Received: by 2002:a05:6a10:413:0:0:0:0 with SMTP id 19csp2028887pxp;
        Thu, 10 Mar 2022 17:55:20 -0800 (PST)
X-Google-Smtp-Source: ABdhPJwb86ccT2xL1DrTxeu6UUt9dZIVqjys/9HUvWom4we3hZiJpizi98xE3m5QqcDCtoTG6uIy
X-Received: by 2002:a17:902:eb84:b0:151:c8a2:1c48 with SMTP id q4-20020a170902eb8400b00151c8a21c48mr8129134plg.8.1646963720201;
        Thu, 10 Mar 2022 17:55:20 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1646963720; cv=none;
        d=google.com; s=arc-20160816;
        b=qoCPiqSm20M2+lRc3hiwb4EOi4srBQWv491EayI76wEzeu6ggWeElGp+x3NVKF1teD
         7wiMEgNMH4ekE+AE4Q58Nf55CmNpaQS2jFAZLQ/fU8DrOebyRKUcZba7YMLstGJLIDDa
         Nh97Rvul3cRbv7Tw/JNOhwZIvu6axu48HxGrgxYSTTCirLKxSK+FOh1uLfYJScENMR0j
         u3xG2WVAOuQUXxX2/nlLX2PblO6e11lRgndHSgXSXGjfLXVsdVomdLGws+QFzsqnWIhW
         VDGrrsDiqAp7C5cHF3DPSdYPv3e6JYq56vNLcS9/4Y1u0/KcSdTGihNzMDPUzBSqt1Oq
         o7ng==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=KC/yxev7aolw2yRUcCnqj5nGCOnEyZ7y1wla89QQ+DI=;
        b=QzDQx57EhBF9t/ziuhX1vb/CwWBfEGALrBakMzhjPOPvdA5OQE5NFaS1TSnl/09J4f
         nTLv/ET4SAyVDB1QGdpyO2zWoi9Q5dIt6o5TZvbTIS+BPc2sgDBMwUsdNrabinFOmdmp
         uU/EngY9YxJSZCyRoxJDTS0rglvz1E7Fz8EvSSwEkj1uEkYSUSex00i9cFlF7Oq47llt
         S21cGt0aWAhr3MMpndH78MejJNCjqHkKuz0UA6q2znmVsrhHX5FUhPZ/XHqZv3MZRSDQ
         y7A+RZzT6p2WcP9tk/PrkFEUz3mOUCRApmD3Nzbaxy39YAEFQi4jpn8JkMm6R3e3aHbZ
         a33w==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=NK6KIY1p;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id fv24-20020a17090b0e9800b001bd14e03053si3424728pjb.43.2022.03.10.17.55.03;
        Thu, 10 Mar 2022 17:55:20 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=NK6KIY1p;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1346410AbiCJOoC (ORCPT <rfc822;antony.sucheston@gmail.com>
        + 99 others); Thu, 10 Mar 2022 09:44:02 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48214 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1344051AbiCJObj (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 10 Mar 2022 09:31:39 -0500
Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BF45B793A6;
        Thu, 10 Mar 2022 06:29:53 -0800 (PST)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by dfw.source.kernel.org (Postfix) with ESMTPS id 580C961C0A;
        Thu, 10 Mar 2022 14:29:53 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 49189C340E8;
        Thu, 10 Mar 2022 14:29:51 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org;
        s=korg; t=1646922592;
        bh=XWfPsTF81CkXJlNPj4xrj7j+Msen4QvmkKqcXNCg8eM=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=NK6KIY1p+hjTMJ/tvDEzf/vW0PA1MdTMN6xGJeJFQFfOzn1fvm74AX+A0340E7oVt
         VhvG7pNFbGv7N94aca0l/39bZEkEP3x0UvEwFp/d+AAV9GqP9YLcUTO8kwVvBE2WJp
         nIHW6V8tEJTdd0GkVW+kcD3ZEcgu5E2bCX7lg1UM=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org,
        "Russell King (Oracle)" <rmk+kernel@armlinux.org.uk>,
        Catalin Marinas <catalin.marinas@arm.com>,
        James Morse <james.morse@arm.com>
Subject: [PATCH 5.15 27/58] arm64: entry: Move the trampoline data page before the text page
Date:   Thu, 10 Mar 2022 15:19:16 +0100
Message-Id: <20220310140813.763238441@linuxfoundation.org>
X-Mailer: git-send-email 2.35.1
In-Reply-To: <20220310140812.983088611@linuxfoundation.org>
References: <20220310140812.983088611@linuxfoundation.org>
User-Agent: quilt/0.66
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-7.6 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,
        SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: James Morse <james.morse@arm.com>

