From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-17.7 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1D8C9C432BE for ; Mon, 26 Jul 2021 14:55:32 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id DF79260F51 for ; Mon, 26 Jul 2021 14:55:31 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org DF79260F51 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=/YMfoEFF48IIyasJY1atLA+kqZ38YUZX5ABNpvUrORM=; b=sDWmktI8i+DDix 6DlZv8mSUaKkqtIA66RwWWG9yUSqsJqTKaQyXk+lJTTMsC/pf1ANd0aKT04Zgle43ldy5bhdtBHo0 Lc19G5vuWQVzedbTFREC6JVcx1Mv4KAfhYoyzvZCtJtVDT1+4q83A3QY1qkjw3oXtRETeor0mBpEW H6cNDT8L/y9PRiSsjCQk5osQyHjZLD8YWXpvcWNEKB/YW/NnP8kbs3gDXTZKm6NwAtzVpUMV+Kbzn k81b8pAnHTN/9TSXGtI9HBrYToQ9Dy68jN6D9qQ4Tdxcojzh/N4I716y4HU9oScLhyavjiRl0lgXo 5UF5uqqCRi93MAHFhgPw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1m81yg-00BYwU-7X; Mon, 26 Jul 2021 14:53:10 +0000 Received: from mail.kernel.org ([198.145.29.99]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1m81xi-00BYgu-5X for linux-arm-kernel@lists.infradead.org; Mon, 26 Jul 2021 14:52:11 +0000 Received: by mail.kernel.org (Postfix) with ESMTPSA id 14C1660F38; Mon, 26 Jul 2021 14:52:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1627311130; bh=HmJamR4DF8R3JiOkeQDkQrlPV4QfpmOrQy6gPG/dDX0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=UXJANHAp6BcHf+FFfyGULRRIcyl6FXBhBoJ84Bb37bXjAQtFqC6qhTTXRaqb9NdMl R6q3BWA9Wbgt3LI77WQ1fbe/gmxVo6Dwux07ONqCfnpW6+yiidGfL3YL/q/FFhdWRP Z/vZvNjZjHQVbqCrp37ZRs2WPCS1tetb8oQaXz7h5aYkvpOp0lrK8gmK7Itwve1gUR oVDdKV+PiGSfyeyLBXkGgSeLqvwvEdmAL2ClJxfUYML4N9nsiw2fchoruopGeSnQNm fAHJJhojmY+CGcDTGZmXxmOecDbUq4XJV1fPtnki6mmW8whvb6yAsW0sgAunth0vd7 4mGodlW+ChwWg== From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, Ard Biesheuvel , stable@vger.kernel.org Subject: [PATCH v3 4/4] efi/libstub: arm64: Double check image alignment at entry Date: Mon, 26 Jul 2021 16:51:56 +0200 Message-Id: <20210726145156.12006-5-ardb@kernel.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20210726145156.12006-1-ardb@kernel.org> References: <20210726145156.12006-1-ardb@kernel.org> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210726_075210_250580_BA25370D X-CRM114-Status: GOOD ( 11.94 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On arm64, the stub only moves the kernel image around in memory if needed, which is typically only for KASLR, given that relocatable kernels (which is the default) can run from any 64k aligned address, which is also the minimum alignment communicated to EFI via the PE/COFF header. Unfortunately, some loaders appear to ignore this header, and load the kernel at some arbitrary offset in memory. We can deal with this, but let's check for this condition anyway, so non-compliant code can be spotted and fixed. Cc: # v5.10+ Signed-off-by: Ard Biesheuvel --- drivers/firmware/efi/libstub/arm64-stub.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/firmware/efi/libstub/arm64-stub.c b/drivers/firmware/efi/libstub/arm64-stub.c index 010564f8bbc4..2363fee9211c 100644 --- a/drivers/firmware/efi/libstub/arm64-stub.c +++ b/drivers/firmware/efi/libstub/arm64-stub.c @@ -119,6 +119,10 @@ efi_status_t handle_kernel_image(unsigned long *image_addr, if (image->image_base != _text) efi_err("FIRMWARE BUG: efi_loaded_image_t::image_base has bogus value\n"); + if (!IS_ALIGNED((u64)_text, EFI_KIMG_ALIGN)) + efi_err("FIRMWARE BUG: kernel image not aligned on %ldk boundary\n", + EFI_KIMG_ALIGN >> 10); + kernel_size = _edata - _text; kernel_memsize = kernel_size + (_end - _edata); *reserve_size = kernel_memsize; -- 2.20.1 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel