From patchwork Wed Feb 28 03:56:37 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alex Shi X-Patchwork-Id: 129899 Delivered-To: patch@linaro.org Received: by 10.46.66.2 with SMTP id p2csp568413lja; Tue, 27 Feb 2018 19:59:29 -0800 (PST) X-Google-Smtp-Source: AH8x224Axl5my3CwF3neHyiVUNJJmUWnQN2oO2zZXrYWk1JE+h2fbxxOzg/ZcZoJDXX2GUxDNeYs X-Received: by 10.99.116.23 with SMTP id p23mr12812399pgc.178.1519790369393; Tue, 27 Feb 2018 19:59:29 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519790369; cv=none; d=google.com; s=arc-20160816; b=tmafZV3pSLRrRxEEkvS1iIOgmMfUhfBMxF2wHvTuXmuvNRPQzCmFLZ+Bi6TzFw7OfF Il+CPLzDrbtHai6z3Nf+lfGi80m42h3MdKS+RhqgJsQPB2aMxxJAeJ6mZ7W9vCRccdJZ FxAJQ/7kbNe1fu/MIGvTYyUjW2Dx2E4b8agooGBWri6SBrYf2zYzzP+SDtVXuP49Bh8o O8egcCT9ftjnQGjWmbBX0xsqz8c9gxZV2R+OgSZHUPdcDyt5yrVqCCc+eyhJRAOeMbKv iaStgubXMWaJ/dKAPPOZPE51N5G7PBg5nqt6WFt+r2Ww2KC6JKHMyulaw/rT9dwIqYMn IbYw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:arc-authentication-results; bh=tyMA723Y2s+lrou1aTVC8Ls8RrTZ3RWM2Sb0Xk16jlw=; b=oa/aDMI8w5Ngcpb3CU2lplZsHyPMCTwG5GDYd2bNgIqbDiu7LxdFaoql3mIdnJPo52 C+YJg9zm+em+FsJMc7UL75bqoW/2FyIKN27h7e2z4e5DOD2RnAvDAzi1jeLjffUVcm24 I0zBWzmsrO82JmU2dFfHFqwmhz71PmYI3n7+hRHnVenApRAcMV8hvJDKrds9FweHWBDz 1DsRIlcJfhvUkMf04jnuZVgIix2lteONL5+E/m8zOM2/OYzHOaO+TtE7QiegDErjS26w iuaaKf4W/nmYfA/rzSF51Saurs2kqEDejaXT9cagmBUKJVtMdETvJSvBI/WyIPkCPcIj jNHQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=bucoZaPh; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w61-v6si571691plb.733.2018.02.27.19.59.29; Tue, 27 Feb 2018 19:59:29 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=bucoZaPh; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932132AbeB1D70 (ORCPT + 28 others); Tue, 27 Feb 2018 22:59:26 -0500 Received: from mail-pl0-f65.google.com ([209.85.160.65]:41342 "EHLO mail-pl0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932088AbeB1D7X (ORCPT ); Tue, 27 Feb 2018 22:59:23 -0500 Received: by mail-pl0-f65.google.com with SMTP id k8-v6so769196pli.8 for ; Tue, 27 Feb 2018 19:59:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=tyMA723Y2s+lrou1aTVC8Ls8RrTZ3RWM2Sb0Xk16jlw=; b=bucoZaPhbV5kF+4NP1O17dVl/sUzBJYljcbJxSIUqXqnmT7zLtBZUFJClo16+sk3+g OZeOflSRg5auqbe0VfCUex4pVTYuJcNdRzQwp8L70VCTIFKr3tbAbKE9fc/WhCKOQdXu eBehB/11D2olRtJfHyI+XNGVZM6qbZBRDSTtU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=tyMA723Y2s+lrou1aTVC8Ls8RrTZ3RWM2Sb0Xk16jlw=; b=nHYmeCNzdIUx7rYy96UQJiz1g0cc6wL45R8pLX78aE+yTLBSmcayDidqhn32X7nPJk nMBwd3rYPTLby/Q6/pGT3mC1scKh7HvbYcnSifVFBXtX72APc5BrrVnzr8lZ4iNNZoIH AjR/fEm7UihSGA917ueiHwzag0XocTlMmoK/RgYp7eDpUgcMYhrcr23qPlkzKJTR1ub5 PniAx9a8saZ/Nq2E3jUVkFE9YiPgVbVGu8jHNv8CcP4BO24wUIj7CdBo1Aca8F1R1aSL DyvDYkiKlvXiaR7Zcgnx8ZiSiwUvSqS+IdNz5Wx1gJvannwXiQEGpMBjLbbE7At0oIrm LWLA== X-Gm-Message-State: APf1xPDMD/zplcZD7MTRHmmmUD32aZX4J+fOBnhbT3gCsbpCA644eFpI HWk3S/xIlh9KQnTnI7QMh8VzPw== X-Received: by 2002:a17:902:bb96:: with SMTP id m22-v6mr16494917pls.17.1519790363353; Tue, 27 Feb 2018 19:59:23 -0800 (PST) Received: from localhost.localdomain (176.122.172.82.16clouds.com. [176.122.172.82]) by smtp.gmail.com with ESMTPSA id q17sm739911pgt.7.2018.02.27.19.59.16 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 27 Feb 2018 19:59:22 -0800 (PST) From: Alex Shi To: Marc Zyngier , Will Deacon , Ard Biesheuvel , Catalin Marinas , stable@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org Cc: Alex Shi Subject: [PATCH 15/29] arm64: kaslr: Put kernel vectors address in separate data page Date: Wed, 28 Feb 2018 11:56:37 +0800 Message-Id: <1519790211-16582-16-git-send-email-alex.shi@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1519790211-16582-1-git-send-email-alex.shi@linaro.org> References: <1519790211-16582-1-git-send-email-alex.shi@linaro.org> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Will Deacon commit 6c27c4082f4f upstream. The literal pool entry for identifying the vectors base is the only piece of information in the trampoline page that identifies the true location of the kernel. This patch moves it into a page-aligned region of the .rodata section and maps this adjacent to the trampoline text via an additional fixmap entry, which protects against any accidental leakage of the trampoline contents. Suggested-by: Ard Biesheuvel Tested-by: Laura Abbott Tested-by: Shanker Donthineni Signed-off-by: Will Deacon Signed-off-by: Alex Shi Conflicts: remove ARM64_WORKAROUND_QCOM_FALKOR_E1003 fix in arch/arm64/kernel/entry.S --- arch/arm64/include/asm/fixmap.h | 1 + arch/arm64/kernel/entry.S | 13 +++++++++++++ arch/arm64/kernel/vmlinux.lds.S | 5 ++++- arch/arm64/mm/mmu.c | 10 +++++++++- 4 files changed, 27 insertions(+), 2 deletions(-) -- 2.7.4 diff --git a/arch/arm64/include/asm/fixmap.h b/arch/arm64/include/asm/fixmap.h index 7b1d88c..d8e5805 100644 --- a/arch/arm64/include/asm/fixmap.h +++ b/arch/arm64/include/asm/fixmap.h @@ -53,6 +53,7 @@ enum fixed_addresses { FIX_TEXT_POKE0, #ifdef CONFIG_UNMAP_KERNEL_AT_EL0 + FIX_ENTRY_TRAMP_DATA, FIX_ENTRY_TRAMP_TEXT, #define TRAMP_VALIAS (__fix_to_virt(FIX_ENTRY_TRAMP_TEXT)) #endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */ diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S index 54f35cc..996c605 100644 --- a/arch/arm64/kernel/entry.S +++ b/arch/arm64/kernel/entry.S @@ -903,7 +903,12 @@ __ni_sys_trace: msr tpidrro_el0, x30 // Restored in kernel_ventry .endif tramp_map_kernel x30 +#ifdef CONFIG_RANDOMIZE_BASE + adr x30, tramp_vectors + PAGE_SIZE + ldr x30, [x30] +#else ldr x30, =vectors +#endif prfm plil1strm, [x30, #(1b - tramp_vectors)] msr vbar_el1, x30 add x30, x30, #(1b - tramp_vectors) @@ -946,6 +951,14 @@ END(tramp_exit_compat) .ltorg .popsection // .entry.tramp.text +#ifdef CONFIG_RANDOMIZE_BASE + .pushsection ".rodata", "a" + .align PAGE_SHIFT + .globl __entry_tramp_data_start +__entry_tramp_data_start: + .quad vectors + .popsection // .rodata +#endif /* CONFIG_RANDOMIZE_BASE */ #endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */ /* diff --git a/arch/arm64/kernel/vmlinux.lds.S b/arch/arm64/kernel/vmlinux.lds.S index 466a43a..6a58455 100644 --- a/arch/arm64/kernel/vmlinux.lds.S +++ b/arch/arm64/kernel/vmlinux.lds.S @@ -252,7 +252,10 @@ ASSERT(__idmap_text_end - (__idmap_text_start & ~(SZ_4K - 1)) <= SZ_4K, ASSERT(__hibernate_exit_text_end - (__hibernate_exit_text_start & ~(SZ_4K - 1)) <= SZ_4K, "Hibernate exit text too big or misaligned") #endif - +#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 +ASSERT((__entry_tramp_text_end - __entry_tramp_text_start) == PAGE_SIZE, + "Entry trampoline text too big") +#endif /* * If padding is applied before .head.text, virt<->phys conversions will fail. */ diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c index 84945c9..10db4bf 100644 --- a/arch/arm64/mm/mmu.c +++ b/arch/arm64/mm/mmu.c @@ -435,8 +435,16 @@ static int __init map_entry_trampoline(void) __create_pgd_mapping(tramp_pg_dir, pa_start, TRAMP_VALIAS, PAGE_SIZE, prot, pgd_pgtable_alloc, 0); - /* ...as well as the kernel page table */ + /* Map both the text and data into the kernel page table */ __set_fixmap(FIX_ENTRY_TRAMP_TEXT, pa_start, prot); + if (IS_ENABLED(CONFIG_RANDOMIZE_BASE)) { + extern char __entry_tramp_data_start[]; + + __set_fixmap(FIX_ENTRY_TRAMP_DATA, + __pa_symbol(__entry_tramp_data_start), + PAGE_KERNEL_RO); + } + return 0; } core_initcall(map_entry_trampoline);