[PATCH v8 04/11] x86/entry/64: Adapt assembly for PIE support

Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier Reviewed-by: Kees Cook --- arch/x86

[PATCH v8 11/11] x86/alternatives: Adapt assembly for PIE support

Change the assembly options to work with pointers instead of integers. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier --- arch/x86/include/asm/alternative.h | 6 +++--- 1 file changed, 3

[PATCH v8 05/11] x86: pm-trace - Adapt assembly for PIE support

Change assembly to use the new _ASM_MOVABS macro instead of _ASM_MOV for the assembly to be PIE compatible. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier Reviewed-by: Kees Cook --- arch

[PATCH v8 09/11] x86/power/64: Adapt assembly for PIE support

Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier Acked-by: Pavel Machek Acked

Re: [PATCH v8 06/11] x86/CPU: Adapt assembly for PIE support

On Mon, Jul 8, 2019 at 12:09 PM Alexey Dobriyan wrote: > > Thomas Garnier wrote: > > - "pushq $1f\n\t" > > + "movabsq $1f, %q0\n\t" > > + "pushq %q0\n\t" > > "iretq\n\t" >

Re: [PATCH v8 06/11] x86/CPU: Adapt assembly for PIE support

On Tue, Jul 9, 2019 at 11:39 AM Alexey Dobriyan wrote: > > On Mon, Jul 08, 2019 at 12:35:13PM -0700, Thomas Garnier wrote: > > On Mon, Jul 8, 2019 at 12:09 PM Alexey Dobriyan wrote: > > > > > > Thomas Garnier wrote: > > > > - "pushq $1f

Re: [PATCH] mm: slub: re-initialize randomized freelist sequence in calculate_sizes

I am not super familiar with the sysfs setup here but the random sequence should work as expected. One minor comment below. Reviewed-by: Thomas Garnier On Wed, Aug 19, 2020 at 1:26 PM Andrew Morton wrote: > > > (cc Thomas and linux-mm) > > On Sat, 8 Aug 2020 13:50:

[PATCH v7 02/12] x86: Use symbol name in jump table for PIE support

From: Thomas Garnier Replace the %c constraint with %P. The %c is incompatible with PIE because it implies an immediate value whereas %P reference a symbol. Change the _ASM_PTR reference to .long for expected relocation size and add a long padding to ensure entry alignment. Position Independent

[PATCH v7 08/12] x86/acpi: Adapt assembly for PIE support

From: Thomas Garnier Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier Acked

[PATCH v7 06/12] x86: pm-trace - Adapt assembly for PIE support

From: Thomas Garnier Change assembly to use the new _ASM_MOVABS macro instead of _ASM_MOV for the assembly to be PIE compatible. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier --- arch

[PATCH v7 00/12] x86: PIE support to extend KASLR randomization

Splitting the previous serie in two. This part contains assembly code changes required for PIE but without any direct dependencies with the rest of the patchset. Changes: - patch v7 (assembly): - Split patchset and reorder changes. - patch v6: - Rebase on latest changes in jump tables and

[PATCH v7 05/12] x86/entry/64: Adapt assembly for PIE support

From: Thomas Garnier Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier --- arch/x86

[PATCH v7 04/12] x86: relocate_kernel - Adapt assembly for PIE support

From: Thomas Garnier Change the assembly code to use only absolute references of symbols for the kernel to be PIE compatible. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier --- arch/x86

[PATCH v7 09/12] x86/boot/64: Adapt assembly for PIE support

From: Thomas Garnier Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Early at boot, the kernel is mapped at a temporary address while preparing the page table. To know the changes needed for the page table with KASLR, the boot code

[PATCH v7 03/12] x86: Add macro to get symbol address for PIE support

From: Thomas Garnier Add a new _ASM_MOVABS macro to fetch a symbol address. It will be used to replace "_ASM_MOV $, %dst" code construct that are not compatible with PIE. Signed-off-by: Thomas Garnier --- arch/x86/include/asm/asm.h | 1 + 1 file changed, 1 insertion(+) diff --git

[PATCH v7 10/12] x86/power/64: Adapt assembly for PIE support

From: Thomas Garnier Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier Acked

[PATCH v7 11/12] x86/paravirt: Adapt assembly for PIE support

From: Thomas Garnier if PIE is enabled, switch the paravirt assembly constraints to be compatible. The %c/i constrains generate smaller code so is kept by default. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed

[PATCH v7 07/12] x86/CPU: Adapt assembly for PIE support

From: Thomas Garnier Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Use the new _ASM_MOVABS macro instead of the 'mov $symbol, %dst' construct. Position Independent Executable (PIE) support will allow to extend the KASLR randomization

[PATCH v7 12/12] x86/alternatives: Adapt assembly for PIE support

From: Thomas Garnier Change the assembly options to work with pointers instead of integers. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier --- arch/x86/include/asm/alternative.h | 6

Re: [PATCH v7 02/12] x86: Use symbol name in jump table for PIE support

On Mon, May 20, 2019 at 4:20 PM Thomas Garnier wrote: > > From: Thomas Garnier > > Replace the %c constraint with %P. The %c is incompatible with PIE > because it implies an immediate value whereas %P reference a symbol. > Change the _ASM_PTR reference to .long for expect

Re: [PATCH v7 03/12] x86: Add macro to get symbol address for PIE support

On Mon, May 20, 2019 at 8:13 PM wrote: > > On May 20, 2019 4:19:28 PM PDT, Thomas Garnier wrote: > >From: Thomas Garnier > > > >Add a new _ASM_MOVABS macro to fetch a symbol address. It will be used > >to replace "_ASM_MOV $, %dst" code const

Re: [PATCH v7 01/12] x86/crypto: Adapt assembly for PIE support

On Wed, May 22, 2019 at 1:55 PM Eric Biggers wrote: > > On Wed, May 22, 2019 at 01:47:07PM -0700, Thomas Garnier wrote: > > On Mon, May 20, 2019 at 9:06 PM Eric Biggers wrote: > > > > > > On Mon, May 20, 2019 at 04:19:26PM -0700, Thomas Garnier wrote: > > >

Re: [PATCH v7 11/12] x86/paravirt: Adapt assembly for PIE support

On Sun, May 26, 2019 at 10:47 PM Juergen Gross wrote: > > On 21/05/2019 01:19, Thomas Garnier wrote: > > From: Thomas Garnier > > > > if PIE is enabled, switch the paravirt assembly constraints to be > > compatible. The %c/i constrains generate smaller

Re: [PATCH v9 04/11] x86/entry/64: Adapt assembly for PIE support

On Mon, Aug 5, 2019 at 10:28 AM Borislav Petkov wrote: > > On Tue, Jul 30, 2019 at 12:12:48PM -0700, Thomas Garnier wrote: > > Change the assembly code to use only relative references of symbols for the > > kernel to be PIE compatible. > > > > Position Indepe

Re: [PATCH v6 19/27] kvm: Adapt assembly for PIE support

On Wed, Feb 6, 2019 at 11:56 AM Sean Christopherson wrote: > > On Thu, Jan 31, 2019 at 11:24:26AM -0800, Thomas Garnier wrote: > > Change the assembly code to use only relative references of symbols for the > > kernel to be PIE compatible. The new __ASM_MOVABS macro is used to &

Re: [PATCH v6 01/27] x86/crypto: Adapt assembly for PIE support

On Thu, Feb 7, 2019 at 3:49 AM Borislav Petkov wrote: > > On Thu, Jan 31, 2019 at 11:24:08AM -0800, Thomas Garnier wrote: > > Change the assembly code to use only relative references of symbols for the > > kernel to be PIE compatible. > > > > Position Indepe

Re: [PATCH v6 02/27] x86: Use symbol name in jump table for PIE support

On Thu, Feb 7, 2019 at 4:17 AM Borislav Petkov wrote: > > On Thu, Jan 31, 2019 at 11:24:09AM -0800, Thomas Garnier wrote: > > Replace the %c constraint with %P. The %c is incompatible with PIE > > because it implies an immediate value whereas %P reference a symbol. > &g

Re: [PATCH v6 02/27] x86: Use symbol name in jump table for PIE support

On Thu, Feb 7, 2019 at 9:11 AM Borislav Petkov wrote: > > On Thu, Feb 07, 2019 at 09:04:45AM -0800, Thomas Garnier wrote: > > I assume that's an optimisation done by gcc later. > > So why is that change even needed? Where does it break? > > > The P modifier in t

[PATCH v5 04/27] x86: Add macro to get symbol address for PIE support

Add a new _ASM_MOVABS macro to fetch a symbol address. It will be used to replace "_ASM_MOV $, %dst" code construct that are not compatible with PIE. Signed-off-by: Thomas Garnier --- arch/x86/include/asm/asm.h | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/include/a

[PATCH v5 10/27] x86/boot/64: Adapt assembly for PIE support

. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range 0x8000. Signed-off-by: Thomas Garnier --- arch/x86/kernel/head_64.S | 16 ++-- 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/arch/x86/kernel/head_64.S b/arch

[PATCH v5 09/27] x86/acpi: Adapt assembly for PIE support

Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range 0x8000. Signed-off-by: Thomas Garnier Acked-by: Pavel Machek Acked-by: Rafael J

[PATCH v5 06/27] x86/entry/64: Adapt assembly for PIE support

Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range 0x8000. Signed-off-by: Thomas Garnier --- arch/x86/entry/entry_64.S

[PATCH v5 12/27] x86/paravirt: Adapt assembly for PIE support

if PIE is enabled, switch the paravirt assembly constraints to be compatible. The %c/i constrains generate smaller code so is kept by default. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range 0x8000. Signed-off-by: Thomas Garnier

[PATCH v5 13/27] x86/boot/64: Build head64.c as mcmodel large when PIE is enabled

Independent Executable (PIE) support will allow to extend the KASLR randomization range 0x8000. Signed-off-by: Thomas Garnier --- arch/x86/kernel/Makefile | 6 ++ arch/x86/kernel/head64.c | 3 +++ 2 files changed, 9 insertions(+) diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel

[PATCH v5 15/27] compiler: Option to default to hidden symbols

/end of sections). In this case, older versions of GCC will remove the comparison if the symbols are hidden. This issue exists at least on gcc 4.9 and before. Signed-off-by: Thomas Garnier --- arch/x86/boot/boot.h | 2 +- arch/x86/include/asm/setup.h | 2 +- arch/x86

[PATCH v5 16/27] compiler: Option to add PROVIDE_HIDDEN replacement for weak symbols

Provide an option to have a PROVIDE_HIDDEN (linker script) entry for each weak symbol. This option solves an error in x86_64 where the linker optimizes PIE generated code to be non-PIE because --emit-relocs was used instead of -pie (to reduce dynamic relocations). Signed-off-by: Thomas Garnier

[PATCH v5 19/27] kvm: Adapt assembly for PIE support

randomization range 0x8000. Signed-off-by: Thomas Garnier --- arch/x86/include/asm/kvm_host.h | 8 ++-- arch/x86/kernel/kvm.c | 6 -- arch/x86/kvm/svm.c | 4 ++-- 3 files changed, 12 insertions(+), 6 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b

[PATCH v5 20/27] x86: Support global stack cookie

and the global variable stack cookie is used. If a specific stack mode was selected (regular or strong) and the compiler does not support selecting the segment register, an error is emitted. Signed-off-by: Thomas Garnier --- arch/x86/Kconfig | 12 arch/x86

[PATCH v5 25/27] x86/pie: Add option to build the kernel as PIE

-0.1%) - PIE enabled: average -0.4% to +0.4%. [1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82303 Signed-off-by: Thomas Garnier merge pie --- arch/x86/Kconfig | 8 arch/x86/Makefile | 45 - 2 files changed, 52 insertions(+), 1 deletion

