| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 22 Mar 2024 12:52:17 -0400 From: Brian Gerst <brgerst@...il.com> To: linux-kernel@...r.kernel.org, x86@...nel.org Cc: Ingo Molnar <mingo@...nel.org>, Thomas Gleixner <tglx@...utronix.de>, Borislav Petkov <bp@...en8.de>, "H . Peter Anvin" <hpa@...or.com>, Uros Bizjak <ubizjak@...il.com>, David.Laight@...lab.com, Brian Gerst <brgerst@...il.com> Subject: [PATCH v4 00/16] x86-64: Stack protector and percpu improvements Currently, x86-64 uses an unusual percpu layout, where the percpu section is linked at absolute address 0. The reason behind this is that older GCC versions placed the stack protector (if enabled) at a fixed offset from the GS segment base. Since the GS segement is also used for percpu variables, this forced the current layout. GCC since version 8.1 supports a configurable location for the stack protector value, which allows removal of the restriction on how the percpu section is linked. This allows the percpu section to be linked normally, like other architectures. In turn, this allows removal of code that was needed to support the zero-based percpu section. v4: - Updated to current tip tree - Added two new cleanups made possible by the removal of IA-64. - Small improvements to the objtool conversion code. Brian Gerst (16): x86/stackprotector/32: Remove stack protector test script x86/stackprotector/64: Remove stack protector test script x86/boot: Disable stack protector for early boot code x86/pvh: Use fixed_percpu_data for early boot GSBASE x86/relocs: Handle R_X86_64_REX_GOTPCRELX relocations objtool: Allow adding relocations to an existing section objtool: Convert fixed location stack protector accesses x86/stackprotector/64: Convert to normal percpu variable x86/percpu/64: Use relative percpu offsets x86/percpu/64: Remove fixed_percpu_data x86/boot/64: Remove inverse relocations x86/percpu/64: Remove INIT_PER_CPU macros percpu: Remove PER_CPU_FIRST_SECTION percpu: Remove PERCPU_VADDR() percpu: Remove __per_cpu_load kallsyms: Remove KALLSYMS_ABSOLUTE_PERCPU arch/x86/Kconfig | 16 +-- arch/x86/Makefile | 21 ++-- arch/x86/boot/compressed/misc.c | 14 +-- arch/x86/entry/entry_64.S | 2 +- arch/x86/include/asm/desc.h | 1 - arch/x86/include/asm/percpu.h | 22 ---- arch/x86/include/asm/processor.h | 28 +---- arch/x86/include/asm/stackprotector.h | 36 +----- arch/x86/kernel/Makefile | 2 + arch/x86/kernel/asm-offsets_64.c | 6 - arch/x86/kernel/cpu/common.c | 9 +- arch/x86/kernel/head64.c | 2 +- arch/x86/kernel/head_64.S | 20 ++- arch/x86/kernel/irq_64.c | 1 - arch/x86/kernel/setup_percpu.c | 12 +- arch/x86/kernel/vmlinux.lds.S | 35 ------ arch/x86/platform/pvh/head.S | 10 +- arch/x86/tools/relocs.c | 143 ++-------------------- arch/x86/xen/xen-head.S | 10 +- include/asm-generic/sections.h | 2 +- include/asm-generic/vmlinux.lds.h | 43 +------ include/linux/percpu-defs.h | 12 -- init/Kconfig | 11 +- kernel/kallsyms.c | 12 +- mm/percpu.c | 4 +- scripts/Makefile.lib | 2 + scripts/gcc-x86_32-has-stack-protector.sh | 8 -- scripts/gcc-x86_64-has-stack-protector.sh | 4 - scripts/kallsyms.c | 80 +++--------- scripts/link-vmlinux.sh | 4 - tools/objtool/arch/x86/decode.c | 46 +++++++ tools/objtool/arch/x86/special.c | 91 ++++++++++++++ tools/objtool/builtin-check.c | 9 +- tools/objtool/check.c | 14 ++- tools/objtool/elf.c | 133 ++++++++++++++++---- tools/objtool/include/objtool/arch.h | 3 + tools/objtool/include/objtool/builtin.h | 2 + tools/objtool/include/objtool/elf.h | 90 +++++++++++--- 38 files changed, 442 insertions(+), 518 deletions(-) delete mode 100755 scripts/gcc-x86_32-has-stack-protector.sh delete mode 100755 scripts/gcc-x86_64-has-stack-protector.sh base-commit: 30052fd948a3b43506c83590eaaada12d1f2dd09 -- 2.44.0
Powered by blists - more mailing lists