From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 84414C61DF4 for ; Fri, 24 Nov 2023 10:21:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:Message-ID: References:Mime-Version:In-Reply-To:Date:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=0S7pQvq2swJP9tRC22B0UDYUryvA2+3B+QZ8xSua2p0=; b=FtchDvbNXL6wWK9CmOcj7RaHHJ dg7Hdk/YjaxkuvtHX+VJldTN+rtQaRR28ODChB4OzmELJTIhIFZ5Acg8MmPXlChfjyy3d89UrMRxr uuFS6qelHtVXqgGoL3CYjd77+h3MckM8VLs964dOEJ3+Ya+N/KJzj14DqNvZcr/UO2oAyB6PeboDi IeeDSUplR9BJxSYyvNoLocICyjIJ6Ptdv3byrVQF6Ozjfpzvnql6xZ7KSZ5AuhLJxMhvm5SNe+hlx 4kfwWT0/YYnkUxcBmcx1ZJAkf+Pbz7wqq7UqzrZ0dGzUOF6obN4h20HjCSIOuMgp9p1dQu7/PelRx aOc0zKrA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1r6TIQ-006oX3-23; Fri, 24 Nov 2023 10:20:26 +0000 Received: from mail-wr1-x449.google.com ([2a00:1450:4864:20::449]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1r6TIL-006oUN-0h for linux-arm-kernel@lists.infradead.org; Fri, 24 Nov 2023 10:20:22 +0000 Received: by mail-wr1-x449.google.com with SMTP id ffacd0b85a97d-332d26dfc5fso901096f8f.3 for ; Fri, 24 Nov 2023 02:20:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1700821218; x=1701426018; darn=lists.infradead.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=c/0kHqi5ZIPX7uCJiko3eeawbTMfWCgSYmmSJYACJmA=; b=SHvcPSe/aDOSzt2333tBe7o39wRXJmC5N4MuVhKOMtDSQqkO/HOzVvr7+hP75D9jg8 VCjwW8+0WYxnJCOzWactm8TvqP90x49OZAcMopwV3UDKFiYrmdt23aviAXLlV98Hx8+p 5N62vrrweAQ4kXSHZG0Q8jTLXe4hmVE11elbv+PYHKa2cjF//5Z/pv2FTyoLgpGbZcJb Wm5MilD+WsGmp4ezLaNjytGYxJfMVsDaIntxBrQv2GmDf2WtYOGVi9h/hWHuztyNX18h X7T/TvHdz3ZBCiVECtTaXK4lEblQDdcCeDOcXsHTcTYFiDQ6osszpbrpSzM1T6HeBh/V 6uyQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700821218; x=1701426018; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=c/0kHqi5ZIPX7uCJiko3eeawbTMfWCgSYmmSJYACJmA=; b=fmA4IWJ3JkJVwJf8xsueXiNruk3VOPkWctHo1IYjAlzdiPQhuazr0fFArIstqQbVYT a7PduVbclBN/H1JmfCqqekT24GwFhwcN+TfH/GipWPiM7WxCfZKBFh/9wrLoLlk7Smnt 69Wr3jVZuGJvaSJO6XvH7M9BopaC10XtkJtic4gc/XBQZshGVfvt26/igmU5zUo7WYQv 9VQy8guvpeEKnmLWRN40iQp7lu9VjCDucJ2u33bClA4YYppJVZS78fM9XyUlRdybSUQd T1Xutmx3EL4OMGg3e/4AQAYKcLk/RlWoaa11xokbuQ8B999DXCWAdm0plIDNWiWTMTtD snOw== X-Gm-Message-State: AOJu0YxsRnLjkC5LJ5/cKWruyQer8iOnP6tvdoEpQUhfb/ZdZYZtoxrz OuNidGRg5ctCE1tRfTtJ3fASODn1LXhaW3OdAkwxABFuoyoGzlO34apgu2NrPxMsYmILEYuVuAS Ta7kUFAuE5xsvJHNJb5zWXAf2sf/rqmVh/jdwt0wnqlVKBpDv2ZTl/jxQjIUfWZGYOg2cODw997 E= X-Google-Smtp-Source: AGHT+IEAVjWKTcjFA6zjaEDbdfBdOJd6p4Zvg6KDgoekypRfyB5Zz0A7siNugrYYVorCEV0TZCwFfD74 X-Received: from palermo.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:118a]) (user=ardb job=sendgmr) by 2002:a5d:452c:0:b0:32f:7d60:d633 with SMTP id j12-20020a5d452c000000b0032f7d60d633mr35069wra.9.1700821217733; Fri, 24 Nov 2023 02:20:17 -0800 (PST) Date: Fri, 24 Nov 2023 11:18:42 +0100 In-Reply-To: <20231124101840.944737-41-ardb@google.com> Mime-Version: 1.0 References: <20231124101840.944737-41-ardb@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=2831; i=ardb@kernel.org; h=from:subject; bh=ZfuLl88gFL9uskT9e1AlkywoKWtb5bgNB+HGXf4gRmk=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JITWhopnB2bnxmE5ssarqKWFrWYUAP4MNEYphwovN7a1Lx Fmb5neUsjCIcTDIiimyCMz++27n6YlStc6zZGHmsDKBDeHiFICJqH5hZPjvELj469dZ2eHJUyJW 8S/eG7vzt37yovrsG39zFUs6QtkZ/qkE7z30yZff+Oa/85zLCl/+PzzveNLyH84T3DzmfhF02cc FAA== X-Mailer: git-send-email 