 99 others); Fri, 28 Apr 2023 05:52:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60176 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345704AbjD1JwR (ORCPT ); Fri, 28 Apr 2023 05:52:17 -0400 Received: from out0-216.mail.aliyun.com (out0-216.mail.aliyun.com [140.205.0.216]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F3FE85B95; Fri, 28 Apr 2023 02:52:07 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R981e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047207;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=16;SR=0;TI=SMTPD_---.STCEPKJ_1682675519; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STCEPKJ_1682675519) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:52:00 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Rafael J. Wysocki" , "Len Brown" , "Pavel Machek" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , , Subject: [PATCH RFC 07/43] x86/acpi: Adapt assembly for PIE support Date: Fri, 28 Apr 2023 17:50:47 +0800 Message-Id: <8b90798cb41604b2e2d47c8fcbb67913daafd85d.1682673543.git.houwenlong.hwl@antgroup.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764414053174076606?= X-GMAIL-MSGID: =?utf-8?q?1764414053174076606?= From: Thomas Garnier From: Thomas Garnier Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Signed-off-by: Thomas Garnier Signed-off-by: Hou Wenlong Cc: Lai Jiangshan Cc: Kees Cook Acked-by: Rafael J. Wysocki --- arch/x86/kernel/acpi/wakeup_64.S | 31 ++++++++++++++++--------------- 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/arch/x86/kernel/acpi/wakeup_64.S b/arch/x86/kernel/acpi/wakeup_64.S index d5d8a352eafa..fe688bd87d72 100644 --- a/arch/x86/kernel/acpi/wakeup_64.S +++ b/arch/x86/kernel/acpi/wakeup_64.S @@ -17,7 +17,7 @@ * Hooray, we are in Long 64-bit mode (but still running in low memory) */ SYM_FUNC_START(wakeup_long64) - movq saved_magic, %rax + movq saved_magic(%rip), %rax movq $0x123456789abcdef0, %rdx cmpq %rdx, %rax je 2f @@ -33,14 +33,14 @@ SYM_FUNC_START(wakeup_long64) movw %ax, %es movw %ax, %fs movw %ax, %gs - movq saved_rsp, %rsp + movq saved_rsp(%rip), %rsp - movq saved_rbx, %rbx - movq saved_rdi, %rdi - movq saved_rsi, %rsi - movq saved_rbp, %rbp + movq saved_rbx(%rip), %rbx + movq saved_rdi(%rip), %rdi + movq saved_rsi(%rip), %rsi + movq saved_rbp(%rip), %rbp - movq saved_rip, %rax + movq saved_rip(%rip), %rax ANNOTATE_RETPOLINE_SAFE jmp *%rax SYM_FUNC_END(wakeup_long64) @@ -51,7 +51,7 @@ SYM_FUNC_START(do_suspend_lowlevel) xorl %eax, %eax call save_processor_state - movq $saved_context, %rax + leaq saved_context(%rip), %rax movq %rsp, pt_regs_sp(%rax) movq %rbp, pt_regs_bp(%rax) movq %rsi, pt_regs_si(%rax) @@ -70,13 +70,14 @@ SYM_FUNC_START(do_suspend_lowlevel) pushfq popq pt_regs_flags(%rax) - movq $.Lresume_point, saved_rip(%rip) + leaq .Lresume_point(%rip), %rax + movq %rax, saved_rip(%rip) - movq %rsp, saved_rsp - movq %rbp, saved_rbp - movq %rbx, saved_rbx - movq %rdi, saved_rdi - movq %rsi, saved_rsi + movq %rsp, saved_rsp(%rip) + movq %rbp, saved_rbp(%rip) + movq %rbx, saved_rbx(%rip) + movq %rdi, saved_rdi(%rip) + movq %rsi, saved_rsi(%rip) addq $8, %rsp movl $3, %edi @@ -88,7 +89,7 @@ SYM_FUNC_START(do_suspend_lowlevel) .align 4 .Lresume_point: /* We don't restore %rax, it must be 0 anyway */ - movq $saved_context, %rax + leaq saved_context(%rip), %rax movq saved_context_cr4(%rax), %rbx movq %rbx, %cr4 movq saved_context_cr3(%rax), %rbx From patchwork Fri Apr 28 09:50:49 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88565 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp819956vqo; Fri, 28 Apr 2023 03:09:09 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4qZ7bhm6y2wgB2n+FTWOsOb7HhL/PbyH44JQp+8Ah+vlLnmif/uHO5EcJjqvkIG3B+yKlV X-Received: by 2002:a05:6a21:398e:b0:f0:6aaf:1abf with SMTP id ad14-20020a056a21398e00b000f06aaf1abfmr5869552pzc.4.1682676549214; Fri, 28 Apr 2023 03:09:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676549; cv=none; d=google.com; s=arc-20160816; b=tI7y+8UGaQT728fNMMsDPHdGJ0mhFZgvz39ePhxhmgf2P/ZUJcktWgkqjIF+8+vg8K AszkU6J8PqUmARJXot+6qg9JMS8suu9AgcHpiI6RG7EtmjHKLE31NRKBLAbvTUqo16Ou JDaR1RH4uPwmO3E2dE1+vt/ryISWfkSE5gwUkLz6CQI8TxLv0rIvDM7859zJWTtAiFlA XuqxAVC8skVM115saa0YsAwcyp1bM45Jhg+cilbNBIn9UenjJBpTeyLN4C6zhq/LZMiP WW+wU3Xb0Mf6conS1tPx3xXdfltxBwebVALm8jLsEYYUgI0vxPIeqn2RrFwd6g5DfxUI feZg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=Tz1eBnWwuFKalpgC5LSYWF0H5qhfVAcDAFCNr+uxfWg=; b=usfL+FK4JlFz1cUoHR3smmwswcvzh9Y+mvcoYDcatqtjmLNvJke+edPwTZrl5E/4vc W+deY7V1yxTqqWcpKY3CIFNr0xUhjB/425v5QOHwqZ5T/xTgRYpgGpcaUZw54rhW+nqi phPXSb31EHHMsXSb/oJZ8bJUzTJHKIa4YT0svvVBfwZA1lacEd7MFWzGTe/zUDuwtsQ6 cognE6juXfttaGfdng6zGRKE9gjwrYLJtxl+y+qNlRp4Z9RdFmDpI70/itxrAmo48/m6 63d+3DbruoShhBbfUXmFNs4+FRheCrMNVD+IjaKLa+GN8gafhnuoXi+ckgLy1tzepkAV tnGQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k26-20020a63ba1a000000b00517aaf50a82si21584239pgf.854.2023.04.28.03.08.54; Fri, 28 Apr 2023 03:09:09 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345755AbjD1Jwq (ORCPT + 99 others); Fri, 28 Apr 2023 05:52:46 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60732 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345790AbjD1Jwf (ORCPT ); Fri, 28 Apr 2023 05:52:35 -0400 Received: from out0-216.mail.aliyun.com (out0-216.mail.aliyun.com [140.205.0.216]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 248BA10E7; Fri, 28 Apr 2023 02:52:11 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R121e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047204;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=14;SR=0;TI=SMTPD_---.STCEPMn_1682675524; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STCEPMn_1682675524) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:52:05 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Rafael J. Wysocki" , "Pavel Machek" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , Subject: [PATCH RFC 09/43] x86/power/64: Adapt assembly for PIE support Date: Fri, 28 Apr 2023 17:50:49 +0800 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764414245358060961?= X-GMAIL-MSGID: =?utf-8?q?1764414245358060961?= From: Thomas Garnier From: Thomas Garnier Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Signed-off-by: Thomas Garnier Signed-off-by: Hou Wenlong Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/power/hibernate_asm_64.S | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/power/hibernate_asm_64.S b/arch/x86/power/hibernate_asm_64.S index 0a0539e1cc81..1d96a119d29d 100644 --- a/arch/x86/power/hibernate_asm_64.S +++ b/arch/x86/power/hibernate_asm_64.S @@ -39,7 +39,7 @@ SYM_FUNC_START(restore_registers) movq %rax, %cr4; # turn PGE back on /* We don't restore %rax, it must be 0 anyway */ - movq $saved_context, %rax + leaq saved_context(%rip), %rax movq pt_regs_sp(%rax), %rsp movq pt_regs_bp(%rax), %rbp movq pt_regs_si(%rax), %rsi @@ -70,7 +70,7 @@ SYM_FUNC_START(restore_registers) SYM_FUNC_END(restore_registers) SYM_FUNC_START(swsusp_arch_suspend) - movq $saved_context, %rax + leaq saved_context(%rip), %rax movq %rsp, pt_regs_sp(%rax) movq %rbp, pt_regs_bp(%rax) movq %rsi, pt_regs_si(%rax) From patchwork Fri Apr 28 09:50:50 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88552 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp815915vqo; Fri, 28 Apr 2023 03:01:44 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ5Y8xvOqa+kgz6vMTqz8WQV8fW16b32qY7WOHEsK7z8Kh2jZ5pPN67Ev0B7meU4c98/kDy5 X-Received: by 2002:a05:6a00:2ea6:b0:63f:24f1:adac with SMTP id fd38-20020a056a002ea600b0063f24f1adacmr7832536pfb.25.1682676104142; Fri, 28 Apr 2023 03:01:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676104; cv=none; d=google.com; s=arc-20160816; b=C+iKBfwnd4rRQxqKDCOsdWKfYJRSqZNUSX1FlVjczo39y+yTeuP2ENcubcCSyMhieD OH6y2pE7CmopjRFtoJceTqsFMbpJnnJZ3z4Fthwu4gfK8xRWMzB/dZR9j6AfziJa933k TLIBEZhkNUure6Xvihs51jB7+hXnCU0iH4QKC471wuEK8AIfs9dUcncvQXOGOX6y2nvB doJnqeSO4034+ZunhibmysZaYcvVYB+qXMiXIBL1mG69EkPz8pvsA27M8UmWlocz7Rzd qLSNvCyPRMBgdemyahVFYgxXLqYtnpfIsF6FlBQRDq4YdDi+OO2klHjhwo1uZ43SPfJv WHFg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=kNzViBjhN5Ze8gUicJ75SGyKKI+ewsaHwplG0KEKdWo=; b=FcAczKCGmEK2ik+XZlcAiX2sedsEiGOl7/v6y+bwKHILVXNikRA7h/lcZQH5qXBDTS 7lcjIpNE7PKrA+H01XLC0NxuupFB/lMESnbYeQ2DxK5zo8PNfjZ2bP/uCf4RuRoC5RMu yme8PvE2Y/Y2i1uAtzzExSRZ6F5sR43J+w1C7ULRT4v5N+5z6MA6ZStS9ehOBiK74eEf DKcvj50/2sv4Df4FymYN205D8GZZtlDfy9RhQYJXu0JAa+gNe95S244LFyuw3g08ET7f 1wdaojDSTntjtuBzw8mD1kGlhyUaGvTUONAjeSY+sw+hgLxaKpFLVy5wFKYt4NezsuMp sYAw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id g38-20020a632026000000b0051ef3e0cdaesi20030287pgg.260.2023.04.28.03.01.30; Fri, 28 Apr 2023 03:01:44 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345854AbjD1JxB (ORCPT + 99 others); Fri, 28 Apr 2023 05:53:01 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60624 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345815AbjD1Jwh (ORCPT ); Fri, 28 Apr 2023 05:52:37 -0400 Received: from out0-194.mail.aliyun.com (out0-194.mail.aliyun.com [140.205.0.194]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8293759F2 for ; Fri, 28 Apr 2023 02:52:16 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R111e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047207;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=13;SR=0;TI=SMTPD_---.STFoGBM_1682675527; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STFoGBM_1682675527) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:52:08 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , "Peter Zijlstra" , "Willy Tarreau" Subject: [PATCH RFC 10/43] x86/alternatives: Adapt assembly for PIE support Date: Fri, 28 Apr 2023 17:50:50 +0800 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764413778608703414?= X-GMAIL-MSGID: =?utf-8?q?1764413778608703414?= From: Thomas Garnier From: Thomas Garnier Change the assembly options to work with pointers instead of integers. The generated code is the same PIE just ensures input is a pointer. Signed-off-by: Thomas Garnier Signed-off-by: Hou Wenlong Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/include/asm/alternative.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/arch/x86/include/asm/alternative.h b/arch/x86/include/asm/alternative.h index d7da28fada87..cbf7c93087c8 100644 --- a/arch/x86/include/asm/alternative.h +++ b/arch/x86/include/asm/alternative.h @@ -307,7 +307,7 @@ static inline int alternatives_text_reserved(void *start, void *end) /* Like alternative_io, but for replacing a direct call with another one. */ #define alternative_call(oldfunc, newfunc, ft_flags, output, input...) \ asm_inline volatile (ALTERNATIVE("call %P[old]", "call %P[new]", ft_flags) \ - : output : [old] "i" (oldfunc), [new] "i" (newfunc), ## input) + : output : [old] "X" (oldfunc), [new] "X" (newfunc), ## input) /* * Like alternative_call, but there are two features and respective functions. @@ -320,8 +320,8 @@ static inline int alternatives_text_reserved(void *start, void *end) asm_inline volatile (ALTERNATIVE_2("call %P[old]", "call %P[new1]", ft_flags1,\ "call %P[new2]", ft_flags2) \ : output, ASM_CALL_CONSTRAINT \ - : [old] "i" (oldfunc), [new1] "i" (newfunc1), \ - [new2] "i" (newfunc2), ## input) + : [old] "X" (oldfunc), [new1] "X" (newfunc1), \ + [new2] "X" (newfunc2), ## input) /* * use this macro(s) if you need more than one output parameter From patchwork Fri Apr 28 09:50:51 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88576 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp823746vqo; Fri, 28 Apr 2023 03:16:25 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7BqHc4BpmsZ13YHgZ76F7SYrfXogJeYUQkAEwRhbMsw/s3mmZZ5PbXVHmJ4k7CuOfg6h7p X-Received: by 2002:a05:6a00:2d93:b0:63d:4358:9140 with SMTP id fb19-20020a056a002d9300b0063d43589140mr7495003pfb.34.1682676985059; Fri, 28 Apr 2023 03:16:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676985; cv=none; d=google.com; s=arc-20160816; b=qMV3ZTmkxfeRzrYz3nlwWYT7SVCqxJEr+ct8nXPS7MBNFPBT1nwYu4CHl6C22pqwUG FxUQ9IucyHYTJ+tfpVSKN0GRsCqEtPTHAOUauSON3TML0UcA1FQLWkQBfDNHfGz+NP5x yimNXHpOMmIhCumquBhSUEBcYoFKkG3fOGGniixCalJl2gE6g6m7eBgs/ZxZBqQw7zst Oa8RAVW3nm3Ymeu708Ij/968tI9ZJbCvhWz+6ZcF6UDvoT77j6ql+wHgMU0G8yCSSMie 8EBeN2Fy213ir4o3ixtTKWGpoarF5rJ75JNyzdHkNDB2ZfNB64SssBtZFt5+ijvuYvpn KuQg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=l9k8s6njlw1m/JkJqnzjIMPz3LzlHbD3gAIi3L6lc6s=; b=Bgzm+eWqRwgzI8sr2Dy4cGfFfY0hB6HvZjC4FLNHd4aBoogtIMRC172onGm/kE4Mz+ idpGVAzI3qtViz9Q/YzsgnrsazfmEVk5jonZaYfgDh03FZepAehowx2tzIEVxSj1NyZ+ R0QXR7v/OnwAMxOMnOMI2QtJ/+XJwEENbIhelKWQPMPxlShkx77fHHUEvvE7Yl/cNfYi 5wG3gjbcKz/aHl3dsMojXLM48FyAmCEmKGGImo997o5RtWN00sDNHpLmzSc3wxKAJEe4 pV9TyuBzeohRgrb/HyXNcjDx5jYLiZANy9jWthBuq6wEu0pCP38hh1N7sHr/t4t8fcnl 2qnw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id h12-20020a056a00000c00b0063b24c661c8si20972903pfk.364.2023.04.28.03.16.09; Fri, 28 Apr 2023 03:16:25 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345707AbjD1JxD (ORCPT + 99 others); Fri, 28 Apr 2023 05:53:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33268 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345686AbjD1Jwl (ORCPT ); Fri, 28 Apr 2023 05:52:41 -0400 Received: from out0-202.mail.aliyun.com (out0-202.mail.aliyun.com [140.205.0.202]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 058505BBE for ; Fri, 28 Apr 2023 02:52:19 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R111e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047201;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=14;SR=0;TI=SMTPD_---.STFoGCe_1682675531; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STFoGCe_1682675531) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:52:12 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , " =?utf-8?q?Peter_Zijlstra_=28Intel=29?= " , "Sebastian Andrzej Siewior" , "Arnd Bergmann" Subject: [PATCH RFC 11/43] x86/irq: Adapt assembly for PIE support Date: Fri, 28 Apr 2023 17:50:51 +0800 Message-Id: <38061a9bfc6f4a6b4bd9737d45ce4f551849ed08.1682673543.git.houwenlong.hwl@antgroup.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764414702074528882?= X-GMAIL-MSGID: =?utf-8?q?1764414702074528882?= Change the assembly options to work with pointers instead of integers. The generated code is the same PIE just ensures input is a pointer. Signed-off-by: Hou Wenlong Cc: Thomas Garnier Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/include/asm/irq_stack.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/include/asm/irq_stack.h b/arch/x86/include/asm/irq_stack.h index 798183867d78..caba5d1d0800 100644 --- a/arch/x86/include/asm/irq_stack.h +++ b/arch/x86/include/asm/irq_stack.h @@ -93,7 +93,7 @@ "popq %%rsp \n" \ \ : "+r" (tos), ASM_CALL_CONSTRAINT \ - : [__func] "i" (func), [tos] "r" (tos) argconstr \ + : [__func] "X" (func), [tos] "r" (tos) argconstr \ : "cc", "rax", "rcx", "rdx", "rsi", "rdi", "r8", "r9", "r10", \ "memory" \ ); \ From patchwork Fri Apr 28 09:50:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88574 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp823094vqo; Fri, 28 Apr 2023 03:15:02 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7tgwbkaiTM/wke44oOxephMVs3YpkyH9eqz/X5IpdPekWU/jRtRxPkL/CukpaLX0zeUuwX X-Received: by 2002:a17:903:41c4:b0:1a6:e58f:8aee with SMTP id u4-20020a17090341c400b001a6e58f8aeemr5243028ple.65.1682676901989; Fri, 28 Apr 2023 03:15:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676901; cv=none; d=google.com; s=arc-20160816; b=H+i+UcPjkBrIYw+tCFDFvau4975AZL6N2n0/fGYo9lWoA+RnIp/VAk8mMT5X2gOAv9 nJq6JZIPg0qLaW30QtTJJPbPXB1QrHaR1x67AKeyPYE34mJ8k5z/O+EHJRBCt10M9LV+ 8z89QX/Idn50Ro1Frpp6SR7ex1IJm2rN7q4Hh8mpkERLpLj5+oykJZJIk3FQH++YV2vX hrnwrXW2Itz15ujUVgQR67M0yfTwBa6CWLN0YZuxdP7q4eyO3xo/2myA6B1LTs6lWJV4 2N5+yrZhBzLknkNsoeiUkNDi2QS//n9ujxJwhkRLTfq7EpkYv61cv4ttsy0a9H+6FiUR OByw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=cmEZVhiF8fX9F4xTfFN7JAl1iwVobQtKpB4OGg7OWrQ=; b=I/1XVBuEqVG7jxfbUnJHhZV/FASvHjrzYOn+3MexYSxWsCCEhIybc8RquQUu9qNT2t fwS4E0XEVJk+3tE1rXXWB43flboK/WWlQzzs7laHCTmMsAJIwpauy7Qqs0tiMbwLIVa4 ZeaSacl2ny0LYzIePz6pHz/vAcSL3LihohXSkgX+QNCYe8Ge6CeUz6UBp4/x62ws1Gm+ lVlRrdZDWIjV9sVQkMKcHWmyNh9kk55MTI5MIGQpcmM+6fw4PFAy6usFsxoLvOOXKjpw YeNop3sYcf5TRY8+T+oTxhvyI/vNFNovc6lmEBS9Nm0JTrutK5W8U02tpAknynzccqJJ e9JQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id t4-20020a170902e84400b001a80ddd372csi22224368plg.43.2023.04.28.03.14.43; Fri, 28 Apr 2023 03:15:01 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345870AbjD1JxN (ORCPT + 99 others); Fri, 28 Apr 2023 05:53:13 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33130 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345741AbjD1Jwq (ORCPT ); Fri, 28 Apr 2023 05:52:46 -0400 Received: from out0-222.mail.aliyun.com (out0-222.mail.aliyun.com [140.205.0.222]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 255EB5FCD for ; Fri, 28 Apr 2023 02:52:22 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R191e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047193;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=11;SR=0;TI=SMTPD_---.STCEPQo_1682675534; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STCEPQo_1682675534) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:52:15 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" Subject: [PATCH RFC 12/43] x86,rethook: Adapt assembly for PIE support Date: Fri, 28 Apr 2023 17:50:52 +0800 Message-Id: <8a0c7ca2d70bbc6162c97a87a73dafb24a6659a2.1682673543.git.houwenlong.hwl@antgroup.