From patchwork Fri Nov 11 17:11:31 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ard Biesheuvel <ardb@kernel.org>
X-Patchwork-Id: 13040623
Return-Path: 
 <linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from bombadil.infradead.org (bombadil.infradead.org
 [198.137.202.133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id A7E7EC433FE
	for <linux-arm-kernel@archiver.kernel.org>;
 Fri, 11 Nov 2022 17:14:58 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20210309; h=Sender:
	Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:
	List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:
	Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description:
	Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
	List-Owner; bh=U/XGl5Brtkfz/dd75rCHildcbBwjlVfAd++6VyxcXZg=; b=fN0EXRJ3E5Cajz
	eQ2VqcYaDY2Df7wuOzUje6XhWk0GXF+INv7Ske/8IlZ4bpIzMqKTBlUxSWaQGu19aXxOROkcJ2POa
	kSbeh1+jskD3XUCM+lygHevoI0+hd3e1IXU2VVhfbLiXUJozD65UDk9VJK/Za2WWOSvCa1Bv9kyCx
	Icdf8ThZpabRFjvVcPYWY4yge9b5uqUF96/3emr2YJLqftFgLaguRl/WLroRKwgvZtRcV/pSESGr+
	3lJpgIQ7v1S5ycV6RNOMbVxmwOEhFJcq6lrIyu7W1Kio6DKPy+nXofYHVvmMiNKFfuKS0SLsZ4UZS
	ABrwtq4+3tqhF6G1BGxA==;
Received: from localhost ([::1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux))
	id 1otXb6-00H8Ee-6C; Fri, 11 Nov 2022 17:13:45 +0000
Received: from ams.source.kernel.org ([2604:1380:4601:e00::1])
	by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux))
	id 1otXZr-00H7Vq-U9
	for linux-arm-kernel@lists.infradead.org; Fri, 11 Nov 2022 17:12:29 +0000
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by ams.source.kernel.org (Postfix) with ESMTPS id AB194B82680;
	Fri, 11 Nov 2022 17:12:26 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 83C1CC4347C;
	Fri, 11 Nov 2022 17:12:23 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1668186745;
	bh=rtWfJTnP56vx45KlZMlZ84CRl/GSmeWPFWoZF91SgKU=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=VZYQ/ZT4/tjejSpLEaOutbaH+jNzRjDBkaPSHN70s0DK6zOkQdAMF3pDceyoOoHwG
	 PGmsGOsvIWIgOBCzeeIZTK0HLH0pDw3jtPpE91qP6Sx5l+8+jvAP2PkERXKstbgUjA
	 HRX2cLEaRNZVREZl01CYqYY5DkMH6MBpoViLXjSVsxemTmc457iVa9rERPJkY9zCVa
	 KB20DW77PN/mHjpaIC5uLBkumh98yPCIEXBX0Y1yRYdZ6hswFOzr44weAmO5iRGGty
	 FvahS36aE+eeqdOoY23ixi/C+qGUj2cr1sLhcQGlqI/mPx679uvf87zvJUnZjDm6d9
	 8ZQDc3NHOsSAQ==
From: Ard Biesheuvel <ardb@kernel.org>
To: linux-arm-kernel@lists.infradead.org
Cc: Ard Biesheuvel <ardb@kernel.org>,
	Marc Zyngier <maz@kernel.org>,
	Will Deacon <will@kernel.org>,
	Mark Rutland <mark.rutland@arm.com>,
	Kees Cook <keescook@chromium.org>,
	Catalin Marinas <catalin.marinas@arm.com>,
	Mark Brown <broonie@kernel.org>,
	Anshuman Khandual <anshuman.khandual@arm.com>
Subject: [PATCH v7 03/33] arm64: kaslr: don't pretend KASLR is enabled if
 offset < MIN_KIMG_ALIGN
Date: Fri, 11 Nov 2022 18:11:31 +0100
Message-Id: <20221111171201.2088501-4-ardb@kernel.org>
X-Mailer: git-send-email 2.35.1
In-Reply-To: <20221111171201.2088501-1-ardb@kernel.org>
References: <20221111171201.2088501-1-ardb@kernel.org>
MIME-Version: 1.0
X-Developer-Signature: v=1; a=openpgp-sha256; l=2489; i=ardb@kernel.org;
 h=from:subject; bh=rtWfJTnP56vx45KlZMlZ84CRl/GSmeWPFWoZF91SgKU=;
 b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBjboItzobCf7wyIOvNDz4K+zMMTFk3ZHQngQxTSu7U
 Lv3WMaqJAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCY26CLQAKCRDDTyI5ktmPJL4QC/
 4yTJjuNNzgBwdGVqJCJV0IUJ7CmJQ22bdiMOYrs6p7f5xNZ3Wzj6F4Dhjq4U2OfMuyFL+uJF8BmDO9
 SjlBqsNzKJb9HZ3ZLiNTuteKxCAr7+VyU8pvTRRKVofjbj3ZQqiqkhgus6jcXBfhuHJEpGHOMysEgR
 p6ECiX/9sL/NYNXNDjw/TpFhn0kilu60luvssHQmaIAlg+eq/hwipYTdwMbMcMRONTdcwx+QUGyP9n
 pzHGcSiMQcYMm+HCUNSRTEWCcsrF/xEWYT6cOZAKRSwL0sMW8Nym/FEFQ8SERcBwGZKjnlbmwJjPmM
 jixlEmSxri6b9RcC9kSWiu6MdWP7gYA+MTuxTVIQ0hoafDAfD1yVdc8Vg2K1gNCetXXhsdyIagz/Y2
 ecZM+ALnZiwQlan2X9fam5Zl2uKkZ5eSAKtjANePaMAD2mujDOZQiYXWrHMg3G2wb2b8mTqfqVEOHc
 HLN86v9XkB+tdeMNnBFKOK++e+Kp2EsECeGQjz+TGGbq8=
X-Developer-Key: i=ardb@kernel.org; a=openpgp;
 fpr=F43D03328115A198C90016883D200E9CA6329909
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20221111_091228_308607_F9D92323 
X-CRM114-Status: GOOD (  18.24  )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org

