Received: by 2002:a05:6a10:2726:0:0:0:0 with SMTP id ib38csp936457pxb;
        Thu, 31 Mar 2022 23:33:59 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJyUuHtIX3BiXo2CFi6DBDh+k7lf76rwR6yZBSrJq72CSCxOOuLbgNO6NX6/R0XWLsocNnfR
X-Received: by 2002:a05:6402:cb2:b0:419:d945:2538 with SMTP id cn18-20020a0564020cb200b00419d9452538mr19642932edb.142.1648794839032;
        Thu, 31 Mar 2022 23:33:59 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1648794839; cv=none;
        d=google.com; s=arc-20160816;
        b=lvESrqv9Qjbcoo2PVypt1yqtsDmqEG/HuDA8J8gia3vFe5jgh9Y2+ACyd/xuJHkMMk
         UTM58Vi7DDzlBZb75HPp21Cpxo0yD0rXDhNGRFzP9MWp51ZHKjmkElHxQfpLp6+wxnqy
         OxwYzzDyNrk5gtpPDcHk/F2bjdCb+tH7tYTfwfNUcbY6gVrLYWl75ITQvFyMIMiR2VJP
         0DM2SMfGvCj5lf3NrKuMIDN8UNE7sHJYTAK3VHdrCbty7xV6ni4I/uOXDP2f7GoMQS4H
         X9EWGGP5qrvt9Lj+UJLzpDcix1f/0EBdHxZHe7xXzwo9y5vlEFl7ZL6DGqTfj3ECP+iX
         UDZw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from;
        bh=Dy+Pg4svLm2bpgMf3oM8B/N49Iv4e/KmeZ7Az6hAPDw=;
        b=Y9OgKhZnWz+jaoOaQ01oDPDUtds2l/iBMdmhjmY7+kW0wHpbzLrgoNJ86dwd4WQiJl
         UPc4usu36gaCvkce7mVPOl7M4dLC+eOLEFlMcPg4qsmMa6KxsLqM2Nzw7iFUtmN++EC4
         BAaHYVDVs6VKVwQiFd/hv4/SzdmEXg0SI7WevPwb4wSKNZfPO0qaLtxl6H+QI8parkpl
         Yg90Fq6zVNG+R2YsMJGOYm1BcHbuLxkddsQ83dLGcckRwxsEjPF/fR5pi+PpR/uKtVVx
         +gqpdNv3qYI2+8QRPq4Pej0yV3XX+coITYLpt1DO2sPJAVixShSMJl374iIxp7IqNdY8
         MI+Q==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id t16-20020a056402525000b004194da3cee0si1193709edd.75.2022.03.31.23.33.13;
        Thu, 31 Mar 2022 23:33:59 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S232823AbiCaShB (ORCPT <rfc822;arunks.linux@gmail.com>
        + 99 others); Thu, 31 Mar 2022 14:37:01 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52682 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S235120AbiCaSga (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 31 Mar 2022 14:36:30 -0400
Received: from foss.arm.com (foss.arm.com [217.140.110.172])
        by lindbergh.monkeyblade.net (Postfix) with ESMTP id E50B31F0CAA;
        Thu, 31 Mar 2022 11:34:39 -0700 (PDT)
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
        by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id C89A7139F;
        Thu, 31 Mar 2022 11:34:39 -0700 (PDT)
Received: from eglon.cambridge.arm.com (eglon.cambridge.arm.com [10.1.196.218])
        by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 2AFAB3F718;
        Thu, 31 Mar 2022 11:34:39 -0700 (PDT)
From:   James Morse <james.morse@arm.com>
To:     stable@vger.kernel.org, linux-kernel@vger.kernel.org
Cc:     james.morse@arm.com, catalin.marinas@arm.com
Subject: [stable:PATCH v4.14.274 12/27] arm64: entry: Move the trampoline data page before the text page
Date:   Thu, 31 Mar 2022 19:33:45 +0100
Message-Id: <20220331183400.73183-13-james.morse@arm.com>
X-Mailer: git-send-email 2.30.2
In-Reply-To: <20220331183400.73183-1-james.morse@arm.com>
References: <20220331183400.73183-1-james.morse@arm.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_HI,
        SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

commit c091fb6ae059cda563b2a4d93fdbc548ef34e1d6 upstream.

The trampoline code has a data page that holds the address of the vectors,
which is unmapped when running in user-space. This ensures that with
CONFIG_RANDOMIZE_BASE, the randomised address of the kernel can't be
discovered until after the kernel has been mapped.

If the trampoline text page is extended to include multiple sets of
vectors, it will be larger than a single page, making it tricky to
find the data page without knowing the size of the trampoline text
pages, which will vary with PAGE_SIZE.

Move the data page to appear before the text page. This allows the
data page to be found without knowing the size of the trampoline text
pages. 'tramp_vectors' is used to refer to the beginning of the
.entry.tramp.text section, do that explicitly.

Reviewed-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
[ removed SDEI for backport ]
Signed-off-by: James Morse <james.morse@arm.com>
---
 arch/arm64/include/asm/fixmap.h | 2 +-
 arch/arm64/kernel/entry.S       | 7 ++++++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/arch/arm64/include/asm/fixmap.h b/arch/arm64/include/asm/fixmap.h
index ec1e6d6fa14c..c0cfc6d3bf9f 100644
--- a/arch/arm64/include/asm/fixmap.h
+++ b/arch/arm64/include/asm/fixmap.h
@@ -59,8 +59,8 @@ enum fixed_addresses {
 #endif /* CONFIG_ACPI_APEI_GHES */
 
 #ifdef CONFIG_UNMAP_KERNEL_AT_EL0
-	FIX_ENTRY_TRAMP_DATA,
 	FIX_ENTRY_TRAMP_TEXT,
+	FIX_ENTRY_TRAMP_DATA,
 #define TRAMP_VALIAS		(__fix_to_virt(FIX_ENTRY_TRAMP_TEXT))
 #endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */
 	__end_of_permanent_fixed_addresses,
diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S
index b3014ed0ea8a..0669d05bd63c 100644
--- a/arch/arm64/kernel/entry.S
+++ b/arch/arm64/kernel/entry.S
@@ -1019,6 +1019,11 @@ alternative_else_nop_endif
 	 */
 	.endm
 
+	.macro tramp_data_page	dst
+	adr	\dst, .entry.tramp.text
+	sub	\dst, \dst, PAGE_SIZE
+	.endm
+
 	.macro tramp_ventry, regsize = 64
 	.align	7
 1:
@@ -1035,7 +1040,7 @@ alternative_else_nop_endif
 2:
 	tramp_map_kernel	x30
 #ifdef CONFIG_RANDOMIZE_BASE
-	adr	x30, tramp_vectors + PAGE_SIZE
+	tramp_data_page		x30
 alternative_insn isb, nop, ARM64_WORKAROUND_QCOM_FALKOR_E1003
 	ldr	x30, [x30]
 #else
-- 
2.30.2