From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A2437C07E95 for ; Tue, 20 Jul 2021 14:06:54 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 6F69A61186 for ; Tue, 20 Jul 2021 14:06:54 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 6F69A61186 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=kernel.crashing.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Date:Cc:To:From:Subject:Message-ID:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=V7qG3qeCbhtZAJUAWRQzQd/a3dZaZfmrLS5lgtAftD0=; b=PT1oIKIJjhzbw4 +HUVVMF6utuv0urIc/XnPLwGyOzrKSRCScJ6O7yReKjNQVgiJGZx8dTZ+dZhG1m4imhuUNe0feYfI mcB4mLowKBQbboespxQQEbU//cqzQpyVAS+Yfp0cYztdGfsxfTmXqxrz8FyNvi0NdfwZG+ntyr8Qd KrhF+G63+Gsh73kvQxSQNU/VzXeGcTXvTZXTEtimosKJXGZV+PqZJ+2AKQ+E9963PUW5f8GtG/tn1 NkLoovbLmcui0Mct6JHsk35Vkoztpwglhngd7f9Xg0L1gShwyeJSnMmuyRwUFtVINfPPjY5JgFt5m +V4sMmsWB7TlxSAjvHQw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1m5qMu-00D5bV-71; Tue, 20 Jul 2021 14:05:08 +0000 Received: from gate.crashing.org ([63.228.1.57]) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1m5qMp-00D5ZU-2X for linux-arm-kernel@lists.infradead.org; Tue, 20 Jul 2021 14:05:05 +0000 Received: from ip6-localhost (localhost.localdomain [127.0.0.1]) by gate.crashing.org (8.14.1/8.14.1) with ESMTP id 16KE3v9a030589; Tue, 20 Jul 2021 09:03:58 -0500 Message-ID: <2e4fb9458e32d2727099a5116c59a6c54e280aad.camel@kernel.crashing.org> Subject: Re: [PATCH 2/2] arm64: efi: kaslr: Fix boot failure if efi_random_alloc() fails From: Benjamin Herrenschmidt To: Ard Biesheuvel Cc: Linux ARM , linux-efi , "linux-kernel@vger.kernel.org Will Deacon" Date: Wed, 21 Jul 2021 00:03:56 +1000 In-Reply-To: References: <161920fc31ec4168290ca31b3e4ac7a75ac1df6b.camel@kernel.crashing.org> <0e1280c9ca789e15a46b65f6796a8c333a9da18a.camel@kernel.crashing.org> User-Agent: Evolution 3.36.5-0ubuntu1 MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210720_070503_347274_43FFD7E3 X-CRM114-Status: GOOD ( 19.00 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Tue, 2021-07-20 at 15:48 +0200, Ard Biesheuvel wrote: > > You are replacing min_kimg_align() with MIN_KIMG_ALIGN in a place > where it could return either value: efi_nokaslr will be false by > default on relocatable kernels Not exactly: drivers/firmware/efi/libstub/efi-stub-helper.c:bool efi_nokaslr = !IS_ENABLED(CONFIG_RANDOMIZE_BASE); So if CONFIG_RANDOMIZE_BASE is off (KASLR disabled in the config), efi_nokaslr is true. If CONFIG_RANDOMIZE_BASE is on, then it depends on the command line (and the availability of the RNG protocol). None of this depends on CONFIG_RELOCATABLE which is indeed not entirely orthogonal, but not particularily relevant in how the code is written today. > , in which case min_kimg_align() will > return EFI_KIMG_ALIGN, unless you specifically request KASLR to be > disabled. Nope. See above. It will only be EFI_KIMG_ALIGN if CONFIG_RANDOMIZE_BASE is on and KASLR isn't otherwise disabled. > The result is that relocatable kernels that would not require to be > moved will now be moved to a 2 MB aligned offset before booting them. > > Similarly for the efi_allocate_pages_aligned() call: that call would > only request 64k alignment before on a relocatable kernel if booting > without randomization. I'm not sure I'm following you here. If you look at the changelog for commit 7c116db24d94, it pretty clearly says: "Adjust the EFI stub for arm64 so that the minimum Image alignment is 2MB unless KASLR is in use." Which is also pretty much what is spelled in the comment above min_kimg_align() (which I moved but kept in my patch). Basically, what you describe is what the code used to do afaik, but not what it does since 7c116db24d94. The current code (prior) to my patch is pretty clear, it uses 64k alignment if KASLR is on, otherwise 2MB. So the big if (status != EFI_SUCCESS) statement with the alignment check & relocation is all only meant to be used in the !KASLR case, which is always going to want 2MB (again based on the code as written today). My patch simply ensures that this is also true when KASLR fails to randomize the kernel address. Cheers, Ben. _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel