[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20190131192533.34130-25-thgarnie@chromium.org>
Date: Thu, 31 Jan 2019 11:24:31 -0800
From: Thomas Garnier <thgarnie@...omium.org>
To: kernel-hardening@...ts.openwall.com
Cc: kristen@...ux.intel.com,
Thomas Garnier <thgarnie@...omium.org>,
Arnd Bergmann <arnd@...db.de>,
linux-arch@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: [PATCH v6 24/27] x86/mm: Make the x86 GOT read-only
The GOT is changed during early boot when relocations are applied. Make
it read-only directly. This table exists only for PIE binary.
Position Independent Executable (PIE) support will allow to extend the
KASLR randomization range below 0xffffffff80000000.
Signed-off-by: Thomas Garnier <thgarnie@...omium.org>
---
include/asm-generic/vmlinux.lds.h | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h
index 3d7a6a9c2370..0a038594c878 100644
--- a/include/asm-generic/vmlinux.lds.h
+++ b/include/asm-generic/vmlinux.lds.h
@@ -323,6 +323,17 @@
__end_ro_after_init = .;
#endif
+#ifdef CONFIG_X86_PIE
+#define RO_GOT_X86 \
+ .got : AT(ADDR(.got) - LOAD_OFFSET) { \
+ __start_got = .; \
+ *(.got); \
+ __end_got = .; \
+ }
+#else
+#define RO_GOT_X86
+#endif
+
/*
* Read only Data
*/
@@ -379,6 +390,7 @@
__end_builtin_fw = .; \
} \
\
+ RO_GOT_X86 \
TRACEDATA \
\
/* Kernel symbol table: Normal symbols */ \
--
2.20.1.495.gaa96b0ce6b-goog
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
