/end of sections). In this case,
older versions of GCC will remove the comparison if the symbols are
hidden. This issue exists at least on gcc 4.9 and before.
Signed-off-by: Thomas Garnier
---
arch/x86/boot/boot.h | 2 +-
arch/x86/include/asm/setup.h | 2 +-
arch/x86
Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
arch/x86/entry/calling.h | 2 +-
arch/x86/entry/entry_64.S| 4 ++--
arch/x86/include/asm/percpu.h| 25 +++--
arch/x86/include/asm
Change the assembly code to use only relative references of symbols for the
kernel to be PIE compatible.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
Acked-by: Pavel Machek
---
arch/x86
Change the assembly code to use only relative references of symbols for the
kernel to be PIE compatible.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
arch/x86/entry/entry_64.S
Add a new _ASM_MOVABS macro to fetch a symbol address. It will be used
to replace "_ASM_MOV $, %dst" code construct that are not compatible
with PIE.
Signed-off-by: Thomas Garnier
---
arch/x86/include/asm/asm.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/x86/include/a
Adapt module loading to support PIE relocations. Generate dynamic GOT if
a symbol requires it but no entry exists in the kernel GOT.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
arch/x86
randomization range.
Signed-off-by: Thomas Garnier
---
Documentation/x86/x86_64/mm.txt | 3 +++
arch/x86/Kconfig| 4
arch/x86/include/asm/pgtable_64_types.h | 6 ++
arch/x86/kernel/head64.c| 5 -
arch/x86/mm/dump_pagetables.c | 3
5-bytes as before.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
arch/x86/include/asm/ftrace.h | 4 --
arch/x86/include/asm/sections.h | 4 ++
arch/x86/kernel/ftrace.c| 42
and the
global variable stack cookie is used. If a specific stack mode was
selected (regular or strong) and the compiler does not support selecting
the segment register, an error is emitted.
Signed-off-by: Thomas Garnier
---
arch/x86/Kconfig | 12
arch/x86
-0.1%)
- PIE enabled: average -0.4% to +0.4%.
[1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82303
Signed-off-by: Thomas Garnier
merge pie
---
arch/x86/Kconfig | 8
arch/x86/Makefile | 45 -
2 files changed, 52 insertions(+), 1 deletion
three PUD pages.
The relocation table uses 64-bit integers generated with the updated
relocation tool with the large-reloc option.
Signed-off-by: Thomas Garnier
---
arch/x86/Kconfig | 21 +
arch/x86/boot/compressed/Makefile| 5 +
arch/x86/boot
randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
arch/x86/include/asm/kvm_host.h | 8 ++--
arch/x86/kernel/kvm.c | 6 --
arch/x86/kvm/svm.c | 4 ++--
3 files changed, 12 insertions(+), 6 deletions(-)
diff --git a/arch/x86/include/asm/kvm_host.h b
the top 2G and 32-bit
integers are not enough.
Signed-off-by: Thomas Garnier
---
arch/x86/tools/relocs.c| 60 +++---
arch/x86/tools/relocs.h| 4 +--
arch/x86/tools/relocs_common.c | 15 ++---
3 files changed, 60 insertions(+), 19 deletions(-)
diff
The GOT is changed during early boot when relocations are applied. Make
it read-only directly. This table exists only for PIE binary.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
include
Change the assembly code to use only relative references of symbols for the
kernel to be PIE compatible.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
arch/x86/crypto/aes-x86_64-asm_64.S
Change the assembly code to use only relative references of symbols for the
kernel to be PIE compatible.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
arch/x86/kernel/relocate_kernel_64.S
Replace the %c constraint with %P. The %c is incompatible with PIE
because it implies an immediate value whereas %P reference a symbol.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
arch
Replace the %c constraint with %P. The %c is incompatible with PIE
because it implies an immediate value whereas %P reference a symbol.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
arch
Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
arch/x86/kernel/Makefile | 6 ++
arch/x86/kernel/head64.c | 3 +++
2 files changed, 9 insertions(+)
diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel
Change the relocation tool to correctly handle relocations generated by
-fPIE option:
- Add relocation for each entry of the .got section given the linker does not
generate R_X86_64_GLOB_DAT on a simple link.
- Ignore R_X86_64_GOTPCREL.
