All of lore.kernel.org
 help / color / mirror / Atom feed
From: Ard Biesheuvel <ardb@kernel.org>
To: linux-arm-kernel@lists.infradead.org
Cc: mark.rutland@arm.com, android-kvm@google.com,
	Ard Biesheuvel <ardb@kernel.org>, Marc Zyngier <maz@kernel.org>,
	Will Deacon <will@kernel.org>
Subject: [RFC PATCH 3/8] arm64: head: take KASLR seed passed via x1 into account
Date: Fri,  4 Mar 2022 18:56:52 +0100	[thread overview]
Message-ID: <20220304175657.2744400-4-ardb@kernel.org> (raw)
In-Reply-To: <20220304175657.2744400-1-ardb@kernel.org>

If the kernel was entered with the MMU on, use the value passed via
register x1 as the seed for virtual randomization rather than the one
passed via the /chosen/kaslr-seed DT property. This removes the need to
map and unmap the kernel just to access the DT.

Note that kaslr_early_init() still needs to be called exactly once in
this case, to set the other KASLR related state, so ensure that this
happens when called with the MMU on.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 arch/arm64/kernel/head.S | 28 ++++++++++++++++++--
 1 file changed, 26 insertions(+), 2 deletions(-)

diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S
index bec9c1483584..0726ce0d6fd4 100644
--- a/arch/arm64/kernel/head.S
+++ b/arch/arm64/kernel/head.S
@@ -91,10 +91,9 @@
 	 */
 SYM_CODE_START(primary_entry)
 	bl	record_mmu_state
+	bl	record_kaslr_offset
 	bl	preserve_boot_args
 	bl	init_kernel_el			// w0=cpu_boot_mode
-	adrp	x23, __PHYS_OFFSET
-	and	x23, x23, MIN_KIMG_ALIGN - 1	// KASLR offset, defaults to 0
 	bl	set_cpu_boot_mode_flag
 	bl	__create_page_tables
 	/*
@@ -117,6 +116,29 @@ SYM_CODE_START_LOCAL(record_mmu_state)
 	ret
 SYM_CODE_END(record_mmu_state)
 
+SYM_CODE_START_LOCAL(record_kaslr_offset)
+	adrp	x23, __PHYS_OFFSET
+	and	x23, x23, MIN_KIMG_ALIGN - 1	// KASLR offset, defaults to 0
+	cbz	x25, 0f				// skip if MMU is disabled
+#ifdef CONFIG_RANDOMIZE_BASE
+	/*
+	 * Calculate the virtual randomization that will be applied based on
+	 * the KASLR seed passed via x1, if provided.
+	 */
+	and	x4, x1, ~(MIN_KIMG_ALIGN - 1)
+	and	x4, x4, #(1 << (VA_BITS_MIN - 2)) - 1
+	mov	x5, #1 << (VA_BITS_MIN - 3)
+	add	x4, x4, x5
+#if !defined(CONFIG_KASAN_VMALLOC) && \
+    (defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS))
+	and	x4, x4, #(1 << 31) - 1		// limit to 2G
+#endif
+	orr	x23, x23, x4
+	mov	x1, xzr				// wipe the seed from x1
+#endif
+0:	ret
+SYM_CODE_END(record_kaslr_offset)
+
 /*
  * Preserve the arguments passed by the bootloader in x0 .. x3
  */
@@ -467,8 +489,10 @@ SYM_FUNC_START_LOCAL(__primary_switched)
 	bl	init_feature_override		// Parse cpu feature overrides
 #ifdef CONFIG_RANDOMIZE_BASE
 	tst	x23, ~(MIN_KIMG_ALIGN - 1)	// already running randomized?
+	ccmp	x25, #1, #4, ne			// and we booted with the MMU off?
 	b.ne	0f
 	bl	kaslr_early_init		// parse FDT for KASLR options
+	cbnz	x25, 0f				// MMU was on?
 	cbz	x0, 0f				// KASLR disabled? just proceed
 	orr	x23, x23, x0			// record KASLR offset
 	ldp	x29, x30, [sp], #16		// we must enable KASLR, return
-- 
2.30.2


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

  parent reply	other threads:[~2022-03-04 17:59 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-03-04 17:56 [RFC PATCH 0/8] arm64: efi: leave MMU and caches on at boot Ard Biesheuvel
2022-03-04 17:56 ` [RFC PATCH 1/8] arm64: kaslr: deal with init called with VA randomization enabled Ard Biesheuvel
2022-03-04 17:56 ` [RFC PATCH 2/8] arm64: head: record the MMU state at primary entry Ard Biesheuvel
2022-03-04 17:56 ` Ard Biesheuvel [this message]
2022-03-04 17:56 ` [RFC PATCH 4/8] arm64: head: avoid cache invalidation when entering with the MMU on Ard Biesheuvel
2022-03-04 17:56 ` [RFC PATCH 5/8] arm64: head: populate page tables before disabling the MMU Ard Biesheuvel
2022-03-04 17:56 ` [RFC PATCH 6/8] arm64: head: clean the ID map page to the PoC Ard Biesheuvel
2022-03-04 17:56 ` [RFC PATCH 7/8] arm64: lds: move idmap_pg_dir out of .rodata Ard Biesheuvel
2022-03-04 17:56 ` [RFC PATCH 8/8] arm64: efi: leave MMU and caches on when handing over to the core kernel Ard Biesheuvel

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220304175657.2744400-4-ardb@kernel.org \
    --to=ardb@kernel.org \
    --cc=android-kvm@google.com \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=mark.rutland@arm.com \
    --cc=maz@kernel.org \
    --cc=will@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.