From patchwork Wed Feb 28 03:56:37 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Alex Shi <alex.shi@linaro.org>
X-Patchwork-Id: 10246763
Return-Path: 
 <linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	7A3D660362 for <patchwork-linux-arm@patchwork.kernel.org>;
	Wed, 28 Feb 2018 04:12:23 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6ACFC28A82
	for <patchwork-linux-arm@patchwork.kernel.org>;
	Wed, 28 Feb 2018 04:12:23 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 5F90E28A89; Wed, 28 Feb 2018 04:12:23 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID autolearn=unavailable version=3.3.1
Received: from bombadil.infradead.org (bombadil.infradead.org
	[198.137.202.133])
	(using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id C273F28A82
	for <patchwork-linux-arm@patchwork.kernel.org>;
	Wed, 28 Feb 2018 04:12:22 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20170209; h=Sender:
	Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe:
	List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References:
	In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID:
	Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
	:Resent-Message-ID:List-Owner;
	bh=Sxh3gyxNxV2RBvJKtuk7GbrZLSMkpuOSxFCNvIb0UEs=;
	b=BANQH1UxGxwsOsaYM6T2RqDgJu
	gXYrKExmsXtN7L/G3xXBng2/KgwdT2h8YrmC6RwxuYjUjaRl1DhJ6SSfuvM74EfZPPq98enV8/EMo
	hY4qPFYLcyOEV55iYm0FuO/N4Tb8fIxmS+vuukbrkQVkFScy0xkwpIFhHoOab1sfIpaibsWXGH+08
	fAOF5MbsiXBQX2gn7A39LfVuX8GF9/kaKjUCQfx8cgpXhih+sGIYXjZ/Wa7yu5NRc03Y6YYTzPmny
	qvI7oVpjMYCKV08lCdzCRVsj3maeB+SEIkCewj3kzGJsG1SNPAXPzgSTh7DO2O1FqAyhLyk4wldkb
	IAG3DzBQ==;
Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.89 #1 (Red Hat Linux))
	id 1eqt66-00011x-49; Wed, 28 Feb 2018 04:12:06 +0000
Received: from mail-pl0-x243.google.com ([2607:f8b0:400e:c01::243])
	by bombadil.infradead.org with esmtps (Exim 4.89 #1 (Red Hat Linux))
	id 1eqsty-0007dl-HV for linux-arm-kernel@lists.infradead.org;
	Wed, 28 Feb 2018 04:00:32 +0000
Received: by mail-pl0-x243.google.com with SMTP id 61-v6so779208plf.3
	for <linux-arm-kernel@lists.infradead.org>;
	Tue, 27 Feb 2018 19:59:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=tyMA723Y2s+lrou1aTVC8Ls8RrTZ3RWM2Sb0Xk16jlw=;
	b=bucoZaPhbV5kF+4NP1O17dVl/sUzBJYljcbJxSIUqXqnmT7zLtBZUFJClo16+sk3+g
	OZeOflSRg5auqbe0VfCUex4pVTYuJcNdRzQwp8L70VCTIFKr3tbAbKE9fc/WhCKOQdXu
	eBehB/11D2olRtJfHyI+XNGVZM6qbZBRDSTtU=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=tyMA723Y2s+lrou1aTVC8Ls8RrTZ3RWM2Sb0Xk16jlw=;
	b=Z0Wj1PP+vkQMPxHesrekSZWryoJvydeR6BwOc6Hl2FC5qkIPWhLR16Cig2GOZrIKWQ
	fiCTGkYaPyWsLWXDrUEHZVW7eF76Mh5qzvocGhUuT5d08V6Yli3W485w8SnVkTEhaqJn
	CkprOEKmaBOgZ5fB4wL7v0YC6r+biM73Ekqc/Qs+15h2xcJ9h2tst3p3O2pZOj/0qW32
	lKfMLL7yfmTFfYXHocM60VIMylQDyo3GxsPE34WZljGSK79gVXI0Sg2tDTbLyAIIaPF/
	7x+DGjsvltPcYlG7sjBiqU9vI2Ek8hS8nPFXvy7jeMY7GfNmuMMe/4HoDzLY52Q6MqZ5
	+KAg==
X-Gm-Message-State: APf1xPAgZ/2GxvUBEPuKMMwiwFoX70trBCHOExBvSfW+cIfPxLv72ucq
	Fz8n2VQQl7kxvB/26NAgkh4/Pg==
X-Google-Smtp-Source: 
 AH8x224PsbGskRSBwrMX55A0RutJDGSRDAjXCiImvD7fakEzt0UVksZR+km+KDkfJEK6Qmb1gdbGBw==
X-Received: by 2002:a17:902:bb96:: with SMTP id
	m22-v6mr16494917pls.17.1519790363353;
	Tue, 27 Feb 2018 19:59:23 -0800 (PST)
Received: from localhost.localdomain (176.122.172.82.16clouds.com.
	[176.122.172.82]) by smtp.gmail.com with ESMTPSA id
	q17sm739911pgt.7.2018.02.27.19.59.16
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Tue, 27 Feb 2018 19:59:22 -0800 (PST)
From: Alex Shi <alex.shi@linaro.org>
To: Marc Zyngier <marc.zyngier@arm.com>, Will Deacon <will.deacon@arm.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Catalin Marinas <catalin.marinas@arm.com>, stable@vger.kernel.org,
	linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org
Subject: [PATCH 15/29] arm64: kaslr: Put kernel vectors address in separate
	data page
Date: Wed, 28 Feb 2018 11:56:37 +0800
Message-Id: <1519790211-16582-16-git-send-email-alex.shi@linaro.org>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1519790211-16582-1-git-send-email-alex.shi@linaro.org>
References: <1519790211-16582-1-git-send-email-alex.shi@linaro.org>
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20180227_195935_120932_607B2340 
X-CRM114-Status: GOOD (  14.52  )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
	<mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
	<mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Cc: Alex Shi <alex.shi@linaro.org>
MIME-Version: 1.0
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org
X-Virus-Scanned: ClamAV using ClamSMTP

From: Will Deacon <will.deacon@arm.com>

commit 6c27c4082f4f upstream.

The literal pool entry for identifying the vectors base is the only piece
of information in the trampoline page that identifies the true location
of the kernel.

This patch moves it into a page-aligned region of the .rodata section
and maps this adjacent to the trampoline text via an additional fixmap
entry, which protects against any accidental leakage of the trampoline
contents.

Suggested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Tested-by: Laura Abbott <labbott@redhat.com>
Tested-by: Shanker Donthineni <shankerd@codeaurora.org>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Alex Shi <alex.shi@linaro.org>

Conflicts:
	remove ARM64_WORKAROUND_QCOM_FALKOR_E1003 fix
	in arch/arm64/kernel/entry.S
---
 arch/arm64/include/asm/fixmap.h |  1 +
 arch/arm64/kernel/entry.S       | 13 +++++++++++++
 arch/arm64/kernel/vmlinux.lds.S |  5 ++++-
 arch/arm64/mm/mmu.c             | 10 +++++++++-
 4 files changed, 27 insertions(+), 2 deletions(-)

diff --git a/arch/arm64/include/asm/fixmap.h b/arch/arm64/include/asm/fixmap.h
index 7b1d88c..d8e5805 100644
--- a/arch/arm64/include/asm/fixmap.h
+++ b/arch/arm64/include/asm/fixmap.h
@@ -53,6 +53,7 @@ enum fixed_addresses {
 	FIX_TEXT_POKE0,
 
 #ifdef CONFIG_UNMAP_KERNEL_AT_EL0
+	FIX_ENTRY_TRAMP_DATA,
 	FIX_ENTRY_TRAMP_TEXT,
 #define TRAMP_VALIAS		(__fix_to_virt(FIX_ENTRY_TRAMP_TEXT))
 #endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */
diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S
index 54f35cc..996c605 100644
--- a/arch/arm64/kernel/entry.S
+++ b/arch/arm64/kernel/entry.S
@@ -903,7 +903,12 @@ __ni_sys_trace:
 	msr	tpidrro_el0, x30	// Restored in kernel_ventry
 	.endif
 	tramp_map_kernel	x30
+#ifdef CONFIG_RANDOMIZE_BASE
+	adr	x30, tramp_vectors + PAGE_SIZE
+	ldr	x30, [x30]
+#else
 	ldr	x30, =vectors
+#endif
 	prfm	plil1strm, [x30, #(1b - tramp_vectors)]
 	msr	vbar_el1, x30
 	add	x30, x30, #(1b - tramp_vectors)
@@ -946,6 +951,14 @@ END(tramp_exit_compat)
 
 	.ltorg
 	.popsection				// .entry.tramp.text
+#ifdef CONFIG_RANDOMIZE_BASE
+	.pushsection ".rodata", "a"
+	.align PAGE_SHIFT
+	.globl	__entry_tramp_data_start
+__entry_tramp_data_start:
+	.quad	vectors
+	.popsection				// .rodata
+#endif /* CONFIG_RANDOMIZE_BASE */
 #endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */
 
 /*
diff --git a/arch/arm64/kernel/vmlinux.lds.S b/arch/arm64/kernel/vmlinux.lds.S
index 466a43a..6a58455 100644
--- a/arch/arm64/kernel/vmlinux.lds.S
+++ b/arch/arm64/kernel/vmlinux.lds.S
@@ -252,7 +252,10 @@ ASSERT(__idmap_text_end - (__idmap_text_start & ~(SZ_4K - 1)) <= SZ_4K,
 ASSERT(__hibernate_exit_text_end - (__hibernate_exit_text_start & ~(SZ_4K - 1))
 	<= SZ_4K, "Hibernate exit text too big or misaligned")
 #endif
-
+#ifdef CONFIG_UNMAP_KERNEL_AT_EL0
+ASSERT((__entry_tramp_text_end - __entry_tramp_text_start) == PAGE_SIZE,
+	"Entry trampoline text too big")
+#endif
 /*
  * If padding is applied before .head.text, virt<->phys conversions will fail.
  */
diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c
index 84945c9..10db4bf 100644
--- a/arch/arm64/mm/mmu.c
+++ b/arch/arm64/mm/mmu.c
@@ -435,8 +435,16 @@ static int __init map_entry_trampoline(void)
 	__create_pgd_mapping(tramp_pg_dir, pa_start, TRAMP_VALIAS, PAGE_SIZE,
 			     prot, pgd_pgtable_alloc, 0);
 
-	/* ...as well as the kernel page table */
+	/* Map both the text and data into the kernel page table */
 	__set_fixmap(FIX_ENTRY_TRAMP_TEXT, pa_start, prot);
+	if (IS_ENABLED(CONFIG_RANDOMIZE_BASE)) {
+		extern char __entry_tramp_data_start[];
+
+		__set_fixmap(FIX_ENTRY_TRAMP_DATA,
+			     __pa_symbol(__entry_tramp_data_start),
+			     PAGE_KERNEL_RO);
+	}
+
 	return 0;
 }
 core_initcall(map_entry_trampoline);