From patchwork Wed Mar 22 11:38:25 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Srinivas Ramana X-Patchwork-Id: 9638585 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id EA3D760327 for ; Wed, 22 Mar 2017 11:39:28 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id DD5D22842B for ; Wed, 22 Mar 2017 11:39:28 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D0F7828456; Wed, 22 Mar 2017 11:39:28 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [65.50.211.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 5386B2842B for ; Wed, 22 Mar 2017 11:39:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=EhpFKd0BWWx5MlsfHQQpLzddWEkMeiBhdHCXujaTBGo=; b=jfK/8o99xYLyzT24Kv+/2AOcge Nz7QO3TyIDuT3Hr/0CYybs9lIkOrMJD5v1V+RxKNO7Wcyrn9nhDyliB6nNye/8x/mW6FAaTkCwuRg ZUiUr0Z9vG+DUWC0+IjsHj+fMtIZ0lRfHrknUBQSpesDRjnb2bz/NojXrB9QBsSIe9ry2L6dhoikd O2j9lzdphKOqq1xYj4ho2KeBZVLP62Ktc8cqH1DgOr9QOwKFdowQ25qFBO3A1r4sHowkLOCdEd07n c+fRbhU1Sp2Fv27I2Mvw90eXkCae3Z/jCanShxxz0UsI8CB+CvZD87gi9GngA6pe5RWlvNCTjjaL0 kbP2ST4A==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.87 #1 (Red Hat Linux)) id 1cqebt-0005xg-5w; Wed, 22 Mar 2017 11:39:25 +0000 Received: from smtp.codeaurora.org ([198.145.29.96]) by bombadil.infradead.org with esmtps (Exim 4.87 #1 (Red Hat Linux)) id 1cqebp-0005uu-73 for linux-arm-kernel@lists.infradead.org; Wed, 22 Mar 2017 11:39:22 +0000 Received: by smtp.codeaurora.org (Postfix, from userid 1000) id 460596089E; Wed, 22 Mar 2017 11:38:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=codeaurora.org; s=default; t=1490182740; bh=lAcrk7UUsWi/v7FjKk7oiEdX7n+NRVFDf/R4COw6+ak=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=NOq/sbMlEzOuDsmN1sOT1HlKLNu2I1lM1yCcSoaQHb94Y887yKHFGEThIISUh27gF cvAU72Uahx+p4kRmzv249HkTm4h7JGAYpTOc0Q2TrDjn6LQ1K4h6JN7/rbDitKu3UC DePJ9E5pPfPdmX+9lE3P9AeazL1o8OOSK9UBSKwI= Received: from sramana-linux.qualcomm.com (unknown [202.46.23.54]) (using TLSv1.1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: sramana@smtp.codeaurora.org) by smtp.codeaurora.org (Postfix) with ESMTPSA id D17AF6089E; Wed, 22 Mar 2017 11:38:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=codeaurora.org; s=default; t=1490182738; bh=lAcrk7UUsWi/v7FjKk7oiEdX7n+NRVFDf/R4COw6+ak=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=UR/daWtoUW+Fx4MlS1ITAGc21YKxq+YF6nyyqg6KrYsVi+CxswfCqkD+e1zFqGAKQ 7NKFI8SUujQ4dX52zKAQ3g1rMwXeyld2u39YmuzCm8O2BVcG4EtH3fUXwkJx8l0jk+ U/s1Crgq6ovMKjO2Q/0nOloFXZXbRTrwm61B3srM= DMARC-Filter: OpenDMARC Filter v1.3.2 smtp.codeaurora.org D17AF6089E Authentication-Results: pdx-caf-mail.web.codeaurora.org; dmarc=none (p=none dis=none) header.from=codeaurora.org Authentication-Results: pdx-caf-mail.web.codeaurora.org; spf=none smtp.mailfrom=sramana@codeaurora.org From: Srinivas Ramana To: catalin.marinas@arm.com, will.deacon@arm.com, ard.biesheuvel@linaro.org Subject: [PATCH v2] arm64: kaslr: Fix up the kernel image alignment Date: Wed, 22 Mar 2017 17:08:25 +0530 Message-Id: <1490182705-14243-1-git-send-email-sramana@codeaurora.org> X-Mailer: git-send-email 1.8.2.1 In-Reply-To: <904FACBF-3DFE-4DDE-ACB5-7109A137D477@linaro.org> References: <904FACBF-3DFE-4DDE-ACB5-7109A137D477@linaro.org> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20170322_043921_303906_97189FE8 X-CRM114-Status: GOOD ( 13.28 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: linux-arm-msm@vger.kernel.org, Srinivas Ramana , linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, Neeraj Upadhyay MIME-Version: 1.0 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP From: Neeraj Upadhyay If kernel image extends across alignment boundary, existing code increases the KASLR offset by size of kernel image. The offset is masked after resizing. There are cases, where after masking, we may still have kernel image extending across boundary. This eventually results in only 2MB block getting mapped while creating the page tables. This results in data aborts while accessing unmapped regions during second relocation (with kaslr offset) in __primary_switch. To fix this problem, round up the kernel image size, by swapper block size, before adding it for correction. For example consider below case, where kernel image still crosses 1GB alignment boundary, after masking the offset, which is fixed by rounding up kernel image size. SWAPPER_TABLE_SHIFT = 30 Swapper using section maps with section size 2MB. CONFIG_PGTABLE_LEVELS = 3 VA_BITS = 39 _text : 0xffffff8008080000 _end : 0xffffff800aa1b000 offset : 0x1f35600000 mask = ((1UL << (VA_BITS - 2)) - 1) & ~(SZ_2M - 1) (_text + offset) >> SWAPPER_TABLE_SHIFT = 0x3fffffe7c (_end + offset) >> SWAPPER_TABLE_SHIFT = 0x3fffffe7d offset after existing correction (before mask) = 0x1f37f9b000 (_text + offset) >> SWAPPER_TABLE_SHIFT = 0x3fffffe7d (_end + offset) >> SWAPPER_TABLE_SHIFT = 0x3fffffe7d offset (after mask) = 0x1f37e00000 (_text + offset) >> SWAPPER_TABLE_SHIFT = 0x3fffffe7c (_end + offset) >> SWAPPER_TABLE_SHIFT = 0x3fffffe7d new offset w/ rounding up = 0x1f38000000 (_text + offset) >> SWAPPER_TABLE_SHIFT = 0x3fffffe7d (_end + offset) >> SWAPPER_TABLE_SHIFT = 0x3fffffe7d Fixes: f80fb3a3d508 ("arm64: add support for kernel ASLR") Signed-off-by: Neeraj Upadhyay Signed-off-by: Srinivas Ramana Reviewed-by: Ard Biesheuvel --- arch/arm64/kernel/kaslr.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/arch/arm64/kernel/kaslr.c b/arch/arm64/kernel/kaslr.c index 769f24ef628c..d7e90d97f5c4 100644 --- a/arch/arm64/kernel/kaslr.c +++ b/arch/arm64/kernel/kaslr.c @@ -131,11 +131,15 @@ u64 __init kaslr_early_init(u64 dt_phys, u64 modulo_offset) /* * The kernel Image should not extend across a 1GB/32MB/512MB alignment * boundary (for 4KB/16KB/64KB granule kernels, respectively). If this - * happens, increase the KASLR offset by the size of the kernel image. + * happens, increase the KASLR offset by the size of the kernel image + * rounded up by SWAPPER_BLOCK_SIZE. */ if ((((u64)_text + offset + modulo_offset) >> SWAPPER_TABLE_SHIFT) != - (((u64)_end + offset + modulo_offset) >> SWAPPER_TABLE_SHIFT)) - offset = (offset + (u64)(_end - _text)) & mask; + (((u64)_end + offset + modulo_offset) >> SWAPPER_TABLE_SHIFT)) { + u64 kimg_sz = _end - _text; + offset = (offset + round_up(kimg_sz, SWAPPER_BLOCK_SIZE)) + & mask; + } if (IS_ENABLED(CONFIG_KASAN)) /*