[PATCH v5 26/27] x86/relocs: Add option to generate 64-bit relocations

the top 2G and 32-bit integers are not enough. Signed-off-by: Thomas Garnier --- arch/x86/tools/relocs.c| 60 +++--- arch/x86/tools/relocs.h| 4 +-- arch/x86/tools/relocs_common.c | 15 ++--- 3 files changed, 60 insertions(+), 19 deletions(-) diff

[PATCH v5 21/27] x86/ftrace: Adapt function tracing for PIE support

-bytes as before. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range 0x8000. Signed-off-by: Thomas Garnier --- arch/x86/kernel/ftrace.c | 51 +- scripts/recordmcount.c | 79 +++- 2

[PATCH v5 27/27] x86/kaslr: Add option to extend KASLR range from 1GB to 3GB

three PUD pages. The relocation table uses 64-bit integers generated with the updated relocation tool with the large-reloc option. Signed-off-by: Thomas Garnier --- arch/x86/Kconfig | 21 + arch/x86/boot/compressed/Makefile| 5 + arch/x86/boot

[PATCH v5 24/27] x86/mm: Make the x86 GOT read-only

The GOT is changed during early boot when relocations are applied. Make it read-only directly. This table exists only for PIE binary. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range 0x8000. Signed-off-by: Thomas Garnier --- include

[PATCH v5 23/27] x86/modules: Adapt module loading for PIE support

Adapt module loading to support PIE relocations. Generate dynamic GOT if a symbol requires it but no entry exists in the kernel GOT. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range 0x8000. Signed-off-by: Thomas Garnier --- arch/x86

[PATCH v5 17/27] x86/relocs: Handle PIE relocations

Change the relocation tool to correctly handle relocations generated by -fPIE option: - Add relocation for each entry of the .got section given the linker does not generate R_X86_64_GLOB_DAT on a simple link. - Ignore R_X86_64_GOTPCREL. Signed-off-by: Thomas Garnier --- arch/x86/tools

[PATCH v5 11/27] x86/power/64: Adapt assembly for PIE support

Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range 0x8000. Signed-off-by: Thomas Garnier Acked-by: Pavel Machek Acked-by: Rafael J

[PATCH v5 07/27] x86: pm-trace - Adapt assembly for PIE support

Change assembly to use the new _ASM_MOVABS macro instead of _ASM_MOV for the assembly to be PIE compatible. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range 0x8000. Signed-off-by: Thomas Garnier --- arch/x86/include/asm/pm-trace.h | 2

[PATCH v5 08/27] x86/CPU: Adapt assembly for PIE support

. Signed-off-by: Thomas Garnier --- arch/x86/include/asm/processor.h | 9 ++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/processor.h index cfd29ee8c3da..25b5842a4646 100644 --- a/arch/x86/include/asm/processor.h +++ b

[PATCH v5 05/27] x86: relocate_kernel - Adapt assembly for PIE support

Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range 0x8000. Signed-off-by: Thomas Garnier --- arch/x86/kernel/relocate_kernel_64.S

[PATCH v5 02/27] x86: Use symbol name on bug table for PIE support

Replace the %c constraint with %P. The %c is incompatible with PIE because it implies an immediate value whereas %P reference a symbol. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range 0x8000. Signed-off-by: Thomas Garnier --- arch

[PATCH v5 03/27] x86: Use symbol name in jump table for PIE support

Replace the %c constraint with %P. The %c is incompatible with PIE because it implies an immediate value whereas %P reference a symbol. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range 0x8000. Signed-off-by: Thomas Garnier --- arch

Re: [PATCH v5 23/27] x86/modules: Adapt module loading for PIE support

On Mon, Jun 25, 2018 at 4:51 PM Randy Dunlap wrote: > > On 06/25/18 15:39, Thomas Garnier wrote: > > Adapt module loading to support PIE relocations. Generate dynamic GOT if > > a symbol requires it but no entry exists in the kernel GOT. > > Hi, > > This patch