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764414615092114732?= X-GMAIL-MSGID: =?utf-8?q?1764414615092114732?= Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Signed-off-by: Hou Wenlong Cc: Thomas Garnier Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/kernel/rethook.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/arch/x86/kernel/rethook.c b/arch/x86/kernel/rethook.c index 8a1c0111ae79..ff3733b765e0 100644 --- a/arch/x86/kernel/rethook.c +++ b/arch/x86/kernel/rethook.c @@ -27,7 +27,15 @@ asm( #ifdef CONFIG_X86_64 ANNOTATE_NOENDBR /* This is only jumped from ret instruction */ /* Push a fake return address to tell the unwinder it's a rethook. */ +#ifdef CONFIG_X86_PIE + " pushq $0\n" + " pushq %rdi\n" + " leaq arch_rethook_trampoline(%rip), %rdi\n" + " movq %rdi, 8(%rsp)\n" + " popq %rdi\n" +#else " pushq $arch_rethook_trampoline\n" +#endif UNWIND_HINT_FUNC " pushq $" __stringify(__KERNEL_DS) "\n" /* Save the 'sp - 16', this will be fixed later. */ From patchwork Fri Apr 28 09:50:53 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88567 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp820768vqo; Fri, 28 Apr 2023 03:10:39 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ62niSbbJ34Gc7cAs4oA2ByfK+iDGCf34vaizjF95HY9PTQ+uDiwxu90S8qX2dWeyes2ddj X-Received: by 2002:a05:6a00:9a2:b0:641:f54:eaed with SMTP id u34-20020a056a0009a200b006410f54eaedmr7676217pfg.21.1682676639302; Fri, 28 Apr 2023 03:10:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676639; cv=none; d=google.com; s=arc-20160816; b=cr3sHQ2xXGAX/5pVg28lEgvxSJOzkd51b6EHuQBL1VeBCOAWjcaU/Wd+71o1c5UA2p AMYROmplQpMiOFy6kktchlUG5g57g8mo2W/9KDyLISC2Egz3jsaByte6ToQLaYo3sFkE 8+RLV1WK+2tmV5O7d+mjenb9M0jFU0xq88POjfpcqvLScodGXHRndED8U0O201J7xTx4 C3yKjyqdtuVAS3JoZpCEq7N6r1OVz8Ms6vqFEQQwBxjPLLQSxvue+MrxMslwzwHLj/ym 5Kj5FQJqYbnVf4ROZ1eO4kHsBjmtnj7fWEtBXXKIpruKnMQHdo/+E7P/GWxpma2xaShP RQWA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=a1WEjWmksasV+hI5O6GUYdzfr2vUWld055QeE17zlbo=; b=X+rS3jV8KfgJ75egWzth4H/KMLIL8+8jKxgHM7PlajGPwyQfLNrKyyIoy1GtxwlATy S0C9xz0KvVaspU4l3IdY+EiUK8WvbW2bFiAPM03UINT7EqDmin0T3M3Fyp4V4vQpIwbQ CnK4+SAffrsKth23dx5ctP9DEeKxQYopljDU2L3EUvrMjnjY5sRpLPlfUFfH8ly9gs1r +INp74JvGoG0Ff3hOzAfEUFPJrVDJA78+rv9H1mjvGFLora6/tl667CmUEUPw79T/5lB KQCXojfwceOPsM6ANKmwsS+NNRsr8KimJWiSr3BCHxkEZw13IrAaRoZ0Sdobd8XBndtm I9Rw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id m187-20020a6258c4000000b00640f209d54fsi8115782pfb.11.2023.04.28.03.10.23; Fri, 28 Apr 2023 03:10:39 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345807AbjD1Jxa (ORCPT + 99 others); Fri, 28 Apr 2023 05:53:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60786 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345869AbjD1JxN (ORCPT ); Fri, 28 Apr 2023 05:53:13 -0400 Received: from out0-208.mail.aliyun.com (out0-208.mail.aliyun.com [140.205.0.208]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 028E42726 for ; Fri, 28 Apr 2023 02:52:48 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R861e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047187;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=20;SR=0;TI=SMTPD_---.STFQGHW_1682675543; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STFQGHW_1682675543) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:52:24 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Juergen Gross" , " =?utf-8?q?Srivatsa_S=2E_Bhat_=28VMware?= =?utf-8?q?=29?= " , "Alexey Makhalov" , "VMware PV-Drivers Reviewers" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , "Peter Zijlstra" , "Song Liu" , "Nadav Amit" , "Arnd Bergmann" , Subject: [PATCH RFC 13/43] x86/paravirt: Use relative reference for original instruction Date: Fri, 28 Apr 2023 17:50:53 +0800 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764414339685446540?= X-GMAIL-MSGID: =?utf-8?q?1764414339685446540?= Similar to the alternative patching, use relative reference for original instruction rather than absolute one, which saves 8 bytes for one entry on x86_64. And it could generate R_X86_64_PC32 relocation instead of R_X86_64_64 relocation, which also reduces relocation metadata on relocatable builds. And the alignment could be hard coded to be 4 now. Signed-off-by: Hou Wenlong Cc: Thomas Garnier Cc: Lai Jiangshan Cc: Kees Cook Reviewed-by: Juergen Gross --- arch/x86/include/asm/paravirt.h | 10 +++++----- arch/x86/include/asm/paravirt_types.h | 8 ++++---- arch/x86/kernel/alternative.c | 8 +++++--- arch/x86/kernel/callthunks.c | 2 +- 4 files changed, 15 insertions(+), 13 deletions(-) diff --git a/arch/x86/include/asm/paravirt.h b/arch/x86/include/asm/paravirt.h index b49778664d2b..2350ceb43db0 100644 --- a/arch/x86/include/asm/paravirt.h +++ b/arch/x86/include/asm/paravirt.h @@ -742,16 +742,16 @@ extern void default_banner(void); #else /* __ASSEMBLY__ */ -#define _PVSITE(ptype, ops, word, algn) \ +#define _PVSITE(ptype, ops) \ 771:; \ ops; \ 772:; \ .pushsection .parainstructions,"a"; \ - .align algn; \ - word 771b; \ + .align 4; \ + .long 771b-.; \ .byte ptype; \ .byte 772b-771b; \ - _ASM_ALIGN; \ + .align 4; \ .popsection @@ -759,7 +759,7 @@ extern void default_banner(void); #ifdef CONFIG_PARAVIRT_XXL #define PARA_PATCH(off) ((off) / 8) -#define PARA_SITE(ptype, ops) _PVSITE(ptype, ops, .quad, 8) +#define PARA_SITE(ptype, ops) _PVSITE(ptype, ops) #define PARA_INDIRECT(addr) *addr(%rip) #ifdef CONFIG_DEBUG_ENTRY diff --git a/arch/x86/include/asm/paravirt_types.h b/arch/x86/include/asm/paravirt_types.h index 4acbcddddc29..982a234f5a06 100644 --- a/arch/x86/include/asm/paravirt_types.h +++ b/arch/x86/include/asm/paravirt_types.h @@ -5,7 +5,7 @@ #ifndef __ASSEMBLY__ /* These all sit in the .parainstructions section to tell us what to patch. */ struct paravirt_patch_site { - u8 *instr; /* original instructions */ + s32 instr_offset; /* original instructions */ u8 type; /* type of this instruction */ u8 len; /* length of original instruction */ }; @@ -270,11 +270,11 @@ extern struct paravirt_patch_template pv_ops; #define _paravirt_alt(insn_string, type) \ "771:\n\t" insn_string "\n" "772:\n" \ ".pushsection .parainstructions,\"a\"\n" \ - _ASM_ALIGN "\n" \ - _ASM_PTR " 771b\n" \ + " .align 4\n" \ + " .long 771b-.\n" \ " .byte " type "\n" \ " .byte 772b-771b\n" \ - _ASM_ALIGN "\n" \ + " .align 4\n" \ ".popsection\n" /* Generate patchable code, with the default asm parameters. */ diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c index f615e0cb6d93..25c59da6c53b 100644 --- a/arch/x86/kernel/alternative.c +++ b/arch/x86/kernel/alternative.c @@ -1230,20 +1230,22 @@ void __init_or_module apply_paravirt(struct paravirt_patch_site *start, { struct paravirt_patch_site *p; char insn_buff[MAX_PATCH_LEN]; + u8 *instr; for (p = start; p < end; p++) { unsigned int used; + instr = (u8 *)&p->instr_offset + p->instr_offset; BUG_ON(p->len > MAX_PATCH_LEN); /* prep the buffer with the original instructions */ - memcpy(insn_buff, p->instr, p->len); - used = paravirt_patch(p->type, insn_buff, (unsigned long)p->instr, p->len); + memcpy(insn_buff, instr, p->len); + used = paravirt_patch(p->type, insn_buff, (unsigned long)instr, p->len); BUG_ON(used > p->len); /* Pad the rest with nops */ add_nops(insn_buff + used, p->len - used); - text_poke_early(p->instr, insn_buff, p->len); + text_poke_early(instr, insn_buff, p->len); } } extern struct paravirt_patch_site __start_parainstructions[], diff --git a/arch/x86/kernel/callthunks.c b/arch/x86/kernel/callthunks.c index ffea98f9064b..f15405acfd42 100644 --- a/arch/x86/kernel/callthunks.c +++ b/arch/x86/kernel/callthunks.c @@ -245,7 +245,7 @@ patch_paravirt_call_sites(struct paravirt_patch_site *start, struct paravirt_patch_site *p; for (p = start; p < end; p++) - patch_call(p->instr, ct); + patch_call((void *)&p->instr_offset + p->instr_offset, ct); } static __init_or_module void From patchwork Fri Apr 28 09:50:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88571 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp821644vqo; Fri, 28 Apr 2023 03:12:10 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7c8SN5db8y0Jq+gkxazGecL5uxC4mluA045pzkfctfB6e1+g01mNn29MPlNl0ulotC3yTr X-Received: by 2002:a17:902:ec84:b0:1a9:9dd3:6e with SMTP id x4-20020a170902ec8400b001a99dd3006emr12840874plg.16.1682676730153; Fri, 28 Apr 2023 03:12:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676730; cv=none; d=google.com; s=arc-20160816; b=EQhlkNtdCdq9cct2lDq0fiUf/Dy78EuQFSPVlXHWE2GQc4trIPjkjo+LoD7y0fpBZn B630D9xVLWqFsRYaLq1Jn20pXwSHAO5DWpxgZMcaH9WTYDyBrf7WsoUXyA6A8AIPW43E r9vQGPtH1+A0KAcE+iMI6oBAT/ZSha+y3bhicCpGRcWFOiQGPXKJeWUxYGrvQ9qE0sWT K1CWJIBpKabrU4bsZaMWcFaztu5pobbNuON175IxWr3Xpe0DzOXuUQJjspDURpI/svR6 giCN4/elZ0x42SX9pdo4+671OZnhAQxKBeowZ3Bg0V6fPWd/7pZIe0wMJTf5H+nisCqB xDog== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=Ee5H+WD+CgTi2Z0fkTjgtk88ZrZst7JG8IeeyEgZ6HY=; b=QMJWrGNDkUjz5RQucDNBwOSuzj4A2rZJONLHVjx4SJwW4YbPeDmN2hjeCkGTqPWZ6u KXjKygpSstLTJXKrAlgGeQFbVBtAdpcrPwP23c8YPUHSAx51KSBgPxuFE8WxQSuCdRzb +pA/wSxHaA+vVYvnY+Jcg/xbaf9WLJG3LA9jv2ivz0hVlT6QkAY3/uir+cR8m8dRDuTH 1ZkxsPGaY9uMg+986m86D7nrtCXvA0JVWf1HSCMO9U1ayChdMsZdYqqypWh5IeKlerql IDu4aQUfeoBf3L1KtO/urcD86fCAqeH/ZImvUc3Rpf+sD5psRV41Aoeqg7hnc7rMqvbY aF8Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id p13-20020a170902e74d00b001a814f7db5fsi15172020plf.632.2023.04.28.03.11.55; Fri, 28 Apr 2023 03:12:10 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345825AbjD1Jxc (ORCPT + 99 others); Fri, 28 Apr 2023 05:53:32 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33496 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345792AbjD1JxP (ORCPT ); Fri, 28 Apr 2023 05:53:15 -0400 Received: from out0-206.mail.aliyun.com (out0-206.mail.aliyun.com [140.205.0.206]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9353044A2 for ; Fri, 28 Apr 2023 02:52:51 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R251e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047208;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=11;SR=0;TI=SMTPD_---.STFoGIL_1682675546; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STFoGIL_1682675546) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:52:27 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" Subject: [PATCH RFC 14/43] x86/Kconfig: Introduce new Kconfig for PIE kernel building Date: Fri, 28 Apr 2023 17:50:54 +0800 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764414434968540506?= X-GMAIL-MSGID: =?utf-8?q?1764414434968540506?= Add a new Kconfig to control the behaviour of PIE building, and disable it now. Suggested-by: Lai Jiangshan Signed-off-by: Hou Wenlong Cc: Thomas Garnier Cc: Kees Cook --- arch/x86/Kconfig | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index c94297369448..68e5da464b96 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2208,6 +2208,10 @@ config RELOCATABLE it has been loaded at and the compile time physical address (CONFIG_PHYSICAL_START) is used as the minimum location. +config X86_PIE + def_bool n + depends on X86_64 + config RANDOMIZE_BASE bool "Randomize the address of the kernel image (KASLR)" depends on RELOCATABLE From patchwork Fri Apr 28 09:50:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88554 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp816468vqo; Fri, 28 Apr 2023 03:02:30 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ5GthAiyygmBaq19/l70C+kWBM1Ra43MuKLT5sANPgn1mBu2fibFRWBUu15GD3+VgmjoqAT X-Received: by 2002:a05:6a20:7da6:b0:f8:ea21:7c37 with SMTP id v38-20020a056a207da600b000f8ea217c37mr3712045pzj.20.1682676149906; Fri, 28 Apr 2023 03:02:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676149; cv=none; d=google.com; s=arc-20160816; b=NLc0anSyx9kluiddd6SBgAbYXbKxhR8hweuq1GEEIBcLDvi2DaaKaJ0cf/mL+E4E3l yT24aknaqGCxO2wNa9LVEOvdFzZZa/oHiyfZ6n2j9jToICn0YsOKNk+QA3WjMCaBMtfu NL52x+YPFGWuF7w75t+Sjc85b1Fcxhlc1suJTSFQrnKTOuwPOBe0qDt9jVNtwwskOWZl xkPrmNlHjzsg1k9wVS2JvfGW8pq17mMrUSSe2+7hpCK3C7Sn10Now5liRfOwX8k/DTnO pvQh5hPg/z5bEtnzRh3QEUfgkprqWZcMY9M5ChjOVeQiKYN4kzca6YubCO8yPtmende8 P1NA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=yYc0n90JYFI54S7MPf98HJFG7zj7m02alVcdXoyA3Nw=; b=cKY9aW3E6n+r+l4X2QIB9OGw4NJeg63TiDEn3Pf2mpIFMeQoyGb8nmyhIbXWFfgNP5 x9TirxA+Cj7pFGMHT26+hvyl/oDNju1NQ6+TWAvbaxhBJZ8dyj9xA3jnKOHW3G/yH8rm ZcqGPNjdIRJk1DXel7AxA+z+kYmkxK9wuty8QVe1eZ8NWAc6FwbndZ4T3S5bHgW+DyiW gvJaaKs4NEJ65QTCZWGolO7a5GPkiUKwFcmb3g2LKlrWd5wyIUa4q+c5DboDetqmZvnW R9lVfBUiRVdSzT+0E7QShawfH2Yg7XF+fRJhiIX9xvjB1YXDyhVeUvxdaEx8YRB3KHmc cn8w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id v202-20020a6361d3000000b00519d4818029si21134283pgb.152.2023.04.28.03.02.16; Fri, 28 Apr 2023 03:02:29 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345529AbjD1Jxr (ORCPT + 99 others); Fri, 28 Apr 2023 05:53:47 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60688 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345782AbjD1JxY (ORCPT ); Fri, 28 Apr 2023 05:53:24 -0400 Received: from out0-219.mail.aliyun.com (out0-219.mail.aliyun.com [140.205.0.219]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CC24959F9; Fri, 28 Apr 2023 02:53:02 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R181e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047198;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=17;SR=0;TI=SMTPD_---.STCEPV9_1682675548; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STCEPV9_1682675548) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:52:29 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Juergen Gross" , "Boris Ostrovsky" , "Darren Hart" , "Andy Shevchenko" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , , Subject: [PATCH RFC 15/43] x86/PVH: Use fixed_percpu_data to set up GS base Date: Fri, 28 Apr 2023 17:50:55 +0800 Message-Id: <4fdb800ce6f1a2315918cb02eec3efbec1032cb8.1682673543.git.houwenlong.hwl@antgroup.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764413826564497081?= X-GMAIL-MSGID: =?utf-8?q?1764413826564497081?= startup_64() and startup_xen() both use fixed_percpu_data to set up GS base. So for consitency, use it too in PVH entry. Signed-off-by: Hou Wenlong Cc: Thomas Garnier Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/platform/pvh/head.S | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/arch/x86/platform/pvh/head.S b/arch/x86/platform/pvh/head.S index c4365a05ab83..b093996b7e19 100644 --- a/arch/x86/platform/pvh/head.S +++ b/arch/x86/platform/pvh/head.S @@ -96,7 +96,7 @@ SYM_CODE_START_LOCAL(pvh_start_xen) 1: /* Set base address in stack canary descriptor. */ mov $MSR_GS_BASE,%ecx - mov $_pa(canary), %eax + mov $_pa(INIT_PER_CPU_VAR(fixed_percpu_data)), %eax xor %edx, %edx wrmsr @@ -156,8 +156,6 @@ SYM_DATA_START_LOCAL(gdt_start) SYM_DATA_END_LABEL(gdt_start, SYM_L_LOCAL, gdt_end) .balign 16 -SYM_DATA_LOCAL(canary, .fill 48, 1, 0) - SYM_DATA_START_LOCAL(early_stack) .fill BOOT_STACK_SIZE, 1, 0 SYM_DATA_END_LABEL(early_stack, SYM_L_LOCAL, early_stack_end) From patchwork Fri Apr 28 09:50:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88568 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp820940vqo; Fri, 28 Apr 2023 03:10:55 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7vkvubQs5GGNs5foIdURHZKsBWkLdh2H0vW6pSJVhEvKegNJXxRhz1RyHGbqvNz2GvC6F1 X-Received: by 2002:a17:90b:4f83:b0:247:a22d:2a44 with SMTP id qe3-20020a17090b4f8300b00247a22d2a44mr4817113pjb.36.1682676654877; Fri, 28 Apr 2023 03:10:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676654; cv=none; d=google.com; s=arc-20160816; b=r2CKKznSXm+dGrvDoiqSwfzKKxpTybVq8irmtxxlvIL9srgLj1cVzQ1BuUVEJzfc22 gt5igih2cHEDjn9g3KiHADvEDO7UU7NKXVuinHPkNNQf+4ZWl/5NCRnjPKRyYUBPehgL XyBebuGlS/xaI0M6O5hTfmjkNQyZK0WDZgPis3nZ5Q8So0VvXjEqmhKuq9K0nfAaP/yl oszodjM0oZnuH8qC0limd83MR2NT37QTAuiFM1946SGWzm+SfY8cs0P0rnphLYfGepXq EQX1Olhewff0Lml1U7RA0svTTzJr7nIxBD4b992hKZ6PFTfAULvXBQGvizzQRghZF/80 YxSA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=6bAF8OWacQ8TFXQclejb78k1fH0h4CsJv5BTZI+9504=; b=t2gkpBTg1s1HzD9iRqmyVT2j76IIEQaxnlHeT9yswNVDa3FvdiTXGcmRG9uMEuko2a SpA9kmacucEv3tVLQFrWUDoq2Ai6YeJLmeXGrfQIpGpkItVsdm96Hf7dey1nY/Y0t3Wu QzGLv4o8cT4biSGk9EVR22cLQHEzgFhRthasmHcIZruCB41Hut3XGweUSGuRmjxruvW9 taf64hNDefXpw5l2qguAyiuJzw2fWlCzS8yK6ujNh9xSV54fDzKaWrwR//cqBI1epFg6 FHQjsHL1YS6PR7Y8orRvCuXW4L/B3Zk+pTISq2xFCTpKBi/qW/Q4G9lvl33Eu0SAGUGf eXgg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id v10-20020a63f20a000000b00524ba7e95c3si21549786pgh.785.2023.04.28.03.10.39; Fri, 28 Apr 2023 03:10:54 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345621AbjD1Jyd (ORCPT + 99 others); Fri, 28 Apr 2023 05:54:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35038 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345518AbjD1JyS (ORCPT ); Fri, 28 Apr 2023 05:54:18 -0400 Received: from out0-214.mail.aliyun.com (out0-214.mail.aliyun.com [140.205.0.214]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 349B05BB9 for ; Fri, 28 Apr 2023 02:53:51 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R131e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047204;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=11;SR=0;TI=SMTPD_---.STFoGN5_1682675562; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STFoGN5_1682675562) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:52:43 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" Subject: [PATCH RFC 17/43] x86/pie: Enable stack protector only if per-cpu stack canary is supported Date: Fri, 28 Apr 2023 17:50:57 +0800 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764414355987786227?= X-GMAIL-MSGID: =?utf-8?q?1764414355987786227?= Since -fPIE option is not incompatible with -mcmode=kernel option, PIE kernel would drop -mcmodel=kernel option. However, GCC would use %fs as segment register for stack protector when -mcmodel=kernel option is dropped. So only enable stack protector for PIE kernel if per-cpu stack canary is supported. Signed-off-by: Hou Wenlong Cc: Thomas Garnier Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 55cce8cdf9bd..b26941ef50ee 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -403,6 +403,7 @@ config PGTABLE_LEVELS config CC_HAS_SANE_STACKPROTECTOR bool + default CC_HAS_CUSTOMIZED_STACKPROTECTOR if X86_PIE default $(success,$(srctree)/scripts/gcc-x86_64-has-stack-protector.sh $(CC) $(CLANG_FLAGS)) if 64BIT default $(success,$(srctree)/scripts/gcc-x86_32-has-stack-protector.sh $(CC) $(CLANG_FLAGS)) help From patchwork Fri Apr 28 09:50:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88566 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp820623vqo; Fri, 28 Apr 2023 03:10:24 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ6en7sxj1nvg78BBJpF/uiJ0GVNin38qDnm2UETT1F22wgjTuXIysURDIA77PGsK8BjGQ/d X-Received: by 2002:a05:6a20:7da6:b0:f2:bb3f:3b3e with SMTP id v38-20020a056a207da600b000f2bb3f3b3emr4694763pzj.38.1682676624588; Fri, 28 Apr 2023 03:10:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676624; cv=none; d=google.com; s=arc-20160816; b=Y2s7Ui5sC7tIUHV9wPStD3VFy4T/Mih4UVsnMU7AJWesaTpMLSFHaCOxkZGlI/pykP j+QYDsEGtpLImjKNpZuimVSkioxdbg1pEXBWePj6FHo+tDoE/GUVFZcnfniKRmIWsoZ7 RUrN+pZlm0mwXVP/CM/e3pwUMNQM7/gEXXOqjHLnGjz/VWhCGegfQlVyQiE6JuO2aeb3 QFdy4YuopHIQRYlJA3QiCNj+Fs9rllYqaumtRM4MdGfYWXy5Of1EQFybr9rThQT8aYva IvWalpma4UzrKw73qI3i312MKW/+W40Qy8aSNHZLfG1QVx7/1mkCC5SQ+l7U9UcJ2/e/ zK2w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=XF7TzJPla4DjfGyNZjRZe8WddnRMZogoRxw+y3NYu0A=; b=nEwywVA4JITxquKm0KUf9T87m2vWZc4weTWTWBHPDmHmCGHs++qz+l7JO47EJlnwO+ G+4xiBQmMYyn7/+Y5u7Geo3qXIydjOxE6b8LNzeyCG+iXReL9XASPmP/rTv3XXmHwBwp TdhTsagQXKxm49qyDkRp2fLmFhmGnybiuW7ZBGJRClaukbPqPxWzD4KLOZJrESWzeIOZ UZdD6E7T3GcQw3dPMFZGJtczIM07DJvAuWdfzbL9sr8Uqbz5o01yIfRs4y/XYvwG+O5p +xbdNqrpgYg9gasQEWcwb1KStEbtnH2VAAmT4Ft8f83MBOj7fPFNNFdzp1CHZUFuIFrc zt0Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id w70-20020a638249000000b0050f6aaf7f27si22229161pgd.331.2023.04.28.03.10.09; Fri, 28 Apr 2023 03:10:24 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345759AbjD1Jyn (ORCPT + 99 others); Fri, 28 Apr 2023 05:54:43 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34728 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345437AbjD1Jya (ORCPT ); Fri, 28 Apr 2023 05:54:30 -0400 Received: from out187-2.us.a.mail.aliyun.com (out187-2.us.a.mail.aliyun.com [47.90.187.2]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4534E59E4 for ; Fri, 28 Apr 2023 02:54:05 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R151e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047206;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=13;SR=0;TI=SMTPD_---.STCEPbd_1682675571; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STCEPbd_1682675571) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:52:51 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , "Nicolas Schier" , "Masahiro Yamada" Subject: [PATCH RFC 19/43] x86/tools: Explicitly include autoconf.h for hostprogs Date: Fri, 28 Apr 2023 17:50:59 +0800 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764414324193918337?= X-GMAIL-MSGID: =?utf-8?q?1764414324193918337?= The relocs tool needs access to the CONFIG_* symbols found in include/generated/autoconf.h, however, the header file is not included. so the #if CONFIG_FW_LOADER code in arch/x86/tool/relocs.c is never compiled. Signed-off-by: Hou Wenlong Cc: Thomas Garnier Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/tools/Makefile | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/x86/tools/Makefile b/arch/x86/tools/Makefile index 90e820ac9771..8af4aeeb72af 100644 --- a/arch/x86/tools/Makefile +++ b/arch/x86/tools/Makefile @@ -38,7 +38,9 @@ $(obj)/insn_decoder_test.o: $(srctree)/tools/arch/x86/lib/insn.c $(srctree)/tool $(obj)/insn_sanity.o: $(srctree)/tools/arch/x86/lib/insn.c $(srctree)/tools/arch/x86/lib/inat.c $(srctree)/tools/arch/x86/include/asm/inat_types.h $(srctree)/tools/arch/x86/include/asm/inat.h $(srctree)/tools/arch/x86/include/asm/insn.h $(objtree)/arch/x86/lib/inat-tables.c -HOST_EXTRACFLAGS += -I$(srctree)/tools/include +HOST_EXTRACFLAGS += -I$(srctree)/tools/include \ + -include include/generated/autoconf.h + hostprogs += relocs relocs-objs := relocs_32.o relocs_64.o relocs_common.o PHONY += relocs From patchwork Fri Apr 28 09:51:01 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88575 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp823567vqo; Fri, 28 Apr 2023 03:16:04 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ5+D+w+7iVo8ePSq3djg9bhl+WkfEmT2eOeyr4xDp5/ohw0oGq7rFoYIKDPCORn6axwBRnY X-Received: by 2002:a17:90b:4d86:b0:247:af63:483 with SMTP id oj6-20020a17090b4d8600b00247af630483mr4657725pjb.46.1682676964028; Fri, 28 Apr 2023 03:16:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676964; cv=none; d=google.com; s=arc-20160816; b=kHVkH4SNX48lRjVaWCSMTwHzvLVNWhikGc9+avi1IO20imZrTZOjAMl/kme9VVHuJ9 XX1nrPHWiLJmphJ+9btKq1PFtg2ViXLtrJXV3DwtEetp+U3ZlNL8rTHFN/hAO0OPfpBn a62+ZQzmGVwnezMDpc/i4uAeMH85eKkAowB5EP7UZRV+XZPraRg9DZtLicUU71Gti2qK Hvt/SHfL1acHrcxO3boGrebGcy9lKpHGQGuTCh/dDhVekq6CvXBknSsdwXjx62w3TzEy TTTj7GSMc0pNJIaA7NpXNXKLRj9/WYtFcQkpzA+D4e8d4+I0T56aF9kNKlpkOZcPvAhi 1N+A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=isBkn1tLNfql1GLqc9X8doCnxzEXWQyuL3aVxGfq4tY=; b=0MyEiSom0OZFnm6OupJEmD2LbV7YP9L4zJwBPydP4/l44Bdqf+LqBYPJl2HQM3V7Uq tumGBSqEr9VtPn0WUPhr8+hYIQWim7mUeGxrvdGS9xCmH9XDLeTTHfs7SbliE7/xPku/ zhtkgo5J/1VDuOgOlwOWMHNnKMneF63xWswA05jxaomDxe+T/O52uXCjCTch/gXuEK6i nuvQqPgKzUSOeUhX4xNJcqImsQRaFitOQqWyHe+eWJRUb97a7IXVxr1zkH/0oFWtQVU9 qSw8sclm7F5u6sgzKiWHwiSRRWfSkiDc8IJ9WwMMukaq98tzKBtKMg+DeJP7qYhgUa31 /E/w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id il13-20020a17090b164d00b0023418ec51f8si26331178pjb.136.2023.04.28.03.15.47; Fri, 28 Apr 2023 03:16:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345832AbjD1JzB (ORCPT + 99 others); Fri, 28 Apr 2023 05:55:01 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35784 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345886AbjD1Jyv (ORCPT ); Fri, 28 Apr 2023 05:54:51 -0400 Received: from out187-3.us.a.mail.aliyun.com (out187-3.us.a.mail.aliyun.com [47.90.187.3]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 36E0D5593; Fri, 28 Apr 2023 02:54:24 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R181e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047201;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=15;SR=0;TI=SMTPD_---.STDfs4A_1682675577; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STDfs4A_1682675577) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:52:58 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Steven Rostedt" , "Masami Hiramatsu" , "Mark Rutland" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , Subject: [PATCH RFC 21/43] x86/ftrace: Adapt assembly for PIE support Date: Fri, 28 Apr 2023 17:51:01 +0800 Message-Id: <0092ce94b325ad8eb47ff4f95e012f9af1a127de.1682673543.git.houwenlong.hwl@antgroup.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764414680489788045?= X-GMAIL-MSGID: =?utf-8?q?1764414680489788045?= Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Signed-off-by: Hou Wenlong Cc: Thomas Garnier Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/kernel/ftrace_64.S | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/ftrace_64.S b/arch/x86/kernel/ftrace_64.S index eddb4fabc16f..411fa4148e18 100644 --- a/arch/x86/kernel/ftrace_64.S +++ b/arch/x86/kernel/ftrace_64.S @@ -315,7 +315,14 @@ STACK_FRAME_NON_STANDARD_FP(ftrace_regs_caller) SYM_FUNC_START(__fentry__) CALL_DEPTH_ACCOUNT +#ifdef CONFIG_X86_PIE + pushq %r8 + leaq ftrace_stub(%rip), %r8 + cmpq %r8, ftrace_trace_function(%rip) + popq %r8 +#else cmpq $ftrace_stub, ftrace_trace_function +#endif jnz trace RET @@ -329,7 +336,7 @@ trace: * ip and parent ip are used and the list function is called when * function tracing is enabled. */ - movq ftrace_trace_function, %r8 + movq ftrace_trace_function(%rip), %r8 CALL_NOSPEC r8 restore_mcount_regs From patchwork Fri Apr 28 09:51:02 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88579 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp825012vqo; Fri, 28 Apr 2023 03:19:12 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7JjQNvcjTq2XDJ8gyUPcKdzEMXbvRMvairocCwL3KaCVSPsYzQULjGYe5LotYsfIjD2N4t X-Received: by 2002:a17:90a:db8c:b0:249:822d:e5bc with SMTP id h12-20020a17090adb8c00b00249822de5bcmr4810594pjv.5.1682677151164; Fri, 28 Apr 2023 03:19:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682677151; cv=none; d=google.com; s=arc-20160816; b=Aad0qMEnjd1apNzMAD2yQZ1wG0L2IXiayO0JKGu5fdoix1e4HBLRFeqtElfPGa2EWz oipONxPuCJaKGX5b6ASP84dvIGlOTkXDxxuUmtSLXr5zzBIA5TPmRfhdDaBjmmmrziAM TrRn+juSXXqOMZftMqo4h2iKd7zGWVEkzKDGEiKBIFnMIi/kSPme/nNyYnbgyWpPkQMH pxQPTHUpcNi4ikFuNBnEMkpMw8mEGgJla+OgEO5cac1IG6fTZTlH5YwxOPSgF+K+0KCf 5/UBPewHe6wBYfYDbT7Fh6jXhUex1eFgOPqzxGlamJzfdqaX0xfLWJWcQxHaLgeZ3KHK kWWQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=c1SgUbN7R7pQbFxp4okH420mq9fXavcx3ZccKD7ytlc=; b=zCZyoB7/JQGZFM3Mm7pveO82H/V/puEvnCjjRBbrZ4LqKZ2cXkegSLypqq/e00wNUO WJ4gsb37E2NQPEtIeakYDuepQPrBulgX4HYe/3BT6f63vswc51YoOuMF3sKyi5NK/CJc frwU4l3+Ot+r8gtUFI26GuWg/fEhZWsN9/5+K0Pgv/kTYwZRBC2utmtbC9kTMJ+fLbCc bGTgk1TR9FfZ8nH8HJKfpFMCZuMDm/pXyuE7YpjHEVx7sTnwTK8bcGvR+OSEIrxFRyZ5 pvTtaTCZcl7/xlw94TIFCQGtqtxz2pRxd64Dgn4KXli/Wv0ONU3Nlwn0bt8AOXMpF4yA p2Sg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id mn6-20020a17090b188600b0024714b2954csi1806659pjb.78.2023.04.28.03.18.56; Fri, 28 Apr 2023 03:19:11 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346046AbjD1KCP (ORCPT + 99 others); Fri, 28 Apr 2023 06:02:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44570 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230341AbjD1KBv (ORCPT ); Fri, 28 Apr 2023 06:01:51 -0400 Received: from out0-214.mail.aliyun.com (out0-214.mail.aliyun.com [140.205.0.214]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 84B1061BE; Fri, 28 Apr 2023 03:01:27 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R171e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047187;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=17;SR=0;TI=SMTPD_---.STCEPeI_1682675581; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STCEPeI_1682675581) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:53:01 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Steven Rostedt" , "Masami Hiramatsu" , "Mark Rutland" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , "Huacai Chen" , "Qing Zhang" , Subject: [PATCH RFC 22/43] x86/ftrace: Adapt ftrace nop patching for PIE support Date: Fri, 28 Apr 2023 17:51:02 +0800 Message-Id: <38a5029cd2590e04209117740f8912db36eff58f.1682673543.git.houwenlong.hwl@antgroup.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764414876267548878?= X-GMAIL-MSGID: =?utf-8?q?1764414876267548878?= From: Thomas Garnier From: Thomas Garnier When using PIE with function tracing, the compiler generates a call through the GOT (call *__fentry__@GOTPCREL). This instruction takes 6-bytes instead of 5-bytes with a relative call. And -mnop-mcount option is not implemented for -fPIE now. If PIE is enabled, replace the 6th byte of the GOT call by a 1-byte nop so ftrace can handle the previous 5-bytes as before. [Hou Wenlong: Adapt code change and fix wrong offset calculation in make_nop_x86()] Signed-off-by: Thomas Garnier Co-developed-by: Hou Wenlong Signed-off-by: Hou Wenlong Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/kernel/ftrace.c | 46 ++++++++++++++++++++++- scripts/recordmcount.c | 81 ++++++++++++++++++++++++++-------------- 2 files changed, 98 insertions(+), 29 deletions(-) diff --git a/arch/x86/kernel/ftrace.c b/arch/x86/kernel/ftrace.c index 5e7ead52cfdb..b795f9dde561 100644 --- a/arch/x86/kernel/ftrace.c +++ b/arch/x86/kernel/ftrace.c @@ -124,6 +124,50 @@ ftrace_modify_code_direct(unsigned long ip, const char *old_code, return 0; } +/* Bytes before call GOT offset */ +static const unsigned char got_call_preinsn[] = { 0xff, 0x15 }; + +static int __ref +ftrace_modify_initial_code(unsigned long ip, unsigned const char *old_code, + unsigned const char *new_code) +{ + unsigned char replaced[MCOUNT_INSN_SIZE + 1]; + + /* + * If PIE is not enabled default to the original approach to code + * modification. + */ + if (!IS_ENABLED(CONFIG_X86_PIE)) + return ftrace_modify_code_direct(ip, old_code, new_code); + + ftrace_expected = old_code; + + /* Ensure the instructions point to a call to the GOT */ + if (copy_from_kernel_nofault(replaced, (void *)ip, sizeof(replaced))) { + WARN_ONCE(1, "invalid function"); + return -EFAULT; + } + + if (memcmp(replaced, got_call_preinsn, sizeof(got_call_preinsn))) { + WARN_ONCE(1, "invalid function call"); + return -EINVAL; + } + + /* + * Build a nop slide with a 5-byte nop and 1-byte nop to keep the ftrace + * hooking algorithm working with the expected 5 bytes instruction. + */ + memset(replaced, x86_nops[1][0], sizeof(replaced)); + memcpy(replaced, new_code, MCOUNT_INSN_SIZE); + + /* replace the text with the new text */ + if (ftrace_poke_late) + text_poke_queue((void *)ip, replaced, MCOUNT_INSN_SIZE + 1, NULL); + else + text_poke_early((void *)ip, replaced, MCOUNT_INSN_SIZE + 1); + return 0; +} + int ftrace_make_nop(struct module *mod, struct dyn_ftrace *rec, unsigned long addr) { unsigned long ip = rec->ip; @@ -141,7 +185,7 @@ int ftrace_make_nop(struct module *mod, struct dyn_ftrace *rec, unsigned long ad * just modify the code directly. */ if (addr == MCOUNT_ADDR) - return ftrace_modify_code_direct(ip, old, new); + return ftrace_modify_initial_code(ip, old, new); /* * x86 overrides ftrace_replace_code -- this function will never be used diff --git a/scripts/recordmcount.c b/scripts/recordmcount.c index e30216525325..02783a29d428 100644 --- a/scripts/recordmcount.c +++ b/scripts/recordmcount.c @@ -218,36 +218,10 @@ static void *mmap_file(char const *fname) return file_map; } - -static unsigned char ideal_nop5_x86_64[5] = { 0x0f, 0x1f, 0x44, 0x00, 0x00 }; -static unsigned char ideal_nop5_x86_32[5] = { 0x3e, 0x8d, 0x74, 0x26, 0x00 }; -static unsigned char *ideal_nop; - static char rel_type_nop; - static int (*make_nop)(void *map, size_t const offset); -static int make_nop_x86(void *map, size_t const offset) -{ - uint32_t *ptr; - unsigned char *op; - - /* Confirm we have 0xe8 0x0 0x0 0x0 0x0 */ - ptr = map + offset; - if (*ptr != 0) - return -1; - - op = map + offset - 1; - if (*op != 0xe8) - return -1; - - /* convert to nop */ - if (ulseek(offset - 1, SEEK_SET) < 0) - return -1; - if (uwrite(ideal_nop, 5) < 0) - return -1; - return 0; -} +static unsigned char *ideal_nop; static unsigned char ideal_nop4_arm_le[4] = { 0x00, 0x00, 0xa0, 0xe1 }; /* mov r0, r0 */ static unsigned char ideal_nop4_arm_be[4] = { 0xe1, 0xa0, 0x00, 0x00 }; /* mov r0, r0 */ @@ -504,6 +478,50 @@ static void MIPS64_r_info(Elf64_Rel *const rp, unsigned sym, unsigned type) }).r_info; } +static unsigned char ideal_nop5_x86_64[5] = { 0x0f, 0x1f, 0x44, 0x00, 0x00 }; +static unsigned char ideal_nop6_x86_64[6] = { 0x66, 0x0f, 0x1f, 0x44, 0x00, 0x00 }; +static unsigned char ideal_nop5_x86_32[5] = { 0x3e, 0x8d, 0x74, 0x26, 0x00 }; +static size_t ideal_nop_x86_size; + +static unsigned char stub_default_x86[2] = { 0xe8, 0x00 }; /* call relative */ +static unsigned char stub_got_x86[3] = { 0xff, 0x15, 0x00 }; /* call .got */ +static unsigned char *stub_x86; +static size_t stub_x86_size; + +static int make_nop_x86(void *map, size_t const offset) +{ + uint32_t *ptr; + size_t stub_offset = offset + 1 - stub_x86_size; + + /* Confirm we have the expected stub */ + ptr = map + stub_offset; + if (memcmp(ptr, stub_x86, stub_x86_size)) + return -1; + + /* convert to nop */ + if (ulseek(stub_offset, SEEK_SET) < 0) + return -1; + if (uwrite(ideal_nop, ideal_nop_x86_size) < 0) + return -1; + return 0; +} + +/* Swap the stub and nop for a got call if the binary is built with PIE */ +static int is_fake_mcount_x86_x64(Elf64_Rel const *rp) +{ + if (ELF64_R_TYPE(rp->r_info) == R_X86_64_GOTPCREL) { + ideal_nop = ideal_nop6_x86_64; + ideal_nop_x86_size = sizeof(ideal_nop6_x86_64); + stub_x86 = stub_got_x86; + stub_x86_size = sizeof(stub_got_x86); + mcount_adjust_64 = 1 - stub_x86_size; + } + + /* Once the relocation was checked, rollback to default */ + is_fake_mcount64 = fn_is_fake_mcount64; + return is_fake_mcount64(rp); +} + static int do_file(char const *const fname) { unsigned int reltype = 0; @@ -568,6 +586,9 @@ static int do_file(char const *const fname) rel_type_nop = R_386_NONE; make_nop = make_nop_x86; ideal_nop = ideal_nop5_x86_32; + ideal_nop_x86_size = sizeof(ideal_nop5_x86_32); + stub_x86 = stub_default_x86; + stub_x86_size = sizeof(stub_default_x86); mcount_adjust_32 = -1; gpfx = 0; break; @@ -597,9 +618,13 @@ static int do_file(char const *const fname) case EM_X86_64: make_nop = make_nop_x86; ideal_nop = ideal_nop5_x86_64; + ideal_nop_x86_size = sizeof(ideal_nop5_x86_64); + stub_x86 = stub_default_x86; + stub_x86_size = sizeof(stub_default_x86); reltype = R_X86_64_64; rel_type_nop = R_X86_64_NONE; - mcount_adjust_64 = -1; + is_fake_mcount64 = is_fake_mcount_x86_x64; + mcount_adjust_64 = 1 - stub_x86_size; gpfx = 0; break; } /* end switch */ From patchwork Fri Apr 28 09:51:03 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88559 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp817727vqo; Fri, 28 Apr 2023 03:04:42 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4/jP2b5s+TKWCDN19O/28vHxRdLmi37jn1ubY4FIvwuTkBksirlBzJIailmhO1WUZFxpDP X-Received: by 2002:a17:902:c745:b0:1a9:9d00:8c92 with SMTP id q5-20020a170902c74500b001a99d008c92mr4523919plq.42.1682676281962; Fri, 28 Apr 2023 03:04:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676281; cv=none; d=google.com; s=arc-20160816; b=zPor8SpS4gif6V1h1BXvJSi/0ByNbcEsyuSh9XKv33P6GRGJoF/2qeD8rcxVklaik1 V2euzuqd8K87c4FbVXxC1ZveSwPnDYR6Q0XFj5IOo/wuF88QvNhx8AiLENIVAA0HVZDz z4/XB3JGJFkLMeHP07BIeUhDv2pGffGH1wkXBmG6Z4UM71nqVZ1MvI4cjfVLBKM9Vlr/ 9sPUS4DxwWGvivfrNQrH55jk+efnNOGY2/wbm250LjkcdQARD1m5igZxBmW+/gUIKxkQ 6NrI5KB4J5xANqP/qHZ2HdB4A9zWnSwR3FvbPFZpAl0OBqcWKekesZ8j70lLCyhKVjAC 6paw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=iEYJWcGaGWTeN6u7RU4maW3ANDTNISwbOBlEBZanArU=; b=Svah7L8PzD30ijFKK9T7qFZ/18mtCXOosn8E8/Pzx5kcTc7sCVBw1rq/AgipdBfj9t ojBMGsRuTZ0uxSjhyykSJY4oVG6Gcu/iXE/wlodbzhGJzTNrMlqsE8T2CTNa3/FDzPHS aAnGpDe36JzuIFXQ9cwVtO1ITMcUoZHs3HGkAfv083olTLVzgvl6Joo5eZCQ02+Kp6PG h0EB151Z+lvrIvPHQKj0hM+7pNT9Y8bm78wl22wpXlxulbVBrQxZ7z5kIKrrahjV/+HB LnURCeqiihOaGdg5eggYtto5iMTxePP4355KgW2X6pyy8omMI2YYWitmvSnTw4eMPG6x oT/w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id t3-20020a1709027fc300b001a9770780b3si12491655plb.258.2023.04.28.03.04.27; Fri, 28 Apr 2023 03:04:41 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345542AbjD1Jzg (ORCPT + 99 others); Fri, 28 Apr 2023 05:55:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35804 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345775AbjD1JzJ (ORCPT ); Fri, 28 Apr 2023 05:55:09 -0400 Received: from out187-21.us.a.mail.aliyun.com (out187-21.us.a.mail.aliyun.com [47.90.187.21]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 287C82726 for ; Fri, 28 Apr 2023 02:54:47 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R571e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047187;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=12;SR=0;TI=SMTPD_---.STFoGTP_1682675583; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STFoGTP_1682675583) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:53:04 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , "Andy Lutomirski" Subject: [PATCH RFC 23/43] x86/pie: Force hidden visibility for all symbol references Date: Fri, 28 Apr 2023 17:51:03 +0800 Message-Id: <63feba4a3826335f1ad32e484ebed31efd608d51.1682673543.git.houwenlong.hwl@antgroup.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764413965359153585?= X-GMAIL-MSGID: =?utf-8?q?1764413965359153585?= Eliminate all GOT entries in the kernel, by forcing hidden visibility for all symbol references, which informs the compiler that such references will be resolved at link time without the need for allocating GOT entries. However, there are still some GOT entries after this, one for __fentry__() indirect call, and others are due to global weak symbol references. Signed-off-by: Hou Wenlong Cc: Thomas Garnier Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/Makefile | 7 +++++++ arch/x86/entry/vdso/Makefile | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/arch/x86/Makefile b/arch/x86/Makefile index 57e4dbbf501d..81500011396d 100644 --- a/arch/x86/Makefile +++ b/arch/x86/Makefile @@ -158,6 +158,11 @@ else KBUILD_RUSTFLAGS += $(rustflags-y) KBUILD_CFLAGS += -mno-red-zone + +ifdef CONFIG_X86_PIE + PIE_CFLAGS := -include $(srctree)/include/linux/hidden.h + KBUILD_CFLAGS += $(PIE_CFLAGS) +endif KBUILD_CFLAGS += -mcmodel=kernel KBUILD_RUSTFLAGS += -Cno-redzone=y KBUILD_RUSTFLAGS += -Ccode-model=kernel @@ -176,6 +181,8 @@ ifeq ($(CONFIG_STACKPROTECTOR),y) endif endif +export PIE_CFLAGS + # # If the function graph tracer is used with mcount instead of fentry, # '-maccumulate-outgoing-args' is needed to prevent a GCC bug diff --git a/arch/x86/entry/vdso/Makefile b/arch/x86/entry/vdso/Makefile index 6a1821bd7d5e..9437653a9de2 100644 --- a/arch/x86/entry/vdso/Makefile +++ b/arch/x86/entry/vdso/Makefile @@ -92,7 +92,7 @@ ifneq ($(RETPOLINE_VDSO_CFLAGS),) endif endif -$(vobjs): KBUILD_CFLAGS := $(filter-out $(PADDING_CFLAGS) $(CC_FLAGS_LTO) $(CC_FLAGS_CFI) $(RANDSTRUCT_CFLAGS) $(GCC_PLUGINS_CFLAGS) $(RETPOLINE_CFLAGS),$(KBUILD_CFLAGS)) $(CFL) +$(vobjs): KBUILD_CFLAGS := $(filter-out $(PIE_CFLAGS) $(PADDING_CFLAGS) $(CC_FLAGS_LTO) $(CC_FLAGS_CFI) $(RANDSTRUCT_CFLAGS) $(GCC_PLUGINS_CFLAGS) $(RETPOLINE_CFLAGS),$(KBUILD_CFLAGS)) $(CFL) $(vobjs): KBUILD_AFLAGS += -DBUILD_VDSO # From patchwork Fri Apr 28 09:51:04 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88560 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp818122vqo; Fri, 28 Apr 2023 03:05:27 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7tDigeBj/A6CvftQFZz9cfQbuZ6/sNab4WWgUHY23xS45cy7Z9FP0aabq0y1drrkYrSdZ8 X-Received: by 2002:a05:6a00:1a89:b0:63d:a0d:6fa1 with SMTP id e9-20020a056a001a8900b0063d0a0d6fa1mr5826816pfv.21.1682676327526; Fri, 28 Apr 2023 03:05:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676327; cv=none; d=google.com; s=arc-20160816; b=jUAOfDNek8Hfc2H7bDD3Nu4RuMGXRpjW/hV4WDnsUuul3wYTMoPZ++1impNYYGPDJ2 Q6+tMX9WywDpVIHjLfjJ0uZr+UFmbWIIqri8WjDCdbcNopopcaxQwJXWqT1D4kcvLetM SnKOlSMLCAmkJ9doSgxSS4OKlmkcdDG+XCnV25OR0S1j3eX6IO+kMaMB3+cHFESf4Pk7 LQYvVhXqDOvtw1trKCKjBe0DGo/BxI+6DgCEpEVCDYYu7BrS/3LIjjXQu5h8OWg1b54f Cl6s84pLjzYorSa9Jnc8EFgGfdksl7RpdFvnJtOZaYQSHZzdd8vtzzomQmbQlGHlXIt2 FU8w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=XCHtupLXJ2rBPBM5wmy9RIEtiY61kV4Rb+rfVN2Uc40=; b=D6EIngXz8P2ofmDSWqLOlRIjGcWxi0LijsB7LOz9+HC2ETK5h8iJcPH3t/GgOpnGc9 G39HaAzYmSYIuFP/Q719Pax4J53CyXKSeIVTdXkt3F2yRvnKdRGwaI3cdVcNxNimysUO Uc1osxg/b3lrQI9gw3EQb/+vGo9etYQ7ftcrcVKFGfMGwEpLUS+CdQ+jz4H2I1WKvbZP BPgoF7jTibeIAvftTd9wLByXemMiBMUiShUO6XrzlYpdFZKhhF7Lu5aA1l4OCq2fBRSS bRJoB7pj8HDwyEE1c+yMNrhDscLrZ9kg64E09hkV/dzmAAh4YWxw8rradfx5qnIU6qWW b2yg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b10-20020aa7950a000000b0063b7f1093e1si5166589pfp.110.2023.04.28.03.05.15; Fri, 28 Apr 2023 03:05:27 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345967AbjD1Jzd (ORCPT + 99 others); Fri, 28 Apr 2023 05:55:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35764 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345897AbjD1JzJ (ORCPT ); Fri, 28 Apr 2023 05:55:09 -0400 Received: from out187-6.us.a.mail.aliyun.com (out187-6.us.a.mail.aliyun.com [47.90.187.6]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DDB935584 for ; Fri, 28 Apr 2023 02:54:47 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R141e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047212;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=17;SR=0;TI=SMTPD_---.STFQGPs_1682675586; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STFQGPs_1682675586) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:53:07 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , "Nathan Chancellor" , "Ard Biesheuvel" , "Nick Desaulniers" , "Andrew Morton" , "Alexander Potapenko" , "Xin Li" Subject: [PATCH RFC 24/43] x86/boot/compressed: Adapt sed command to generate voffset.h when PIE is enabled Date: Fri, 28 Apr 2023 17:51:04 +0800 Message-Id: <8d6bbaf66b90cf1a8fd2c5da98f5e094b9ffcb27.1682673543.git.houwenlong.hwl@antgroup.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764414012838915525?= X-GMAIL-MSGID: =?utf-8?q?1764414012838915525?= When PIE is enabled, all symbols would be set as hidden to reduce GOT references. According to generic ABI, a hidden symbol contained in a relocatable object must be either removed or converted to STB_LOCAL binding by the link-editor when the relocatable object is included in an executable file or shared object. Both gold and ld.lld change the binding of a STV_HIDDEND symbol to STB_LOCAL. But For GNU ld, it will keep global hidden. However, sed command to generate voffset.h only captures global symbol, then empty voffset.h would be generated when PIE is enabled with lld. So capture local symbol too in sed command. Signed-off-by: Hou Wenlong Cc: Thomas Garnier Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/boot/compressed/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile index 6b6cfe607bdb..678881496c44 100644 --- a/arch/x86/boot/compressed/Makefile +++ b/arch/x86/boot/compressed/Makefile @@ -79,7 +79,7 @@ LDFLAGS_vmlinux += -T hostprogs := mkpiggy HOST_EXTRACFLAGS += -I$(srctree)/tools/include -sed-voffset := -e 's/^\([0-9a-fA-F]*\) [ABCDGRSTVW] \(_text\|__bss_start\|_end\)$$/\#define VO_\2 _AC(0x\1,UL)/p' +sed-voffset := -e 's/^\([0-9a-fA-F]*\) [ABCDGRSTVWabcdgrstvw] \(_text\|__bss_start\|_end\)$$/\#define VO_\2 _AC(0x\1,UL)/p' quiet_cmd_voffset = VOFFSET $@ cmd_voffset = $(NM) $< | sed -n $(sed-voffset) > $@ From patchwork Fri Apr 28 09:51:07 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88558 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp817430vqo; Fri, 28 Apr 2023 03:04:06 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4BctokDopixUkLRmRDVjl39IwA+PxIzkbvQe/scA5cVm4lFLykz58VKgThbR0Lwtorkscw X-Received: by 2002:a05:6a00:1799:b0:627:f1f1:a97d with SMTP id s25-20020a056a00179900b00627f1f1a97dmr7389138pfg.24.1682676246589; Fri, 28 Apr 2023 03:04:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676246; cv=none; d=google.com; s=arc-20160816; b=hjalP95KthnmRc0D4+Kc54fA3tTtgY627mq/HAOp/YsfV5WAqiab09Ui1ukDrK1DN7 WwzfH1XnuhHPHyTuGJ7md+4Be4hp4qph6S8+1d++it58gcqeaHQieduSlKRSVAGEvOvX GY69yyaK0QAvNGBOs13G3jBnJ0hZlgqqkRo5T7HtR4aPwfOoqF9t/1/Hjk/6T5gdPN5Y 4kHdJBv+9U+4lg0dL8DLix3UzZaYkVKLVLv8+EoVCzQAMzqepADvuJ5AGAONqoxksIQW 59NrXJ/swukgzSlov/EAUp9o6N5cinbAMw3bvmoGwnPARhTHXUGPJwD2U7+Ss3t0mJmz kIdg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=wB4eCOUuF/FivmrzDq5iZt/tTBt6ePkFydUtKZvVHqU=; b=TudQLXDio1Us4P3GICpB12Gh4pI2J5Ef2nXuJOgmVOv1ReWcUKIRfKqrhVm7bzKFXS CrW9qtIY8MUhYq2GwIceFUHtU9eQLLDJvpVaUtikyCJT+AAqmryOqFvha+SF7jEw635r OdAE6EAWeHIQjRVvX7oYHJ8aylvSuXccdPnJ/VZK3nF359gvCKzaqTd59ZrPeNlwvck9 NRYAnTLGAL9OhVPklwlfnnOFC1oq2dWK5V8f5+7Vhuaw48JaNHxllFlg7dDIXnMoHdIa FNMUqOBI9MWFYJI48lczeJdLTPIKZfWmqnUKLYbSvl6SOwd4Gp3Uq8oJa2mmE3n7CV1T lUKQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e125-20020a636983000000b00524f00fee68si16861896pgc.372.2023.04.28.03.03.53; Fri, 28 Apr 2023 03:04:06 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346039AbjD1J5i (ORCPT + 99 others); Fri, 28 Apr 2023 05:57:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36920 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1346033AbjD1J5U (ORCPT ); Fri, 28 Apr 2023 05:57:20 -0400 Received: from out187-21.us.a.mail.aliyun.com (out187-21.us.a.mail.aliyun.com [47.90.187.21]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2F7ED5BA0 for ; Fri, 28 Apr 2023 02:56:19 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R151e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047187;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=13;SR=0;TI=SMTPD_---.STFoGX6_1682675596; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STFoGX6_1682675596) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:53:17 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , "Sami Tolvanen" , " =?utf-8?q?Peter_Zijlstra_=28Intel=29?= " Subject: [PATCH RFC 27/43] x86/relocs: Handle PIE relocations Date: Fri, 28 Apr 2023 17:51:07 +0800 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764413928219132534?= X-GMAIL-MSGID: =?utf-8?q?1764413928219132534?= From: Thomas Garnier From: Thomas Garnier Change the relocation tool to correctly handle relocations generated by -fPIE option: - Add relocation for each entry of the .got section given the linker does not generate R_X86_64_GLOB_DAT on a simple link. - Ignore R_X86_64_GOTPCREL. Signed-off-by: Thomas Garnier Signed-off-by: Hou Wenlong Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/tools/relocs.c | 96 ++++++++++++++++++++++++++++++++++++++++- 1 file changed, 95 insertions(+), 1 deletion(-) diff --git a/arch/x86/tools/relocs.c b/arch/x86/tools/relocs.c index 038e9c12fad3..97ac96195232 100644 --- a/arch/x86/tools/relocs.c +++ b/arch/x86/tools/relocs.c @@ -42,6 +42,7 @@ struct section { Elf32_Word *xsymtab; Elf_Rel *reltab; char *strtab; + Elf_Addr *got; }; static struct section *secs; @@ -308,6 +309,36 @@ static Elf_Sym *sym_lookup(const char *symname) return 0; } +static Elf_Sym *sym_lookup_addr(Elf_Addr addr, const char **name) +{ + int i; + + for (i = 0; i < ehdr.e_shnum; i++) { + struct section *sec = &secs[i]; + long nsyms; + Elf_Sym *symtab; + Elf_Sym *sym; + + if (sec->shdr.sh_type != SHT_SYMTAB) + continue; + + nsyms = sec->shdr.sh_size/sizeof(Elf_Sym); + symtab = sec->symtab; + + for (sym = symtab; --nsyms >= 0; sym++) { + if (sym->st_value == addr) { + if (name) { + *name = sym_name(sec->link->strtab, + sym); + } + return sym; + } + } + } + return 0; +} + + #if BYTE_ORDER == LITTLE_ENDIAN #define le16_to_cpu(val) (val) #define le32_to_cpu(val) (val) @@ -588,6 +619,35 @@ static void read_relocs(FILE *fp) } } +static void read_got(FILE *fp) +{ + int i; + + for (i = 0; i < ehdr.e_shnum; i++) { + struct section *sec = &secs[i]; + + sec->got = NULL; + if (sec->shdr.sh_type != SHT_PROGBITS || + strcmp(sec_name(i), ".got")) { + continue; + } + sec->got = malloc(sec->shdr.sh_size); + if (!sec->got) { + die("malloc of %" FMT " bytes for got failed\n", + sec->shdr.sh_size); + } + if (fseek(fp, sec->shdr.sh_offset, SEEK_SET) < 0) { + die("Seek to %" FMT " failed: %s\n", + sec->shdr.sh_offset, strerror(errno)); + } + if (fread(sec->got, 1, sec->shdr.sh_size, fp) + != sec->shdr.sh_size) { + die("Cannot read got: %s\n", + strerror(errno)); + } + } +} + static void print_absolute_symbols(void) { @@ -718,6 +778,32 @@ static void add_reloc(struct relocs *r, uint32_t offset) r->offset[r->count++] = offset; } +/* + * The linker does not generate relocations for the GOT for the kernel. + * If a GOT is found, simulate the relocations that should have been included. + */ +static void walk_got_table(int (*process)(struct section *sec, Elf_Rel *rel, + Elf_Sym *sym, const char *symname), + struct section *sec) +{ + int i; + Elf_Addr entry; + Elf_Sym *sym; + const char *symname; + Elf_Rel rel; + + for (i = 0; i < sec->shdr.sh_size/sizeof(Elf_Addr); i++) { + entry = sec->got[i]; + sym = sym_lookup_addr(entry, &symname); + if (!sym) + die("Could not found got symbol for entry %d\n", i); + rel.r_offset = sec->shdr.sh_addr + i * sizeof(Elf_Addr); + rel.r_info = ELF_BITS == 64 ? R_X86_64_GLOB_DAT + : R_386_GLOB_DAT; + process(sec, &rel, sym, symname); + } +} + static void walk_relocs(int (*process)(struct section *sec, Elf_Rel *rel, Elf_Sym *sym, const char *symname)) { @@ -731,6 +817,8 @@ static void walk_relocs(int (*process)(struct section *sec, Elf_Rel *rel, struct section *sec = &secs[i]; if (sec->shdr.sh_type != SHT_REL_TYPE) { + if (sec->got) + walk_got_table(process, sec); continue; } sec_symtab = sec->link; @@ -842,6 +930,7 @@ static int do_reloc64(struct section *sec, Elf_Rel *rel, ElfW(Sym) *sym, offset += per_cpu_load_addr; switch (r_type) { + case R_X86_64_GOTPCREL: case R_X86_64_NONE: /* NONE can be ignored. */ break; @@ -905,7 +994,7 @@ static int do_reloc64(struct section *sec, Elf_Rel *rel, ElfW(Sym) *sym, * the relocations are processed. * Make sure that the offset will fit. */ - if ((int32_t)offset != (int64_t)offset) + if (r_type != R_X86_64_64 && (int32_t)offset != (int64_t)offset) die("Relocation offset doesn't fit in 32 bits\n"); if (r_type == R_X86_64_64) @@ -914,6 +1003,10 @@ static int do_reloc64(struct section *sec, Elf_Rel *rel, ElfW(Sym) *sym, add_reloc(&relocs32, offset); break; + case R_X86_64_GLOB_DAT: + add_reloc(&relocs64, offset); + break; + default: die("Unsupported relocation type: %s (%d)\n", rel_type(r_type), r_type); @@ -1188,6 +1281,7 @@ void process(FILE *fp, int use_real_mode, int as_text, read_strtabs(fp); read_symtabs(fp); read_relocs(fp); + read_got(fp); if (ELF_BITS == 64) percpu_init(); if (show_absolute_syms) { From patchwork Fri Apr 28 09:51:08 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88569 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp820983vqo; Fri, 28 Apr 2023 03:10:59 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7pgV3Kz0GLGMC+caOsyRHuYPN7EcVEMA/9nC0vtkp/zHYFNB4yEzbgW176ahy8q+flMjXW X-Received: by 2002:a05:6a20:a590:b0:f6:d4d:49 with SMTP id bc16-20020a056a20a59000b000f60d4d0049mr4735098pzb.27.1682676659656; Fri, 28 Apr 2023 03:10:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676659; cv=none; d=google.com; s=arc-20160816; b=rYUpl5fwQIBFG/Rkdq3ISPDKCGjWfIywPLBFn7TJufiSVF6m3MPLVFlVeh+Uqe5MKJ G4zFCNrWZz0PidF8ArcG9x67Y3pmigLaHgyFBzSOZGvx3L6v7PeeuuJ+9ws1HfnNSt6j vxUolE/yTokWVtlrVUmOpSpMIu4JXsJyemo8JxqO3kZxDgG9htbebE/PA6Pi+0sqZerb 2yXwIcCNHIRKc2h0cXrazz7bRdRL60EuNiso08OGZtfaI376WsMs9a2Tau5vfCIxP9mz 4z8c7Jm2FtB+WlziHp1o/hUF+3Bf0ezliQMotcRAD9rnCcIGC8ARZeM1zBtc0MwxT/Bx HL1g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=gJj0mM+QMs8jm2xywIqqlCqsrJDS93vdCd3aQWQVT0Q=; b=ioOrFU0616bKrjwKf42gRcBbFehmUaYbHWPbZgResBsNAUAK2ckqIvkEepyWa5UNM0 xbQusxhFEZ3HuTB+ijmXICO9dY8M013OLxfj8Smcmk/A6M4zzt/FjjmmTwAMUOr8r++Y o/MIHCWXVu+imy+eFThA3/XPzVlz+v9GidkdpC6/DbB84ilq3EbCSRGwpTGKVBYvxlBb zNplD/ufRriI/uJaaTtoYX5UdX1lEU4orJJ7Z1iaqibapxallm2TARQNpj43lmyYjLTK Rw3UvaZMQUmLhiij4TCtMaDxzA5KCFLw24x7ahTUtlzSqKZmwQIID2TXHAgUsua1cgZD jCXQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id c25-20020a631c19000000b00503355255cdsi16278307pgc.488.2023.04.28.03.10.45; Fri, 28 Apr 2023 03:10:59 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345963AbjD1Jz0 (ORCPT + 99 others); Fri, 28 Apr 2023 05:55:26 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36500 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345879AbjD1JzH (ORCPT ); Fri, 28 Apr 2023 05:55:07 -0400 Received: from out0-217.mail.aliyun.com (out0-217.mail.aliyun.com [140.205.0.