x86, kaslr: Raise the maximum virtual address to -1 GiB on x86_64

On 64-bit, this raises the maximum location to -1 GiB (from -1.5 GiB),
the upper limit currently, since the kernel fixmap page mappings need
to be moved to use the other 1 GiB (which would be the theoretical
limit when building with -mcmodel=kernel).

Signed-off-by: Kees Cook <keescook@chromium.org>
Link: http://lkml.kernel.org/r/1381450698-28710-7-git-send-email-keescook@chromium.org
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>

1 files changed, 13 insertions, 3 deletions

diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 992701d4d4f8..51f439953d23 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1746,13 +1746,23 @@ config RANDOMIZE_BASE
 config RANDOMIZE_BASE_MAX_OFFSET
         hex "Maximum ASLR offset allowed"
         depends on RANDOMIZE_BASE
-        default "0x10000000"
-        range 0x0 0x10000000
+        range 0x0 0x20000000 if X86_32
+        default "0x20000000" if X86_32
+        range 0x0 0x40000000 if X86_64
+        default "0x40000000" if X86_64
         ---help---
          Determines the maximal offset in bytes that will be applied to the
          kernel when Address Space Layout Randomization (ASLR) is active.
          Must be less than or equal to the actual physical memory on the
-         system. This must be a power of two.
+         system. This must be a multiple of CONFIG_PHYSICAL_ALIGN.
+
+         On 32-bit this is limited to 512MiB.
+
+         On 64-bit this is limited by how the kernel fixmap page table is
+         positioned, so this cannot be larger that 1GiB currently. Normally
+         there is a 512MiB to 1.5GiB split between kernel and modules. When
+         this is raised above the 512MiB default, the modules area will
+         shrink to compensate, up to the current maximum 1GiB to 1GiB split.
 
 # Relocation on x86 needs some additional build support
 config X86_NEED_RELOCS