2.43.0.rc1.413.gea7ed67945-goog Message-ID: <20231124101840.944737-43-ardb@google.com> Subject: [PATCH v5 02/39] arm64: mm: Take potential load offset into account when KASLR is off From: Ard Biesheuvel To: linux-arm-kernel@lists.infradead.org Cc: Ard Biesheuvel , Catalin Marinas , Will Deacon , Marc Zyngier , Mark Rutland , Ryan Roberts , Anshuman Khandual , Kees Cook X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20231124_022021_262650_FDB1E3A7 X-CRM114-Status: GOOD ( 18.88 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org From: Ard Biesheuvel We enable CONFIG_RELOCATABLE even when CONFIG_RANDOMIZE_BASE is disabled, and this permits the loader (i.e., EFI) to place the kernel anywhere in physical memory as long as the base address is 64k aligned. This means that the 'KASLR' case described in the header that defines the size of the statically allocated page tables could take effect even when CONFIG_RANDMIZE_BASE=n. So check for CONFIG_RELOCATABLE instead. Signed-off-by: Ard Biesheuvel --- arch/arm64/include/asm/kernel-pgtable.h | 27 +++++--------------- 1 file changed, 6 insertions(+), 21 deletions(-) diff --git a/arch/arm64/include/asm/kernel-pgtable.h b/arch/arm64/include/asm/kernel-pgtable.h index 85d26143faa5..83ddb14b95a5 100644 --- a/arch/arm64/include/asm/kernel-pgtable.h +++ b/arch/arm64/include/asm/kernel-pgtable.h @@ -37,27 +37,12 @@ /* - * If KASLR is enabled, then an offset K is added to the kernel address - * space. The bottom 21 bits of this offset are zero to guarantee 2MB - * alignment for PA and VA. - * - * For each pagetable level of the swapper, we know that the shift will - * be larger than 21 (for the 4KB granule case we use section maps thus - * the smallest shift is actually 30) thus there is the possibility that - * KASLR can increase the number of pagetable entries by 1, so we make - * room for this extra entry. - * - * Note KASLR cannot increase the number of required entries for a level - * by more than one because it increments both the virtual start and end - * addresses equally (the extra entry comes from the case where the end - * address is just pushed over a boundary and the start address isn't). + * A relocatable kernel may execute from an address that differs from the one at + * which it was linked. In the worst case, its runtime placement may intersect + * with two adjacent PGDIR entries, which means that an additional page table + * may be needed at each subordinate level. */ - -#ifdef CONFIG_RANDOMIZE_BASE -#define EARLY_KASLR (1) -#else -#define EARLY_KASLR (0) -#endif +#define EXTRA_PAGE __is_defined(CONFIG_RELOCATABLE) #define SPAN_NR_ENTRIES(vstart, vend, shift) \ ((((vend) - 1) >> (shift)) - ((vstart) >> (shift)) + 1) @@ -83,7 +68,7 @@ + EARLY_PGDS((vstart), (vend), add) /* each PGDIR needs a next level page table */ \ + EARLY_PUDS((vstart), (vend), add) /* each PUD needs a next level page table */ \ + EARLY_PMDS((vstart), (vend), add)) /* each PMD needs a next level page table */ -#define INIT_DIR_SIZE (PAGE_SIZE * EARLY_PAGES(KIMAGE_VADDR, _end, EARLY_KASLR)) +#define INIT_DIR_SIZE (PAGE_SIZE * EARLY_PAGES(KIMAGE_VADDR, _end, EXTRA_PAGE)) /* the initial ID map may need two extra pages if it needs to be extended */ #if VA_BITS < 48 -- 2.43.0.rc1.413.gea7ed67945-goog _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel