From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id E6F6EC433F5 for ; Fri, 4 Mar 2022 17:59:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=pwtsO4y+QwuwzSorMgexm4PSGVfKaH+i86ljvRV2o+c=; b=brlGcxhtK5e0DA nHya/7iRwIk0Ot81A3xerg360y3OkvnW9gkApkGGqvYiZ/8Qmkd8+rpluKu2SEWpUCCKEDqB3bGvh kxW3aVz0c7KyVenVmbJAhfKvxn9cQI66QzTcq4Uf+M+OX5/Hb4pQZwIS40Cg3QL1dRiXAvNukzucs JzTiUrzn/jiP3DzpN+HD8hk3mx9DxYfZCvzIucnpbq7aMVgX2gUxBLDuAJP9YdagcLP9JMvSz0wck 70dEYOzq50ywIo3uMg5W0TSGjfW/y03E5c0R9CunWrAKO1+BLK9tciIW1XmzS3GhjFdSPO51fVdTK 76MHxyX++PE2PEIvaD2Q==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1nQCBc-00BSv3-K8; Fri, 04 Mar 2022 17:57:52 +0000 Received: from dfw.source.kernel.org ([139.178.84.217]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1nQCBP-00BSpz-3v for linux-arm-kernel@lists.infradead.org; Fri, 04 Mar 2022 17:57:40 +0000 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 952C460A50; Fri, 4 Mar 2022 17:57:38 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id A6D1DC340F2; Fri, 4 Mar 2022 17:57:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1646416658; bh=Du2P+lRB7DkE1xm30ScBTXKIZOrWz+MkQqMpbXEgRmY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Sjnq0g+2RDpYqjK38ljMm8wAaKJaLWa6DM+qhMJdUf93sRzIV1Qc9qI1lx+6dQF/U Qp4Wz9F82+cxe8Bh7N3462GBKzUmDdz5NW1XpMVg6ap7KM7m4Qwphz2cliOo3aGwzx rCqQy0pOLsXmtrTs7T0DRs7woY72bIYFqyKvpUJBbt9F6NeQlIUsoOyI4+ns5qaJdY MXqNMWopjTgdDiCeg/fU90Pa4rkCQMMMuQQsO6bf7QbaKQyRg/pVvSHo7PriDnYXoT eiUcBgNpOJGnB8ADq1wMfYYiYbW2ZCqs6C7T/0ukFTXs1PgClyAmvnpKxzcuNXYWxB rxSepukDM7V3Q== From: Ard Biesheuvel To: linux-arm-kernel@lists.infradead.org Cc: mark.rutland@arm.com, android-kvm@google.com, Ard Biesheuvel , Marc Zyngier , Will Deacon Subject: [RFC PATCH 1/8] arm64: kaslr: deal with init called with VA randomization enabled Date: Fri, 4 Mar 2022 18:56:50 +0100 Message-Id: <20220304175657.2744400-2-ardb@kernel.org> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220304175657.2744400-1-ardb@kernel.org> References: <20220304175657.2744400-1-ardb@kernel.org> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220304_095739_220906_C645333A X-CRM114-Status: GOOD ( 19.91 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org We will pass the KASLR seed via x1 as well as via the device tree, so that the boot code does not need to create the kernel mapping twice. This means we may enter kaslr_early_init() fully randomized, and the offset calculated by this function should be identical to the offset that has already been taken into account. This means that taking the address of _end or _etext and adding offset to it produces the wrong value, given that _end and _etext references will have been fixed up already, and therefore already incorporate offset. So instead of referring to these symbols directly, use their offsets relative to _text, which should produce values that depend on the size and layout of the Image only. Then, add KIMAGE_VADDR to obtain the unrandomized values. Signed-off-by: Ard Biesheuvel --- arch/arm64/kernel/kaslr.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/arch/arm64/kernel/kaslr.c b/arch/arm64/kernel/kaslr.c index 418b2bba1521..00cec96003fd 100644 --- a/arch/arm64/kernel/kaslr.c +++ b/arch/arm64/kernel/kaslr.c @@ -145,6 +145,8 @@ u64 __init kaslr_early_init(void) return offset % SZ_2G; if (IS_ENABLED(CONFIG_RANDOMIZE_MODULE_REGION_FULL)) { + u64 end = (u64)_end - (u64)_text + KIMAGE_VADDR; + /* * Randomize the module region over a 2 GB window covering the * kernel. This reduces the risk of modules leaking information @@ -154,9 +156,11 @@ u64 __init kaslr_early_init(void) * resolved normally.) */ module_range = SZ_2G - (u64)(_end - _stext); - module_alloc_base = max((u64)_end + offset - SZ_2G, + module_alloc_base = max(end + offset - SZ_2G, (u64)MODULES_VADDR); } else { + u64 end = (u64)_etext - (u64)_text + KIMAGE_VADDR; + /* * Randomize the module region by setting module_alloc_base to * a PAGE_SIZE multiple in the range [_etext - MODULES_VSIZE, @@ -167,7 +171,7 @@ u64 __init kaslr_early_init(void) * when ARM64_MODULE_PLTS is enabled. */ module_range = MODULES_VSIZE - (u64)(_etext - _stext); - module_alloc_base = (u64)_etext + offset - MODULES_VSIZE; + module_alloc_base = end + offset - MODULES_VSIZE; } /* use the lower 21 bits to randomize the base of the module region */ -- 2.30.2 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel