From patchwork Thu Mar 3 18:44:15 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 63491 Delivered-To: patch@linaro.org Received: by 10.112.199.169 with SMTP id jl9csp65376lbc; Thu, 3 Mar 2016 10:46:12 -0800 (PST) X-Received: by 10.98.80.78 with SMTP id e75mr5859130pfb.147.1457030772425; Thu, 03 Mar 2016 10:46:12 -0800 (PST) Return-Path: Received: from bombadil.infradead.org (bombadil.infradead.org. [2001:1868:205::9]) by mx.google.com with ESMTPS id tr8si48355316pab.0.2016.03.03.10.46.12 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 03 Mar 2016 10:46:12 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org designates 2001:1868:205::9 as permitted sender) client-ip=2001:1868:205::9; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org designates 2001:1868:205::9 as permitted sender) smtp.mailfrom=linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org; dkim=neutral (body hash did not verify) header.i=@linaro.org Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux)) id 1abYFU-0002B6-0m; Thu, 03 Mar 2016 18:45:20 +0000 Received: from mail-wm0-x229.google.com ([2a00:1450:400c:c09::229]) by bombadil.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat Linux)) id 1abYEy-00019a-Mi for linux-arm-kernel@lists.infradead.org; Thu, 03 Mar 2016 18:44:50 +0000 Received: by mail-wm0-x229.google.com with SMTP id l68so2971750wml.0 for ; Thu, 03 Mar 2016 10:44:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=TLaW87NFpq3HmsSiJ6Rr8SF7BJ4GKAQyVjjaCxUlAwk=; b=dKKB5bv4Su837N5og1HftCPftHW3AiZtA9S1+3wUo7mNeSjG8PN52Pi0WSrVqZLidN LKZU1ejzxpMUg8xO9Q6cE6BdFVaHGPjq7ZjU9Cx1BqiB1H5xnVvKBprGQ9gGkiEf0H+5 puTPVtde7w37tR+7nc1CMjBoH5zF/9rgquqX4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=TLaW87NFpq3HmsSiJ6Rr8SF7BJ4GKAQyVjjaCxUlAwk=; b=R6HuMPB+DcQDMUcZCHkdWnIuDqneh0Ln98cbLIcODCvrOLwmU+rSjeN0sXUItqOufa 8BnnVrTK0O/SEEYq8LBLsuqQyCXJQQ3pUGxq6L5Aa8oCTE8qpjXuDiKKhu5UQ56GqkJn ZxNdgmu19I3tnokMWwxd2yxhcnkuLaavlqG7kawK2D2JLAgRGzVw3RkHRTArDzkO95Ay rhevxrU2y5/UfjSu3D8+Q3t810V4DPqBlK7LYVfoWxBCp7a96Lte2gOi0hKFC+kvzaIK gFPgN55AQlfQjOmAYYj1obzl1ZWA0yr3mmQv9AWHBNx0PmMZmXp3cPDErkIK8+zrbo5t aMbQ== X-Gm-Message-State: AD7BkJIX9ylG+wpKzq4k1n/da1HCkMYlkOA7EBSMIDiRwSWVRAFk6s1TXn9vC7iwbUOg9SVU X-Received: by 10.194.58.12 with SMTP id m12mr5172073wjq.22.1457030667029; Thu, 03 Mar 2016 10:44:27 -0800 (PST) Received: from localhost.localdomain ([195.55.142.58]) by smtp.gmail.com with ESMTPSA id l132sm10115534wmf.7.2016.03.03.10.44.25 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 03 Mar 2016 10:44:26 -0800 (PST) From: Ard Biesheuvel To: linux-arm-kernel@lists.infradead.org, keescook@chromium.org, catalin.marinas@arm.com, mark.rutland@arm.com Subject: [PATCH v2 2/3] arm64: kaslr: deal with physically misaligned kernel images Date: Thu, 3 Mar 2016 19:44:15 +0100 Message-Id: <1457030656-29584-3-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.5.0 In-Reply-To: <1457030656-29584-1-git-send-email-ard.biesheuvel@linaro.org> References: <1457030656-29584-1-git-send-email-ard.biesheuvel@linaro.org> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20160303_104448_972815_FC3BCE0F X-CRM114-Status: GOOD ( 14.20 ) X-Spam-Score: -2.0 (--) X-Spam-Report: SpamAssassin version 3.4.0 on bombadil.infradead.org summary: Content analysis details: (-2.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: matt@codeblueprint.co.uk, david.brown@linaro.org, Ard Biesheuvel MIME-Version: 1.0 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org Since KASLR requires a relocatable kernel image anyway, there is no practical reason to refuse an image whose load address is not exactly TEXT_OFFSET bytes above a 2 MB aligned base address, as long as the physical and virtual misalignment with respect to the swapper block size are equal. So treat the misalignment of the physical load address as the initial KASLR offset, and fix up the remaining code to deal with that. Signed-off-by: Ard Biesheuvel --- arch/arm64/kernel/head.S | 16 ++++++++++++---- arch/arm64/kernel/kaslr.c | 6 +++--- 2 files changed, 15 insertions(+), 7 deletions(-) -- 2.5.0 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S index ca8ba19df786..32ab24ebde0c 100644 --- a/arch/arm64/kernel/head.S +++ b/arch/arm64/kernel/head.S @@ -25,6 +25,7 @@ #include #include +#include #include #include #include @@ -212,8 +213,12 @@ efi_header_end: ENTRY(stext) bl preserve_boot_args bl el2_setup // Drop to EL1, w20=cpu_boot_mode - mov x23, xzr // KASLR offset, defaults to 0 adrp x24, __PHYS_OFFSET +#ifndef CONFIG_RANDOMIZE_BASE + mov x23, xzr // KASLR offset, defaults to 0 +#else + and x23, x24, MIN_KIMG_ALIGN - 1 // unless loaded phys misaligned +#endif bl set_cpu_boot_mode_flag bl __create_page_tables // x25=TTBR0, x26=TTBR1 /* @@ -487,11 +492,13 @@ __mmap_switched: bl kasan_early_init #endif #ifdef CONFIG_RANDOMIZE_BASE - cbnz x23, 0f // already running randomized? + tst x23, ~(MIN_KIMG_ALIGN - 1) // already running randomized? + b.ne 0f mov x0, x21 // pass FDT address in x0 + mov x1, x23 // pass modulo offset in x1 bl kaslr_early_init // parse FDT for KASLR options cbz x0, 0f // KASLR disabled? just proceed - mov x23, x0 // record KASLR offset + orr x23, x23, x0 // record KASLR offset ret x28 // we must enable KASLR, return // to __enable_mmu() 0: @@ -751,7 +758,8 @@ __enable_mmu: isb #ifdef CONFIG_RANDOMIZE_BASE mov x19, x0 // preserve new SCTLR_EL1 value - blr x27 + add x30, x27, x23 + blr x30 /* * If we return here, we have a KASLR displacement in x23 which we need diff --git a/arch/arm64/kernel/kaslr.c b/arch/arm64/kernel/kaslr.c index 582983920054..b05469173ba5 100644 --- a/arch/arm64/kernel/kaslr.c +++ b/arch/arm64/kernel/kaslr.c @@ -74,7 +74,7 @@ extern void *__init __fixmap_remap_fdt(phys_addr_t dt_phys, int *size, * containing function pointers) to be reinitialized, and zero-initialized * .bss variables will be reset to 0. */ -u64 __init kaslr_early_init(u64 dt_phys) +u64 __init kaslr_early_init(u64 dt_phys, u64 modulo_offset) { void *fdt; u64 seed, offset, mask, module_range; @@ -132,8 +132,8 @@ u64 __init kaslr_early_init(u64 dt_phys) * boundary (for 4KB/16KB/64KB granule kernels, respectively). If this * happens, increase the KASLR offset by the size of the kernel image. */ - if ((((u64)_text + offset) >> SWAPPER_TABLE_SHIFT) != - (((u64)_end + offset) >> SWAPPER_TABLE_SHIFT)) + if ((((u64)_text + offset + modulo_offset) >> SWAPPER_TABLE_SHIFT) != + (((u64)_end + offset + modulo_offset) >> SWAPPER_TABLE_SHIFT)) offset = (offset + (u64)(_end - _text)) & mask; if (IS_ENABLED(CONFIG_KASAN))