Our virtual KASLR displacement consists of a fully randomized multiple
of 2 MiB, combined with an offset that is equal to the physical
placement modulo 2 MiB. This arrangement ensures that we can always use
2 MiB block mappings (or contiguous PTE mappings for 16k or 64k pages)
to map the kernel.

This means that a KASLR offset of less than 2 MiB is simply the product
of this physical displacement, and no randomization has actually taken
place. So let's avoid misreporting this case as 'KASLR enabled'.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Mark Brown <broonie@kernel.org>
---
 arch/arm64/include/asm/memory.h | 11 +++++++++++
 arch/arm64/kernel/cpufeature.c  |  2 +-
 arch/arm64/kernel/kaslr.c       |  2 +-
 3 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/arch/arm64/include/asm/memory.h b/arch/arm64/include/asm/memory.h
index 9dd08cd339c3f028..78e5163836a0ab95 100644
--- a/arch/arm64/include/asm/memory.h
+++ b/arch/arm64/include/asm/memory.h
@@ -180,6 +180,7 @@
 #include <linux/compiler.h>
 #include <linux/mmdebug.h>
 #include <linux/types.h>
+#include <asm/boot.h>
 #include <asm/bug.h>
 
 #if VA_BITS > 48
@@ -203,6 +204,16 @@ static inline unsigned long kaslr_offset(void)
 	return kimage_vaddr - KIMAGE_VADDR;
 }
 
+static inline bool kaslr_enabled(void)
+{
+	/*
+	 * The KASLR offset modulo MIN_KIMG_ALIGN is taken from the physical
+	 * placement of the image rather than from the seed, so a displacement
+	 * of less than MIN_KIMG_ALIGN means that no seed was provided.
+	 */
+	return kaslr_offset() >= MIN_KIMG_ALIGN;
+}
+
 /*
  * Allow all memory at the discovery stage. We will clip it later.
  */
diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
index b3f37e2209ad378f..ded7684b0a304edc 100644
--- a/arch/arm64/kernel/cpufeature.c
+++ b/arch/arm64/kernel/cpufeature.c
@@ -1620,7 +1620,7 @@ bool kaslr_requires_kpti(void)
 			return false;
 	}
 
-	return kaslr_offset() > 0;
+	return kaslr_enabled();
 }
 
 static bool __meltdown_safe = true;
diff --git a/arch/arm64/kernel/kaslr.c b/arch/arm64/kernel/kaslr.c
index 325455d16dbcb31a..e7477f21a4c9d062 100644
--- a/arch/arm64/kernel/kaslr.c
+++ b/arch/arm64/kernel/kaslr.c
@@ -41,7 +41,7 @@ static int __init kaslr_init(void)
 		return 0;
 	}
 
-	if (!kaslr_offset()) {
+	if (!kaslr_enabled()) {
 		pr_warn("KASLR disabled due to lack of seed\n");
 		return 0;
 	}