From: mark.rutland@arm.com (Mark Rutland)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH 4/4] arm64: Enable TEXT_OFFSET fuzzing
Date: Wed, 21 May 2014 11:18:09 +0100 [thread overview]
Message-ID: <20140521101809.GD17827@leverpostej> (raw)
In-Reply-To: <20140520160827.GK3663@leverpostej>
On Tue, May 20, 2014 at 05:08:27PM +0100, Mark Rutland wrote:
[...]
> > > The 16B increment is required due to some code in head.S (__turn_mmu_on)
> > > requiring a minimum 16B alignment for the object.
> > >
> > > The 2MB maximum comes from the fact we rely on the start of memory being
> > > 2MB aligned. I'm not sure there's a compelling reason to limit the
> > > randomization if enabled at all -- either you can handle it or you
> > > can't. Are we ever likely to want an offset larger than the memory
> > > alignment?
> >
> > A reason to limit the randomization is to make it easier on the
> > bootloaders to be able to rule of thumb initial loads. It's not a big
> > deal with Image if it gets loaded lower than the offset, we can start
> > shifting data at the end. But when we start looking at Image.gz (or xz
> > or ...), in some cases we'll get the whole image read into memory (network
> > booting for example), uncompress the first block so we can confirm a
> > good Image header and see about text_offset/image_size. If we know that
> > text_offset is somewhere random inside of 2MB (or some other documented
> > max), we can then go with saying an initial load should be at say +32MB
> > (to mirror Documentation/arm/Booting). If it can be anywhere, then
> > things get hard, or at least annoying (error out and tell the user to
> > re-load things because of a random value? I can see testing frameworks
> > being annoyed about that).
>
> Ouch, that is somewhat painful.
>
> I don't think we expect to see a text_offset larger than 2MB, and I
> can't immediately see why we'd care about any particular text offset
> assuming the page tables are at the end of the runtime image. That said,
> I'm not completely clear on the history of the text_offset.
>
> > And we should document the range of the offset in
> > Documentation/arm64/booting.txt as well.
>
> As far as I am aware, we have a 64-bit field specifically to allow for
> an arbitrarily large value, so placing limitations on that may be a
> little difficult.
>
> As stated above, I don't think there'd be a reason for having a
> text_offset larger than our memory alignment restriction (2MB), but
> there may be something I've missed. If others are reasonably confident
> with an upper limit, I'd be happy to go with it.
Having thought about it a little more, the primary reason for having
text_offset is to allow for memory below the kernel to be addressable.
If we decouple the linear mapping from the kernel text mapping this
would not be a problem -- we'd be able to load the kernel at any
2MB-aligned address + text_offset and use memory below it.
So I think we could get away with limiting text_offset to 2MB.
Cheers,
Mark.
next prev parent reply other threads:[~2014-05-21 10:18 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-16 9:50 [PATCH 0/4] arm64: simplify restrictions on bootloaders Mark Rutland
2014-05-16 9:50 ` [PATCH 1/4] arm64: head.S: remove unnecessary function alignment Mark Rutland
2014-05-16 13:04 ` Christopher Covington
2014-05-20 16:20 ` Laura Abbott
2014-05-16 9:50 ` [PATCH 2/4] arm64: place initial page tables above the kernel Mark Rutland
2014-05-20 16:21 ` Laura Abbott
2014-05-16 9:50 ` [PATCH 3/4] arm64: export effective Image size to bootloaders Mark Rutland
2014-05-20 14:12 ` Tom Rini
2014-05-20 16:22 ` Laura Abbott
2014-06-16 20:27 ` Geoff Levand
2014-06-18 16:49 ` Mark Rutland
2014-06-18 18:27 ` Rob Herring
2014-06-18 18:41 ` Geoff Levand
2014-06-19 10:25 ` Mark Rutland
2014-06-19 18:07 ` Geoff Levand
2014-06-20 10:17 ` Mark Rutland
2014-06-18 18:56 ` Kevin Hilman
2014-06-18 23:03 ` [PATCH] arm64: Add byte order to image header Geoff Levand
2014-06-18 23:07 ` [PATCH] arm64: Add new file asm/image.h Geoff Levand
2014-05-16 9:50 ` [PATCH 4/4] arm64: Enable TEXT_OFFSET fuzzing Mark Rutland
2014-05-16 14:06 ` Catalin Marinas
2014-05-16 16:55 ` Mark Rutland
2014-05-20 14:11 ` Tom Rini
2014-05-20 16:08 ` Mark Rutland
2014-05-21 10:18 ` Mark Rutland [this message]
2014-05-20 11:31 ` [PATCH 0/4] arm64: simplify restrictions on bootloaders Ian Campbell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140521101809.GD17827@leverpostej \
--to=mark.rutland@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).