From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 29F70C433EF for ; Fri, 4 Mar 2022 17:59:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=AwX0hW1TwSOA5g8MO1joI3PsxRVRZAQRgoArpo9CvZ0=; b=aEkKbUp6aY4s68 hXS6RpV+H265OiqTZMMfIOOJ6nuFzLuQk/ywJ5ZO4+JpVUm3qkMvLLX3vhCYTRabvTwqTEbi+luOR CnysfnLZvN/7G+XCvPp6l4cThPcVGzY8Af2kre5jghmyZ+oDMilUZlD1EeqlwGkzlGl5NSo7wWyrV oPp2qTE0qfPrVX3WGvsT+Hu3MyUuIaOujtcuVczkUJcEwuH4AeOnaMsiWuhkEpY4ZYRuxR+nXVWel kAl8tPLStp03LoV/NUzKcxVVEdlf6x4bRGZHmiCkzNgFT8SsWkVwTpb1G9Kkf7L1UGdAwwMXEa48a 4ixKOEaiFtvHx3MZ/0fg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1nQCBz-00BT1v-20; Fri, 04 Mar 2022 17:58:15 +0000 Received: from ams.source.kernel.org ([145.40.68.75]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1nQCBU-00BSra-87 for linux-arm-kernel@lists.infradead.org; Fri, 04 Mar 2022 17:57:46 +0000 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id E1E18B82A70; Fri, 4 Mar 2022 17:57:42 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 3B74BC340F2; Fri, 4 Mar 2022 17:57:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1646416661; bh=BA23laF/eq7IGZTJkLnov2nUx5y7jgKkd+YjIBVN7T4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=a7MgaLh2kBQUM/xJsJXR23sTunM9WUvoDMSFamZjxqEJDscIn4GddGRsm6eOzj0lu aWubnpj4hL7DxBSktW3YZLxxSmyNY9aTAm083Y/NChORXsGOkFpMQ6yrR3SB9StYJ1 j48dc7/WoHWp644xbvMq3N5IXKktcNWKta9lIT7BmY0yGljapnRdF13zIWTn8rQ+Nj AJ9POokkL2rCp9lIWYrzhnOKCOLUB+VimLgD7EkjhevXwuxrcN+E2EtoJoIQTB62nd +KbhK8CJ9FIdEJX6pYJY3u0Te/FxPxeV032Oysg1nfBPrfdrazPx6OC6bVJBYXU038 dv4ANHcxA+V7w== From: Ard Biesheuvel To: linux-arm-kernel@lists.infradead.org Cc: mark.rutland@arm.com, android-kvm@google.com, Ard Biesheuvel , Marc Zyngier , Will Deacon Subject: [RFC PATCH 3/8] arm64: head: take KASLR seed passed via x1 into account Date: Fri, 4 Mar 2022 18:56:52 +0100 Message-Id: <20220304175657.2744400-4-ardb@kernel.org> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220304175657.2744400-1-ardb@kernel.org> References: <20220304175657.2744400-1-ardb@kernel.org> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220304_095744_620962_A27DF7CD X-CRM114-Status: GOOD ( 16.61 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org If the kernel was entered with the MMU on, use the value passed via register x1 as the seed for virtual randomization rather than the one passed via the /chosen/kaslr-seed DT property. This removes the need to map and unmap the kernel just to access the DT. Note that kaslr_early_init() still needs to be called exactly once in this case, to set the other KASLR related state, so ensure that this happens when called with the MMU on. Signed-off-by: Ard Biesheuvel --- arch/arm64/kernel/head.S | 28 ++++++++++++++++++-- 1 file changed, 26 insertions(+), 2 deletions(-) diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S index bec9c1483584..0726ce0d6fd4 100644 --- a/arch/arm64/kernel/head.S +++ b/arch/arm64/kernel/head.S @@ -91,10 +91,9 @@ */ SYM_CODE_START(primary_entry) bl record_mmu_state + bl record_kaslr_offset bl preserve_boot_args bl init_kernel_el // w0=cpu_boot_mode - adrp x23, __PHYS_OFFSET - and x23, x23, MIN_KIMG_ALIGN - 1 // KASLR offset, defaults to 0 bl set_cpu_boot_mode_flag bl __create_page_tables /* @@ -117,6 +116,29 @@ SYM_CODE_START_LOCAL(record_mmu_state) ret SYM_CODE_END(record_mmu_state) +SYM_CODE_START_LOCAL(record_kaslr_offset) + adrp x23, __PHYS_OFFSET + and x23, x23, MIN_KIMG_ALIGN - 1 // KASLR offset, defaults to 0 + cbz x25, 0f // skip if MMU is disabled +#ifdef CONFIG_RANDOMIZE_BASE + /* + * Calculate the virtual randomization that will be applied based on + * the KASLR seed passed via x1, if provided. + */ + and x4, x1, ~(MIN_KIMG_ALIGN - 1) + and x4, x4, #(1 << (VA_BITS_MIN - 2)) - 1 + mov x5, #1 << (VA_BITS_MIN - 3) + add x4, x4, x5 +#if !defined(CONFIG_KASAN_VMALLOC) && \ + (defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS)) + and x4, x4, #(1 << 31) - 1 // limit to 2G +#endif + orr x23, x23, x4 + mov x1, xzr // wipe the seed from x1 +#endif +0: ret +SYM_CODE_END(record_kaslr_offset) + /* * Preserve the arguments passed by the bootloader in x0 .. x3 */ @@ -467,8 +489,10 @@ SYM_FUNC_START_LOCAL(__primary_switched) bl init_feature_override // Parse cpu feature overrides #ifdef CONFIG_RANDOMIZE_BASE tst x23, ~(MIN_KIMG_ALIGN - 1) // already running randomized? + ccmp x25, #1, #4, ne // and we booted with the MMU off? b.ne 0f bl kaslr_early_init // parse FDT for KASLR options + cbnz x25, 0f // MMU was on? cbz x0, 0f // KASLR disabled? just proceed orr x23, x23, x0 // record KASLR offset ldp x29, x30, [sp], #16 // we must enable KASLR, return -- 2.30.2 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel