From: Ard Biesheuvel <ardb@kernel.org>
To: linux-arm-kernel@lists.infradead.org
Cc: mark.rutland@arm.com, android-kvm@google.com,
Ard Biesheuvel <ardb@kernel.org>, Marc Zyngier <maz@kernel.org>,
Will Deacon <will@kernel.org>
Subject: [RFC PATCH 1/8] arm64: kaslr: deal with init called with VA randomization enabled
Date: Fri, 4 Mar 2022 18:56:50 +0100 [thread overview]
Message-ID: <20220304175657.2744400-2-ardb@kernel.org> (raw)
In-Reply-To: <20220304175657.2744400-1-ardb@kernel.org>
We will pass the KASLR seed via x1 as well as via the device tree, so
that the boot code does not need to create the kernel mapping twice.
This means we may enter kaslr_early_init() fully randomized, and the
offset calculated by this function should be identical to the offset
that has already been taken into account.
This means that taking the address of _end or _etext and adding offset
to it produces the wrong value, given that _end and _etext references
will have been fixed up already, and therefore already incorporate
offset.
So instead of referring to these symbols directly, use their offsets
relative to _text, which should produce values that depend on the size
and layout of the Image only. Then, add KIMAGE_VADDR to obtain the
unrandomized values.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
arch/arm64/kernel/kaslr.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/arch/arm64/kernel/kaslr.c b/arch/arm64/kernel/kaslr.c
index 418b2bba1521..00cec96003fd 100644
--- a/arch/arm64/kernel/kaslr.c
+++ b/arch/arm64/kernel/kaslr.c
@@ -145,6 +145,8 @@ u64 __init kaslr_early_init(void)
return offset % SZ_2G;
if (IS_ENABLED(CONFIG_RANDOMIZE_MODULE_REGION_FULL)) {
+ u64 end = (u64)_end - (u64)_text + KIMAGE_VADDR;
+
/*
* Randomize the module region over a 2 GB window covering the
* kernel. This reduces the risk of modules leaking information
@@ -154,9 +156,11 @@ u64 __init kaslr_early_init(void)
* resolved normally.)
*/
module_range = SZ_2G - (u64)(_end - _stext);
- module_alloc_base = max((u64)_end + offset - SZ_2G,
+ module_alloc_base = max(end + offset - SZ_2G,
(u64)MODULES_VADDR);
} else {
+ u64 end = (u64)_etext - (u64)_text + KIMAGE_VADDR;
+
/*
* Randomize the module region by setting module_alloc_base to
* a PAGE_SIZE multiple in the range [_etext - MODULES_VSIZE,
@@ -167,7 +171,7 @@ u64 __init kaslr_early_init(void)
* when ARM64_MODULE_PLTS is enabled.
*/
module_range = MODULES_VSIZE - (u64)(_etext - _stext);
- module_alloc_base = (u64)_etext + offset - MODULES_VSIZE;
+ module_alloc_base = end + offset - MODULES_VSIZE;
}
/* use the lower 21 bits to randomize the base of the module region */
--
2.30.2
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2022-03-04 17:59 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-04 17:56 [RFC PATCH 0/8] arm64: efi: leave MMU and caches on at boot Ard Biesheuvel
2022-03-04 17:56 ` Ard Biesheuvel [this message]
2022-03-04 17:56 ` [RFC PATCH 2/8] arm64: head: record the MMU state at primary entry Ard Biesheuvel
2022-03-04 17:56 ` [RFC PATCH 3/8] arm64: head: take KASLR seed passed via x1 into account Ard Biesheuvel
2022-03-04 17:56 ` [RFC PATCH 4/8] arm64: head: avoid cache invalidation when entering with the MMU on Ard Biesheuvel
2022-03-04 17:56 ` [RFC PATCH 5/8] arm64: head: populate page tables before disabling the MMU Ard Biesheuvel
2022-03-04 17:56 ` [RFC PATCH 6/8] arm64: head: clean the ID map page to the PoC Ard Biesheuvel
2022-03-04 17:56 ` [RFC PATCH 7/8] arm64: lds: move idmap_pg_dir out of .rodata Ard Biesheuvel
2022-03-04 17:56 ` [RFC PATCH 8/8] arm64: efi: leave MMU and caches on when handing over to the core kernel Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220304175657.2744400-2-ardb@kernel.org \
--to=ardb@kernel.org \
--cc=android-kvm@google.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=mark.rutland@arm.com \
--cc=maz@kernel.org \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.