Signed-off-by: Thomas Garnier
---
arch/x86/tools
Change assembly to use the new _ASM_MOVABS macro instead of _ASM_MOV for
the assembly to be PIE compatible.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
arch/x86/include/asm/pm-trace.h | 2
.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
arch/x86/kernel/head_64.S | 16 ++--
1 file changed, 10 insertions(+), 6 deletions(-)
diff --git a/arch/x86/kernel/head_64.S b/arch
Change the assembly code to use only relative references of symbols for the
kernel to be PIE compatible.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
Acked-by: Pavel Machek
---
arch/x86/power
.
Signed-off-by: Thomas Garnier
---
arch/x86/include/asm/processor.h | 9 ++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/processor.h
index e28add6b791f..7ae9fb91f7b5 100644
--- a/arch/x86/include/asm/processor.h
+++ b
On Mon, Jun 4, 2018 at 1:16 PM Steven Rostedt wrote:
>
> On Tue, 29 May 2018 15:15:22 -0700
> Thomas Garnier wrote:
>
> > When using -fPIE/PIC with function tracing, the compiler generates a
> > call through the GOT (call *__fentry__@GOTPCREL). This instruction
> &
On Mon, Jun 4, 2018 at 2:44 PM Steven Rostedt wrote:
>
> On Mon, 4 Jun 2018 14:06:03 -0700
> Thomas Garnier wrote:
>
> > On Mon, Jun 4, 2018 at 1:16 PM Steven Rostedt wrote:
> > >
> > > On Tue, 29 May 2018 15:15:22 -0700
> > > Thomas Garni
On Tue, Jun 5, 2018 at 9:56 AM Thomas Garnier wrote:
>
> On Mon, Jun 4, 2018 at 2:44 PM Steven Rostedt wrote:
> >
> > On Mon, 4 Jun 2018 14:06:03 -0700
> > Thomas Garnier wrote:
> >
> > > On Mon, Jun 4, 2018 at 1:16 PM Steven Rostedt wrote:
> > &
Change assembly to use the new _ASM_MOVABS macro instead of _ASM_MOV for
the assembly to be PIE compatible.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
arch/x86/include/asm/pm-trace.h | 2
Change the assembly code to use only relative references of symbols for the
kernel to be PIE compatible.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
Acked-by: Pavel Machek
Acked-by: Rafael J
On Mon, Jun 25, 2018 at 4:51 PM Randy Dunlap wrote:
>
> On 06/25/18 15:39, Thomas Garnier wrote:
> > Adapt module loading to support PIE relocations. Generate dynamic GOT if
> > a symbol requires it but no entry exists in the kernel GOT.
>
> Hi,
>
> This patch
Add a new _ASM_MOVABS macro to fetch a symbol address. It will be used
to replace "_ASM_MOV $, %dst" code construct that are not compatible
with PIE.
Signed-off-by: Thomas Garnier
---
arch/x86/include/asm/asm.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/x86/include/a
Change the relocation tool to correctly handle relocations generated by
-fPIE option:
- Add relocation for each entry of the .got section given the linker does not
generate R_X86_64_GLOB_DAT on a simple link.
- Ignore R_X86_64_GOTPCREL.
Signed-off-by: Thomas Garnier
---
arch/x86/tools
Adapt module loading to support PIE relocations. Generate dynamic GOT if
a symbol requires it but no entry exists in the kernel GOT.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
arch/x86
.
Signed-off-by: Thomas Garnier
---
arch/x86/include/asm/processor.h | 9 ++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/processor.h
index cfd29ee8c3da..25b5842a4646 100644
--- a/arch/x86/include/asm/processor.h
+++ b
Replace the %c constraint with %P. The %c is incompatible with PIE
because it implies an immediate value whereas %P reference a symbol.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
arch
Replace the %c constraint with %P. The %c is incompatible with PIE
because it implies an immediate value whereas %P reference a symbol.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
arch
Change the assembly code to use only relative references of symbols for the
kernel to be PIE compatible.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
arch/x86/kernel/relocate_kernel_64.S
-0.1%)
- PIE enabled: average -0.4% to +0.4%.
[1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82303
Signed-off-by: Thomas Garnier
merge pie
---
arch/x86/Kconfig | 8
arch/x86/Makefile | 45 -
2 files changed, 52 insertions(+), 1 deletion
the top 2G and 32-bit
integers are not enough.
Signed-off-by: Thomas Garnier
---
arch/x86/tools/relocs.c| 60 +++---
arch/x86/tools/relocs.h| 4 +--
arch/x86/tools/relocs_common.c | 15 ++---
3 files changed, 60 insertions(+), 19 deletions(-)
diff
-bytes as before.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
arch/x86/kernel/ftrace.c | 51 +-
scripts/recordmcount.c | 79 +++-
2
three PUD pages.
The relocation table uses 64-bit integers generated with the updated
relocation tool with the large-reloc option.
Signed-off-by: Thomas Garnier
---
arch/x86/Kconfig | 21 +
arch/x86/boot/compressed/Makefile| 5 +
arch/x86/boot
and the
global variable stack cookie is used. If a specific stack mode was
selected (regular or strong) and the compiler does not support selecting
the segment register, an error is emitted.
Signed-off-by: Thomas Garnier
---
arch/x86/Kconfig | 12
arch/x86
randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
arch/x86/include/asm/kvm_host.h | 8 ++--
arch/x86/kernel/kvm.c | 6 --
arch/x86/kvm/svm.c | 4 ++--
3 files changed, 12 insertions(+), 6 deletions(-)
diff --git a/arch/x86/include/asm/kvm_host.h b
The GOT is changed during early boot when relocations are applied. Make
it read-only directly. This table exists only for PIE binary.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
include
Provide an option to have a PROVIDE_HIDDEN (linker script) entry for
each weak symbol. This option solves an error in x86_64 where the linker
optimizes PIE generated code to be non-PIE because --emit-relocs was used
instead of -pie (to reduce dynamic relocations).
Signed-off-by: Thomas Garnier
Change the assembly code to use only relative references of symbols for the
kernel to be PIE compatible.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
arch/x86/entry/entry_64.S
if PIE is enabled, switch the paravirt assembly constraints to be
compatible. The %c/i constrains generate smaller code so is kept by
default.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
/end of sections). In this case,
older versions of GCC will remove the comparison if the symbols are
hidden. This issue exists at least on gcc 4.9 and before.
Signed-off-by: Thomas Garnier
---
arch/x86/boot/boot.h | 2 +-
arch/x86/include/asm/setup.h | 2 +-
arch/x86
Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
arch/x86/kernel/Makefile | 6 ++
arch/x86/kernel/head64.c | 3 +++
2 files changed, 9 insertions(+)
diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel
.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
---
arch/x86/kernel/head_64.S | 16 ++--
1 file changed, 10 insertions(+), 6 deletions(-)
diff --git a/arch/x86/kernel/head_64.S b/arch
Change the assembly code to use only relative references of symbols for the
kernel to be PIE compatible.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range 0x8000.
Signed-off-by: Thomas Garnier
Acked-by: Pavel Machek
Acked-by: Rafael J
Thanks Baoquan!
Reviewed-by: Thomas Garnier
On Wed, Aug 29, 2018 at 4:49 AM Kirill A. Shutemov wrote:
>
> On Wed, Aug 29, 2018 at 10:17:53AM +0800, Baoquan He wrote:
> > In memory KASLR, __PHYSICAL_MASK_SHIFT is taken to calculate the
> > initial size of the dir
using prandom_*
> > functions in slab.c and slubct and slab_common.c, and just use a
> > really random number generator, if the goal is real security as
> > opposed to security for show
The state is seeded with get_random_long() which will use RDRAND and any
available entro
On Wed, Jul 19, 2017 at 10:58 AM, Thomas Garnier wrote:
> The work pending loop can call set_fs after addr_limit_user_check
> removed the _TIF_FSCHECK flag. To prevent the infinite loop, move
> the addr_limit_user_check call at the beginning of the loop.
>
> Fixes: 73ac5d6a2b6a
On Tue, Jul 25, 2017 at 3:38 AM, Russell King - ARM Linux
wrote:
> On Tue, Jul 25, 2017 at 01:28:01PM +0300, Leonard Crestez wrote:
>> On Mon, 2017-07-24 at 10:07 -0700, Thomas Garnier wrote:
>> > On Wed, Jul 19, 2017 at 10:58 AM, Thomas Garnier > > > wrote:
>>
On Tue, Sep 19, 2017 at 4:50 AM, Jonathan Liu wrote:
> Fixes "implicit declaration of function" compile error for out-of-tree
> kernel modules including asm/uaccess.h.
