From patchwork Mon Sep 21 19:15:56 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Tyler Hicks <tyhicks@linux.microsoft.com>
X-Patchwork-Id: 11790773
Return-Path: 
 <SRS0=q/7g=C6=lists.infradead.org=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 828DD618
	for <patchwork-linux-arm@patchwork.kernel.org>;
 Mon, 21 Sep 2020 19:17:49 +0000 (UTC)
Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 50E5B2193E
	for <patchwork-linux-arm@patchwork.kernel.org>;
 Mon, 21 Sep 2020 19:17:49 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=lists.infradead.org
 header.i=@lists.infradead.org header.b="JFC9ie7n";
	dkim=fail reason="signature verification failed" (1024-bit key)
 header.d=linux.microsoft.com header.i=@linux.microsoft.com
 header.b="rjY2ic5v"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 50E5B2193E
Authentication-Results: mail.kernel.org;
 dmarc=fail (p=none dis=none) header.from=linux.microsoft.com
Authentication-Results: mail.kernel.org;
 spf=none
 smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding:
	Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive:
	List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:Message-Id:Date:
	Subject:To:From:Reply-To:Content-ID:Content-Description:Resent-Date:
	Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner;
	 bh=Y0dcF/soExAhGv011g3Ui1VWZLtNyRV+k7aKxjmxEn0=; b=JFC9ie7nPUc9R0oCkyTjPr4xm
	++Y7PVAnRJRmCsFQme0Qn1YQ/Q2MYwiSMXjRvHk9ZV4nQmdBr/eHkOsmKelRnWLPQq72PUhFurj5C
	UPu0SlGqXsQvLj/6MATEZU86csGum6xkiSjWwAsM66DyeYXb95724w2jUOhYmS4kUHN1+2vtH2Fj8
	/wvDz8leLB1EHWrbwPl4M8YjKu+YvJ6+nTRB+2t1YVvb/+fKpwFpM6+XRTrus1ivvndnyelweG/aI
	hv9OgV/G2gMNEpD1PQ41K+YmJBS3qAccMvrTDhNYpTet70iFeeG7JFnLMZkr24MIx1mP/Q3uzxI2X
	8EL3KXlEg==;
Received: from localhost ([::1] helo=merlin.infradead.org)
	by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux))
	id 1kKRIc-0007td-SV; Mon, 21 Sep 2020 19:16:30 +0000
Received: from linux.microsoft.com ([13.77.154.182])
 by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux))
 id 1kKRIV-0007s0-W4
 for linux-arm-kernel@lists.infradead.org; Mon, 21 Sep 2020 19:16:24 +0000
Received: from sequoia.work.tihix.com
 (162-237-133-238.lightspeed.rcsntx.sbcglobal.net [162.237.133.238])
 by linux.microsoft.com (Postfix) with ESMTPSA id 3A5C920B36E7;
 Mon, 21 Sep 2020 12:16:23 -0700 (PDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 3A5C920B36E7
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com;
 s=default; t=1600715783;
 bh=c1UaOqqN8L8mnVxjNiUIJWteiuc/MyzZUtEtEiVniLg=;
 h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
 b=rjY2ic5vypIguJogutpWx0j/sWdqdWq6zci8/1klZOLIblS7qPS5blAF2lHqNE3A6
 n47+vWUxwRJsoc5EGc6nEx8oBz/jTJq+DHuXDQb2TuF0f5/h/aoVemuftZhAenbGrW
 taD3o8mraHu5bUrnOBVEzdzm5QxXmCJD17YdZYVc=
From: Tyler Hicks <tyhicks@linux.microsoft.com>
To: Catalin Marinas <catalin.marinas@arm.com>,
	Will Deacon <will@kernel.org>
Subject: [PATCH 1/2] arm64: kaslr: Refactor early init command line parsing
Date: Mon, 21 Sep 2020 14:15:56 -0500
Message-Id: <20200921191557.350256-2-tyhicks@linux.microsoft.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20200921191557.350256-1-tyhicks@linux.microsoft.com>
References: <20200921191557.350256-1-tyhicks@linux.microsoft.com>
MIME-Version: 1.0
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20200921_151624_111234_0580F0AA 
X-CRM114-Status: GOOD (  15.14  )
X-Spam-Score: -17.9 (-----------------)
X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary:
 Content analysis details:   (-17.9 points)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 -2.3 RCVD_IN_DNSWL_MED      RBL: Sender listed at https://www.dnswl.org/,
 medium trust [13.77.154.182 listed in list.dnswl.org]
 -7.5 USER_IN_DEF_SPF_WL     From: address is in the default SPF
 white-list
 -0.0 SPF_HELO_PASS          SPF: HELO matches SPF record
 -7.5 USER_IN_DEF_DKIM_WL    From: address is in the default DKIM
 white-list
 -0.0 SPF_PASS               SPF: sender matches SPF record
 -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
 -0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from
 author's domain
 0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
 not necessarily
 valid
 -0.5 ENV_AND_HDR_SPF_MATCH  Env and Hdr From used in default SPF WL
 Match
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Cc: Rob Herring <robh+dt@kernel.org>,
 Pavel Tatashin <pasha.tatashin@soleen.com>,
 linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org

