From patchwork Wed Mar  4 21:32:53 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Yinghai Lu <yinghai@kernel.org>
X-Patchwork-Id: 446443
Return-Path: <linux-pci-owner@vger.kernel.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id F03A4140187
	for <incoming@patchwork.ozlabs.org>;
	Thu,  5 Mar 2015 08:33:09 +1100 (AEDT)
Authentication-Results: ozlabs.org; dkim=fail
	reason="verification failed; unprotected key"
	header.d=gmail.com header.i=@gmail.com header.b=XYCm+gNz;
	dkim-adsp=none (unprotected policy); dkim-atps=neutral
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752954AbbCDVc5 (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);
	Wed, 4 Mar 2015 16:32:57 -0500
Received: from mail-ig0-f173.google.com ([209.85.213.173]:34455 "EHLO
	mail-ig0-f173.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752936AbbCDVcy (ORCPT
	<rfc822;linux-pci@vger.kernel.org>); Wed, 4 Mar 2015 16:32:54 -0500
Received: by igal13 with SMTP id l13so37030866iga.1;
	Wed, 04 Mar 2015 13:32:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20120113;
	h=mime-version:sender:in-reply-to:references:date:message-id:subject
	:from:to:cc:content-type;
	bh=ibBW7GtJigi2/mxAGklPJIJnzB6JqPSY60rCILsIpws=;
	b=XYCm+gNzIKEgkHWYGBPxV6OnDYgXrH2gleEQrybPDCnt+bOL7dm5IV/3TnPY8t/EiO
	ImZphY4eOz8XAJpfXVwA06WOoccOSY8T+TTn5lESA/aL94+95ADy02hakczMIiOWBVVM
	Lh2U5NaKq8jK+k8ITdNy1Gu/vyFpY9619VOjZzwSLGSp9xmRQJAdc0PGyr0FtFeusjzV
	9fahTuIF3b3hwTqUA29iAX9Ov9Ru7yiH+MW4iprtKaDowe1PmNFOAlLH7qr6nVHlX9TW
	7vwEtHkYDHVU3nQ0QfxOlvjTJw4bqEUH0NWMbd3S1unBPBCWChJAQ5NkdtB7kmYPPYA5
	AJGg==
MIME-Version: 1.0
X-Received: by 10.50.66.212 with SMTP id h20mr19000020igt.43.1425504773377;
	Wed, 04 Mar 2015 13:32:53 -0800 (PST)
Received: by 10.64.208.43 with HTTP; Wed, 4 Mar 2015 13:32:53 -0800 (PST)
In-Reply-To: <20150304200000.GB6276@gmail.com>
References: <1425456048-16236-1-git-send-email-yinghai@kernel.org>
	<1425456048-16236-5-git-send-email-yinghai@kernel.org>
	<20150304101649.GA3663@pd.tnic>
	<CAE9FiQWKNDgzJtDVV34e7vWTu7LtqdDKB4KiN1RZwcZrX70zSA@mail.gmail.com>
	<20150304200000.GB6276@gmail.com>
Date: Wed, 4 Mar 2015 13:32:53 -0800
X-Google-Sender-Auth: GSdaasiPpHqzCNW7sbqXx_jdbjA
Message-ID: 
 <CAE9FiQXJ-ujbhpw8phk5iQM8QFw=9QxDrXK6AdyXqDxmch_bbw@mail.gmail.com>
Subject: Re: [PATCH v2 04/15] x86, kaslr: get kaslr_enabled back correctly
From: Yinghai Lu <yinghai@kernel.org>
To: Ingo Molnar <mingo@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>, Matt Fleming <matt.fleming@intel.com>,
	"H. Peter Anvin" <hpa@zytor.com>, Bjorn Helgaas <bhelgaas@google.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@redhat.com>, Jiri Kosina <jkosina@suse.cz>,
	Borislav Petkov <bp@suse.de>, Baoquan He <bhe@redhat.com>,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
	"linux-efi@vger.kernel.org" <linux-efi@vger.kernel.org>,
	"linux-pci@vger.kernel.org" <linux-pci@vger.kernel.org>,
	Kees Cook <keescook@chromium.org>
Sender: linux-pci-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-pci.vger.kernel.org>
X-Mailing-List: linux-pci@vger.kernel.org

On Wed, Mar 4, 2015 at 12:00 PM, Ingo Molnar <mingo@kernel.org> wrote:
>
> It is totally unacceptable that you don't do proper analysis of the
> patches you submit, and that you don't bother writing proper, readable
> changelogs.

Sorry, please check it again:

Subject: [PATCH v4] x86, kaslr: Get kaslr_enabled back correctly

commit f47233c2d34f ("x86/mm/ASLR: Propagate base load address calculation")
is using address as value for kaslr_enabled.

That will get wrong value back for kaslr_enabled in kernel stage.
1. When kaslr is not enabled at boot/choose_kernel_location, if kaslr_enabled
get set wrongly in setup.c, late in module.c::get_module_load_offset
will return not wanted random module load offset.
That change behavior when HIBERNATION is defined or nokaslr is passed.

2. When kaslr is enabled at boot/choose_kernel_location, if kaslr_enabled
get cleared wrongly in setup.c, late in module.c::get_module_load_offset
will not return wanted random module load offset.

This patch changes the code to use early_memmap and access the value,
and will keep boot and kernel consistent with kaslr.

-v3: add checking return from early_memmap according to bp.

Fixes: f47233c2d34f ("x86/mm/ASLR: Propagate base load address calculation")
Cc: Matt Fleming <matt.fleming@intel.com>
Cc: Borislav Petkov <bp@suse.de>
Cc: Kees Cook <keescook@chromium.org>
Cc: Jiri Kosina <jkosina@suse.cz>
Acked-by: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Yinghai Lu <yinghai@kernel.org>
---
 arch/x86/kernel/setup.c |   13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

--
To unsubscribe from this list: send the line "unsubscribe linux-pci" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Index: linux-2.6/arch/x86/kernel/setup.c
===================================================================
--- linux-2.6.orig/arch/x86/kernel/setup.c
+++ linux-2.6/arch/x86/kernel/setup.c
@@ -429,7 +429,18 @@ static void __init reserve_initrd(void)

 static void __init parse_kaslr_setup(u64 pa_data, u32 data_len)
 {
-    kaslr_enabled = (bool)(pa_data + sizeof(struct setup_data));
+    /* kaslr_setup_data is defined in aslr.c */
+    unsigned char *data;
+    unsigned long offset = sizeof(struct setup_data);
+
+    data = early_memremap(pa_data, offset + 1);
+    if (!data) {
+        kaslr_enabled = true;
+        return;
+    }
+
+    kaslr_enabled = *(data + offset);
+    early_memunmap(data, offset + 1);
 }

 static void __init parse_setup_data(void)