I failed to reproduce this issue by creating an out of tree module
with a separate file (with only uaccess.h). Are you using a
different approach on
linux-next (see commit 2404269bc4e77a67875c8db6667be34c9913c96e).
Let me know if this commit resolve the issue and thanks for reaching out.
>
> Regards,
> Jonathan
>
> On 20 September 2017 at 00:32, Thomas Garnier wrote:
> > On Tue, Sep 19, 2017 at 4:50 AM, Jonathan Liu wrote:
&
y still get relocations given the compiler is
pretty bad at optimizing (_ptr - .) but I might be wrong. Anyway, the
size decrease is great and we can ignore these relocations if need be.
Thanks.
>>
>> Cc: Jessica Yu
>> Cc: Arnd Bergmann
>> Cc: Andrew Morton
>> Cc:
On Mon, Aug 14, 2017 at 2:37 PM, Thomas Garnier wrote:
> Disable the generic address limit check in favor of an architecture
> specific optimized implementation. The generic implementation using
> pending work flags did not work well with ARM and alignment faults.
>
> The address l
On Tue, Aug 22, 2017 at 9:42 AM, Thomas Garnier wrote:
> On Mon, Aug 14, 2017 at 2:37 PM, Thomas Garnier wrote:
>> Disable the generic address limit check in favor of an architecture
>> specific optimized implementation. The generic implementation using
>> pending work fl
On Mon, Aug 7, 2017 at 10:35 AM, Kees Cook wrote:
> On Wed, Jul 26, 2017 at 10:00 AM, Thomas Garnier wrote:
>> Disable the generic address limit check in favor of an architecture
>> specific optimized implementation. The generic implementation using
>> pending work fl
On Mon, Aug 7, 2017 at 10:55 AM, Russell King - ARM Linux
wrote:
>
> It's better in so far as it avoids the problems previously highlighted.
>
> However, it depends how efficient we want these paths to be - the
> difference between your assembly and the assembly I've previously
> supplied is that
On Wed, Jul 26, 2017 at 10:00 AM, Thomas Garnier wrote:
> Disable the generic address limit check in favor of an architecture
> specific optimized implementation. The generic implementation using
> pending work flags did not work well with ARM and alignment faults.
>
> Th
.
Fixes: cf7de27ab351 ("arm64/syscalls: Check address limit on user-mode return")
Reported-by: Leonard Crestez
Signed-off-by: Thomas Garnier
---
arch/arm64/kernel/signal.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/arch/arm64/kernel/signal.c b/arch/ar
Use CHECK_DATA_CORRUPTION instead of BUG_ON to provide more flexibility
on address limit failures. By default, send a SIGKILL signal to kill the
current process preventing exploitation of a bad address limit.
Make the TIF_FSCHECK flag optional so ARM can use this function.
Signed-off-by: Thomas
using a
SIGKILL signal. For example the lkdtm address limit check does not work
because the signal to kill the process will reset the user-mode address
limit.
Signed-off-by: Thomas Garnier
---
arch/arm/kernel/entry-common.S | 11 +++
arch/arm/kernel/signal.c | 7 +++
2 files
, it has been agreed that the generic approach is not
tailored to the ARM architecture and any fix might not be complete. This
patch will be replaced by an architecture specific implementation. The
work flag approach will be kept for other architectures.
Reported-by: Leonard Crestez
Signed-off-by: Thomas
On Wed, Jul 26, 2017 at 5:02 AM, Will Deacon wrote:
> On Tue, Jul 25, 2017 at 01:01:17PM -0700, Thomas Garnier wrote:
>> On Tue, Jul 25, 2017 at 3:38 AM, Russell King - ARM Linux
>> wrote:
>> > On Tue, Jul 25, 2017 at 01:28:01PM +0300, Leonard Crestez wrote:
>>
, it has been agreed that the generic approach is not
tailored to the ARM architecture and any fix might not be complete. This
patch will be replaced by an architecture specific implementation. The
work flag approach will be kept for other architectures.
Reported-by: Leonard Crestez
Signed-off-by: Thomas
.
