[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH v2 19/27] kvm: Adapt assembly for PIE support

To: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>, "David S . Miller" <davem@xxxxxxxxxxxxx>, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, Ingo Molnar <mingo@xxxxxxxxxx>, "H . Peter Anvin" <hpa@xxxxxxxxx>, Peter Zijlstra <peterz@xxxxxxxxxxxxx>, Josh Poimboeuf <jpoimboe@xxxxxxxxxx>, Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>, Kate Stewart <kstewart@xxxxxxxxxxxxxxxxxxx>, Thomas Garnier <thgarnie@xxxxxxxxxx>, Arnd Bergmann <arnd@xxxxxxxx>, Philippe Ombredanne <pombredanne@xxxxxxxx>, Arnaldo Carvalho de Melo <acme@xxxxxxxxxx>, Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx>, Matthias Kaehlcke <mka@xxxxxxxxxxxx>, Kees Cook <keescook@xxxxxxxxxxxx>, Tom Lendacky <thomas.lendacky@xxxxxxx>, "Kirill A . Shutemov" <kirill.shutemov@xxxxxxxxxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxx>, Dominik Brodowski <linux@xxxxxxxxxxxxxxxxxxxx>, Borislav Petkov <bp@xxxxxxxxx>, Borislav Petkov <bp@xxxxxxx>, "Rafael J . Wysocki" <rjw@xxxxxxxxxxxxx>, Len Brown <len.brown@xxxxxxxxx>, Pavel Machek <pavel@xxxxxx>, Juergen Gross <jgross@xxxxxxxx>, Alok Kataria <akataria@xxxxxxxxxx>, Steven Rostedt <rostedt@xxxxxxxxxxx>, Tejun Heo <tj@xxxxxxxxxx>, Christoph Lameter <cl@xxxxxxxxx>, Dennis Zhou <dennisszhou@xxxxxxxxx>, Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>, David Woodhouse <dwmw@xxxxxxxxxxxx>, Alexey Dobriyan <adobriyan@xxxxxxxxx>, "Paul E . McKenney" <paulmck@xxxxxxxxxxxxxxxxxx>, Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>, Nicolas Pitre <nicolas.pitre@xxxxxxxxxx>, Randy Dunlap <rdunlap@xxxxxxxxxxxxx>, "Luis R . Rodriguez" <mcgrof@xxxxxxxxxx>, Christopher Li <sparse@xxxxxxxxxxx>, Jason Baron <jbaron@xxxxxxxxxx>, Ashish Kalra <ashish@xxxxxxxxxxxxxx>, Kyle McMartin <kyle@xxxxxxxxxx>, Dou Liyang <douly.fnst@xxxxxxxxxxxxxx>, Lukas Wunner <lukas@xxxxxxxxx>, Petr Mladek <pmladek@xxxxxxxx>, Sergey Senozhatsky <sergey.senozhatsky.work@xxxxxxxxx>, Masahiro Yamada <yamada.masahiro@xxxxxxxxxxxxx>, Ingo Molnar <mingo@xxxxxxxxxx>, Nicholas Piggin <npiggin@xxxxxxxxx>, Cao jin <caoj.fnst@xxxxxxxxxxxxxx>, "H . J . Lu" <hjl.tools@xxxxxxxxx>, Paolo Bonzini <pbonzini@xxxxxxxxxx>, Radim Krčmář <rkrcmar@xxxxxxxxxx>, Joerg Roedel <joro@xxxxxxxxxx>, Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>, Rik van Riel <riel@xxxxxxxxxx>, Jia Zhang <qianyue.zj@xxxxxxxxxxxxxxx>, Jiri Slaby <jslaby@xxxxxxx>, Kyle Huey <me@xxxxxxxxxxxx>, Jonathan Corbet <corbet@xxxxxxx>, Matthew Wilcox <mawilcox@xxxxxxxxxxxxx>, Michal Hocko <mhocko@xxxxxxxx>, Rob Landley <rob@xxxxxxxxxxx>, Baoquan He <bhe@xxxxxxxxxx>, Daniel Micay <danielmicay@xxxxxxxxx>, Jan H . Schönherr <jschoenh@xxxxxxxxx>
From: Thomas Garnier <thgarnie@xxxxxxxxxx>
Date: Tue, 13 Mar 2018 13:59:37 -0700
Cc: linux-arch@xxxxxxxxxxxxxxx, kvm@xxxxxxxxxxxxxxx, linux-pm@xxxxxxxxxxxxxxx, x86@xxxxxxxxxx, linux-doc@xxxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx, linux-sparse@xxxxxxxxxxxxxxx, linux-crypto@xxxxxxxxxxxxxxx, kernel-hardening@xxxxxxxxxxxxxxxxxx, xen-devel@xxxxxxxxxxxxxxxxxxxx
Delivery-date: Tue, 13 Mar 2018 21:01:04 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Change the assembly code to use only relative references of symbols for the
kernel to be PIE compatible. The new __ASM_MOVABS macro is used to
get the address of a symbol on both 32 and 64-bit with PIE support.

