From: Ingo Molnar <mingo@kernel.org>
To: Hou Wenlong <houwenlong.hwl@antgroup.com>
Cc: linux-kernel@vger.kernel.org,
Lai Jiangshan <jiangshan.ljs@antgroup.com>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
"maintainer:X86 ARCHITECTURE 32-BIT AND 64-BIT" <x86@kernel.org>,
"H. Peter Anvin" <hpa@zytor.com>,
Josh Poimboeuf <jpoimboe@kernel.org>,
Anshuman Khandual <anshuman.khandual@arm.com>,
Mike Rapoport <rppt@kernel.org>,
Pasha Tatashin <pasha.tatashin@soleen.com>
Subject: Re: [PATCH RFC 1/7] x86/head/64: Mark startup_gdt and startup_gdt_descr as __initdata
Date: Tue, 17 Oct 2023 15:02:27 +0200 [thread overview]
Message-ID: <ZS6F46vJfca5f6f8@gmail.com> (raw)
In-Reply-To: <20231017072311.GA46993@k08j02272.eu95sqa>
* Hou Wenlong <houwenlong.hwl@antgroup.com> wrote:
> Hi Ingo,
>
> I have sent patch #6 separately for x86. Do you have any ideas about
> building the head code as PIE? Should I resend the patchset for the PIE
> feature?
So I had a brief look, and despite reading 0/43 it was unclear to me what
the precise advantages of building as PIE are.
Ie. could you please outline:
- *Exactly* how much PIE based KASLR randomization would gain us in terms
of randomization granularity and effective number of randomization bits,
compared to the current status quo?
- How is code generation changed at the instruction level - how does
kernel size change and what are the micro-advantages/disadvantages?
- Are there any other advantages/motivation than improving KASLR?
Ie. before asking us to apply ~50 patches and add a whole new build mode
and the maintainance overhead to support it into infinity and beyond, could
you please offer a better list of pros and cons?
Thanks,
Ingo
next prev parent reply other threads:[~2023-10-17 13:02 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-12 3:30 [PATCH RFC 0/7] x86/head/64: Build the head code as PIE Hou Wenlong
2023-07-12 3:30 ` [PATCH RFC 1/7] x86/head/64: Mark startup_gdt and startup_gdt_descr as __initdata Hou Wenlong
2023-10-16 11:57 ` Ingo Molnar
2023-10-17 7:23 ` Hou Wenlong
2023-10-17 13:02 ` Ingo Molnar [this message]
2023-10-17 16:34 ` H. Peter Anvin
2023-10-18 11:45 ` Ingo Molnar
2023-11-10 0:03 ` Josh Poimboeuf
2023-10-18 8:36 ` Hou Wenlong
2023-07-12 3:30 ` [PATCH RFC 2/7] x86/head/64: Add missing __head annotation to startup_64_load_idt() Hou Wenlong
2023-07-12 3:30 ` [PATCH RFC 3/7] x86/head/64: Move all head code from head64.c into another file Hou Wenlong
2023-07-12 3:30 ` [PATCH RFC 4/7] x86/boot/compressed: Adapt sed command if head code is built as PIE Hou Wenlong
2023-07-12 3:30 ` [PATCH RFC 5/7] x86/head/64: Build the head code " Hou Wenlong
2023-07-12 3:30 ` [PATCH RFC 6/7] x86/sme: Mark code as __head in mem_encrypt_identity.c Hou Wenlong
2023-07-12 3:30 ` [PATCH RFC 7/7] x86/sme: Build the code in mem_encrypt_identity.c as PIE Hou Wenlong
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZS6F46vJfca5f6f8@gmail.com \
--to=mingo@kernel.org \
--cc=anshuman.khandual@arm.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=houwenlong.hwl@antgroup.com \
--cc=hpa@zytor.com \
--cc=jiangshan.ljs@antgroup.com \
--cc=jpoimboe@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pasha.tatashin@soleen.com \
--cc=rppt@kernel.org \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.