From: Kristen Carlson Accardi <kristen@linux.intel.com>
To: keescook@chromium.org, tglx@linutronix.de, mingo@redhat.com,
bp@alien8.de, hpa@zytor.com, x86@kernel.org,
Arnd Bergmann <arnd@arndb.de>
Cc: arjan@linux.intel.com, linux-kernel@vger.kernel.org,
kernel-hardening@lists.openwall.com, rick.p.edgecomb@intel.com,
linux-arch@vger.kernel.org
Subject: [PATCH 5/9] x86: make sure _etext includes function sections
Date: Wed, 15 Apr 2020 14:04:47 -0700 [thread overview]
Message-ID: <20200415210452.27436-6-kristen@linux.intel.com> (raw)
In-Reply-To: <20200415210452.27436-1-kristen@linux.intel.com>
We will be using -ffunction-sections to place each function in
it's own text section so it can be randomized at load time. The
linker considers these .text.* sections "orphaned sections", and
will place them after the first similar section (.text). However,
we need to move _etext so that it is after both .text and .text.*
We also need to calculate text size to include .text AND .text.*
Signed-off-by: Kristen Carlson Accardi <kristen@linux.intel.com>
---
arch/x86/kernel/vmlinux.lds.S | 18 +++++++++++++++++-
include/asm-generic/vmlinux.lds.h | 2 +-
2 files changed, 18 insertions(+), 2 deletions(-)
diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S
index 1bf7e312361f..044f7528a2f0 100644
--- a/arch/x86/kernel/vmlinux.lds.S
+++ b/arch/x86/kernel/vmlinux.lds.S
@@ -147,8 +147,24 @@ SECTIONS
#endif
} :text =0xcccc
- /* End of text section, which should occupy whole number of pages */
+#ifdef CONFIG_FG_KASLR
+ /*
+ * -ffunction-sections creates .text.* sections, which are considered
+ * "orphan sections" and added after the first similar section (.text).
+ * Adding this ALIGN statement causes the address of _etext
+ * to be below that of all the .text.* orphaned sections
+ */
+ . = ALIGN(PAGE_SIZE);
+#endif
_etext = .;
+
+ /*
+ * the size of the .text section is used to calculate the address
+ * range for orc lookups. If we just use SIZEOF(.text), we will
+ * miss all the .text.* sections. Calculate the size using _etext
+ * and _stext and save the value for later.
+ */
+ text_size = _etext - _stext;
. = ALIGN(PAGE_SIZE);
X86_ALIGN_RODATA_BEGIN
diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h
index 71e387a5fe90..f5baee74854c 100644
--- a/include/asm-generic/vmlinux.lds.h
+++ b/include/asm-generic/vmlinux.lds.h
@@ -813,7 +813,7 @@
. = ALIGN(4); \
.orc_lookup : AT(ADDR(.orc_lookup) - LOAD_OFFSET) { \
orc_lookup = .; \
- . += (((SIZEOF(.text) + LOOKUP_BLOCK_SIZE - 1) / \
+ . += (((text_size + LOOKUP_BLOCK_SIZE - 1) / \
LOOKUP_BLOCK_SIZE) + 1) * 4; \
orc_lookup_end = .; \
}
--
2.20.1
next prev parent reply other threads:[~2020-04-15 21:06 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-15 21:04 [PATCH 0/9] Function Granular Kernel Address Space Layout Randomization Kristen Carlson Accardi
2020-04-15 21:04 ` [PATCH 1/9] objtool: do not assume order of parent/child functions Kristen Carlson Accardi
2020-04-22 22:17 ` Josh Poimboeuf
2020-04-15 21:04 ` [PATCH 2/9] x86: tools/relocs: Support >64K section headers Kristen Carlson Accardi
2020-04-15 21:04 ` [PATCH 3/9] x86/boot: Allow a "silent" kaslr random byte fetch Kristen Carlson Accardi
2020-04-15 21:04 ` [PATCH 4/9] x86: Makefile: Add build and config option for CONFIG_FG_KASLR Kristen Carlson Accardi
2020-04-15 21:04 ` Kristen Carlson Accardi [this message]
2020-04-15 21:04 ` [PATCH 6/9] x86/tools: Adding relative relocs for randomized functions Kristen Carlson Accardi
2020-04-15 21:04 ` [PATCH 7/9] x86: Add support for function granular KASLR Kristen Carlson Accardi
2020-04-16 0:14 ` kbuild test robot
2020-04-16 0:14 ` kbuild test robot
2020-05-15 5:55 ` Baoquan He
2020-04-15 21:04 ` [PATCH 8/9] kallsyms: hide layout Kristen Carlson Accardi
2020-04-20 11:58 ` Ard Biesheuvel
2020-04-20 17:46 ` Kristen Carlson Accardi
2020-04-15 21:04 ` [PATCH 9/9] module: Reorder functions Kristen Carlson Accardi
2020-04-20 12:01 ` Ard Biesheuvel
2020-04-20 13:37 ` Arjan van de Ven
2020-04-20 13:43 ` Ard Biesheuvel
2020-04-20 13:47 ` Arjan van de Ven
2020-04-20 17:56 ` Kristen Carlson Accardi
2020-04-20 17:59 ` Kristen Carlson Accardi
2020-04-22 16:22 ` Ard Biesheuvel
2020-04-22 18:02 ` Kristen Carlson Accardi
2020-04-20 17:48 ` [PATCH 0/9] Function Granular Kernel Address Space Layout Randomization Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200415210452.27436-6-kristen@linux.intel.com \
--to=kristen@linux.intel.com \
--cc=arjan@linux.intel.com \
--cc=arnd@arndb.de \
--cc=bp@alien8.de \
--cc=hpa@zytor.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=rick.p.edgecomb@intel.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.