Re: [PATCH v4 21/27] x86/ftrace: Adapt function tracing for PIE support

On Mon, Jun 4, 2018 at 1:16 PM Steven Rostedt wrote: > > On Tue, 29 May 2018 15:15:22 -0700 > Thomas Garnier wrote: > > > When using -fPIE/PIC with function tracing, the compiler generates a > > call through the GOT (call *__fentry__@GOTPCREL). This instruction > &

Re: [PATCH v4 21/27] x86/ftrace: Adapt function tracing for PIE support

On Mon, Jun 4, 2018 at 2:44 PM Steven Rostedt wrote: > > On Mon, 4 Jun 2018 14:06:03 -0700 > Thomas Garnier wrote: > > > On Mon, Jun 4, 2018 at 1:16 PM Steven Rostedt wrote: > > > > > > On Tue, 29 May 2018 15:15:22 -0700 > > > Thomas Garni

Re: [PATCH v4 21/27] x86/ftrace: Adapt function tracing for PIE support

On Tue, Jun 5, 2018 at 9:56 AM Thomas Garnier wrote: > > On Mon, Jun 4, 2018 at 2:44 PM Steven Rostedt wrote: > > > > On Mon, 4 Jun 2018 14:06:03 -0700 > > Thomas Garnier wrote: > > > > > On Mon, Jun 4, 2018 at 1:16 PM Steven Rostedt wrote: > > &

Re: [PATCH v6 14/27] x86/percpu: Adapt percpu for PIE support

On Fri, Feb 1, 2019 at 9:13 AM Thomas Garnier wrote: > > On Thu, Jan 31, 2019 at 6:31 PM Christopher Lameter wrote: > > > > On Thu, 31 Jan 2019, Thomas Garnier wrote: > > > > > The per-cpu symbols are in a section that is zero based to create > > &

[PATCH v6 06/27] x86: pm-trace - Adapt assembly for PIE support

Change assembly to use the new _ASM_MOVABS macro instead of _ASM_MOV for the assembly to be PIE compatible. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier --- arch/x86/include/asm/pm

[PATCH v6 08/27] x86/acpi: Adapt assembly for PIE support

Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier Acked-by: Pavel Machek Acked

[PATCH v6 07/27] x86/CPU: Adapt assembly for PIE support

0x8000. Signed-off-by: Thomas Garnier --- arch/x86/include/asm/processor.h | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/processor.h index 33051436c864..ce9851bf6778 100644 --- a/arch/x86/include/asm/processor.h

[PATCH v6 03/27] x86: Add macro to get symbol address for PIE support

Add a new _ASM_MOVABS macro to fetch a symbol address. It will be used to replace "_ASM_MOV $, %dst" code construct that are not compatible with PIE. Signed-off-by: Thomas Garnier --- arch/x86/include/asm/asm.h | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/include/a

[PATCH v6 04/27] x86: relocate_kernel - Adapt assembly for PIE support

Change the assembly code to use only absolute references of symbols for the kernel to be PIE compatible. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier --- arch/x86/kernel

[PATCH v6 01/27] x86/crypto: Adapt assembly for PIE support

Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier --- arch/x86/crypto/aegis128-aesni

[PATCH v6 13/27] x86/boot/64: Build head64.c as mcmodel large when PIE is enabled

Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier --- arch/x86/kernel/Makefile | 6 ++ arch/x86/kernel/head64.c | 3 +++ 2 files changed, 9 insertions(+) diff --git a/arch/x86/kernel/Makefile b/arch/x86

[PATCH v6 14/27] x86/percpu: Adapt percpu for PIE support

Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier --- arch/x86/entry/calling.h | 2 +- arch/x86/entry/entry_64.S| 4 ++-- arch/x86/include/asm/percpu.h| 25 +++-- arch

[PATCH v6 10/27] x86/power/64: Adapt assembly for PIE support

Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier Acked-by: Pavel Machek Acked