Position Independent Executable (PIE) support will allow to extended the
KASLR randomization range below the -2G memory limit.

Signed-off-by: Thomas Garnier <thgarnie@xxxxxxxxxx>
---
 arch/x86/include/asm/kvm_host.h | 6 ++++--
 arch/x86/kernel/kvm.c           | 6 ++++--
 arch/x86/kvm/svm.c              | 4 ++--
 3 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index b605a5b6a30c..7bd6ba79e778 100644
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -1380,9 +1380,11 @@ asmlinkage void kvm_spurious_fault(void);
        ".pushsection .fixup, \"ax\" \n" \
        "667: \n\t" \
        cleanup_insn "\n\t"                   \
-       "cmpb $0, kvm_rebooting \n\t"         \
+       "cmpb $0, kvm_rebooting" __ASM_SEL(,(%%rip)) " \n\t" \
        "jne 668b \n\t"                       \
-       __ASM_SIZE(push) " $666b \n\t"        \
+       __ASM_SIZE(push) "%%" _ASM_AX " \n\t"           \
+       _ASM_MOVABS " $666b, %%" _ASM_AX "\n\t" \
+       "xchg %%" _ASM_AX ", (%%" _ASM_SP ") \n\t"      \
        "call kvm_spurious_fault \n\t"        \
        ".popsection \n\t" \
        _ASM_EXTABLE(666b, 667b)
diff --git a/arch/x86/kernel/kvm.c b/arch/x86/kernel/kvm.c
index bc1a27280c4b..5e4dd958ea95 100644
--- a/arch/x86/kernel/kvm.c
+++ b/arch/x86/kernel/kvm.c
@@ -711,8 +711,10 @@ asm(
 ".global __raw_callee_save___kvm_vcpu_is_preempted;"
 ".type __raw_callee_save___kvm_vcpu_is_preempted, @function;"
 "__raw_callee_save___kvm_vcpu_is_preempted:"
-"movq  __per_cpu_offset(,%rdi,8), %rax;"
-"cmpb  $0, " __stringify(KVM_STEAL_TIME_preempted) "+steal_time(%rax);"
+"leaq  __per_cpu_offset(%rip), %rax;"
+"movq  (%rax,%rdi,8), %rax;"
+"addq  " __stringify(KVM_STEAL_TIME_preempted) "+steal_time(%rip), %rax;"
+"cmpb  $0, (%rax);"
 "setne %al;"
 "ret;"
 ".popsection");
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index be9c839e2c89..6835a2ce02e5 100644
--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm.c
@@ -626,12 +626,12 @@ static u32 svm_msrpm_offset(u32 msr)
 
 static inline void clgi(void)
 {
-       asm volatile (__ex(SVM_CLGI));
+       asm volatile (__ex(SVM_CLGI) : :);
 }
 
 static inline void stgi(void)
 {
-       asm volatile (__ex(SVM_STGI));
+       asm volatile (__ex(SVM_STGI) : :);
 }
 
 static inline void invlpga(unsigned long addr, u32 asid)
-- 
2.16.2.660.g709887971b-goog


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

References:
- [Xen-devel] [PATCH v2 00/27] x86: PIE support and option to extend KASLR randomization
  - From: Thomas Garnier

Prev by Date: [Xen-devel] [PATCH v2 18/27] xen: Adapt assembly for PIE support
Next by Date: [Xen-devel] [PATCH v2 20/27] x86: Support global stack cookie
Previous by thread: [Xen-devel] [PATCH v2 18/27] xen: Adapt assembly for PIE support
Next by thread: [Xen-devel] [PATCH v2 20/27] x86: Support global stack cookie
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.