Fixes: cf7de27ab351 ("arm64/syscalls: Check address limit on user-mode return")
Reported-by: Leonard Crestez
Signed-off-by: Thomas Garnier
---
arch/arm64/kernel/signal.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/arch/arm64/kernel/signal.c b/arch/ar
the signal to kill the process will reset
the user-mode address limit.
Signed-off-by: Thomas Garnier
---
arch/arm/kernel/entry-common.S | 11 +++
arch/arm/kernel/signal.c | 5 +
2 files changed, 16 insertions(+)
diff --git a/arch/arm/kernel/entry-common.S b/arch/arm/kernel/entry
On Wed, Jul 26, 2017 at 11:25 AM, Russell King - ARM Linux
wrote:
> On Wed, Jul 26, 2017 at 07:20:22AM -0700, Thomas Garnier wrote:
>> On Wed, Jul 26, 2017 at 5:02 AM, Will Deacon wrote:
>> > I looked to see what you've done for x86, but it looks like you check/clear
&g
slubct and slab_common.c, and just use a
> > really random number generator, if the goal is real security as
> > opposed to security for show
The state is seeded with get_random_long() which will use RDRAND and any
available entropy at this point. I am not sure the value of call
On Wed, Jun 28, 2017 at 10:52 AM, Kees Cook wrote:
>
> On Tue, Jun 20, 2017 at 1:24 PM, Kees Cook wrote:
> > On Wed, Jun 14, 2017 at 6:12 PM, Thomas Garnier wrote:
> >> Ensure the address limit is a user-mode segment before returning to
> >> user-mode. Otherwis
On Thu, Jul 6, 2017 at 1:48 PM, Thomas Gleixner wrote:
> On Thu, 6 Jul 2017, Thomas Garnier wrote:
>> On Wed, Jun 28, 2017 at 10:52 AM, Kees Cook wrote:
>> >
>> > On Tue, Jun 20, 2017 at 1:24 PM, Kees Cook wrote:
>> > > On Wed, Jun 14, 2017 at
On Tue, Jul 18, 2017 at 7:36 AM, Leonard Crestez
wrote:
> On Wed, 2017-06-14 at 18:12 -0700, Thomas Garnier wrote:
>> Ensure the address limit is a user-mode segment before returning to
>> user-mode. Otherwise a process can corrupt kernel-mode memory and
>>
On Tue, Jul 18, 2017 at 10:18 AM, Leonard Crestez
wrote:
>
> On Tue, 2017-07-18 at 09:04 -0700, Thomas Garnier wrote:
> > On Tue, Jul 18, 2017 at 7:36 AM, Leonard Crestez
> > wrote:
> > >
> > > On Wed, 2017-06-14 at 18:12 -0700, Thomas Garnier wrote:
>
On Wed, Jul 19, 2017 at 7:58 AM, Leonard Crestez
wrote:
> On Tue, 2017-07-18 at 12:04 -0700, Thomas Garnier wrote:
>> On Tue, Jul 18, 2017 at 10:18 AM, Leonard Crestez
>> wrote:
>> > On Tue, 2017-07-18 at 09:04 -0700, Thomas Garnier wrote:
>> > > On Tue, Jul
On Wed, Jul 19, 2017 at 10:06 AM, Russell King - ARM Linux
wrote:
> On Wed, Jul 19, 2017 at 05:58:20PM +0300, Leonard Crestez wrote:
>> On Tue, 2017-07-18 at 12:04 -0700, Thomas Garnier wrote:
>> > On Tue, Jul 18, 2017 at 10:18 AM, Leonard Crestez
>> > wrote:
>>
.
Fixes: cf7de27ab351 ("arm64/syscalls: Check address limit on user-mode return")
Reported-by: Leonard Crestez
Signed-off-by: Thomas Garnier
---
arch/arm64/kernel/signal.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/arch/arm64/kernel/signal.c b/arch/ar
y: Leonard Crestez
Signed-off-by: Thomas Garnier
---
arch/arm/kernel/signal.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/arch/arm/kernel/signal.c b/arch/arm/kernel/signal.c
index 3a48b54c6405..f4574287d14b 100644
--- a/arch/arm/kernel/signal.c
+++ b/arch/arm/kerne
Remove the double branch and use tsteq instead.