commit c091fb6ae059cda563b2a4d93fdbc548ef34e1d6 upstream.

The trampoline code has a data page that holds the address of the vectors,
which is unmapped when running in user-space. This ensures that with
CONFIG_RANDOMIZE_BASE, the randomised address of the kernel can't be
discovered until after the kernel has been mapped.

If the trampoline text page is extended to include multiple sets of
vectors, it will be larger than a single page, making it tricky to
find the data page without knowing the size of the trampoline text
pages, which will vary with PAGE_SIZE.

Move the data page to appear before the text page. This allows the
data page to be found without knowing the size of the trampoline text
pages. 'tramp_vectors' is used to refer to the beginning of the
.entry.tramp.text section, do that explicitly.

Reviewed-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: James Morse <james.morse@arm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 arch/arm64/include/asm/fixmap.h |    2 +-
 arch/arm64/kernel/entry.S       |    9 +++++++--
 2 files changed, 8 insertions(+), 3 deletions(-)

--- a/arch/arm64/include/asm/fixmap.h
+++ b/arch/arm64/include/asm/fixmap.h
@@ -62,8 +62,8 @@ enum fixed_addresses {
 #endif /* CONFIG_ACPI_APEI_GHES */
 
 #ifdef CONFIG_UNMAP_KERNEL_AT_EL0
-	FIX_ENTRY_TRAMP_DATA,
 	FIX_ENTRY_TRAMP_TEXT,
+	FIX_ENTRY_TRAMP_DATA,
 #define TRAMP_VALIAS		(__fix_to_virt(FIX_ENTRY_TRAMP_TEXT))
 #endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */
 	__end_of_permanent_fixed_addresses,
--- a/arch/arm64/kernel/entry.S
+++ b/arch/arm64/kernel/entry.S
@@ -644,6 +644,11 @@ alternative_else_nop_endif
 	 */
 	.endm
 
+	.macro tramp_data_page	dst
+	adr	\dst, .entry.tramp.text
+	sub	\dst, \dst, PAGE_SIZE
+	.endm
+
 	.macro tramp_ventry, regsize = 64
 	.align	7
 1:
@@ -660,7 +665,7 @@ alternative_else_nop_endif
 2:
 	tramp_map_kernel	x30
 #ifdef CONFIG_RANDOMIZE_BASE
-	adr	x30, tramp_vectors + PAGE_SIZE
+	tramp_data_page		x30
 alternative_insn isb, nop, ARM64_WORKAROUND_QCOM_FALKOR_E1003
 	ldr	x30, [x30]
 #else
@@ -851,7 +856,7 @@ SYM_CODE_START(__sdei_asm_entry_trampoli
 1:	str	x4, [x1, #(SDEI_EVENT_INTREGS + S_SDEI_TTBR1)]
 
 #ifdef CONFIG_RANDOMIZE_BASE
-	adr	x4, tramp_vectors + PAGE_SIZE
+	tramp_data_page		x4
 	add	x4, x4, #:lo12:__sdei_asm_trampoline_next_handler
 	ldr	x4, [x4]
 #else