[PATCH v6 09/27] x86/boot/64: Adapt assembly for PIE support

. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier --- arch/x86/kernel/head_64.S | 16 ++-- 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/arch/x86/kernel/head_64.S b

[PATCH v6 12/27] x86/alternatives: Adapt assembly for PIE support

Change the assembly options to work with pointers instead of integers. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier --- arch/x86/include/asm/alternative.h | 6 +++--- 1 file changed, 3

[PATCH v6 19/27] kvm: Adapt assembly for PIE support

randomization range below 0x8000. Signed-off-by: Thomas Garnier --- arch/x86/include/asm/kvm_host.h | 8 ++-- arch/x86/kernel/kvm.c | 6 -- arch/x86/kvm/svm.c | 4 ++-- arch/x86/kvm/vmx/vmx.c | 2 +- 4 files changed, 13 insertions(+), 7 deletions

[PATCH v6 16/27] compiler: Option to add PROVIDE_HIDDEN replacement for weak symbols

Provide an option to have a PROVIDE_HIDDEN (linker script) entry for each weak symbol. This option solves an error in x86_64 where the linker optimizes PIE generated code to be non-PIE because --emit-relocs was used instead of -pie (to reduce dynamic relocations). Signed-off-by: Thomas Garnier

[PATCH v6 18/27] xen: Adapt assembly for PIE support

. Signed-off-by: Thomas Garnier Reviewed-by: Juergen Gross --- arch/x86/platform/pvh/head.S | 14 ++ arch/x86/tools/relocs.c | 16 +++- arch/x86/xen/xen-head.S | 11 ++- 3 files changed, 31 insertions(+), 10 deletions(-) diff --git a/arch/x86/platform/pvh

[PATCH v6 27/27] x86/kaslr: Add option to extend KASLR range from 1GB to 3GB

three PUD pages. The relocation table uses 64-bit integers generated with the updated relocation tool with the large-reloc option. Signed-off-by: Thomas Garnier --- Makefile | 3 +++ arch/x86/Kconfig | 21 + arch/x86/boot

[PATCH v6 22/27] x86/modules: Add option to start module section after kernel

randomization range. Signed-off-by: Thomas Garnier --- Documentation/x86/x86_64/mm.txt | 3 +++ arch/x86/Kconfig| 4 arch/x86/include/asm/pgtable_64_types.h | 6 ++ arch/x86/kernel/head64.c| 5 - arch/x86/mm/dump_pagetables.c | 3

[PATCH v6 26/27] x86/relocs: Add option to generate 64-bit relocations

the top 2G and 32-bit integers are not enough. Signed-off-by: Thomas Garnier --- arch/x86/tools/relocs.c| 61 +++--- arch/x86/tools/relocs.h| 4 +-- arch/x86/tools/relocs_common.c | 15 ++--- 3 files changed, 61 insertions(+), 19 deletions(-) diff

[PATCH v6 23/27] x86/modules: Adapt module loading for PIE support

Adapt module loading to support PIE relocations. Generate dynamic GOT if a symbol requires it but no entry exists in the kernel GOT. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier --- arch

[PATCH v6 20/27] x86: Support global stack cookie

and the global variable stack cookie is used. If a specific stack mode was selected (regular or strong) and the compiler does not support selecting the segment register, an error is emitted. Signed-off-by: Thomas Garnier --- arch/x86/Kconfig | 12 arch/x86

[PATCH v6 21/27] x86/ftrace: Adapt function tracing for PIE support

-bytes as before. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier Reviewed-by: Steven Rostedt (VMware) --- arch/x86/kernel/ftrace.c | 51 -- scripts/recordmcount.c | 78

[PATCH v6 25/27] x86/pie: Add option to build the kernel as PIE

-0.1%) - PIE enabled: average -0.4% to +0.4%. [1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82303 Signed-off-by: Thomas Garnier --- arch/x86/Kconfig | 8 arch/x86/Makefile | 45 - 2 files changed, 52 insertions(+), 1 deletion(-) diff