Don't ask for *the* command line string to search for "nokaslr" in
kaslr_early_init(). Instead, tell a helper function to search all the
appropriate command line strings for "nokaslr" and return the result.

This paves the way for searching multiple command line strings without
having to concatenate the strings in early init.

Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com>
---
 arch/arm64/kernel/kaslr.c | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/arch/arm64/kernel/kaslr.c b/arch/arm64/kernel/kaslr.c
index b181e0544b79..4c779a67c2a6 100644
--- a/arch/arm64/kernel/kaslr.c
+++ b/arch/arm64/kernel/kaslr.c
@@ -50,10 +50,16 @@ static __init u64 get_kaslr_seed(void *fdt)
 	return ret;
 }
 
-static __init const u8 *kaslr_get_cmdline(void *fdt)
+static __init bool cmdline_contains_nokaslr(const u8 *cmdline)
 {
-	static __initconst const u8 default_cmdline[] = CONFIG_CMDLINE;
+	const u8 *str;
 
+	str = strstr(cmdline, "nokaslr");
+	return str == cmdline || (str > cmdline && *(str - 1) == ' ');
+}
+
+static __init bool is_kaslr_disabled_cmdline(void *fdt)
+{
 	if (!IS_ENABLED(CONFIG_CMDLINE_FORCE)) {
 		int node;
 		const u8 *prop;
@@ -65,10 +71,10 @@ static __init const u8 *kaslr_get_cmdline(void *fdt)
 		prop = fdt_getprop(fdt, node, "bootargs", NULL);
 		if (!prop)
 			goto out;
-		return prop;
+		return cmdline_contains_nokaslr(prop);
 	}
 out:
-	return default_cmdline;
+	return cmdline_contains_nokaslr(CONFIG_CMDLINE);
 }
 
 /*
@@ -83,7 +89,6 @@ u64 __init kaslr_early_init(u64 dt_phys)
 {
 	void *fdt;
 	u64 seed, offset, mask, module_range;
-	const u8 *cmdline, *str;
 	unsigned long raw;
 	int size;
 
@@ -115,9 +120,7 @@ u64 __init kaslr_early_init(u64 dt_phys)
 	 * Check if 'nokaslr' appears on the command line, and
 	 * return 0 if that is the case.
 	 */
-	cmdline = kaslr_get_cmdline(fdt);
-	str = strstr(cmdline, "nokaslr");
-	if (str == cmdline || (str > cmdline && *(str - 1) == ' ')) {
+	if (is_kaslr_disabled_cmdline(fdt)) {
 		kaslr_status = KASLR_DISABLED_CMDLINE;
 		return 0;
 	}

