From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-pj1-f45.google.com (mail-pj1-f45.google.com [209.85.216.45])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8866D30498E
	for <linux-kernel@vger.kernel.org>; Sun, 26 Apr 2026 12:02:51 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.45
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1777204972; cv=none; b=t/nWZObYaXeMRn4hR9k2Upg2yy3FUkWLDy036ran2vxCKBxh3laeezdy3nV7LlXwTKcqW8bIZhpfCgh9kBr8TCOLzulrlqWMWSprnb82s5OZqJTabZ6Xyj9HtExvQaMZtnGsYavRbm487C6hFq2bfBYZcIu8RnMyKQqv07SYOjE=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1777204972; c=relaxed/simple;
	bh=kRcVXv28tDnvQzXVvyODGNAJffBkNrvU5IYCATY2cz0=;
	h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=WcgoqQDmhkTJ6DhjX+7/ReIazdSGo1Vivg8qw0dJOd72f36CBfLoG+ErZqcKNkt1VI87zO+sViVlkruM2XhOuX9APQU9/07J34mgu4UOeQHg8nOwKnVyUbZ/QiEwphBe8bETaD6hEFg7oezj4o/h9wyO+UWXbo+C4Er89eqTu9o=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=hev.cc; spf=pass smtp.mailfrom=hev.cc; dkim=pass (2048-bit key) header.d=hev-cc.20251104.gappssmtp.com header.i=@hev-cc.20251104.gappssmtp.com header.b=plQjYQCa; arc=none smtp.client-ip=209.85.216.45
Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=hev.cc
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=hev.cc
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=hev-cc.20251104.gappssmtp.com header.i=@hev-cc.20251104.gappssmtp.com header.b="plQjYQCa"
Received: by mail-pj1-f45.google.com with SMTP id 98e67ed59e1d1-35da9c0c007so8043465a91.2
        for <linux-kernel@vger.kernel.org>; Sun, 26 Apr 2026 05:02:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=hev-cc.20251104.gappssmtp.com; s=20251104; t=1777204971; x=1777809771; darn=vger.kernel.org;
        h=content-transfer-encoding:mime-version:message-id:date:subject:cc
         :to:from:from:to:cc:subject:date:message-id:reply-to;
        bh=ghTQEcleXWHPOaZ8rEPzzwQ8WxO8nfCzXA22IKrt/r4=;
        b=plQjYQCal9QP/HPHUzd8kKSgOxJR2z7EqWHpBR0hkvnIt+3GJtDv6JaSd2zT55t0xm
         xp4TLNvaFeK69KqL99Acyk+Vq0/8dTBSIHh25fPftO5/kT/btGk6SA3j0Jo/ufkCffnX
         9ImyTDAAV15vQ69PJHRoK+TPYy1QDAjAlN6jYz1FvvURO70d6ZIZHOiKlH65a/SQdbpP
         hZ6zghIP0Wn9yJlvfTDIDIlccovMQYYrgll80490riT6rlw6/dtwPOUUm89vIggHnMn+
         hhExnRmGhdbjffGCoWZxCHy8CFWCgJvqTBdfXrsUNGZFdqEB/7ScuKbAUJ8D3ZT3acXc
         /aCA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1777204971; x=1777809771;
        h=content-transfer-encoding:mime-version:message-id:date:subject:cc
         :to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date
         :message-id:reply-to;
        bh=ghTQEcleXWHPOaZ8rEPzzwQ8WxO8nfCzXA22IKrt/r4=;
        b=jr8o4Wf8Aihrpdo2arDQlR5Y1dpfUE/DWgulv02V3h0FVQCTTHgpK5VFHf6jnzFSGn
         JpGf0izj6RX8IN8T1qEbX0s50qMUXSF5hnaaO01kkfmhD2s69DjvX5BQxNJcIb7VjydQ
         T3LL/67+TizLB6qwvve++wr00jLk/0exCgqoboK/T9h5Hnelc+1JXmHttBaox6vuOwu2
         sEowa7VN/OMa78Bqqo622yLf4al15A5wIzREM6BrNcILYcPJ/XZZNVXrKmWLKSGmbdiU
         AZJ9AqdcXpuB+zy04u0lCN7ImTZW/M8TA1B0bcM7wi1DG1Bca1jOyI0HTWb86JV0gVrv
         +ltw==
X-Forwarded-Encrypted: i=1; AFNElJ+D2VLnAiCbdxtb70RcKFQtlGqwezNBKlbg0oEoUY0yAm8ssio3EDg1c3Mb7/dlfjA3MV+94twyjNn8CkQ=@vger.kernel.org
X-Gm-Message-State: AOJu0YzCE5W+qC1cGA/8LzCXU6EigRQ0aNJ5kULu3kSvYM0hQ/MdZM90
	+Lg8Ii+50XLY24x9R/kKRkL1k6omw74MsBQEAIlaEyF9w5Nt77HfkqqmID1p6jVz/rs=
X-Gm-Gg: AeBDieshhG4wUwx+3kx/cToPWeVM7w/tha5PdQRhAFVpoIJ8oYXji/DMYX4vBiPjzLH
	FsCUazHw9/z7ZJcA9eXccd5+hjbVevMIAVlrs9Ozd419PB58/qbsI3E7uhsBWVs0B7t2PsK/4aC
	vJGPDcj18xhw4o+7ZpU2fGXe7Qa+DwNjTCTgB+FXe9HjGAGrK4awQSHP1nUAxXfrzwCUEH6iHN5
	qYTE+oQqe2SB9T2+NuSYD8pKjL634UzHV2yYH96zMwFU6Lm3NA1BcarYwdt4Rr1zuFSV8zsoZyl
	k3claFTqw8ADh0WEdtr32ecavoFj65/0Yv7HaDw8Pot6DpI50EWrCg4GaZj5Jb2Aj9xhdmA/Ono
	KliggUTtbkJvzwowJFiLEiheeI4rsev1Os2s02dyBgUNRffkmBh7YIhSQzZvETZW6Av7XuHBpQy
	8lfkeW9SiSi1HzVzqJOjM=
X-Received: by 2002:a17:90b:1dc2:b0:35f:b306:5d47 with SMTP id 98e67ed59e1d1-361403af9c4mr41043913a91.1.1777204970795;
        Sun, 26 Apr 2026 05:02:50 -0700 (PDT)
Received: from localhost ([2400:8902:e002:de3c:3085:4d80:3614:2212])
        by smtp.gmail.com with ESMTPSA id d9443c01a7336-2b5fab297c8sm263413965ad.67.2026.04.26.05.02.48
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 26 Apr 2026 05:02:50 -0700 (PDT)
From: WANG Rui <r@hev.cc>
To: Huacai Chen <chenhuacai@kernel.org>,
	Ard Biesheuvel <ardb@kernel.org>
Cc: WANG Xuerui <kernel@xen0n.name>,
	Ilias Apalodimas <ilias.apalodimas@linaro.org>,
	loongarch@lists.linux.dev,
	linux-efi@vger.kernel.org,
	linux-kernel@vger.kernel.org,
	WANG Rui <r@hev.cc>
Subject: [RFC PATCH 0/3] LoongArch: Move KASLR to EFI stub to avoid initrd overlap
Date: Sun, 26 Apr 2026 20:02:28 +0800
Message-ID: <20260426120231.532644-1-r@hev.cc>
X-Mailer: git-send-email 2.54.0
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

This series addresses a potential overlap issue between the kernel
image and the initrd when KASLR is enabled.

In the normal boot flow, the bootloader is responsible for loading
both vmlinux and the initrd, and it can guarantee that the two do
not overlap in memory. However, this assumption only holds as long
as neither image changes its location afterwards.

The in-kernel KASLR implementation breaks that assumption. When the
initrd is placed close to the kernel image, randomizing the kernel
location at runtime may move it into the initrd region, leading to
memory corruption early during boot.

To fix this, this series moves the KASLR logic out of the kernel
proper and into the EFI stub. With this change, the final placement
of both the kernel image and the initrd is determined by the EFI
memory allocator. This ensures that the two allocations are
coordinated and cannot overlap.

Functionally, the kernel still supports KASLR as before, but the
randomization now happens before the kernel is entered, rather than
during early kernel relocation.

WANG Rui (3):
  LoongArch: Allow rdtime_h and rdtime_l in 64-bit builds
  efi/loongarch: Randomize kernel preferred address for KASLR
  LoongArch: Remove KASLR handling from relocate_kernel()

 arch/loongarch/include/asm/efi.h         |   4 +-
 arch/loongarch/include/asm/loongarch.h   |   6 -
 arch/loongarch/include/asm/setup.h       |   2 +-
 arch/loongarch/kernel/head.S             |  12 --
 arch/loongarch/kernel/relocate.c         | 182 +----------------------
 drivers/firmware/efi/libstub/loongarch.c |  15 ++
 6 files changed, 24 insertions(+), 197 deletions(-)

-- 
2.54.0