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F16226186; Fri, 28 Apr 2023 02:54:44 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R191e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047198;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=14;SR=0;TI=SMTPD_---.STCEPkM_1682675599; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STCEPkM_1682675599) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:53:20 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Sean Christopherson" , "Paolo Bonzini" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , Subject: [PATCH RFC 28/43] KVM: x86: Adapt assembly for PIE support Date: Fri, 28 Apr 2023 17:51:08 +0800 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764414361001838140?= X-GMAIL-MSGID: =?utf-8?q?1764414361001838140?= Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Signed-off-by: Hou Wenlong Cc: Thomas Garnier Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/kvm/svm/vmenter.S | 10 +++++----- arch/x86/kvm/vmx/vmenter.S | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/arch/x86/kvm/svm/vmenter.S b/arch/x86/kvm/svm/vmenter.S index 8e8295e774f0..25be1a66c59d 100644 --- a/arch/x86/kvm/svm/vmenter.S +++ b/arch/x86/kvm/svm/vmenter.S @@ -270,16 +270,16 @@ SYM_FUNC_START(__svm_vcpu_run) RESTORE_GUEST_SPEC_CTRL_BODY RESTORE_HOST_SPEC_CTRL_BODY -10: cmpb $0, kvm_rebooting +10: cmpb $0, _ASM_RIP(kvm_rebooting) jne 2b ud2 -30: cmpb $0, kvm_rebooting +30: cmpb $0, _ASM_RIP(kvm_rebooting) jne 4b ud2 -50: cmpb $0, kvm_rebooting +50: cmpb $0, _ASM_RIP(kvm_rebooting) jne 6b ud2 -70: cmpb $0, kvm_rebooting +70: cmpb $0, _ASM_RIP(kvm_rebooting) jne 8b ud2 @@ -381,7 +381,7 @@ SYM_FUNC_START(__svm_sev_es_vcpu_run) RESTORE_GUEST_SPEC_CTRL_BODY RESTORE_HOST_SPEC_CTRL_BODY -3: cmpb $0, kvm_rebooting +3: cmpb $0, _ASM_RIP(kvm_rebooting) jne 2b ud2 diff --git a/arch/x86/kvm/vmx/vmenter.S b/arch/x86/kvm/vmx/vmenter.S index 631fd7da2bc3..b7cc3c17736a 100644 --- a/arch/x86/kvm/vmx/vmenter.S +++ b/arch/x86/kvm/vmx/vmenter.S @@ -289,7 +289,7 @@ SYM_INNER_LABEL(vmx_vmexit, SYM_L_GLOBAL) RET .Lfixup: - cmpb $0, kvm_rebooting + cmpb $0, _ASM_RIP(kvm_rebooting) jne .Lvmfail ud2 .Lvmfail: From patchwork Fri Apr 28 09:51:09 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88556 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp816963vqo; Fri, 28 Apr 2023 03:03:20 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4RE/+66mgWIoN7XBT3FopVoxz0gFbyc/elLW9cPJDKHIepE/Z55LYRMB2kO+KEIgZShbdA X-Received: by 2002:a17:902:cecc:b0:1a5:253f:ace7 with SMTP id d12-20020a170902cecc00b001a5253face7mr5733837plg.29.1682676199931; Fri, 28 Apr 2023 03:03:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676199; cv=none; d=google.com; s=arc-20160816; b=PZ8lxWL0IvqafloCWIO0RTVUNorrDKmUBCqxIimbascACGMkbTlpHtWnaZiRvzF81r 0/uQavt95P17g9OOQVzdVGk6/3nqS9Bxa9weIcRXARi8v3z1CqG3p+ipJFnINs0R55Vw bP+OF7g3kqUSa7KctKhROT/q0qMwdMTTvJENmvQB8GlK9+VHypJMFuDftzQ90JhkvGv+ m3NEQh6HaQbgvTUyB0uDYTXdTlH+oIQIN27BHbTEtSOUxGV3ZlIRRbnAb8ogfo4givVG t7BI7B5Jj7jOeiYZnqaZr3ip5PK6rm7IVS77uEchrDMB4VV23A0fr7N6qDfvSpPSmYnB cwEQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=51/FQ4zkwcwR/0MnjLC0NwLWMGFqipuUNM9vI6hbY4k=; b=pk3l009tJlD9FIXnR/t/35s9kPqdH8aKGunHkZO84Pw//sBfT0blpU6410Lhpslhti 1on5+FqtTuZA5sfW7XiDOPpja8sE1X9M7UkgJwuhl+OaaaobPO1/KbAWg09l7WgXw5Vm bZXRCb+Nfwm+fH5Rq+1ryLCiyO/hZJYApPMtHfUEZQh0ShkgO39ChbitmriE5StCwIpB n+z+WevJ6bHCdfQrqZZQleB/qa8RZ2Y/F8oINhW1qSqz/QXaf0+lqkyBYhi5U8QVOa3T nzf9C5oIkKgrcw5uQ9/S8XTwmDS21O78WdcJPHfV3OZUpvXMWgAzp6++G1AWSX6PbxWD OKOw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e17-20020a170902cf5100b001a9785282f5si11241613plg.287.2023.04.28.03.03.07; Fri, 28 Apr 2023 03:03:19 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345982AbjD1J4e (ORCPT + 99 others); Fri, 28 Apr 2023 05:56:34 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36560 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345981AbjD1Jz4 (ORCPT ); Fri, 28 Apr 2023 05:55:56 -0400 Received: from out187-16.us.a.mail.aliyun.com (out187-16.us.a.mail.aliyun.com [47.90.187.16]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DE2866181; Fri, 28 Apr 2023 02:55:15 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R211e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047212;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=17;SR=0;TI=SMTPD_---.STFoGYl_1682675602; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STFoGYl_1682675602) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:53:23 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Juergen Gross" , "Boris Ostrovsky" , "Darren Hart" , "Andy Shevchenko" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , , Subject: [PATCH RFC 29/43] x86/PVH: Adapt PVH booting for PIE support Date: Fri, 28 Apr 2023 17:51:09 +0800 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764413878538002507?= X-GMAIL-MSGID: =?utf-8?q?1764413878538002507?= If PIE is enabled, all symbol references would be RIP-relative. However, PVH booting runs in low address space, which could cause wrong x86_init callbacks assignment. Since init_top_pgt has building high kernel address mapping, let PVH booting runs in high address space to make all things right. PVH booting assumes that no relocation happened. Since the kernel compile address is still in top 2G, so it is allowed to use R_X86_64_32S for symbol references in pvh_start_xen(). Signed-off-by: Hou Wenlong Cc: Thomas Garnier Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/platform/pvh/head.S | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/arch/x86/platform/pvh/head.S b/arch/x86/platform/pvh/head.S index 5842fe0e4f96..09518d4de042 100644 --- a/arch/x86/platform/pvh/head.S +++ b/arch/x86/platform/pvh/head.S @@ -94,6 +94,13 @@ SYM_CODE_START_LOCAL(pvh_start_xen) /* 64-bit entry point. */ .code64 1: +#ifdef CONFIG_X86_PIE + movabs $2f, %rax + ANNOTATE_RETPOLINE_SAFE + jmp *%rax +2: + ANNOTATE_NOENDBR // above +#endif /* Set base address in stack canary descriptor. */ mov $MSR_GS_BASE,%ecx #if defined(CONFIG_STACKPROTECTOR_FIXED) @@ -149,9 +156,15 @@ SYM_CODE_END(pvh_start_xen) .section ".init.data","aw" .balign 8 SYM_DATA_START_LOCAL(gdt) + /* + * Use an ASM_PTR (quad on x64) for _pa(gdt_start) because PIE requires + * a pointer size storage value before applying the relocation. On + * 32-bit _ASM_PTR will be a long which is aligned the space needed for + * relocation. + */ .word gdt_end - gdt_start - .long _pa(gdt_start) - .word 0 + _ASM_PTR _pa(gdt_start) + .balign 8 SYM_DATA_END(gdt) SYM_DATA_START_LOCAL(gdt_start) .quad 0x0000000000000000 /* NULL descriptor */ From patchwork Fri Apr 28 09:51:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88573 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp821807vqo; Fri, 28 Apr 2023 03:12:26 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ55duOTqRSAYirlUAHCu2Ctk0LxNXDsHVXUA4uuhpBe9v6sS4H94nG3CXGDZ2JtPN0eolSR X-Received: by 2002:a17:90a:c09:b0:249:86bd:42a7 with SMTP id 9-20020a17090a0c0900b0024986bd42a7mr4851873pjs.42.1682676745909; Fri, 28 Apr 2023 03:12:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676745; cv=none; d=google.com; s=arc-20160816; b=lXWHyz7dL54C18ecLsjPcjRs2SBgTuRxgGco8+z8QILLWw9JN25zHeqVBYeN60zVIs 9hinD6BGAZiOWBgNgzCgFdc+jXXV5z3OTMRkr2SKqI0H1GCnWstgKGM3xNEsiRdnUSMF /yUA10GeO+LcV5ZFq4tpUTMl3PZ5Xc5/mF82xNope3sa0WrBZaW62BEhue56tr0H5upE RQuXIW7q6fWidhHAP0kQjWFTEvgH59npbNy9GY9zEtS7JejpXohNyo9orTyDyRo3eI5k 1BtMBhGnavwTh0p/ya3zBrnA2dyFyBbKo/Rtpt2SD+9xz0cV6GgD6vQ6ZXMe6lqRivAd 3sQA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=Mw/oMadipzUfVubb09fVpf+MLmYXFQrY6rQ3ZBAlysU=; b=A6m+UXWv7Eq5qPWIPcpmAMD6WPjFhS2O9v6vVDZwTbnZ34cbGTU6rC6lx6an+sNm1I FOnR6O9XXYeO90z2H6kzxCkwWydGVkzNs2nqaVWWV4WtbwFRUZCt5QI46jHVhXZbX3YZ iNDvpxahjLN+0WFXOsY03ObIaf7ya9XNlcRW+zzjsWm9HtMFsospGP3KwiNOh9fltFFE kTZEfJd6Qy3dM6zmV+35e/YhEvM/L/4UVBB9M6BWc3WRQqboNQBbS46jPxmbtThkPJR+ Yt9PzvCHoinhYe48ot3gvjs2HDkav9wFc8n+Jx4Cz41sHfExZfv5crnyQTv3eUDon4b8 S1qQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id h18-20020a170902f71200b001a51e159297si21082007plo.368.2023.04.28.03.12.10; Fri, 28 Apr 2023 03:12:25 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345853AbjD1JzP (ORCPT + 99 others); Fri, 28 Apr 2023 05:55:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36366 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345706AbjD1JzF (ORCPT ); Fri, 28 Apr 2023 05:55:05 -0400 Received: from out0-201.mail.aliyun.com (out0-201.mail.aliyun.com [140.205.0.201]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 35C344EE2 for ; Fri, 28 Apr 2023 02:54:41 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R171e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047205;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=18;SR=0;TI=SMTPD_---.STFQGTg_1682675609; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STFQGTg_1682675609) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:53:30 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , "Peter Zijlstra" , "Petr Mladek" , "Greg Kroah-Hartman" , "Jason A. Donenfeld" , "Song Liu" , "Julian Pidancet" , "Ard Biesheuvel" Subject: [PATCH RFC 31/43] x86/modules: Adapt module loading for PIE support Date: Fri, 28 Apr 2023 17:51:11 +0800 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764414451418106017?= X-GMAIL-MSGID: =?utf-8?q?1764414451418106017?= Adapt module loading to support PIE relocations. No GOT is generared for module, all the GOT entry of got references in module should exist in kernel GOT. Currently, there is only one usable got reference for __fentry__(). Signed-off-by: Hou Wenlong Cc: Thomas Garnier Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/include/asm/sections.h | 5 +++++ arch/x86/kernel/module.c | 27 +++++++++++++++++++++++++++ 2 files changed, 32 insertions(+) diff --git a/arch/x86/include/asm/sections.h b/arch/x86/include/asm/sections.h index a6e8373a5170..dc1c2b08ec48 100644 --- a/arch/x86/include/asm/sections.h +++ b/arch/x86/include/asm/sections.h @@ -12,6 +12,11 @@ extern char __end_rodata_aligned[]; #if defined(CONFIG_X86_64) extern char __end_rodata_hpage_align[]; + +#ifdef CONFIG_X86_PIE +extern char __start_got[], __end_got[]; +#endif + #endif extern char __end_of_kernel_reserve[]; diff --git a/arch/x86/kernel/module.c b/arch/x86/kernel/module.c index 84ad0e61ba6e..051f88e6884e 100644 --- a/arch/x86/kernel/module.c +++ b/arch/x86/kernel/module.c @@ -129,6 +129,18 @@ int apply_relocate(Elf32_Shdr *sechdrs, return 0; } #else /*X86_64*/ +#ifdef CONFIG_X86_PIE +static u64 find_got_kernel_entry(Elf64_Sym *sym, const Elf64_Rela *rela) +{ + u64 *pos; + + for (pos = (u64 *)__start_got; pos < (u64 *)__end_got; pos++) + if (*pos == sym->st_value) + return (u64)pos + rela->r_addend; + return 0; +} +#endif + static int __write_relocate_add(Elf64_Shdr *sechdrs, const char *strtab, unsigned int symindex, @@ -171,6 +183,7 @@ static int __write_relocate_add(Elf64_Shdr *sechdrs, case R_X86_64_64: size = 8; break; +#ifndef CONFIG_X86_PIE case R_X86_64_32: if (val != *(u32 *)&val) goto overflow; @@ -181,6 +194,13 @@ static int __write_relocate_add(Elf64_Shdr *sechdrs, goto overflow; size = 4; break; +#else + case R_X86_64_GOTPCREL: + val = find_got_kernel_entry(sym, rel); + if (!val) + goto unexpected_got_reference; + fallthrough; +#endif case R_X86_64_PC32: case R_X86_64_PLT32: val -= (u64)loc; @@ -214,11 +234,18 @@ static int __write_relocate_add(Elf64_Shdr *sechdrs, } return 0; +#ifdef CONFIG_X86_PIE +unexpected_got_reference: + pr_err("Target got entry doesn't exist in kernel got, loc %p\n", loc); + return -ENOEXEC; +#else overflow: pr_err("overflow in relocation type %d val %Lx\n", (int)ELF64_R_TYPE(rel[i].r_info), val); pr_err("`%s' likely not compiled with -mcmodel=kernel\n", me->name); +#endif + return -ENOEXEC; } From patchwork Fri Apr 28 09:51:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88555 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp816942vqo; Fri, 28 Apr 2023 03:03:18 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ77tOmF1K70HULHSxn8XHw7Y4CZFnsipUnGuWMUQkPKN0P8voJEUDKiYWCo59AzLU81RpAF X-Received: by 2002:a17:90a:eace:b0:23f:e4b7:afb3 with SMTP id ev14-20020a17090aeace00b0023fe4b7afb3mr4752251pjb.9.1682676198348; Fri, 28 Apr 2023 03:03:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676198; cv=none; d=google.com; s=arc-20160816; b=DS2VGFP1TnpUpDerpoXdr+36rOPEL1F2Ssqd7FYjT5OrXTlRpukpXQFMgYDokYGKZX hW7qTuDEE1NVn4r5khLmJls+N3i9yKdsJJwgoWMUnogfQllnsRMomk0y8BQK+AuEpL4F f1CnblKH81XXMcgVy8AMPfnVymxIwDpQhCyTxZ3PR67vzD3iNXuuu62toE934OX3uyvr GJKzRqEdacYW5RTpFst0Hv72lYHFzHEDDpZyyLco13pC0ChMM2w7ci8D3nKM6uJhUny6 +tSZVsZtbjj1ZOzle0GvPr3HErhfUmFDOVDS9Kn506GT0g3xJrlLnZ2bdl8d93kTwYVt EKmw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=t19rlhQukHy3BmESCo4nd5Es4b9/Y53s54s79z1+Xic=; b=rsCPmOL++tfk8LodXaF6TmUVljawqs3YoHGQQcTqqYf3ffuG0mLDNovJ83guAs9oLI W6shMc5p6NrU0n+oEQD6VHKQfwji1vMGVATyzvlPYhqKNBp0k9uQYTh7ab9POdtAgARE 2HGdieT9o7oSua/ad40dTKQZbdjLK3ZFtjR8hElh/7BkG6yi3kRel1/jdJaXg5B7hK65 gq5IN3/z8DvIKpT+KWYqK5CgyVRZbHYl3JmI0SGoyK8p00TzfdoZwYpq2LsjzjciJbFV hFOwqN+QJ1jKdaVkOgvz4PeXl7Rvs1v3YoPgykEEWGev/9pF3A6h0cDxPsFGzVfg0cr8 bWug== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e125-20020a636983000000b00524f00fee68si16861896pgc.372.2023.04.28.03.03.04; Fri, 28 Apr 2023 03:03:18 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345977AbjD1J4Y (ORCPT + 99 others); Fri, 28 Apr 2023 05:56:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36472 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345838AbjD1Jzo (ORCPT ); Fri, 28 Apr 2023 05:55:44 -0400 Received: from out187-18.us.a.mail.aliyun.com (out187-18.us.a.mail.aliyun.com [47.90.187.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id ED3095BBC for ; Fri, 28 Apr 2023 02:55:12 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R271e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047213;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=16;SR=0;TI=SMTPD_---.STFoGcy_1682675612; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STFoGcy_1682675612) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:53:33 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , "Juergen Gross" , "Anshuman Khandual" , "Mike Rapoport" , "Josh Poimboeuf" , "Pasha Tatashin" Subject: [PATCH RFC 32/43] x86/boot/64: Use data relocation to get absloute address when PIE is enabled Date: Fri, 28 Apr 2023 17:51:12 +0800 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764413876977116015?= X-GMAIL-MSGID: =?utf-8?q?1764413876977116015?