Received: by 2002:a05:7412:bc1a:b0:d7:7d3a:4fe2 with SMTP id ki26csp17119rdb; Fri, 18 Aug 2023 12:43:47 -0700 (PDT) X-Google-Smtp-Source: AGHT+IF5+s8FXaZLwflck0phaGzSohybgiPIcd4/MHEct2C80sG8TtXGb50xockxzckyAK26F93n X-Received: by 2002:a54:4e13:0:b0:3a4:1b66:5494 with SMTP id a19-20020a544e13000000b003a41b665494mr56439oiy.44.1692387827350; Fri, 18 Aug 2023 12:43:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692387827; cv=none; d=google.com; s=arc-20160816; b=0BF37H6Sp5Y31mvV67DaDjU64QOhyTidn/OgXNitXyROYgajp/I8Wam+P6LPAuhN8X 1Gvx4tgbhW2UiO2h8ISJ+PygZc0hg8ORn7374hdGpoMy+O9eISirw/jUqfi7Mo4x2MfJ kni/ihTX0btWjzCg567+0Orwt8KGmgj+hphoDLi7wulZiwLJNb3/RyJzXquYS/nybktO Z/NNUEdb6uVmWajlwNdwZrYNIdEXHNmSHs2S8v+VTUk1T5UBRtq4plD0Gy/1+VI0Kb4J kCgdMAgF4U59EiiFrV2bUN3q2OZeSNYRkLRVPv4yamAEnS6ms61rMuGvclCGxv0fEAm6 Xj/Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:feedback-id:content-transfer-encoding :in-reply-to:from:cc:references:to:subject:user-agent:mime-version :date:message-id; bh=NzLHm+iU7x+V7O6E5Ct9l+iZbfAUizKjkbA0c9I4T2A=; fh=oC98m3G0QO/1s6wSTjkw8RaUb427NIJJhFx4qDz0vZw=; b=p0osNVQSwIgWeQAWF/4mS8tJxkQttgk5pZBQO8tPwBZiAUVv+xpRpVAgpPWvLjVfYV EfKjseBQ3E9i0r2wDqWJKYh3eB84RWrtpJc6AYW95dC0Nfhiu9SPBpyRrZvssjElACl9 Ois52V8MNxgM2yXqov5mJX0yvfRBtmvgKDZcchycsfDcJ/Ts6WSas+hfXJmV/0vkIxi3 LDP7/I9kZULJ52OvUcckz3NAa5DQqjDPkexD5dkMHINfBqCpWLtabNKLo3DTzZcyOuZd CsXgFSL03X9PYwjwV5P04855T0B3YyJfNlG1rMThVOv9yUP+EpHlkqpO8S6UFyC8u/7Q ftdg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id ca20-20020a056a02069400b005634b43d2e0si2005517pgb.441.2023.08.18.12.43.34; Fri, 18 Aug 2023 12:43:47 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236232AbjHOLZU (ORCPT + 99 others); Tue, 15 Aug 2023 07:25:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36936 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235320AbjHOLY5 (ORCPT ); Tue, 15 Aug 2023 07:24:57 -0400 Received: from bg4.exmail.qq.com (bg4.exmail.qq.com [43.154.54.12]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CA2AB10C0; Tue, 15 Aug 2023 04:24:53 -0700 (PDT) X-QQ-mid: bizesmtp72t1692098660t8rl45w6 Received: from [192.168.1.114] ( [221.226.144.218]) by bizesmtp.qq.com (ESMTP) with id ; Tue, 15 Aug 2023 19:24:18 +0800 (CST) X-QQ-SSF: 00200000000000B0B000000A0000000 X-QQ-FEAT: dKvkn8qoLrFQ1alGughSwXTA+ONvfspyvIhP0MGPgn0A+/0FmsKKpXh7V9DqY Q/K32MjJkvxnFZupvarNRF8a0JYfK89Ygt+XKrOyD6lFilgsJW6A6rVemQZhiqnzn3M/FqZ hsFiUiQ5J+V2yqNSbL5dVT2sm5ncMmv6vmKXHePHb+sqnnFgjrWGnu0Ca8g5ctulTur/DNp MyGH83GFkLbhGjkIk7XOfaWcPtPss5YnqIgFTq60m6UL9qfQWXIKt02xGtVyXNJK9yp0Q7J cw+GPThG5xxGnqk6xpQzEf/2Uco6Aqnd9KcqsfEAl9vlUhktKCDyA+cykV6YxFVQQF2HNVm sQCFExTrr4jqAnX8nwPFm2+PPLwgiCo3NW/7lapYI/H0rQExKzZrIBTLn7Hhg== X-QQ-GoodBg: 0 X-BIZMAIL-ID: 4206943508769767112 Message-ID: Date: Tue, 15 Aug 2023 19:24:18 +0800 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.13.0 Subject: Re: [PATCH v6 0/5] riscv: Introduce KASLR To: Alexandre Ghiti References: <20230722123850.634544-1-alexghiti@rivosinc.com> Cc: Paul Walmsley , Palmer Dabbelt , Ard Biesheuvel , Kees Cook , linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org, linux-arm-kernel@lists.infradead.org, Albert Ou , zong.li@sifive.com, conor.dooley@microchip.com From: Song Shuai In-Reply-To: <20230722123850.634544-1-alexghiti@rivosinc.