From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7766EC636C8 for ; Tue, 20 Jul 2021 14:28:05 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 8CB1D6101E for ; Tue, 20 Jul 2021 14:28:03 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 8CB1D6101E Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=kernel.crashing.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Date:Cc:To:From:Subject:Message-ID:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=pDEqFyIOzWRoJAu9af2+cewhMHO8X7meOkRTP65u69I=; b=mtZ0B5dP0Nm+Yd R/fWMpP+p0RiSwKRPo4y7M45yq16pgpz/L9YPB9mGTOZ4eA1mz/7U8p5COr7RNJi2Wcf7B76GWYQ6 8ykwqBlSN0SZD2xV1Ey0z5dt1LXg7GjvEkhKB1+u5tfYKUe3aTluQNC7tTAzZ3THaeRbDrom3VA+c 7a3Q3QQ+McaSogBHpLKuao+Tz7pDK1ZDxvo2PXxyNKiO4H/msv0jcuJmdq3E0/dDBsJMpkK1pC8Vr eGjUvIeaIL+I1YsIP+3dhhAMxnfwbDFnx/H8Xg0Z8k3WuVutWnjc+kibDmuaq2tzO4/+UGEtZjhyN Ke1diU6ea9a269FrkeVA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1m5qhk-00DBzK-Gm; Tue, 20 Jul 2021 14:26:40 +0000 Received: from gate.crashing.org ([63.228.1.57]) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1m5qhc-00DBy8-T9 for linux-arm-kernel@lists.infradead.org; Tue, 20 Jul 2021 14:26:34 +0000 Received: from ip6-localhost (localhost.localdomain [127.0.0.1]) by gate.crashing.org (8.14.1/8.14.1) with ESMTP id 16KEPTp6032188; Tue, 20 Jul 2021 09:25:29 -0500 Message-ID: Subject: Re: [PATCH 2/2] arm64: efi: kaslr: Fix boot failure if efi_random_alloc() fails From: Benjamin Herrenschmidt To: Ard Biesheuvel Cc: Linux ARM , linux-efi , "linux-kernel@vger.kernel.org Will Deacon" Date: Wed, 21 Jul 2021 00:25:28 +1000 In-Reply-To: References: <161920fc31ec4168290ca31b3e4ac7a75ac1df6b.camel@kernel.crashing.org> <0e1280c9ca789e15a46b65f6796a8c333a9da18a.camel@kernel.crashing.org> <2e4fb9458e32d2727099a5116c59a6c54e280aad.camel@kernel.crashing.org> User-Agent: Evolution 3.36.5-0ubuntu1 MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210720_072633_138650_18CB2368 X-CRM114-Status: GOOD ( 23.01 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Tue, 2021-07-20 at 16:10 +0200, Ard Biesheuvel wrote: > > > My patch simply ensures that this is also true when KASLR fails to > > randomize the kernel address. > > > > Fair enough. > > The history here is that passing nokaslr on the command line would > force 2M alignment even if KASLR was not enabled to begin with, > without affecting the alignment policy of KASLR capable kernels if > KASLR was not explicitly disabled, but not available on the platform. > > I realize now that my commit d32de9130f6c7 has interfered with this: > efi_nokaslr is set to true there so the later code does not complain > about the EFI_RNG_PROTOCOL being unavailable, but it has the side > effect of affecting the alignment policy in the remainder of the > function. > > So what I would prefer here is to capture efi_nokaslr at entry, and > use that to decide the alignment. That way, efi_nokaslr can be set to > true without affecting the subsequent allocation logic. So interestingly, the bug I am trying to fix with this patch seems to indicate that this doesn't work (though I would need to debug further as to why) on my systems (EC2 c6g.metal instances). IE, in my case what happens is: - kernel has CONFIG_RANDOMIZE_BASE and CONFIG_RELOCATABLE both enabled - RNG protocol exists, it gets a random seed, but due to the other bug, efi_random_alloc() fails. It thus falls back to the "normal" alignment check & relocation case (the big if (status != EFI_SUCCESS)) - That alignment check uses 64K and not 2M however. In my case it passes (_text is already 64K aligned) and we boot... - And nothing happens. IE, it dies somewhere in/after exit boot services, I haven't had a chance to figure out in more details why, those machines take 20mn to reboot. So *something* is wrong when we stick to a 64K alignment and don't randomize the kernel base. Interestingly we don't set nokaslr in that case, so we should still be hitting all the kaslr path in the main kernel. The problem could relate to running from that initial address. I'll have to debug further, maybe try a repro-case in qemu. In the meantime, please apply patch 1 which solves the main issue and I'll continue digging. Note (in case this is relevant): This was all tested/debugged on 5.10.y Cheers, Ben. _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel