From patchwork Mon Apr 11 09:48:23 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 12808929 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 6C314C4332F for ; Mon, 11 Apr 2022 10:18:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=4JQuzLiUXWOZoI3Vp1BZbhzIhj5pu98+04LAw1jLcc0=; b=unfsi2IYISFT6p N4Dm6u5dSwyWVgDizOawjDeX+AiEIJhq2XBi411e0cbf9Os9F8/eEv83h/7elf3WFv50rRnuZmOw3 irMH1tivHdQ2qAFwxBdK+viyPRnnabJexfxO5rmdncrsEKv28m1rfCurG+uVLQgMU/UbModwxVMVU QW0Co0u5h0SEPWtvlMhw0i1hbU0PcDdQAi0UBNEanawzqKJunwOVufYalDCT26zHjmMXldLL8DE9Q MZ0V2dTGjQCqGgc1thHYtPB3FFiIBsR6yNx2pS/Z2OJxA+3gcRdnOBAAXAIoyjU8X1qJ3Bzz8y3pq uxo4e/Yw6ddpGqVHtoag==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1ndr6I-008F5z-6r; Mon, 11 Apr 2022 10:16:50 +0000 Received: from ams.source.kernel.org ([2604:1380:4601:e00::1]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1ndqgD-0082io-Vn for linux-arm-kernel@lists.infradead.org; Mon, 11 Apr 2022 09:49:56 +0000 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 94B4DB811C9; Mon, 11 Apr 2022 09:49:52 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 57BC0C385AF; Mon, 11 Apr 2022 09:49:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1649670592; bh=nY5MgIoq4fA9USqK31dnu7E3Bd7d2UqYghLsLSuHjOs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=U5tlWgFXnRecHK9IysL2hLGfp66fZjtr3JhUYjQkqGQAKEVPTy0jcJnza67eAKEN7 jmFLUtyz2CEA0NN+qP1rj0FYZvFBbe6MPAFpTJe1pDzFf0GXehw/aUyEKH3Weo8aEv Ag0aB5iKYSJKcpPTUBijw9L1ECPXDCOnLWhOYYLR39ww8RC5ScoATsWKZeIuxpZMEt 1Awg4o1M1HqIpoDoPAouphp/Ef2l87GVyvwEs3gs6dUIw/MpZvAZ1R0IpryFq1vy9j CwLdrO+qyAdRf3f5VKhkM5vczbZ3Cj/FTKBmoSizKTsSKQwYDx638AnamDkBtdlTWi 3OlfcwuoWFycw== From: Ard Biesheuvel To: linux-arm-kernel@lists.infradead.org Cc: linux-efi@vger.kernel.org, Ard Biesheuvel , Marc Zyngier , Will Deacon , Mark Rutland , Kees Cook , Catalin Marinas , Mark Brown Subject: [PATCH v3 29/30] efi/arm64: libstub: run image in place if randomized by the loader Date: Mon, 11 Apr 2022 11:48:23 +0200 Message-Id: <20220411094824.4176877-30-ardb@kernel.org> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220411094824.4176877-1-ardb@kernel.org> References: <20220411094824.4176877-1-ardb@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=2987; h=from:subject; bh=nY5MgIoq4fA9USqK31dnu7E3Bd7d2UqYghLsLSuHjOs=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBiU/llzSWWWLuFC4/Pg5EMCFfx8VQCtcysoeuYuZ+r VfZf23yJAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCYlP5ZQAKCRDDTyI5ktmPJBWTC/ 9gJy6GiRy8IrgDMdqxEgGLv0O/5AYyxtBfyTH4jNdznL7YmRWRRb78h+Of7Jx9vaDMGa1hGgLYLBka NTYTVMSvpd5oyt15T0wdchMUBdn5492PQA6Pv4yT6qZB5KiqEZaBoWTsttFbDBKcr9YUfneMuTsY25 hD2EVQ4mi0ZKdJReP69LYy5jYjkQXItHMhS7wCTOjUun47NRebqBus3rAKfQ4RnmQ0lwWERf2RY+4A ACYHM8leENh5hhlh62OaNHLYdXvP9GVBuoZlyXPEaeybUqyBcX+tCodudAV6ID21bGmICXHGOTDn1/ ssi8jWbw1kqtpr5r08iUciggaUXh4a6XIJnxPUKjqES8i9SikzAB6S++9qw8QkjL+1Qn76In12zGIr rtnCssk6QdtyByBvgDAFQ1Yc6qU8s47WkN5Z47sZz4tdx1r/KDln7019CcJJMU4wttsds0Fs4VLI+M LPbG0csnzg7k0onYzsSj1lRf8IpsbUTUPSYVsuFNiD5iY= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220411_024954_441036_E662E24D X-CRM114-Status: GOOD ( 16.67 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org If the loader has already placed the EFI kernel image randomly in physical memory, and indicates having done so by installing the 'fixed placement' protocol onto the image handle, don't bother randomizing the placement again in the EFI stub. Signed-off-by: Ard Biesheuvel --- drivers/firmware/efi/libstub/arm64-stub.c | 12 +++++++++--- include/linux/efi.h | 11 +++++++++++ 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/drivers/firmware/efi/libstub/arm64-stub.c b/drivers/firmware/efi/libstub/arm64-stub.c index 00c91a3807ea..577173ee1f83 100644 --- a/drivers/firmware/efi/libstub/arm64-stub.c +++ b/drivers/firmware/efi/libstub/arm64-stub.c @@ -101,7 +101,15 @@ efi_status_t handle_kernel_image(unsigned long *image_addr, u64 min_kimg_align = efi_nokaslr ? MIN_KIMG_ALIGN : EFI_KIMG_ALIGN; if (IS_ENABLED(CONFIG_RANDOMIZE_BASE)) { - if (!efi_nokaslr) { + efi_guid_t li_fixed_proto = LINUX_EFI_LOADED_IMAGE_FIXED_GUID; + void *p; + + if (efi_nokaslr) { + efi_info("KASLR disabled on kernel command line\n"); + } else if (efi_bs_call(handle_protocol, image_handle, + &li_fixed_proto, &p) == EFI_SUCCESS) { + efi_info("Image placement fixed by loader\n"); + } else { status = efi_get_random_bytes(sizeof(phys_seed), (u8 *)&phys_seed); if (status == EFI_NOT_FOUND) { @@ -112,8 +120,6 @@ efi_status_t handle_kernel_image(unsigned long *image_addr, status); efi_nokaslr = true; } - } else { - efi_info("KASLR disabled on kernel command line\n"); } } diff --git a/include/linux/efi.h b/include/linux/efi.h index ccd4d3f91c98..d7567006e151 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h @@ -406,6 +406,17 @@ void efi_native_runtime_setup(void); #define LINUX_EFI_INITRD_MEDIA_GUID EFI_GUID(0x5568e427, 0x68fc, 0x4f3d, 0xac, 0x74, 0xca, 0x55, 0x52, 0x31, 0xcc, 0x68) #define LINUX_EFI_MOK_VARIABLE_TABLE_GUID EFI_GUID(0xc451ed2b, 0x9694, 0x45d3, 0xba, 0xba, 0xed, 0x9f, 0x89, 0x88, 0xa3, 0x89) +/* + * This GUID may be installed onto the kernel image's handle as a NULL protocol + * to signal to the stub that the placement of the image should be respected, + * and moving the image in physical memory is undesirable. To ensure + * compatibility with 64k pages kernels with virtually mapped stacks, and to + * avoid defeating physical randomization, this protocol should only be + * installed if the image was placed at a randomized 128k aligned address in + * memory. + */ +#define LINUX_EFI_LOADED_IMAGE_FIXED_GUID EFI_GUID(0xf5a37b6d, 0x3344, 0x42a5, 0xb6, 0xbb, 0x97, 0x86, 0x48, 0xc1, 0x89, 0x0a) + /* OEM GUIDs */ #define DELLEMC_EFI_RCI2_TABLE_GUID EFI_GUID(0x2d9f28a2, 0xa886, 0x456a, 0x97, 0xa8, 0xf1, 0x1e, 0xf2, 0x4f, 0xf4, 0x55) #define AMD_SEV_MEM_ENCRYPT_GUID EFI_GUID(0x0cf29b71, 0x9e51, 0x433a, 0xa3, 0xb7, 0x81, 0xf3, 0xab, 0x16, 0xb8, 0x75)