x86, fg-kaslr: more raw diffs

- put every ASM func into a separate section if -ffunction-sections
  or ClangLTO is enabled;
- fix relocations inside .altinstr_replacement;
- fix functions being placed beyond _etext (reserve some space
  at the end);
- align every text section to at least 16 bytes (they're already
  aligned to 16 99% of cases, but some of them are not, let's keep
  it consistent);
- don't even allow to put any function inside just .text
  of vmlinux.o;
- misc stuff.

Signed-off-by: Alexander Lobakin <alexandr.lobakin@intel.com>

arch/x86/boot/compressed/fgkaslr.c

@@ -44,6 +44,8 @@ static long addr_kallsyms_relative_base;
 static long addr_kallsyms_markers;
 static long addr___start___ex_table;
 static long addr___stop___ex_table;
+static long addr___altinstr_replacement;
+static long addr___altinstr_replacement_end;
 static long addr__stext;
 static long addr__etext;
 static long addr__sinittext;
@@ -88,7 +90,9 @@ static bool is_orc_unwind(long addr)
 static bool is_text(long addr)
 {
 	if ((addr >= addr__stext && addr < addr__etext) ||
-	    (addr >= addr__sinittext && addr < addr__einittext))
+	    (addr >= addr__sinittext && addr < addr__einittext) ||
+	    (addr >= addr___altinstr_replacement &&
+	     addr <= addr___altinstr_replacement_end))
 		return true;
 	return false;
 }
@@ -722,6 +726,8 @@ static void parse_symtab(Elf64_Sym *symtab, char *strtab, long num_syms)
 		GET_SYM(kallsyms_relative_base);
 		GET_SYM(kallsyms_names);
 		GET_SYM(kallsyms_markers);
+		GET_SYM(__altinstr_replacement);
+		GET_SYM(__altinstr_replacement_end);
 		GET_SYM(_stext);
 		GET_SYM(_etext);
 		GET_SYM(_sinittext);

arch/x86/boot/compressed/vmlinux.symbols

@@ -8,6 +8,8 @@ kallsyms_token_index
 kallsyms_markers
 __start___ex_table
 __stop___ex_table
+__altinstr_replacement
+__altinstr_replacement_end
 _sinittext
 _einittext
 _stext

arch/x86/crypto/aegis128-aesni-asm.S

@@ -71,7 +71,7 @@
  *   %r8
  *   %r9
  */
-SYM_FUNC_START_LOCAL(__load_partial)
+SYM_FUNC_START_LOCAL_SECTION(__load_partial)
 	xor %r9d, %r9d
 	pxor MSG, MSG
 
@@ -123,7 +123,7 @@ SYM_FUNC_START_LOCAL(__load_partial)
 
 .Lld_partial_8:
 	ret
-SYM_FUNC_END(__load_partial)
+SYM_FUNC_END_SECTION(__load_partial)
 
 /*
  * __store_partial: internal ABI
@@ -137,7 +137,7 @@ SYM_FUNC_END(__load_partial)
  *   %r9
  *   %r10
  */
-SYM_FUNC_START_LOCAL(__store_partial)
+SYM_FUNC_START_LOCAL_SECTION(__store_partial)
 	mov LEN, %r8
 	mov DST, %r9
 
@@ -181,12 +181,12 @@ SYM_FUNC_START_LOCAL(__store_partial)
 
 .Lst_partial_1:
 	ret
-SYM_FUNC_END(__store_partial)
+SYM_FUNC_END_SECTION(__store_partial)
 
 /*
  * void crypto_aegis128_aesni_init(void *state, const void *key, const void *iv);
  */
-SYM_FUNC_START(crypto_aegis128_aesni_init)
+SYM_FUNC_START_SECTION(crypto_aegis128_aesni_init)
 	FRAME_BEGIN
 
 	/* load IV: */
@@ -226,13 +226,13 @@ SYM_FUNC_START(crypto_aegis128_aesni_init)
 
 	FRAME_END
 	ret
-SYM_FUNC_END(crypto_aegis128_aesni_init)
+SYM_FUNC_END_SECTION(crypto_aegis128_aesni_init)
 
 /*
  * void crypto_aegis128_aesni_ad(void *state, unsigned int length,
  *                               const void *data);
  */
-SYM_FUNC_START(crypto_aegis128_aesni_ad)
+SYM_FUNC_START_SECTION(crypto_aegis128_aesni_ad)
 	FRAME_BEGIN
 
 	cmp $0x10, LEN
@@ -378,7 +378,7 @@ SYM_FUNC_START(crypto_aegis128_aesni_ad)
 .Lad_out:
 	FRAME_END
 	ret
-SYM_FUNC_END(crypto_aegis128_aesni_ad)
+SYM_FUNC_END_SECTION(crypto_aegis128_aesni_ad)
 
 .macro encrypt_block a s0 s1 s2 s3 s4 i
 	movdq\a (\i * 0x10)(SRC), MSG
@@ -402,7 +402,7 @@ SYM_FUNC_END(crypto_aegis128_aesni_ad)
  * void crypto_aegis128_aesni_enc(void *state, unsigned int length,
  *                                const void *src, void *dst);
  */
-SYM_FUNC_START(crypto_aegis128_aesni_enc)
+SYM_FUNC_START_SECTION(crypto_aegis128_aesni_enc)
 	FRAME_BEGIN
 
 	cmp $0x10, LEN
@@ -493,13 +493,13 @@ SYM_FUNC_START(crypto_aegis128_aesni_enc)
 .Lenc_out:
 	FRAME_END
 	ret
-SYM_FUNC_END(crypto_aegis128_aesni_enc)
+SYM_FUNC_END_SECTION(crypto_aegis128_aesni_enc)
 