[PATCH v6 24/27] x86/mm: Make the x86 GOT read-only

The GOT is changed during early boot when relocations are applied. Make it read-only directly. This table exists only for PIE binary. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier

[PATCH v6 05/27] x86/entry/64: Adapt assembly for PIE support

Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier --- arch/x86/entry/entry_64.S | 16

[PATCH v6 11/27] x86/paravirt: Adapt assembly for PIE support

if PIE is enabled, switch the paravirt assembly constraints to be compatible. The %c/i constrains generate smaller code so is kept by default. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier

[PATCH v6 17/27] x86/relocs: Handle PIE relocations

Change the relocation tool to correctly handle relocations generated by -fPIE option: - Add relocation for each entry of the .got section given the linker does not generate R_X86_64_GLOB_DAT on a simple link. - Ignore R_X86_64_GOTPCREL. Signed-off-by: Thomas Garnier --- arch/x86/tools

[PATCH v6 15/27] compiler: Option to default to hidden symbols

/end of sections). In this case, older versions of GCC will remove the comparison if the symbols are hidden. This issue exists at least on gcc 4.9 and before. Signed-off-by: Thomas Garnier --- arch/x86/boot/boot.h | 2 +- arch/x86/include/asm/setup.h | 2 +- arch/x86

[PATCH v6 02/27] x86: Use symbol name in jump table for PIE support

) support will allow to extend the KASLR randomization range below 0x8000. Signed-off-by: Thomas Garnier --- arch/x86/include/asm/jump_label.h | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/arch/x86/include/asm/jump_label.h b/arch/x86/include/asm/jump_label.h

Re: [PATCH v6 14/27] x86/percpu: Adapt percpu for PIE support

On Thu, Jan 31, 2019 at 12:57 PM Christopher Lameter wrote: > > On Thu, 31 Jan 2019, Thomas Garnier wrote: > > > Perpcu uses a clever design where the .percu ELF section has a virtual > > address of zero and the custom linux relocation code avoid relocating > > specific

Re: [PATCH v6 15/27] compiler: Option to default to hidden symbols

On Thu, Jan 31, 2019 at 11:13 PM Dan Carpenter wrote: > > On Thu, Jan 31, 2019 at 11:24:22AM -0800, Thomas Garnier wrote: > > Provide an option to default visibility to hidden except for key > > symbols. > > It took me a while to figure out the verb in this sentence..

Re: [PATCH v6 13/27] x86/boot/64: Build head64.c as mcmodel large when PIE is enabled

On Fri, Feb 1, 2019 at 3:15 AM Kirill A. Shutemov wrote: > > On Thu, Jan 31, 2019 at 11:24:20AM -0800, Thomas Garnier wrote: > > The __startup_64 function assumes all symbols have relocated addresses > > instead of the current boot virtual address. PIE generated code favor >

Re: [PATCH v6 14/27] x86/percpu: Adapt percpu for PIE support

On Thu, Jan 31, 2019 at 6:31 PM Christopher Lameter wrote: > > On Thu, 31 Jan 2019, Thomas Garnier wrote: > > > The per-cpu symbols are in a section that is zero based to create > > offsets. The compiler doesn't see them as offsets but as relative > > symbol and

Re: [PATCH v6 15/27] compiler: Option to default to hidden symbols

On Fri, Feb 1, 2019 at 12:24 AM Adrian Hunter wrote: > > On 31/01/19 9:24 PM, Thomas Garnier wrote: > > Provide an option to default visibility to hidden except for key > > symbols. This option is disabled by default and will be used by x86_64 > > PIE support to remove er

Re: [PATCH v6 20/27] x86: Support global stack cookie

On Fri, Feb 1, 2019 at 11:27 AM Andy Lutomirski wrote: > > On Thu, Jan 31, 2019 at 11:29 AM Thomas Garnier wrote: > > > > Add an off-by-default configuration option to use a global stack cookie > > instead of the default TLS. This configuration option will only be us