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-QQ-SENDSIZE: 520 Feedback-ID: bizesmtp:tinylab.org:qybglogicsvrsz:qybglogicsvrsz4a-0 X-Spam-Status: No, score=-0.6 required=5.0 tests=BAYES_00,FORGED_MUA_MOZILLA, NICE_REPLY_A,RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, Alex: 在 2023/7/22 20:38, Alexandre Ghiti 写道: > The following KASLR implementation allows to randomize the kernel mapping: > > - virtually: we expect the bootloader to provide a seed in the device-tree > - physically: only implemented in the EFI stub, it relies on the firmware to > provide a seed using EFI_RNG_PROTOCOL. arm64 has a similar implementation > hence the patch 3 factorizes KASLR related functions for riscv to take > advantage. > > The new virtual kernel location is limited by the early page table that only > has one PUD and with the PMD alignment constraint, the kernel can only take > < 512 positions. > I have gone through the code and tested this series with RiscVVirt edk2. All seems good to me, you can add : Tested-by: Song Shuai And a few questions about patch 2 ("riscv: Dump out kernel offset information on panic"): 1. The dump_kernel_offset() function would output "Kernel Offset: 0x0 from 0xffffffff80000000" when booting with "nokaslr" option. How about disabling the registration of "kernel_offset_notifier" with "nokaslr" option? 2. Inspired by patch 2, I added the Crash KASLR support based on this series [1]. So is it necessary to keep this patch if we have Crash KASLR support? [1]: https://lore.kernel.org/linux-riscv/20230815104800.705753-1-songshuaishuai@tinylab.org/T/#u > base-commit-tag: v6.5-rc1 > > Changes in v6: > * Fix reintroduced build failures by compiling kaslr.c only for arm64 > and riscv, as suggested by Ard > > Changes in v5: > * Renamed efi-stub-kaslr.c into kaslr.c and fix commit log of patch 3, > as suggested by Ard > * Removed stubs since the kaslr functions were moved to their own file > (and then does not trigger any build failure for architectures that do > not call those functions since they are in their own compilation unit) > > Changes in v4: > * Fix efi_get_kimg macro that returned nothing > * Moved new kaslr functions into their own files to avoid zboot link > failures, as suggested by Ard > > Changes in v3: > * Rebase on top of 6.4-rc2 > * Make RANDOMIZE_BASE depend on 64bit > * Fix efi_icache_sync and efi_get_kimg_min_align which were undefined > in x86 (and certainly other archs) > * Add patch 4 to fix warning on rv32 > > Changes in v2: > * Rebase on top of 6.3-rc1 > * Add a riscv cache sync after memcpying the kernel > * Add kaslr_offset implementation for KCOV > * Add forward declaration to quiet LLVM > > Alexandre Ghiti (5): > riscv: Introduce virtual kernel mapping KASLR > riscv: Dump out kernel offset information on panic > arm64: libstub: Move KASLR handling functions to kaslr.c > libstub: Fix compilation warning for rv32 > riscv: libstub: Implement KASLR by using generic functions > > arch/arm64/include/asm/efi.h | 2 + > arch/riscv/Kconfig | 19 +++ > arch/riscv/include/asm/efi.h | 2 + > arch/riscv/include/asm/page.h | 3 + > arch/riscv/kernel/image-vars.h | 1 + > arch/riscv/kernel/pi/Makefile | 2 +- > arch/riscv/kernel/pi/cmdline_early.c | 13 ++ > arch/riscv/kernel/pi/fdt_early.c | 30 ++++ > arch/riscv/kernel/setup.c | 25 ++++ > arch/riscv/mm/init.c | 36 ++++- > drivers/firmware/efi/libstub/Makefile | 4 +- > drivers/firmware/efi/libstub/arm64-stub.c | 117 ++-------------- > drivers/firmware/efi/libstub/efistub.h | 8 ++ > drivers/firmware/efi/libstub/kaslr.c | 159 ++++++++++++++++++++++ > drivers/firmware/efi/libstub/riscv-stub.c | 33 ++--- > 15 files changed, 328 insertions(+), 126 deletions(-) > create mode 100644 arch/riscv/kernel/pi/fdt_early.c > create mode 100644 drivers/firmware/efi/libstub/kaslr.c > -- Thanks Song Shuai