 /*
  * void crypto_aegis128_aesni_enc_tail(void *state, unsigned int length,
  *                                     const void *src, void *dst);
  */
-SYM_FUNC_START(crypto_aegis128_aesni_enc_tail)
+SYM_FUNC_START_SECTION(crypto_aegis128_aesni_enc_tail)
 	FRAME_BEGIN
 
 	/* load the state: */
@@ -533,7 +533,7 @@ SYM_FUNC_START(crypto_aegis128_aesni_enc_tail)
 
 	FRAME_END
 	ret
-SYM_FUNC_END(crypto_aegis128_aesni_enc_tail)
+SYM_FUNC_END_SECTION(crypto_aegis128_aesni_enc_tail)
 
 .macro decrypt_block a s0 s1 s2 s3 s4 i
 	movdq\a (\i * 0x10)(SRC), MSG
@@ -556,7 +556,7 @@ SYM_FUNC_END(crypto_aegis128_aesni_enc_tail)
  * void crypto_aegis128_aesni_dec(void *state, unsigned int length,
  *                                const void *src, void *dst);
  */
-SYM_FUNC_START(crypto_aegis128_aesni_dec)
+SYM_FUNC_START_SECTION(crypto_aegis128_aesni_dec)
 	FRAME_BEGIN
 
 	cmp $0x10, LEN
@@ -647,13 +647,13 @@ SYM_FUNC_START(crypto_aegis128_aesni_dec)
 .Ldec_out:
 	FRAME_END
 	ret
-SYM_FUNC_END(crypto_aegis128_aesni_dec)
+SYM_FUNC_END_SECTION(crypto_aegis128_aesni_dec)
 
 /*
  * void crypto_aegis128_aesni_dec_tail(void *state, unsigned int length,
  *                                     const void *src, void *dst);
  */
-SYM_FUNC_START(crypto_aegis128_aesni_dec_tail)
+SYM_FUNC_START_SECTION(crypto_aegis128_aesni_dec_tail)
 	FRAME_BEGIN
 
 	/* load the state: */
@@ -697,13 +697,13 @@ SYM_FUNC_START(crypto_aegis128_aesni_dec_tail)
 
 	FRAME_END
 	ret
-SYM_FUNC_END(crypto_aegis128_aesni_dec_tail)
+SYM_FUNC_END_SECTION(crypto_aegis128_aesni_dec_tail)
 
 /*
  * void crypto_aegis128_aesni_final(void *state, void *tag_xor,
  *                                  u64 assoclen, u64 cryptlen);
  */
-SYM_FUNC_START(crypto_aegis128_aesni_final)
+SYM_FUNC_START_SECTION(crypto_aegis128_aesni_final)
 	FRAME_BEGIN
 
 	/* load the state: */
@@ -744,4 +744,4 @@ SYM_FUNC_START(crypto_aegis128_aesni_final)
 
 	FRAME_END
 	ret
-SYM_FUNC_END(crypto_aegis128_aesni_final)
+SYM_FUNC_END_SECTION(crypto_aegis128_aesni_final)

arch/x86/crypto/aes_ctrby8_avx-x86_64.S

@@ -535,11 +535,11 @@ ddq_add_8:
  * aes_ctr_enc_128_avx_by8(void *in, void *iv, void *keys, void *out,
  *			unsigned int num_bytes)
  */
-SYM_FUNC_START(aes_ctr_enc_128_avx_by8)
+SYM_FUNC_START_SECTION(aes_ctr_enc_128_avx_by8)
 	/* call the aes main loop */
 	do_aes_ctrmain KEY_128
 
-SYM_FUNC_END(aes_ctr_enc_128_avx_by8)
+SYM_FUNC_END_SECTION(aes_ctr_enc_128_avx_by8)
 
 /*
  * routine to do AES192 CTR enc/decrypt "by8"
@@ -548,11 +548,11 @@ SYM_FUNC_END(aes_ctr_enc_128_avx_by8)
  * aes_ctr_enc_192_avx_by8(void *in, void *iv, void *keys, void *out,
  *			unsigned int num_bytes)
  */
-SYM_FUNC_START(aes_ctr_enc_192_avx_by8)
+SYM_FUNC_START_SECTION(aes_ctr_enc_192_avx_by8)
 	/* call the aes main loop */
 	do_aes_ctrmain KEY_192
 
-SYM_FUNC_END(aes_ctr_enc_192_avx_by8)
+SYM_FUNC_END_SECTION(aes_ctr_enc_192_avx_by8)
 
 /*
  * routine to do AES256 CTR enc/decrypt "by8"
@@ -561,8 +561,8 @@ SYM_FUNC_END(aes_ctr_enc_192_avx_by8)
  * aes_ctr_enc_256_avx_by8(void *in, void *iv, void *keys, void *out,
  *			unsigned int num_bytes)
  */
-SYM_FUNC_START(aes_ctr_enc_256_avx_by8)
+SYM_FUNC_START_SECTION(aes_ctr_enc_256_avx_by8)
 	/* call the aes main loop */
 	do_aes_ctrmain KEY_256
 
-SYM_FUNC_END(aes_ctr_enc_256_avx_by8)
+SYM_FUNC_END_SECTION(aes_ctr_enc_256_avx_by8)