On Mon, 22 Jan 2024 at 23:44, Nathan Chancellor <nathan@xxxxxxxxxx> wrote: > > On Mon, Jan 22, 2024 at 02:34:46PM -0500, Brian Gerst wrote: > > On Mon, Jan 22, 2024 at 4:14 AM Ard Biesheuvel <ardb+git@xxxxxxxxxx> wrote: > > > > > > From: Ard Biesheuvel <ardb@xxxxxxxxxx> > > > > > > Some of the C code in head64.c may be called from a different virtual > > > address than it was linked at. Currently, we deal with this by using > > > ordinary, position dependent codegen, and fixing up all symbol > > > references on the fly. This is fragile and tricky to maintain. It is > > > also unnecessary: we can use position independent codegen (with hidden > > > visibility) to ensure that all compiler generated symbol references are > > > RIP-relative, removing the need for fixups entirely. > > > > > > It does mean we need explicit references to kernel virtual addresses to > > > be generated by hand, so generate those using a movabs instruction in > > > inline asm in the handful places where we actually need this. > > > > > > While at it, move these routines to .inittext where they belong. > > > > > > Signed-off-by: Ard Biesheuvel <ardb@xxxxxxxxxx> > > > --- > > > arch/x86/Makefile | 11 ++ > > > arch/x86/boot/compressed/Makefile | 2 +- > > > arch/x86/include/asm/init.h | 2 - > > > arch/x86/include/asm/setup.h | 2 +- > > > arch/x86/kernel/Makefile | 4 + > > > arch/x86/kernel/head64.c | 117 +++++++------------- > > > 6 files changed, 60 insertions(+), 78 deletions(-) > > > > > > diff --git a/arch/x86/Makefile b/arch/x86/Makefile > > > index 1a068de12a56..bed0850d91b0 100644 > > > --- a/arch/x86/Makefile > > > +++ b/arch/x86/Makefile > > > @@ -168,6 +168,17 @@ else > > > KBUILD_CFLAGS += -mcmodel=kernel > > > KBUILD_RUSTFLAGS += -Cno-redzone=y > > > KBUILD_RUSTFLAGS += -Ccode-model=kernel > > > + > > > + PIE_CFLAGS := -fpie -mcmodel=small \ > > > + -include $(srctree)/include/linux/hidden.h > > > + > > > + ifeq ($(CONFIG_STACKPROTECTOR),y) > > > + ifeq ($(CONFIG_SMP),y) > > > + PIE_CFLAGS += -mstack-protector-guard-reg=gs > > > + endif > > > > This compiler flag requires GCC 8.1 or later. When I posted a patch > > series[1] to convert the stack protector to a normal percpu variable > > instead of the fixed offset, there was pushback over requiring GCC 8.1 > > to keep stack protector support. I added code to objtool to convert > > code from older compilers, but there hasn't been any feedback since. > > Similar conversion code would be needed in objtool for this unless the > > decision is made to require GCC 8.1 for stack protector support going > > forward. > > > > Brian Gerst > > > > [1] https://lore.kernel.org/lkml/20231115173708.108316-1-brgerst@xxxxxxxxx/ > > I was going to comment on this as well, as that flag was only supported > in clang 12.0.0 and newer. It should not be too big of a deal for us > though, as I was already planning on bumping the minimum supported > version of clang for building the kernel to 13.0.1 (but there may be > breakage reports if this series lands before that): > Thanks for pointing this out. Given that building the entire kernel with fPIC is neither necessary nor sufficient, I am going to abandon this approach. If we apply fPIC to only a handful of compilation units containing code that runs from the 1:1 mapping, it is not unreasonable to simply disable the stack protector altogether for those pieces too. This works around the older GCC issue.