= When PIE is enabled, all symbol references are RIP-relative, so there is no need to fixup global symbol references when in low address. However, in order to acquire absloute virtual address of symbol, introduce a macro to use data relocation to get it. Suggested-by: Lai Jiangshan Signed-off-by: Hou Wenlong Cc: Thomas Garnier Cc: Kees Cook --- arch/x86/kernel/head64.c | 30 ++++++++++++++++++++++-------- 1 file changed, 22 insertions(+), 8 deletions(-) diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c index 49f7629b17f7..ef7ad96f2154 100644 --- a/arch/x86/kernel/head64.c +++ b/arch/x86/kernel/head64.c @@ -86,10 +86,22 @@ static struct desc_ptr startup_gdt_descr = { #define __head __section(".head.text") +#ifdef CONFIG_X86_PIE +#define SYM_ABS_VAL(sym) \ + ({ static unsigned long __initdata __##sym = (unsigned long)sym; __##sym; }) + +static void __head *fixup_pointer(void *ptr, unsigned long physaddr) +{ + return ptr; +} +#else +#define SYM_ABS_VAL(sym) ((unsigned long)sym) + static void __head *fixup_pointer(void *ptr, unsigned long physaddr) { return ptr - (void *)_text + (void *)physaddr; } +#endif /* CONFIG_X86_PIE */ static unsigned long __head *fixup_long(void *ptr, unsigned long physaddr) { @@ -142,8 +154,8 @@ static unsigned long __head sme_postprocess_startup(struct boot_params *bp, pmdv * attribute. */ if (sme_get_me_mask()) { - vaddr = (unsigned long)__start_bss_decrypted; - vaddr_end = (unsigned long)__end_bss_decrypted; + vaddr = SYM_ABS_VAL(__start_bss_decrypted); + vaddr_end = SYM_ABS_VAL(__end_bss_decrypted); for (; vaddr < vaddr_end; vaddr += PMD_SIZE) { /* @@ -189,6 +201,8 @@ unsigned long __head __startup_64(unsigned long physaddr, bool la57; int i; unsigned int *next_pgt_ptr; + unsigned long text_base = SYM_ABS_VAL(_text); + unsigned long end_base = SYM_ABS_VAL(_end); la57 = check_la57_support(physaddr); @@ -200,7 +214,7 @@ unsigned long __head __startup_64(unsigned long physaddr, * Compute the delta between the address I am compiled to run at * and the address I am actually running at. */ - load_delta = physaddr - (unsigned long)(_text - __START_KERNEL_map); + load_delta = physaddr - (text_base - __START_KERNEL_map); /* Is the address not 2M aligned? */ if (load_delta & ~PMD_MASK) @@ -214,9 +228,9 @@ unsigned long __head __startup_64(unsigned long physaddr, pgd = fixup_pointer(&early_top_pgt, physaddr); p = pgd + pgd_index(__START_KERNEL_map); if (la57) - *p = (unsigned long)level4_kernel_pgt; + *p = SYM_ABS_VAL(level4_kernel_pgt); else - *p = (unsigned long)level3_kernel_pgt; + *p = SYM_ABS_VAL(level3_kernel_pgt); *p += _PAGE_TABLE_NOENC - __START_KERNEL_map + load_delta; if (la57) { @@ -273,7 +287,7 @@ unsigned long __head __startup_64(unsigned long physaddr, pmd_entry += sme_get_me_mask(); pmd_entry += physaddr; - for (i = 0; i < DIV_ROUND_UP(_end - _text, PMD_SIZE); i++) { + for (i = 0; i < DIV_ROUND_UP(end_base - text_base, PMD_SIZE); i++) { int idx = i + (physaddr >> PMD_SHIFT); pmd[idx % PTRS_PER_PMD] = pmd_entry + i * PMD_SIZE; @@ -298,11 +312,11 @@ unsigned long __head __startup_64(unsigned long physaddr, pmd = fixup_pointer(level2_kernel_pgt, physaddr); /* invalidate pages before the kernel image */ - for (i = 0; i < pmd_index((unsigned long)_text); i++) + for (i = 0; i < pmd_index(text_base); i++) pmd[i] &= ~_PAGE_PRESENT; /* fixup pages that are part of the kernel image */ - for (; i <= pmd_index((unsigned long)_end); i++) + for (; i <= pmd_index(end_base); i++) if (pmd[i] & _PAGE_PRESENT) pmd[i] += load_delta; From patchwork Fri Apr 28 09:51:13 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88557 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp816965vqo; Fri, 28 Apr 2023 03:03:20 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4WiyuiIoWtDBqprcK8rkS+t9A4SJMty21DlEvGe9/euzJutE2OjoUIMGguEal4fmMvjjAE X-Received: by 2002:a17:902:e882:b0:1a1:8fd4:251 with SMTP id w2-20020a170902e88200b001a18fd40251mr5627670plg.55.1682676200297; Fri, 28 Apr 2023 03:03:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676200; cv=none; d=google.com; s=arc-20160816; b=Br26+ei5BcFi18IGX6ZPMnPm5KuO8JNbwM6mqe7mHO+ek4s8TlCZ1XglcCv+zGK+Wq 8RYUoLAlSKwWB+HHd9bN/+yU7VJ2srIOTVc4aAlUyDfFotRg+ZuVmrJzTijyIoZLaftG l4+4qAptDCDSRkFW7fS98BcAyZranghbLS/cSXAMNIOpLr0CTvfy9RYGPsv7DZlwH+u6 q9GNxX+8vzcv6A3p+Lf518ItTsxriwsa618W/aRtTBW1PTr+gZsPMUUsgX0+ZgPfWod/ VicoE5gKQBm4lCPx0TzR2Z6MXVS4i85YnBsObZwVDAmvFGXIojrgC+BsYnDr988LjzOn bmPA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=gUbxmxj4/9ZHCLcORdZu8RQtMdRy90yoMFT1Bo1BLIc=; b=uo/uUctG0ogHDGN5r+fTgUdcWAl9i744dhh+47UvGGYUixeLPfNZHuMiPYsoXXkPO3 Hj4dvk2PKCgm2WeJuVZ+4V33ZD1YvpelsPmUjZnYB8c2p5VtVdzrWTt/6+uxBRx4AqAp AwD+/j1KFoUKkBAnrI5RpUNhG05pkkZQTFxCeGYDGxJ/Rw2RzlH2gURJ9F96tj7DA253 0RO2os2afaj93n7vnDgS4Wi97A8Nx+DO16YWE1BIEb1qbF7okEUfXNS1ZTlZwwT/eobH V37fXCln/GuL+RM3UMmkLprZzGSkkVVnNWMpRzPB1mUmBQCRVvdZjUsLjN77sIBRfd9m i8Wg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id h17-20020a170902f2d100b001a6b9ab7025si19789182plc.359.2023.04.28.03.03.06; Fri, 28 Apr 2023 03:03:20 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346015AbjD1J4s (ORCPT + 99 others); Fri, 28 Apr 2023 05:56:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37102 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345778AbjD1J4M (ORCPT ); Fri, 28 Apr 2023 05:56:12 -0400 Received: from out0-210.mail.aliyun.com (out0-210.mail.aliyun.com [140.205.0.210]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1D9B25599; Fri, 28 Apr 2023 02:55:19 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R371e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047213;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=21;SR=0;TI=SMTPD_---.STFoGdv_1682675616; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STFoGdv_1682675616) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:53:37 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , "Masahiro Yamada" , "Nathan Chancellor" , "Nick Desaulniers" , "Nicolas Schier" , "Josh Poimboeuf" , "Peter Zijlstra" , "Christophe Leroy" , "Sathvika Vasireddy" , " =?utf-8?q?Thomas_Wei=C3=9Fschuh?= " , Subject: [PATCH RFC 33/43] objtool: Add validation for x86 PIE support Date: Fri, 28 Apr 2023 17:51:13 +0800 Message-Id: <226af8c63c5bfa361763dd041a997ee84fe926cf.1682673543.git.houwenlong.hwl@antgroup.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764413879049301217?= X-GMAIL-MSGID: =?utf-8?q?1764413879049301217?= For x86 PIE binary, only RIP-relative addressing is allowed, however, there are still a little absolute references of R_X86_64_64 relocation type for data section and a little absolute references of R_X86_64_32S relocation type in pvh_start_xen() function. Suggested-by: Lai Jiangshan Signed-off-by: Hou Wenlong Cc: Thomas Garnier Cc: Kees Cook --- arch/x86/Kconfig | 1 + scripts/Makefile.lib | 1 + tools/objtool/builtin-check.c | 4 +- tools/objtool/check.c | 82 +++++++++++++++++++++++++ tools/objtool/include/objtool/builtin.h | 1 + 5 files changed, 88 insertions(+), 1 deletion(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 715f0734d065..b753a54e5ea7 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2224,6 +2224,7 @@ config RELOCATABLE config X86_PIE def_bool n depends on X86_64 + select OBJTOOL if HAVE_OBJTOOL config RANDOMIZE_BASE bool "Randomize the address of the kernel image (KASLR)" diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib index 100a386fcd71..e3c804fbc421 100644 --- a/scripts/Makefile.lib +++ b/scripts/Makefile.lib @@ -270,6 +270,7 @@ objtool-args-$(CONFIG_HAVE_STATIC_CALL_INLINE) += --static-call objtool-args-$(CONFIG_HAVE_UACCESS_VALIDATION) += --uaccess objtool-args-$(CONFIG_GCOV_KERNEL) += --no-unreachable objtool-args-$(CONFIG_PREFIX_SYMBOLS) += --prefix=$(CONFIG_FUNCTION_PADDING_BYTES) +objtool-args-$(CONFIG_X86_PIE) += --pie objtool-args = $(objtool-args-y) \ $(if $(delay-objtool), --link) \ diff --git a/tools/objtool/builtin-check.c b/tools/objtool/builtin-check.c index 7c175198d09f..1cf1d00464e0 100644 --- a/tools/objtool/builtin-check.c +++ b/tools/objtool/builtin-check.c @@ -81,6 +81,7 @@ static const struct option check_options[] = { OPT_BOOLEAN('t', "static-call", &opts.static_call, "annotate static calls"), OPT_BOOLEAN('u', "uaccess", &opts.uaccess, "validate uaccess rules for SMAP"), OPT_BOOLEAN(0 , "cfi", &opts.cfi, "annotate kernel control flow integrity (kCFI) function preambles"), + OPT_BOOLEAN(0, "pie", &opts.pie, "validate addressing rules for PIE"), OPT_CALLBACK_OPTARG(0, "dump", NULL, NULL, "orc", "dump metadata", parse_dump), OPT_GROUP("Options:"), @@ -137,7 +138,8 @@ static bool opts_valid(void) opts.sls || opts.stackval || opts.static_call || - opts.uaccess) { + opts.uaccess || + opts.pie) { if (opts.dump_orc) { ERROR("--dump can't be combined with other options"); return false; diff --git a/tools/objtool/check.c b/tools/objtool/check.c index 5b600bbf2389..d67b80251eec 100644 --- a/tools/objtool/check.c +++ b/tools/objtool/check.c @@ -131,6 +131,27 @@ static struct instruction *prev_insn_same_sym(struct objtool_file *file, for (insn = next_insn_same_sec(file, insn); insn; \ insn = next_insn_same_sec(file, insn)) +static struct instruction *find_insn_containing(struct objtool_file *file, + struct section *sec, + unsigned long offset) +{ + struct instruction *insn; + + insn = find_insn(file, sec, 0); + if (!insn) + return NULL; + + sec_for_each_insn_from(file, insn) { + if (insn->offset > offset) + return NULL; + if (insn->offset <= offset && (insn->offset + insn->len) > offset) + return insn; + } + + return NULL; +} + + static inline struct symbol *insn_call_dest(struct instruction *insn) { if (insn->type == INSN_JUMP_DYNAMIC || @@ -4529,6 +4550,61 @@ static int validate_reachable_instructions(struct objtool_file *file) return 0; } +static int is_in_pvh_code(struct instruction *insn) +{ + struct symbol *sym = insn->sym; + + return sym && !strcmp(sym->name, "pvh_start_xen"); +} + +static int validate_pie(struct objtool_file *file) +{ + struct section *sec; + struct reloc *reloc; + struct instruction *insn; + int warnings = 0; + + for_each_sec(file, sec) { + if (!sec->reloc) + continue; + if (!(sec->sh.sh_flags & SHF_ALLOC)) + continue; + + list_for_each_entry(reloc, &sec->reloc->reloc_list, list) { + switch (reloc->type) { + case R_X86_64_NONE: + case R_X86_64_PC32: + case R_X86_64_PLT32: + case R_X86_64_64: + case R_X86_64_PC64: + case R_X86_64_GOTPCREL: + break; + case R_X86_64_32: + case R_X86_64_32S: + insn = find_insn_containing(file, sec, reloc->offset); + if (!insn) { + WARN("can't find relocate insn near %s+0x%lx", + sec->name, reloc->offset); + } else { + if (is_in_pvh_code(insn)) + break; + WARN("insn at %s+0x%lx is not compatible with PIE", + sec->name, insn->offset); + } + warnings++; + break; + default: + WARN("unexpected relocation type %d at %s+0x%lx", + reloc->type, sec->name, reloc->offset); + warnings++; + break; + } + } + } + + return warnings; +} + int check(struct objtool_file *file) { int ret, warnings = 0; @@ -4673,6 +4749,12 @@ int check(struct objtool_file *file) warnings += ret; } + if (opts.pie) { + ret = validate_pie(file); + if (ret < 0) + return ret; + warnings += ret; + } if (opts.stats) { printf("nr_insns_visited: %ld\n", nr_insns_visited); diff --git a/tools/objtool/include/objtool/builtin.h b/tools/objtool/include/objtool/builtin.h index 2a108e648b7a..1151211a5cea 100644 --- a/tools/objtool/include/objtool/builtin.h +++ b/tools/objtool/include/objtool/builtin.h @@ -26,6 +26,7 @@ struct opts { bool uaccess; int prefix; bool cfi; + bool pie; /* options: */ bool backtrace; From patchwork Fri Apr 28 09:51:14 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88553 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp816467vqo; Fri, 28 Apr 2023 03:02:30 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7x5PWRbwRb0G3n3iieoMvN77vTJlL4v3in8NLh6ICiTvku5uK95UAMRbvTv0hbzkbDS1Qj X-Received: by 2002:a05:6a00:1749:b0:63d:287f:fdf5 with SMTP id j9-20020a056a00174900b0063d287ffdf5mr6772558pfc.27.1682676149804; Fri, 28 Apr 2023 03:02:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676149; cv=none; d=google.com; s=arc-20160816; b=jy0+qbENLW5cOEjgaa8HgKX2JfUZSxVZeBdZhAoFaxvIp0WYDKopvbgPYEy391XSxO OwfOKcTtQVKf3LNyBYgZJu/z9Qg1uzVNvvsGysGxJlvdgyEQrvcut4AIoGETJ1tdn3MS EvlLAxKY0ZgsOUu/+2wKk3FF0Z39eG02nUTUYAO0JgmKQWTHojJc6btcABOlt+Hy47h3 1Ou4WLgLxfqQbUCkrnDJfZm8xWmnDgAsVu84ITVFGiXfDtu+3PMwdP39143SboDoCbZJ tDC0IbdEEEw9rOMolC0KxkyTz4OJPa2glLNpfkozqd2e7LKrLTdaTAQdAysE2ol/Ihb3 8QGA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=JuYTGEVdqhGZqgILy32ZsaJ8AH9R5mp/gGPOasnJusk=; b=V42ktFSDZVd7lL/0f2PwWyv+d1Kx+WNbo+UhvcPfJ5Em8dPqE1nnRZe+pQ1Zpn3Mng 02TPhpdjoPvWrEatdROJgINEObjxKgeErqoXnDh6t2gJWpL+xiWhQ9eRmhsRD5IIrYDR Dp8Pz3ySGnAcvXQpzwhmIOsc/p+DFVVwAdMuxR1m3nvVT74m9siD5f8NC19aRK8X7v6a UzHlEGQmKwUvjJb6QLy3PPBaQNZ2S0pj6Fk8eT+P5om2RvKk6mzJqupKnmu1h6hBvDL0 0yxRL5/lU4MnSycOkOoO012tDkAxg7AqBaT9z0/rF1GmWLH1l+iPOgXM+NeLiGs/yUYY Zrzg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 78-20020a630151000000b005287f5fbf5esi7551564pgb.254.2023.04.28.03.02.17; Fri, 28 Apr 2023 03:02:29 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345869AbjD1J4A (ORCPT + 99 others); Fri, 28 Apr 2023 05:56:00 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36560 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345892AbjD1JzS (ORCPT ); Fri, 28 Apr 2023 05:55:18 -0400 Received: from out187-19.us.a.mail.aliyun.com (out187-19.us.a.mail.aliyun.com [47.90.187.19]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E2F1759FD for ; Fri, 28 Apr 2023 02:54:59 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R821e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047190;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=15;SR=0;TI=SMTPD_---.STFoGfH_1682675620; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STFoGfH_1682675620) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:53:41 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , "Josh Poimboeuf" , "Peter Zijlstra" , "Christophe Leroy" , "Sathvika Vasireddy" Subject: [PATCH RFC 34/43] objtool: Adapt indirect call of __fentry__() for PIE support Date: Fri, 28 Apr 2023 17:51:14 +0800 Message-Id: <804a7d5a4ef939b767ae540ebbb24a811d99e100.1682673543.git.houwenlong.hwl@antgroup.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764413826536916551?= X-GMAIL-MSGID: =?utf-8?q?1764413826536916551?= When using PIE with function tracing, the compiler generates a call through the GOT (call *__fentry__@GOTPCREL). This instruction is an indirect call (INSN_CALL_DYNAMIC) and wouldn't be collected by add_call_destinations(). So collect those indirect calls of __fentry__() individually for PIE support. And replace the 6th byte of the GOT call by a 1-byte nop so ftrace can handle the previous 5-bytes as before. When RETPOLINE is enabled, __fentry__() is still an indirect call, which generates warnings in objtool. For simplicity, select DYNAMIC_FTRACE to patch it as NOPs. And regard it as INSN_CALL to omit warnings for jump table and retpoline checks in ojbtool. Signed-off-by: Hou Wenlong Cc: Thomas Garnier Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/Kconfig | 1 + tools/objtool/arch/x86/decode.c | 10 +++++++-- tools/objtool/check.c | 39 +++++++++++++++++++++++++++++++++ 3 files changed, 48 insertions(+), 2 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index b753a54e5ea7..5ac5f335855e 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2225,6 +2225,7 @@ config X86_PIE def_bool n depends on X86_64 select OBJTOOL if HAVE_OBJTOOL + select DYNAMIC_FTRACE if FUNCTION_TRACER && RETPOLINE config RANDOMIZE_BASE bool "Randomize the address of the kernel image (KASLR)" diff --git a/tools/objtool/arch/x86/decode.c b/tools/objtool/arch/x86/decode.c index 9ef024fd648c..cd9a81002efe 100644 --- a/tools/objtool/arch/x86/decode.c +++ b/tools/objtool/arch/x86/decode.c @@ -747,15 +747,21 @@ void arch_initial_func_cfi_state(struct cfi_init_state *state) const char *arch_nop_insn(int len) { - static const char nops[5][5] = { + static const char nops[6][6] = { { BYTES_NOP1 }, { BYTES_NOP2 }, { BYTES_NOP3 }, { BYTES_NOP4 }, { BYTES_NOP5 }, + /* + * For PIE kernel, use a 5-byte nop + * and 1-byte nop to keep the frace + * hooking algorithm working correct. + */ + { BYTES_NOP5, BYTES_NOP1 }, }; - if (len < 1 || len > 5) { + if (len < 1 || len > 6) { WARN("invalid NOP size: %d\n", len); return NULL; } diff --git a/tools/objtool/check.c b/tools/objtool/check.c index d67b80251eec..2456ab931fe5 100644 --- a/tools/objtool/check.c +++ b/tools/objtool/check.c @@ -1785,6 +1785,38 @@ static int add_call_destinations(struct objtool_file *file) return 0; } +static int add_indirect_mcount_calls(struct objtool_file *file) +{ + struct instruction *insn; + struct reloc *reloc; + + for_each_insn(file, insn) { + if (insn->type != INSN_CALL_DYNAMIC) + continue; + + reloc = insn_reloc(file, insn); + if (!reloc) + continue; + if (!reloc->sym->fentry) + continue; + + /* + * __fentry__() is an indirect call even in RETPOLINE builiding + * when X86_PIE is