Suggested-by: Russell King
Signed-off-by: Thomas Garnier
---
arch/arm/kernel/entry-common.S | 7 ++-
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/arch/arm/kernel/entry-common.S b/arch/arm/kernel/entry-common.S
index
On Wed, Jul 19, 2017 at 11:35 AM, Russell King - ARM Linux
wrote:
> On Wed, Jul 19, 2017 at 10:20:35AM -0700, Thomas Garnier wrote:
>> On Wed, Jul 19, 2017 at 10:06 AM, Russell King - ARM Linux
>> wrote:
>> > On Wed, Jul 19, 2017 at 05:58:20PM +0300, Leonard Crestez w
Change the assembly code to use only absolute references of symbols for the
kernel to be PIE compatible.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range below 0x8000.
Signed-off-by: Thomas Garnier
Reviewed-by: Kees Cook
---
arch/x86
Change the assembly code to use only relative references of symbols for the
kernel to be PIE compatible.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range below 0x8000.
Signed-off-by: Thomas Garnier
Acked-by: Pavel Machek
Acked
if PIE is enabled, switch the paravirt assembly constraints to be
compatible. The %c/i constrains generate smaller code so is kept by
default.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range below 0x8000.
Signed-off-by: Thomas Garnier
Change the assembly code to use only relative references of symbols for the
kernel to be PIE compatible.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range below 0x8000.
Signed-off-by: Thomas Garnier
Reviewed-by: Kees Cook
---
arch/x86
Change the assembly code to use only relative references of symbols for the
kernel to be PIE compatible.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range below 0x8000.
Signed-off-by: Thomas Garnier
---
arch/x86/include/asm/processor.h
Minor changes based on feedback and rebase from v8.
Splitting the previous serie in two. This part contains assembly code
changes required for PIE but without any direct dependencies with the
rest of the patchset.
Changes:
- patch v9 (assembly):
- Moved to relative reference for sync_core
Change the assembly options to work with pointers instead of integers.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range below 0x8000.
Signed-off-by: Thomas Garnier
---
arch/x86/include/asm/alternative.h | 6 +++---
1 file changed, 3
Add a new _ASM_MOVABS macro to fetch a symbol address. It will be used
to replace "_ASM_MOV $, %dst" code construct that are not
compatible with PIE.
Signed-off-by: Thomas Garnier
---
arch/x86/include/asm/asm.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/x86/include/a
.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range below 0x8000.
Signed-off-by: Thomas Garnier
Reviewed-by: Kees Cook
---
arch/x86/kernel/head_64.S | 16 ++--
1 file changed, 10 insertions(+), 6 deletions(-)
diff --git
Change the assembly code to use only relative references of symbols for the
kernel to be PIE compatible.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range below 0x8000.
Signed-off-by: Thomas Garnier
Acked-by: Pavel Machek
Acked
Change assembly to use the new _ASM_MOVABS macro instead of _ASM_MOV for
the assembly to be PIE compatible.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range below 0x8000.
Signed-off-by: Thomas Garnier
Reviewed-by: Kees Cook
---
arch
Add a new _ASM_MOVABS macro to fetch a symbol address. It will be used
to replace "_ASM_MOV $, %dst" code construct that are not
compatible with PIE.
Signed-off-by: Thomas Garnier
---
arch/x86/include/asm/asm.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/x86/include/a
Change the assembly code to use only relative references of symbols for the
kernel to be PIE compatible.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range below 0x8000.
Signed-off-by: Thomas Garnier
Acked-by: Pavel Machek
Acked
if PIE is enabled, switch the paravirt assembly constraints to be
compatible. The %c/i constrains generate smaller code so is kept by
default.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range below 0x8000.
Signed-off-by: Thomas Garnier
0x8000.
Signed-off-by: Thomas Garnier
---
arch/x86/include/asm/processor.h | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/processor.h
index 3eab6ece52b4..3e2154b0e09f 100644
--- a/arch/x86/include/asm/processor.h
Change the assembly code to use only absolute references of symbols for the
kernel to be PIE compatible.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range below 0x8000.
Signed-off-by: Thomas Garnier
Reviewed-by: Kees Cook
---
arch/x86
.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range below 0x8000.
Signed-off-by: Thomas Garnier
Reviewed-by: Kees Cook
---
arch/x86/kernel/head_64.S | 16 ++--
1 file changed, 10 insertions(+), 6 deletions(-)
diff --git
301 - 400 of 834 matches
Mail list logo