| From foo@baz Sat Mar 19 01:51:18 PM CET 2022 |
| From: James Morse <james.morse@arm.com> |
| Date: Fri, 18 Mar 2022 17:48:27 +0000 |
| Subject: arm64: entry: Move the trampoline data page before the text page |
| To: stable@vger.kernel.org |
| Cc: linux-kernel@vger.kernel.org, james.morse@arm.com, catalin.marinas@arm.com |
| Message-ID: <20220318174842.2321061-8-james.morse@arm.com> |
| |
| From: James Morse <james.morse@arm.com> |
| |
| commit c091fb6ae059cda563b2a4d93fdbc548ef34e1d6 upstream. |
| |
| The trampoline code has a data page that holds the address of the vectors, |
| which is unmapped when running in user-space. This ensures that with |
| CONFIG_RANDOMIZE_BASE, the randomised address of the kernel can't be |
| discovered until after the kernel has been mapped. |
| |
| If the trampoline text page is extended to include multiple sets of |
| vectors, it will be larger than a single page, making it tricky to |
| find the data page without knowing the size of the trampoline text |
| pages, which will vary with PAGE_SIZE. |
| |
| Move the data page to appear before the text page. This allows the |
| data page to be found without knowing the size of the trampoline text |
| pages. 'tramp_vectors' is used to refer to the beginning of the |
| .entry.tramp.text section, do that explicitly. |
| |
| Reviewed-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk> |
| Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> |
| Signed-off-by: James Morse <james.morse@arm.com> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| --- |
| arch/arm64/include/asm/fixmap.h | 2 +- |
| arch/arm64/kernel/entry.S | 9 +++++++-- |
| 2 files changed, 8 insertions(+), 3 deletions(-) |
| |
| --- a/arch/arm64/include/asm/fixmap.h |
| +++ b/arch/arm64/include/asm/fixmap.h |
| @@ -59,8 +59,8 @@ enum fixed_addresses { |
| #endif /* CONFIG_ACPI_APEI_GHES */ |
| |
| #ifdef CONFIG_UNMAP_KERNEL_AT_EL0 |
| - FIX_ENTRY_TRAMP_DATA, |
| FIX_ENTRY_TRAMP_TEXT, |
| + FIX_ENTRY_TRAMP_DATA, |
| #define TRAMP_VALIAS (__fix_to_virt(FIX_ENTRY_TRAMP_TEXT)) |
| #endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */ |
| __end_of_permanent_fixed_addresses, |
| --- a/arch/arm64/kernel/entry.S |
| +++ b/arch/arm64/kernel/entry.S |
| @@ -967,6 +967,11 @@ alternative_else_nop_endif |
| */ |
| .endm |
| |
| + .macro tramp_data_page dst |
| + adr \dst, .entry.tramp.text |
| + sub \dst, \dst, PAGE_SIZE |
| + .endm |
| + |
| .macro tramp_ventry, regsize = 64 |
| .align 7 |
| 1: |
| @@ -983,7 +988,7 @@ alternative_else_nop_endif |
| 2: |
| tramp_map_kernel x30 |
| #ifdef CONFIG_RANDOMIZE_BASE |
| - adr x30, tramp_vectors + PAGE_SIZE |
| + tramp_data_page x30 |
| alternative_insn isb, nop, ARM64_WORKAROUND_QCOM_FALKOR_E1003 |
| ldr x30, [x30] |
| #else |
| @@ -1131,7 +1136,7 @@ ENTRY(__sdei_asm_entry_trampoline) |
| 1: str x4, [x1, #(SDEI_EVENT_INTREGS + S_ORIG_ADDR_LIMIT)] |
| |
| #ifdef CONFIG_RANDOMIZE_BASE |
| - adr x4, tramp_vectors + PAGE_SIZE |
| + tramp_data_page x4 |
| add x4, x4, #:lo12:__sdei_asm_trampoline_next_handler |
| ldr x4, [x4] |
| #else |