From patchwork Mon Sep 21 19:15:57 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Tyler Hicks <tyhicks@linux.microsoft.com>
X-Patchwork-Id: 11790771
Return-Path: 
 <SRS0=q/7g=C6=lists.infradead.org=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 94353618
	for <patchwork-linux-arm@patchwork.kernel.org>;
 Mon, 21 Sep 2020 19:16:44 +0000 (UTC)
Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 5CEC2216C4
	for <patchwork-linux-arm@patchwork.kernel.org>;
 Mon, 21 Sep 2020 19:16:44 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=lists.infradead.org
 header.i=@lists.infradead.org header.b="lB6cQepY";
	dkim=fail reason="signature verification failed" (1024-bit key)
 header.d=linux.microsoft.com header.i=@linux.microsoft.com
 header.b="SORF9vuu"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 5CEC2216C4
Authentication-Results: mail.kernel.org;
 dmarc=fail (p=none dis=none) header.from=linux.microsoft.com
Authentication-Results: mail.kernel.org;
 spf=none
 smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding:
	Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive:
	List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:Message-Id:Date:
	Subject:To:From:Reply-To:Content-ID:Content-Description:Resent-Date:
	Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner;
	 bh=jKLPaBPwjDZhTAzioIDWC8ojvZrwB130oIdoPUd6Sv4=; b=lB6cQepY4mzVXr1wAatDaw9Ku
	UWvT8kz0qVJr2KmKvDwKfi7Lm9u08kXaF6mFz+RvDUi6M38QW0jTZQpNKJnUsNhHRbSW78oPb1059
	blp5nZqEmwuUH2WtRfKiIfsk8ECKKjKbjDXmf3qIHCueZ9K+Of5P37341eaRnqGEb1/umuh5iDaSI
	UOPbrzMyoDQibUxj5phBO8VfnysGST0iu19wQq8VZUGm7jJdD1QiQrrPlCh1du5Pbxt0dltiaDpID
	5gDK8MoEA5q6eDgH0MGjJeJ39cjyZ13YHQ+GWPRsFiMxtIvEmZKhvOSncVS9GBjKoTEZ0wfnpMFsG
	Q7kGJUD8Q==;
Received: from localhost ([::1] helo=merlin.infradead.org)
	by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux))
	id 1kKRIe-0007u8-IL; Mon, 21 Sep 2020 19:16:32 +0000
Received: from linux.microsoft.com ([13.77.154.182])
 by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux))
 id 1kKRIY-0007sb-4L
 for linux-arm-kernel@lists.infradead.org; Mon, 21 Sep 2020 19:16:27 +0000
Received: from sequoia.work.tihix.com
 (162-237-133-238.lightspeed.rcsntx.sbcglobal.net [162.237.133.238])
 by linux.microsoft.com (Postfix) with ESMTPSA id 4326720B7179;
 Mon, 21 Sep 2020 12:16:25 -0700 (PDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 4326720B7179
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com;
 s=default; t=1600715785;
 bh=8CDBkbWqi7jmeptriwB/XXPzNgTpQrUhkmwhC0B3WfU=;
 h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
 b=SORF9vuuTF03n1R5hJEerbQWL4I5UPCnmvwaI5zdUutoxgFStNev8cAgJzBHuYqqs
 lV88R9zHaLS/WndpgM4eQEUPdWznSxtO3IIyZ840qqqrLw3Z2JxF4gUiTuPEB6EBBx
 kVI03gCK9NcvQ5QQwY+XRhSLkVPHgzxizluyN7V0=
From: Tyler Hicks <tyhicks@linux.microsoft.com>
To: Catalin Marinas <catalin.marinas@arm.com>,
	Will Deacon <will@kernel.org>
Subject: [PATCH 2/2] arm64: Extend the kernel command line from the bootloader
Date: Mon, 21 Sep 2020 14:15:57 -0500
Message-Id: <20200921191557.350256-3-tyhicks@linux.microsoft.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20200921191557.350256-1-tyhicks@linux.microsoft.com>
References: <20200921191557.350256-1-tyhicks@linux.microsoft.com>
MIME-Version: 1.0
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20200921_151626_355100_7B1866E2 
X-CRM114-Status: GOOD (  20.24  )
X-Spam-Score: -17.9 (-----------------)
X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary:
 Content analysis details:   (-17.9 points)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 -2.3 RCVD_IN_DNSWL_MED      RBL: Sender listed at https://www.dnswl.org/,
 medium trust [13.77.154.182 listed in list.dnswl.org]
 -7.5 USER_IN_DEF_SPF_WL     From: address is in the default SPF
 white-list
 -0.0 SPF_HELO_PASS          SPF: HELO matches SPF record
 -7.5 USER_IN_DEF_DKIM_WL    From: address is in the default DKIM
 white-list
 -0.0 SPF_PASS               SPF: sender matches SPF record
 -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
 -0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from
 author's domain
 0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
 not necessarily
 valid
 -0.5 ENV_AND_HDR_SPF_MATCH  Env and Hdr From used in default SPF WL
 Match
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Cc: Rob Herring <robh+dt@kernel.org>,
 Pavel Tatashin <pasha.tatashin@soleen.com>,
 linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org

Provide support for additional kernel command line parameters to be
concatenated onto the end of the command line provided by the
bootloader. Additional parameters are specified in the CONFIG_CMDLINE
option when CONFIG_CMDLINE_EXTEND is selected, matching other
architectures and leveraging existing support in the FDT and EFI stub
code.

Special care must be taken for the arch-specific nokaslr parsing. Search
the bootargs FDT property and the CONFIG_CMDLINE when
CONFIG_CMDLINE_EXTEND is in use.

There are a couple of known use cases for this feature:

1) Switching between stable and development kernel versions, where one
   of the versions benefits from additional command line parameters,
   such as debugging options.
2) Specifying additional command line parameters, for additional tuning
   or debugging, when the bootloader does not offer an interactive mode.

Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com>
---
 arch/arm64/Kconfig        | 23 ++++++++++++++++++++++-
 arch/arm64/kernel/kaslr.c |  9 ++++++++-
 2 files changed, 30 insertions(+), 2 deletions(-)

diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index e5eb6a69b1e3..466df3415fff 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -1864,15 +1864,36 @@ config CMDLINE
 	  entering them here. As a minimum, you should specify the the
 	  root device (e.g. root=/dev/nfs).
 
+choice
+	prompt "Kernel command line type" if CMDLINE != ""
+	default CMDLINE_FROM_BOOTLOADER
+	help
+	  Choose how the kernel will handle the provided default kernel
+	  command line string.
+
+config CMDLINE_FROM_BOOTLOADER
+	bool "Use bootloader kernel arguments if available"
+	help
+	  Uses the command-line options passed by the boot loader. If
+	  the boot loader doesn't provide any, the default kernel command
+	  string provided in CMDLINE will be used.
+
+config CMDLINE_EXTEND
+	bool "Extend bootloader kernel arguments"
+	help
+	  The command-line arguments provided by the boot loader will be
+	  appended to the default kernel command string.
+
 config CMDLINE_FORCE
 	bool "Always use the default kernel command string"
-	depends on CMDLINE != ""
 	help
 	  Always use the default kernel command string, even if the boot
 	  loader passes other arguments to the kernel.
 	  This is useful if you cannot or don't want to change the
 	  command-line options your boot loader passes to the kernel.
 
+endchoice
+
 config EFI_STUB
 	bool
 
diff --git a/arch/arm64/kernel/kaslr.c b/arch/arm64/kernel/kaslr.c
index 4c779a67c2a6..0921aa1520b0 100644
--- a/arch/arm64/kernel/kaslr.c
+++ b/arch/arm64/kernel/kaslr.c
@@ -71,7 +71,14 @@ static __init bool is_kaslr_disabled_cmdline(void *fdt)
 		prop = fdt_getprop(fdt, node, "bootargs", NULL);
 		if (!prop)
 			goto out;
-		return cmdline_contains_nokaslr(prop);
+
+		if (cmdline_contains_nokaslr(prop))
+			return true;
+
+		if (IS_ENABLED(CONFIG_CMDLINE_EXTEND))
+			goto out;
+
+		return false;
 	}
 out:
 	return cmdline_contains_nokaslr(CONFIG_CMDLINE);