enabled, so DYNAMIC_FTRACE is selected. Then + * all indirect calls of __fentry__() would be patched as NOP + * later, so regard it as retpoline safe as a hack here. Also + * regard it as a direct call, otherwise, it would be treat as + * a jump to jump table in insn_jump_table(), because + * _jump_table and _call_dest share the same memory. + */ + insn->type = INSN_CALL; + insn->retpoline_safe = true; + add_call_dest(file, insn, reloc->sym, false); + } + + return 0; +} + /* * The .alternatives section requires some extra special care over and above * other special sections because alternatives are patched in place. @@ -2668,6 +2700,13 @@ static int decode_sections(struct objtool_file *file) if (ret) return ret; + /* + * For X86 PIE kernel, __fentry__ call is an indirect call instead + * of direct call. + */ + if (opts.pie) + add_indirect_mcount_calls(file); + /* * Must be after add_call_destinations() such that it can override * dead_end_function() marks. From patchwork Fri Apr 28 09:51:15 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88581 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp831486vqo; Fri, 28 Apr 2023 03:33:47 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4MP6/9apxnqDGc8tDaXEd3hZrD6v4YGzZiSE2VFzLMctEpxB/YmXGz19wPC4DhhHAUGi/T X-Received: by 2002:a17:90a:c784:b0:247:ad6d:7250 with SMTP id gn4-20020a17090ac78400b00247ad6d7250mr5454331pjb.12.1682678027574; Fri, 28 Apr 2023 03:33:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682678027; cv=none; d=google.com; s=arc-20160816; b=z+5Lp1T13W/pPfMfJ/e/RNiRrfjqTiqf5lMf6hYKSo1HgBSnYknEGIvgHUZwtPinJe FAQieQW3egkSgI2Xj8VMn8kwTz1opMhkM0sb/sBRnwTtKqngdV9UhafG6Mt1ezcGG5Me yibaAtvq6wugboE+gfhe8OoYz4Meb5XjDOFTW4uUow/5rUUAEXq3pIF/GvuiSKQyQ7gi l1NObBLKtgkbPgwylKvID8ZrpHha108A7y8o8sw8flxwAtvIHqVr4p6gNuBwmxUeKpyX CUN20WDlH8A/7u3wvOV0WF8sv1033sToL/V5EPaljS4m+/33qqLo5fWDIaiPF8oinuk9 QTeQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=8uL7qWf2/CofPtO601NpRkHQpK+TfnNLzMU6Q3ngR4k=; b=a5y3AG+MtWQsbQeCOYrTIRciO3z3VNNJ0UCe0uTfS9uRaiEJBU6fjriYlMAwObEzr1 hS0vRq3tnQx3KsTT6mH94YJWza7pcEn8D79Bk8VEEikhBmlFCzFs5fgPGK5cyJDQG/JZ 7ygCXTqsunr7KD3P13CwF4UBi/EPHlb6UVeKUoBYP5z3BJQnq4QwMTgbmXw0B40LB19H qmxHlWf48CCqRKo4a0uITVf6yg8Mz4Nd0MJDyL+0nbIc+2aQ89oLlFyAltHc5EmS9aRx qLAbDuZpNHs4pHaYi2/GcHBiu16C3+eQtSwaV3HQTtsURHO0ffOPb+WiMahJp3hTQHfp BX4A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id nn17-20020a17090b38d100b002478bba4da2si1956618pjb.127.2023.04.28.03.33.34; Fri, 28 Apr 2023 03:33:47 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230341AbjD1KCg (ORCPT + 99 others); Fri, 28 Apr 2023 06:02:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44264 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1346049AbjD1KCP (ORCPT ); Fri, 28 Apr 2023 06:02:15 -0400 Received: from out0-212.mail.aliyun.com (out0-212.mail.aliyun.com [140.205.0.212]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 60E9B5FEA for ; Fri, 28 Apr 2023 03:02:04 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R981e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047213;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=11;SR=0;TI=SMTPD_---.STCEPrW_1682675622; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STCEPrW_1682675622) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:53:43 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" Subject: [PATCH RFC 35/43] x86/pie: Build the kernel as PIE Date: Fri, 28 Apr 2023 17:51:15 +0800 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764415795182538599?= X-GMAIL-MSGID: =?utf-8?q?1764415795182538599?= The kernel is currently build with mcmode=kernel option which forces it to stay on the top 2G of the virtual address space. For PIE, use -fPIE option to build the kernel as a Position Independent Executable (PIE), which uses RIP-relative addressing and could be able to move below the top 2G. The --emit-relocs linker option was kept instead of using -pie to limit the impact on mapped sections. Any incompatible relocation will be catch by the objtool at compile time. Suggested-by: Lai Jiangshan Signed-off-by: Hou Wenlong Cc: Thomas Garnier Cc: Kees Cook --- arch/x86/Kconfig | 8 ++++++-- arch/x86/Makefile | 9 +++++++-- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 5ac5f335855e..9f8020991184 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2222,10 +2222,14 @@ config RELOCATABLE (CONFIG_PHYSICAL_START) is used as the minimum location. config X86_PIE - def_bool n - depends on X86_64 + bool "Build a PIE kernel" + default n + depends on X86_64 && !XEN select OBJTOOL if HAVE_OBJTOOL select DYNAMIC_FTRACE if FUNCTION_TRACER && RETPOLINE + help + This builds a PIE kernel image that could be put at any + virtual address. config RANDOMIZE_BASE bool "Randomize the address of the kernel image (KASLR)" diff --git a/arch/x86/Makefile b/arch/x86/Makefile index 81500011396d..6631974e2003 100644 --- a/arch/x86/Makefile +++ b/arch/x86/Makefile @@ -160,10 +160,15 @@ else KBUILD_CFLAGS += -mno-red-zone ifdef CONFIG_X86_PIE - PIE_CFLAGS := -include $(srctree)/include/linux/hidden.h + PIE_CFLAGS := -fPIE -include $(srctree)/include/linux/hidden.h KBUILD_CFLAGS += $(PIE_CFLAGS) -endif + # Relax relocation in both CFLAGS and LDFLAGS to support older compilers + KBUILD_CFLAGS += $(call cc-option,-Wa$(comma)-mrelax-relocations=no) + LDFLAGS_vmlinux += $(call ld-option,--no-relax) + KBUILD_LDFLAGS_MODULE += $(call ld-option,--no-relax) +else KBUILD_CFLAGS += -mcmodel=kernel +endif KBUILD_RUSTFLAGS += -Cno-redzone=y KBUILD_RUSTFLAGS += -Ccode-model=kernel From patchwork Fri Apr 28 09:51:16 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88570 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp820986vqo; Fri, 28 Apr 2023 03:11:00 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4+x4nsq2OOtITkVE9Wbefvz0AyzEvExNQHXpYXVMEzYD3mb5uSd5q0FMFNa7iBES2CBDkM X-Received: by 2002:a17:902:864b:b0:1a2:17b1:71b with SMTP id y11-20020a170902864b00b001a217b1071bmr3940471plt.66.1682676659964; Fri, 28 Apr 2023 03:10:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676659; cv=none; d=google.com; s=arc-20160816; b=CYL7FoW2DOI9muDexvO8DMx2xXoRgssIHW7O6cbk6737L2DqikeNpNznMQDq3CMgsM UtO14NYemIin9yi6bKB/Rk+0MqAxsAWANtPwPW7ewm7VWJIKXgvL9aCHGyuWczo+OPFA 1rP2GwMqEJ/akrYMVDCMHMzeCxIr5kvUl+aGs7cHUNJT0phaT+uGBHRdGKtnuUgYf7ON lr02799vi0/NGtnwoj19dmKKqjxRakgDLsxfRkcre8f3a9s33mSgb7reuSvxKTiMdGNp I8+xJKKo5makBoXNfAL1s+5TQ7ofAtZiLIFLHaJoT5z2pkRY2jLZLSm0lGHZPdlV7fZQ DvRQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=iCriexIMZ1iPfgORpAmzOBEGtQWS1IZbigg4TdkP4KY=; b=ujPpfXtmyXhUcuIT3ir4evuVmzG0gKSrYaOcCFfXdrIp13Ajy1+Zm64SoIJuBM0MnM eOZ1kct5zGkSULsXenusXwUcZdlIpA48+SEOWb48i9iGMsFbOyAv7eF6Y8C7+BsKRfq8 yLiYPtfss1EemjMmaPrmmfMWJozubVr51ygVV8JRWZEGrgYBhgio+FsPSWLbfN0Qe4IV ElB27odaASdaiNFdNcyHDG+jhKO/tAju2lx7Hu3+ioBEZpV02t+AJufr64thKkywf5dU ho51fyusvQxH9WSjG4iVKQbBBVFeljUqhEvx4tBC9xKPh2ll5xvlXjx3peqpgod2YB1E fyIg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id t4-20020a170902e84400b001a80ddd372csi22224368plg.43.2023.04.28.03.10.44; Fri, 28 Apr 2023 03:10:59 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345970AbjD1J4S (ORCPT + 99 others); Fri, 28 Apr 2023 05:56:18 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36366 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345971AbjD1Jzf (ORCPT ); Fri, 28 Apr 2023 05:55:35 -0400 Received: from out187-16.us.a.mail.aliyun.com (out187-16.us.a.mail.aliyun.com [47.90.187.16]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0D0564ECD for ; Fri, 28 Apr 2023 02:55:09 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R721e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047188;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=24;SR=0;TI=SMTPD_---.STFoGgp_1682675627; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STFoGgp_1682675627) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:53:48 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Andy Lutomirski" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , "Juergen Gross" , " =?utf-8?q?Srivatsa_S=2E_Bhat_=28VMware=29?= " , "Alexey Makhalov" , "VMware PV-Drivers Reviewers" , "Boris Ostrovsky" , "Andrew Morton" , " =?utf-8?q?Mike_Rapoport_=28I?= =?utf-8?q?BM=29?= " , "Liam R. Howlett" , "Suren Baghdasaryan" , "Kirill A. Shutemov" , , Subject: [PATCH RFC 36/43] x86/vsyscall: Don't use set_fixmap() to map vsyscall page Date: Fri, 28 Apr 2023 17:51:16 +0800 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764414361164860357?= X-GMAIL-MSGID: =?utf-8?q?1764414361164860357?= In order to unify FIXADDR_TOP for x86 and allow fixmap area to be moveable, vsyscall page should be mapped individually. However, for XENPV guest, vsyscall page needs to be mapped into user pagetable too. So introduce a new PVMMU op to help to map vsyscall page. Suggested-by: Lai Jiangshan Signed-off-by: Hou Wenlong Cc: Thomas Garnier Cc: Kees Cook --- arch/x86/entry/vsyscall/vsyscall_64.c | 3 +-- arch/x86/include/asm/paravirt.h | 7 +++++++ arch/x86/include/asm/paravirt_types.h | 4 ++++ arch/x86/include/asm/vsyscall.h | 13 +++++++++++++ arch/x86/kernel/paravirt.c | 4 ++++ arch/x86/xen/mmu_pv.c | 20 ++++++++++++++------ 6 files changed, 43 insertions(+), 8 deletions(-) diff --git a/arch/x86/entry/vsyscall/vsyscall_64.c b/arch/x86/entry/vsyscall/vsyscall_64.c index e0ca8120aea8..4373460ebbde 100644 --- a/arch/x86/entry/vsyscall/vsyscall_64.c +++ b/arch/x86/entry/vsyscall/vsyscall_64.c @@ -385,8 +385,7 @@ void __init map_vsyscall(void) * page. */ if (vsyscall_mode == EMULATE) { - __set_fixmap(VSYSCALL_PAGE, physaddr_vsyscall, - PAGE_KERNEL_VVAR); + __set_vsyscall_page(physaddr_vsyscall, PAGE_KERNEL_VVAR); set_vsyscall_pgtable_user_bits(swapper_pg_dir); } diff --git a/arch/x86/include/asm/paravirt.h b/arch/x86/include/asm/paravirt.h index 2350ceb43db0..dcc0706287ee 100644 --- a/arch/x86/include/asm/paravirt.h +++ b/arch/x86/include/asm/paravirt.h @@ -576,6 +576,13 @@ static inline void __set_fixmap(unsigned /* enum fixed_addresses */ idx, { pv_ops.mmu.set_fixmap(idx, phys, flags); } + +#ifdef CONFIG_X86_VSYSCALL_EMULATION +static inline void __set_vsyscall_page(phys_addr_t phys, pgprot_t flags) +{ + pv_ops.mmu.set_vsyscall_page(phys, flags); +} +#endif #endif #if defined(CONFIG_SMP) && defined(CONFIG_PARAVIRT_SPINLOCKS) diff --git a/arch/x86/include/asm/paravirt_types.h b/arch/x86/include/asm/paravirt_types.h index 982a234f5a06..e79f38232849 100644 --- a/arch/x86/include/asm/paravirt_types.h +++ b/arch/x86/include/asm/paravirt_types.h @@ -224,6 +224,10 @@ struct pv_mmu_ops { an mfn. We can tell which is which from the index. */ void (*set_fixmap)(unsigned /* enum fixed_addresses */ idx, phys_addr_t phys, pgprot_t flags); + +#ifdef CONFIG_X86_VSYSCALL_EMULATION + void (*set_vsyscall_page)(phys_addr_t phys, pgprot_t flags); +#endif #endif } __no_randomize_layout; diff --git a/arch/x86/include/asm/vsyscall.h b/arch/x86/include/asm/vsyscall.h index ab60a71a8dcb..73691fc60924 100644 --- a/arch/x86/include/asm/vsyscall.h +++ b/arch/x86/include/asm/vsyscall.h @@ -2,6 +2,7 @@ #ifndef _ASM_X86_VSYSCALL_H #define _ASM_X86_VSYSCALL_H +#include #include #include @@ -15,6 +16,18 @@ extern void set_vsyscall_pgtable_user_bits(pgd_t *root); */ extern bool emulate_vsyscall(unsigned long error_code, struct pt_regs *regs, unsigned long address); +static inline void native_set_vsyscall_page(phys_addr_t phys, pgprot_t flags) +{ + pgprot_val(flags) &= __default_kernel_pte_mask; + set_pte_vaddr(VSYSCALL_ADDR, pfn_pte(phys >> PAGE_SHIFT, flags)); +} + +#ifndef CONFIG_PARAVIRT_XXL +#define __set_vsyscall_page native_set_vsyscall_page +#else +#include +#endif + #else static inline void map_vsyscall(void) {} static inline bool emulate_vsyscall(unsigned long error_code, diff --git a/arch/x86/kernel/paravirt.c b/arch/x86/kernel/paravirt.c index ac10b46c5832..13c81402f377 100644 --- a/arch/x86/kernel/paravirt.c +++ b/arch/x86/kernel/paravirt.c @@ -33,6 +33,7 @@ #include #include #include +#include /* * nop stub, which must not clobber anything *including the stack* to @@ -357,6 +358,9 @@ struct paravirt_patch_template pv_ops = { }, .mmu.set_fixmap = native_set_fixmap, +#ifdef CONFIG_X86_VSYSCALL_EMULATION + .mmu.set_vsyscall_page = native_set_vsyscall_page, +#endif #endif /* CONFIG_PARAVIRT_XXL */ #if defined(CONFIG_PARAVIRT_SPINLOCKS) diff --git a/arch/x86/xen/mmu_pv.c b/arch/x86/xen/mmu_pv.c index fdc91deece7e..a59bc013ee5b 100644 --- a/arch/x86/xen/mmu_pv.c +++ b/arch/x86/xen/mmu_pv.c @@ -59,6 +59,7 @@ #include #include +#include #include #include #include @@ -2020,9 +2021,6 @@ static void xen_set_fixmap(unsigned idx, phys_addr_t phys, pgprot_t prot) switch (idx) { case FIX_BTMAP_END ... FIX_BTMAP_BEGIN: -#ifdef CONFIG_X86_VSYSCALL_EMULATION - case VSYSCALL_PAGE: -#endif /* All local page mappings */ pte = pfn_pte(phys, prot); break; @@ -2058,14 +2056,21 @@ static void xen_set_fixmap(unsigned idx, phys_addr_t phys, pgprot_t prot) vaddr = __fix_to_virt(idx); if (HYPERVISOR_update_va_mapping(vaddr, pte, UVMF_INVLPG)) BUG(); +} #ifdef CONFIG_X86_VSYSCALL_EMULATION +static void xen_set_vsyscall_page(phys_addr_t phys, pgprot_t prot) +{ + pte_t pte = pfn_pte(phys >> PAGE_SHIFT, prot); + + if (HYPERVISOR_update_va_mapping(VSYSCALL_ADDR, pte, UVMF_INVLPG)) + BUG(); + /* Replicate changes to map the vsyscall page into the user pagetable vsyscall mapping. */ - if (idx == VSYSCALL_PAGE) - set_pte_vaddr_pud(level3_user_vsyscall, vaddr, pte); -#endif + set_pte_vaddr_pud(level3_user_vsyscall, VSYSCALL_ADDR, pte); } +#endif static void __init xen_post_allocator_init(void) { @@ -2156,6 +2161,9 @@ static const typeof(pv_ops) xen_mmu_ops __initconst = { }, .set_fixmap = xen_set_fixmap, +#ifdef CONFIG_X86_VSYSCALL_EMULATION + .set_vsyscall_page = xen_set_vsyscall_page, +#endif }, }; From patchwork Fri Apr 28 09:51:17 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88582 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp831822vqo; Fri, 28 Apr 2023 03:34:28 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ54LQ6x5AqcgnPpR9JQyYnfq3OIclMhODrXBla6PiUZCRv9zYwd8nUBezJGvLhKGDIBoAfk X-Received: by 2002:a17:90b:3b4f:b0:246:c223:14ba with SMTP id ot15-20020a17090b3b4f00b00246c22314bamr5084138pjb.28.1682678068587; Fri, 28 Apr 2023 03:34:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682678068; cv=none; d=google.com; s=arc-20160816; b=jEONbI7bfKu/L/6t+MU6e6hLkWu0l0RMyXKcVY60vlGURRv/GPxJ+g/Ro30nJtmBfV DWiM+VjYE/8XxIWBt4Y+mp2ZJ3eqIOMlvwCjx0xkrCkOhd1YV+weraBUvT3pNq1hnsWj QElltLHMV+Rpt55WjULe0qs/KP2nMezY5EWvmgkav7STO4vyFoLbUNXQClEv9/LKoAzw xUKR1U7UM0ToKM1Mc5mdVypJIqrQjNJ1VHg5CVXhB90KOXwPyuEJw9OaRYywd4lFDQMv hOJ+yuvtHLkJAbbOiZRuxgwsNMva72+WyaeyKbXw6r+lYUceD7T01Hapat9efwJcD7KB q33g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=qwWqFK68UPptgqSIXoptkzViwsruINWpsr9nlTvGRnk=; b=fmT9aycoWRJLO7dtAVDFgxv5Ut1ou/MRk+IvduYBsUinhSo24OB0iOpTuRvLvwTG3m fAnMWksDTjInWgk7VHFDdpJEwqZyjEHkfaIhg+DT0di5qF1CMpLoyg6hC7hlXF/AIobX Y3ZNoaaVQqx5W+FsxLC7SPuaHILqMXwSexqvML4BLvoy6Vad107JlRdsWll/RqogB3ew 5X1MRAw8nZPM7X8AQLJQhOfH+FZQN3llerZ9uQXOw3moHAvfiYo2z2hPNaicDsbapmit fcCwfZBjGdQFpB3V7EqgYtoGQImoH79JQGUr223+sHKBiiL0whxI63in/ydf0jv25/6z EaDQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id nn17-20020a17090b38d100b002478bba4da2si1956618pjb.127.2023.04.28.03.34.15; Fri, 28 Apr 2023 03:34:28 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230159AbjD1J6t (ORCPT + 99 others); Fri, 28 Apr 2023 05:58:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35350 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1346021AbjD1J63 (ORCPT ); Fri, 28 Apr 2023 05:58:29 -0400 Received: from out187-24.us.a.mail.aliyun.com (out187-24.us.a.mail.aliyun.com [47.90.187.24]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9D52C6EAC for ; Fri, 28 Apr 2023 02:57:46 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R111e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047206;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=14;SR=0;TI=SMTPD_---.STFoGhB_1682675630; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STFoGhB_1682675630) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:53:50 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Juergen Gross" , "Boris Ostrovsky" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , Subject: [PATCH RFC 37/43] x86/xen: Pin up to VSYSCALL_ADDR when vsyscall page is out of fixmap area Date: Fri, 28 Apr 2023 17:51:17 +0800 Message-Id: <13975abd9b8b2e2e1e2efd3be6c341542b08af24.1682673543.git.houwenlong.hwl@antgroup.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764415838216064354?= X-GMAIL-MSGID: =?utf-8?q?1764415838216064354?= If vsyscall page is moved out of fixmap area, then FIXADDR_TOP would be below vsyscall page. So it should pin up to VSYSCALL_ADDR if vsyscall is enabled. Suggested-by: Lai Jiangshan Signed-off-by: Hou Wenlong Cc: Thomas Garnier Cc: Kees Cook --- arch/x86/xen/mmu_pv.