Re: [PATCH v6 20/27] x86: Support global stack cookie

On Fri, Feb 1, 2019 at 2:36 PM Andy Lutomirski wrote: > > > > On Feb 1, 2019, at 12:21 PM, Thomas Garnier wrote: > > > >> On Fri, Feb 1, 2019 at 11:27 AM Andy Lutomirski wrote: > >> > >>> On Thu, Jan 31, 2019 at 11:29 AM Thomas Garnier

[PATCH v4 09/27] x86/acpi: Adapt assembly for PIE support

Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range 0x8000. Signed-off-by: Thomas Garnier Acked-by: Pavel Machek --- arch/x86

[PATCH v4 06/27] x86/entry/64: Adapt assembly for PIE support

Change the assembly code to use only relative references of symbols for the kernel to be PIE compatible. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range 0x8000. Signed-off-by: Thomas Garnier --- arch/x86/entry/entry_64.S

[PATCH v4 16/27] compiler: Option to add PROVIDE_HIDDEN replacement for weak symbols

Provide an option to have a PROVIDE_HIDDEN (linker script) entry for each weak symbol. This option solves an error in x86_64 where the linker optimizes PIE generated code to be non-PIE because --emit-relocs was used instead of -pie (to reduce dynamic relocations). Signed-off-by: Thomas Garnier

[PATCH v4 15/27] compiler: Option to default to hidden symbols

/end of sections). In this case, older versions of GCC will remove the comparison if the symbols are hidden. This issue exists at least on gcc 4.9 and before. Signed-off-by: Thomas Garnier --- arch/x86/boot/boot.h | 2 +- arch/x86/include/asm/setup.h | 2 +- arch/x86

[PATCH v4 14/27] x86/percpu: Adapt percpu for PIE support

Executable (PIE) support will allow to extend the KASLR randomization range 0x8000. Signed-off-by: Thomas Garnier --- arch/x86/entry/calling.h | 2 +- arch/x86/entry/entry_64.S| 4 ++-- arch/x86/include/asm/percpu.h| 25 +++-- arch/x86/include/asm

[PATCH v4 25/27] x86/pie: Add option to build the kernel as PIE

-0.1%) - PIE enabled: average -0.4% to +0.4%. [1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82303 Signed-off-by: Thomas Garnier merge pie --- arch/x86/Kconfig | 8 arch/x86/Makefile | 45 - 2 files changed, 52 insertions(+), 1 deletion

[PATCH v4 27/27] x86/kaslr: Add option to extend KASLR range from 1GB to 3GB

three PUD pages. The relocation table uses 64-bit integers generated with the updated relocation tool with the large-reloc option. Signed-off-by: Thomas Garnier --- arch/x86/Kconfig | 21 + arch/x86/boot/compressed/Makefile| 5 + arch/x86/boot

[PATCH v4 19/27] kvm: Adapt assembly for PIE support

randomization range 0x8000. Signed-off-by: Thomas Garnier --- arch/x86/include/asm/kvm_host.h | 8 ++-- arch/x86/kernel/kvm.c | 6 -- arch/x86/kvm/svm.c | 4 ++-- 3 files changed, 12 insertions(+), 6 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b

[PATCH v4 26/27] x86/relocs: Add option to generate 64-bit relocations

the top 2G and 32-bit integers are not enough. Signed-off-by: Thomas Garnier --- arch/x86/tools/relocs.c| 60 +++--- arch/x86/tools/relocs.h| 4 +-- arch/x86/tools/relocs_common.c | 15 ++--- 3 files changed, 60 insertions(+), 19 deletions(-) diff

[PATCH v4 24/27] x86/mm: Make the x86 GOT read-only

The GOT is changed during early boot when relocations are applied. Make it read-only directly. This table exists only for PIE binary. Position Independent Executable (PIE) support will allow to extend the KASLR randomization range 0x8000. Signed-off-by: Thomas Garnier --- include

<    1   2   3   4   5   6   7   8   9   >