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/arch/x86/xen/mmu_pv.c b/arch/x86/xen/mmu_pv.c index a59bc013ee5b..28392f3478a0 100644 --- a/arch/x86/xen/mmu_pv.c +++ b/arch/x86/xen/mmu_pv.c @@ -587,6 +587,12 @@ static void xen_p4d_walk(struct mm_struct *mm, p4d_t *p4d, xen_pud_walk(mm, pud, func, last, limit); } +#ifdef CONFIG_X86_VSYSCALL_EMULATION +#define __KERNEL_MAP_TOP (VSYSCALL_ADDR + PAGE_SIZE) +#else +#define __KERNEL_MAP_TOP FIXADDR_TOP +#endif + /* * (Yet another) pagetable walker. This one is intended for pinning a * pagetable. This means that it walks a pagetable and calls the @@ -594,7 +600,7 @@ static void xen_p4d_walk(struct mm_struct *mm, p4d_t *p4d, * at every level. It walks the entire pagetable, but it only bothers * pinning pte pages which are below limit. In the normal case this * will be STACK_TOP_MAX, but at boot we need to pin up to - * FIXADDR_TOP. + * __KERNEL_MAP_TOP. * * We must skip the Xen hole in the middle of the address space, just after * the big x86-64 virtual hole. @@ -609,7 +615,7 @@ static void __xen_pgd_walk(struct mm_struct *mm, pgd_t *pgd, /* The limit is the last byte to be touched */ limit--; - BUG_ON(limit >= FIXADDR_TOP); + BUG_ON(limit >= __KERNEL_MAP_TOP); /* * 64-bit has a great big hole in the middle of the address @@ -797,7 +803,7 @@ static void __init xen_after_bootmem(void) #ifdef CONFIG_X86_VSYSCALL_EMULATION SetPagePinned(virt_to_page(level3_user_vsyscall)); #endif - xen_pgd_walk(&init_mm, xen_mark_pinned, FIXADDR_TOP); + xen_pgd_walk(&init_mm, xen_mark_pinned, __KERNEL_MAP_TOP); } static void xen_unpin_page(struct mm_struct *mm, struct page *page, From patchwork Fri Apr 28 09:51:19 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88577 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp823745vqo; Fri, 28 Apr 2023 03:16:25 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ5ZT+Dc9F+HTDw53sD6pBeK6N8xmLtQqPyG+PfNyrRDPikbtLez8qH0g9bW+iguDmper5e9 X-Received: by 2002:a17:90b:33c6:b0:247:761d:a6af with SMTP id lk6-20020a17090b33c600b00247761da6afmr4610727pjb.17.1682676985007; Fri, 28 Apr 2023 03:16:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682676984; cv=none; d=google.com; s=arc-20160816; b=MGxK/sSf7WsrPuih2V6Wi+eLYf3WSKqDtOvezVNWMev2TBUuahlS6Jun2E0hqn8iRi UNs3VlTSe9wBbczoZCrsdjUn1TZtrxWGORA2oXTWxZsIMGDJsfs2/AVCmu66KuuE4mo3 syXza0a4Z2GF45JaJSllzg4DgQLiQq1dWK6xKQ+OvHNzRtk2YcRVO8S8haQjk5c/y5Yr 5yY9/WAeFEx8+WXFNj/7ZkBSAtCrbh6e5GBmOi7+NSXoaE6f8VcakMbixZkWfcTR/9Yh pKJxeLGn2u6z4giGfLJZK7Cw5NDj2haHT9jMDviBewmErzOVlOQwhHN4tMKA3kp14BBZ tUvA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=S+3cKGZSPgUq9ZBegD57ImzSDDuV1K0UNaNvu3Oil/Q=; b=XootoEkM41w0Aeb40vxzpWuddmMc2rMTejbTTtaxmmZme3SuuqNsNsffeeuLGxe14G LaIDc3Ds7cWo/HrVyH7rGHVWufVyG+ybzpRUPhnSKnu1f/bIckoqv7RzpjXL5cS8sa20 stuMbkFPplVGz9wcl6htWIksP9V7ONjTRW3wEKI/gOoc5DcpPf7lM/wETGQreB5r1lFd 14gu28lXHSR6BzLhWyZ5LDkDzM7usgYg//JIH+AM4h5rWTc15L2zt3WW41rywVT9qhv6 nlVsmncbgB2wzOexotzbQhEYmlG/JBER9R8eoEJa5e8S9zIYTy/RPfXWxa0j7WHoZppG Ahpw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id im16-20020a170902bb1000b001a6a50d6526si20326049plb.579.2023.04.28.03.16.08; Fri, 28 Apr 2023 03:16:24 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345948AbjD1J4P (ORCPT + 99 others); Fri, 28 Apr 2023 05:56:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37136 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345954AbjD1JzY (ORCPT ); Fri, 28 Apr 2023 05:55:24 -0400 Received: from out187-17.us.a.mail.aliyun.com (out187-17.us.a.mail.aliyun.com [47.90.187.17]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B677465AB for ; Fri, 28 Apr 2023 02:55:07 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R121e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047190;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=17;SR=0;TI=SMTPD_---.STFoGjm_1682675641; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STFoGjm_1682675641) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:54:02 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , "Andy Lutomirski" , "Peter Zijlstra" , "Juergen Gross" , "Anshuman Khandual" , "Josh Poimboeuf" , "Pasha Tatashin" Subject: [PATCH RFC 39/43] x86/fixmap: Unify FIXADDR_TOP Date: Fri, 28 Apr 2023 17:51:19 +0800 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764414702283561328?= X-GMAIL-MSGID: =?utf-8?q?1764414702283561328?= Now FIXADDR_TOP is nothing to do with vsyscall page, it can be declared as variable too for x86_64, so unify it for x86. Suggested-by: Lai Jiangshan Signed-off-by: Hou Wenlong Cc: Thomas Garnier Cc: Kees Cook --- arch/x86/include/asm/fixmap.h | 13 ------------- arch/x86/kernel/head64.c | 1 - arch/x86/mm/dump_pagetables.c | 3 ++- arch/x86/mm/ioremap.c | 5 ++--- arch/x86/mm/pgtable.c | 13 +++++++++++++ arch/x86/mm/pgtable_32.c | 3 --- 6 files changed, 17 insertions(+), 21 deletions(-) diff --git a/arch/x86/include/asm/fixmap.h b/arch/x86/include/asm/fixmap.h index eeb152ad9682..9433109e4853 100644 --- a/arch/x86/include/asm/fixmap.h +++ b/arch/x86/include/asm/fixmap.h @@ -40,21 +40,8 @@ #include #endif -/* - * We can't declare FIXADDR_TOP as variable for x86_64 because vsyscall - * uses fixmaps that relies on FIXADDR_TOP for proper address calculation. - * Because of this, FIXADDR_TOP x86 integration was left as later work. - */ -#ifdef CONFIG_X86_32 -/* - * Leave one empty page between vmalloc'ed areas and - * the start of the fixmap. - */ extern unsigned long __FIXADDR_TOP; #define FIXADDR_TOP ((unsigned long)__FIXADDR_TOP) -#else -#define FIXADDR_TOP (0xffffffffff600000UL - PAGE_SIZE) -#endif /* * Here we define all the compile-time 'special' virtual diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c index ef7ad96f2154..8295b547b64f 100644 --- a/arch/x86/kernel/head64.c +++ b/arch/x86/kernel/head64.c @@ -499,7 +499,6 @@ asmlinkage __visible void __init __noreturn x86_64_start_kernel(char * real_mode BUILD_BUG_ON(!(MODULES_VADDR > __START_KERNEL)); MAYBE_BUILD_BUG_ON(!(((MODULES_END - 1) & PGDIR_MASK) == (__START_KERNEL & PGDIR_MASK))); - BUILD_BUG_ON(__fix_to_virt(__end_of_fixed_addresses) <= MODULES_END); cr4_init_shadow(); diff --git a/arch/x86/mm/dump_pagetables.c b/arch/x86/mm/dump_pagetables.c index e1b599ecbbc2..df1a708a038a 100644 --- a/arch/x86/mm/dump_pagetables.c +++ b/arch/x86/mm/dump_pagetables.c @@ -104,7 +104,7 @@ static struct addr_marker address_markers[] = { [HIGH_KERNEL_NR] = { __START_KERNEL_map, "High Kernel Mapping" }, [MODULES_VADDR_NR] = { MODULES_VADDR, "Modules" }, [MODULES_END_NR] = { MODULES_END, "End Modules" }, - [FIXADDR_START_NR] = { FIXADDR_START, "Fixmap Area" }, + [FIXADDR_START_NR] = { 0UL, "Fixmap Area" }, [END_OF_SPACE_NR] = { -1, NULL } }; @@ -453,6 +453,7 @@ static int __init pt_dump_init(void) address_markers[KASAN_SHADOW_START_NR].start_address = KASAN_SHADOW_START; address_markers[KASAN_SHADOW_END_NR].start_address = KASAN_SHADOW_END; #endif + address_markers[FIXADDR_START_NR].start_address = FIXADDR_START; #endif #ifdef CONFIG_X86_32 address_markers[VMALLOC_START_NR].start_address = VMALLOC_START; diff --git a/arch/x86/mm/ioremap.c b/arch/x86/mm/ioremap.c index aa7d279321ea..44f9c6781c15 100644 --- a/arch/x86/mm/ioremap.c +++ b/arch/x86/mm/ioremap.c @@ -879,10 +879,9 @@ void __init early_ioremap_init(void) pmd_t *pmd; #ifdef CONFIG_X86_64 - BUILD_BUG_ON((fix_to_virt(0) + PAGE_SIZE) & ((1 << PMD_SHIFT) - 1)); -#else - WARN_ON((fix_to_virt(0) + PAGE_SIZE) & ((1 << PMD_SHIFT) - 1)); + BUG_ON(__fix_to_virt(__end_of_fixed_addresses) <= MODULES_END); #endif + WARN_ON((fix_to_virt(0) + PAGE_SIZE) & ((1 << PMD_SHIFT) - 1)); early_ioremap_setup(); diff --git a/arch/x86/mm/pgtable.c b/arch/x86/mm/pgtable.c index afab0bc7862b..726c0c369676 100644 --- a/arch/x86/mm/pgtable.c +++ b/arch/x86/mm/pgtable.c @@ -627,6 +627,19 @@ pmd_t pmdp_invalidate_ad(struct vm_area_struct *vma, unsigned long address, } #endif +#ifdef CONFIG_X86_32 +/* + * Leave one empty page between vmalloc'ed areas and + * the start of the fixmap. + */ +#define __FIXADDR_TOP_BASE 0xfffff000 +#else +#define __FIXADDR_TOP_BASE (0xffffffffff600000UL - PAGE_SIZE) +#endif + +unsigned long __FIXADDR_TOP = __FIXADDR_TOP_BASE; +EXPORT_SYMBOL(__FIXADDR_TOP); + /** * reserve_top_address - reserves a hole in the top of kernel address space * @reserve - size of hole to reserve diff --git a/arch/x86/mm/pgtable_32.c b/arch/x86/mm/pgtable_32.c index c234634e26ba..2b9a00976fee 100644 --- a/arch/x86/mm/pgtable_32.c +++ b/arch/x86/mm/pgtable_32.c @@ -65,9 +65,6 @@ void set_pte_vaddr(unsigned long vaddr, pte_t pteval) flush_tlb_one_kernel(vaddr); } -unsigned long __FIXADDR_TOP = 0xfffff000; -EXPORT_SYMBOL(__FIXADDR_TOP); - /* * vmalloc=size forces the vmalloc area to be exactly 'size' * bytes. This can be used to increase (or decrease) the From patchwork Fri Apr 28 09:51:20 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88578 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp824178vqo; Fri, 28 Apr 2023 03:17:23 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ5HzkGmiVS/SetraPwcoW/b0Xw3T5rbDxo4yoAkpZNol4bLFM1BpFb7bpNM5SRcKpxTo+5O X-Received: by 2002:a05:6a21:398e:b0:f0:6aaf:1abf with SMTP id ad14-20020a056a21398e00b000f06aaf1abfmr5901916pzc.4.1682677043491; Fri, 28 Apr 2023 03:17:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682677043; cv=none; d=google.com; s=arc-20160816; b=nf4Pm9HK3tQjDbddv+8x83eN0FN4Z6W9EuYu68JbzDVn5rJSaGJt6gGG6/6K3Lg/pF RJu6slXCLRX1hO+NrbjFomgr7ZyzJatKEIxLdiqWXsyJIXprR8w+Fj7Y9WZchziIggvo FxnRS1WuAX4hRCGdvWzxUZ0IIFOZsKvBzPQEZfsE3q1JJp6gqKkJ/ieb+WmlJ0SOYtpO rhvRURxP5MLu+mzxQk9+sckqVwnk641Ml/OLPlUPZPHfSp/L/CFxEeehWQm9+jctb5zS SXNrNx0TNhQ5OiBWJ2epcvTwLg6jW4PNG+wj9KH+1P2ezFxHVt2WKy5ft6zpPg2x+XHX jrFQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=BpdtSE05DbOZZ0btNTmC6i8q/9pqNl0eZ1fSGDvAIQA=; b=dR1sdJ36jRMzfAZJ4QiokJYj3vj7EGQmZ+HXRlnxu2SFQJ2sH3g4t/C2zIkHyJwnMS Aq0jYEJi1fjCOPffOU10olbw05nwxUpzqWpAsFSSx/tSxRHXWdZ2bduH6JlFyjs5Id0A RYbjwrHtYlXE62PlQGTLyW5RYAD3/4xipzLbXdGuFXT1k+w3rf3sm8Q7zrm+HaD62VP4 5FVsOaxmt2dFpRkXWqIpZfyjGdw15MQ5uj6XgSkJrMRd36r1cumXNts+jYVXyR8jHpNX JU1+TOW8n5G8nkQpUbsm8RxQ/Jc5m+RZ/Xk3gEuOS/Y5SUQDh8KUIgTaabia/lku5C+e 1s8w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id c25-20020a631c19000000b00503355255cdsi16278307pgc.488.2023.04.28.03.17.08; Fri, 28 Apr 2023 03:17:23 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345863AbjD1KB5 (ORCPT + 99 others); Fri, 28 Apr 2023 06:01:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43722 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345847AbjD1KBc (ORCPT ); Fri, 28 Apr 2023 06:01:32 -0400 Received: from out187-3.us.a.mail.aliyun.com (out187-3.us.a.mail.aliyun.com [47.90.187.3]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9875944AB for ; Fri, 28 Apr 2023 03:01:06 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R201e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047198;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=16;SR=0;TI=SMTPD_---.STDfsHv_1682675644; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STDfsHv_1682675644) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:54:05 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , "Dave Hansen" , , "H. Peter Anvin" , "Juergen Gross" , "Anshuman Khandual" , "Mike Rapoport" , "Josh Poimboeuf" , "Pasha Tatashin" Subject: [PATCH RFC 40/43] x86/boot: Fill kernel image puds dynamically Date: Fri, 28 Apr 2023 17:51:20 +0800 Message-Id: X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764414763318524115?= X-GMAIL-MSGID: =?utf-8?q?1764414763318524115?= For PIE kernel, it could be randomized in any address. Later, kernel image would be moved down the top 2G, so fille kernel image puds dynamically. Signed-off-by: Hou Wenlong Cc: Thomas Garnier a Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/kernel/head64.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c index 8295b547b64f..c5cd61aab8ae 100644 --- a/arch/x86/kernel/head64.c +++ b/arch/x86/kernel/head64.c @@ -239,8 +239,18 @@ unsigned long __head __startup_64(unsigned long physaddr, } pud = fixup_pointer(&level3_kernel_pgt, physaddr); - pud[510] += load_delta; - pud[511] += load_delta; + if (IS_ENABLED(CONFIG_X86_PIE)) { + pud[510] = 0; + pud[511] = 0; + + i = pud_index(text_base); + pgtable_flags = _KERNPG_TABLE_NOENC - __START_KERNEL_map + load_delta; + pud[i] = pgtable_flags + SYM_ABS_VAL(level2_kernel_pgt); + pud[i + 1] = pgtable_flags + SYM_ABS_VAL(level2_fixmap_pgt); + } else { + pud[510] += load_delta; + pud[511] += load_delta; + } pmd = fixup_pointer(level2_fixmap_pgt, physaddr); for (i = FIXMAP_PMD_TOP; i > FIXMAP_PMD_TOP - FIXMAP_PMD_NUM; i--) From patchwork Fri Apr 28 09:51:21 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hou Wenlong X-Patchwork-Id: 88580 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp829931vqo; Fri, 28 Apr 2023 03:30:52 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7garmvUqNKw38DtmKe1pqDwawyuI627gvPL0hJfIIRGXNwuVvcOAguZsTXaZJR5E/WHrwb X-Received: by 2002:a05:6a00:22ca:b0:63b:5c82:e21a with SMTP id f10-20020a056a0022ca00b0063b5c82e21amr7748253pfj.1.1682677851668; Fri, 28 Apr 2023 03:30:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682677851; cv=none; d=google.com; s=arc-20160816; b=h2/zQ8prybFSza3wsZmCjIfkEoG3d/ftCZUUPDvt81uDyxbIYdmunrsh7xd8xkvUez pQjVbZUdJn4ejyT7f0SwvGwwrOoyQsh/NVHT57bEsz8RI2CmDCcATsu1yuQ24EaMdu14 VoehjUX2oPxYR1ZCaukv6wI+qIU1R8zzcMXqOucJijtIKtvObI4ijF9PfxHq+oBxEwXO 6AdUpVRg+avHo/AD9h7mVzd4K437a3fTUiUXaediJqdwv3hSTi8Utfz1G94a89c+wUeM AN2WeulLTOCfmzVwbG8h6DoysZqg+vXcegNmkoj2h7YBD4mXPtRTFEw1w+ptyVKMo8ES NHlw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=2G0tpcP99N5G1X+z1tzLiyViEOHuarLgNEBobLqxUiM=; b=SZGOGadGeLqqXJxN/QSetQHu7gUh7cSzd4G7boev/O7UzMXKzpivPtV+RzDGbdsmsf rFj+/b8KulOtY3Vc0F5Jf22NFQHdkLw4IqO3blcQktXH4JT8df72wJP7Br7MZGUfGa2g RagejaHG5bROyH21WW8R7cp1xBS4rjbhF/wk88wlPOCABEQITlJ9DB6dpevTEnHnOxVz BxK747i2IsgvoiY1iE+O+fk/nG6z/h3lE7z1atL90riZxI0JzMQMr768G+f7xkBsWreQ eFUQiC2MyPPdcPYGFNLxHWNxVRnQsS2Y6V1VHrbh5N7ZkjWKHEgCliqOxf4X8rqD1iIq wD4A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id q16-20020aa79830000000b0063b86de9d22si21164110pfl.177.2023.04.28.03.30.38; Fri, 28 Apr 2023 03:30:51 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=antgroup.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345981AbjD1J7G (ORCPT + 99 others); Fri, 28 Apr 2023 05:59:06 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37104 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1346069AbjD1J6n (ORCPT ); Fri, 28 Apr 2023 05:58:43 -0400 Received: from out0-204.mail.aliyun.com (out0-204.mail.aliyun.com [140.205.0.204]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CF0896197 for ; Fri, 28 Apr 2023 02:58:03 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R201e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018047198;MF=houwenlong.hwl@antgroup.com;NM=1;PH=DS;RN=13;SR=0;TI=SMTPD_---.STDfsIh_1682675647; Received: from localhost(mailfrom:houwenlong.hwl@antgroup.com fp:SMTPD_---.STDfsIh_1682675647) by smtp.aliyun-inc.com; Fri, 28 Apr 2023 17:54:07 +0800 From: "Hou Wenlong" To: linux-kernel@vger.kernel.org Cc: "Thomas Garnier" , "Lai Jiangshan" , "Kees Cook" , "Hou Wenlong" , "Dave Hansen" , "Andy Lutomirski" , "Peter Zijlstra" , "Thomas Gleixner" , "Ingo Molnar" , "Borislav Petkov" , , "H. Peter Anvin" Subject: [PATCH RFC 41/43] x86/mm: Sort address_markers array when X86 PIE is enabled Date: Fri, 28 Apr 2023 17:51:21 +0800 Message-Id: <2b9d5ec2452ad34418f3ddcd1e60c99dfb769909.1682673543.git.houwenlong.hwl@antgroup.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764415611402407126?= X-GMAIL-MSGID: =?utf-8?q?1764415611402407126?= When X86 PIE is enabled, kernel image is allowed to relocated in top 512G, then kernel image address could be below EFI range address. So sort address_markers array to make the order right. Signed-off-by: Hou Wenlong Cc: Thomas Garnier Cc: Lai Jiangshan Cc: Kees Cook --- arch/x86/mm/dump_pagetables.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/arch/x86/mm/dump_pagetables.c b/arch/x86/mm/dump_pagetables.c index df1a708a038a..81aa1c0b39cc 100644 --- a/arch/x86/mm/dump_pagetables.c +++ b/arch/x86/mm/dump_pagetables.c @@ -17,6 +17,7 @@ #include #include #include +#include #include @@ -436,6 +437,27 @@ void ptdump_walk_pgd_level_checkwx(void) ptdump_walk_pgd_level_core(NULL, &init_mm, INIT_PGD, true, false); } +#ifdef CONFIG_X86_PIE +static int __init address_markers_sort_cmp(const void *pa, const void *pb) +{ + struct addr_marker *a = (struct addr_marker *)pa; + struct addr_marker *b = (struct addr_marker *)pb; + + return (a->start_address > b->start_address) - + (a->start_address < b->start_address); +} + +static void __init address_markers_sort(void) +{ + sort(&address_markers[0], ARRAY_SIZE(address_markers), sizeof(address_markers[0]), + address_markers_sort_cmp, NULL); +} +#else +static void __init address_markers_sort(void) +{ +} +#endif + static int __init pt_dump_init(void) { /* @@ -467,6 +489,8 @@ static int __init pt_dump_init(void) address_markers[LDT_NR].start_address = LDT_BASE_ADDR; # endif #endif + address_markers_sort(); + return 0; } __initcall(pt_dump_init);