Received: by 2002:a05:7412:b995:b0:f9:9502:5bb8 with SMTP id it21csp6644119rdb;
        Tue, 2 Jan 2024 08:27:18 -0800 (PST)
X-Google-Smtp-Source: AGHT+IGHbkU8ikkPRfWKPihKsizOmk1X1SkGVZegrgd4/qAVusW3h7KIcfNLyFI7wsATMtPj19Us
X-Received: by 2002:a17:90a:4403:b0:28c:c263:3a3d with SMTP id s3-20020a17090a440300b0028cc2633a3dmr4832826pjg.34.1704212837818;
        Tue, 02 Jan 2024 08:27:17 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1704212837; cv=none;
        d=google.com; s=arc-20160816;
        b=kD51KMp4NwfvTtteDRpWw8Lbf4wRLV3+lpCr9LkngDVC35dOKSpnImcwTjPDHVeEMa
         5hj/JgcjIisCKi1Tz8scOs7k2qMG2/7FqPTSWtA2i+O+KxNln6Rk8vO1Jp7oFTtPnrSn
         zUJxHekgCTpejT8IlP1UgNiUIDnmQd1/EI/ApILjhJaTrBqiq870DZSkfiIr/kRuuRVd
         tOrbII60EChr/8kHUXtnvyridtXP7pm7H7h0k1QgSlqDJCDxL49NaGypOiEu8wZjOUjc
         kaGgU8VUjLy8dhO/D/q/jdid4YwBaeuwDfgiqyeE8q6HXX2GHkzXIUGYo5rRwnIOj6Zh
         RJSQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:list-unsubscribe:list-subscribe:list-id:precedence
         :dkim-signature;
        bh=BreUTiepPZe9W/5QF8fQFERIcZC/KXcJPbC0BA0maRo=;
        fh=8YcNrWQ5b17gRM81w6J17199jt/dKBYYwnUdHTWhUfA=;
        b=QdWilT1tekuAL8p/KS4y35Anz5vhU8SU+WMrAixO1Ie4ZykGCbv4181meLK4I78gYo
         zujAszYafRLMFsl4lPnqISxHmT49m3w+QSe00E7wR7RUDOb1DwUuwp+7vHW0hqZCq+fH
         e42C+Px4DpfV7VyNMPUol4wFE76GK4tOFnPW0SPnQJA/Y7qMTs88NG/o8i6JbNuBdwzi
         pU+rlYHhWYIOGh1cGwJwCSv3uplsL5iwAvTlaK/MJuU6UEQ5kgZSuIApgwamUeUkz/0f
         pl/adESrPAxf9gfbfaLyOe6PZBffXrKM5oQp0LekrAocY3d9ueWl7ahCfXS9GY7j8sBN
         WcIw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=ExYyGdi1;
       spf=pass (google.com: domain of linux-kernel+bounces-14603-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-14603-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel+bounces-14603-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99])
        by mx.google.com with ESMTPS id t4-20020a17090aba8400b0028bca7b7a64si20433317pjr.171.2024.01.02.08.27.17
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 02 Jan 2024 08:27:17 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-14603-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=ExYyGdi1;
       spf=pass (google.com: domain of linux-kernel+bounces-14603-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-14603-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sv.mirrors.kernel.org (Postfix) with ESMTPS id D7E8A283A9D
	for <linux.lists.archive@gmail.com>; Tue,  2 Jan 2024 16:27:16 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id 94C3E14F85;
	Tue,  2 Jan 2024 16:27:13 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="ExYyGdi1"
X-Original-To: linux-kernel@vger.kernel.org
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id C77F114F63;
	Tue,  2 Jan 2024 16:27:11 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 50104C433CA;
	Tue,  2 Jan 2024 16:27:11 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1704212831;
	bh=eFEd7K66r3sAQkzNrfgd/oQ52+Ogas6L7kNAjyIMi68=;
	h=References:In-Reply-To:From:Date:Subject:To:Cc:From;
	b=ExYyGdi1rgkLxP0zOa9Dur7M7hl15KQDis1p1r8HxGzY8mGtO7fFjYrHGrW4giDwe
	 WnRiMaQ3B7/Fp46FL4lwfbg1QyoSExZ32pEnlIvwaLCs8ghu3K0wac9CaB0RJVdvzO
	 1LRJYQpDcMjmvs6Bo4oIXqM8KRF3b6Qb2Otsq4kMKBBFEHUzTekS2xAVXnPVU7Hwzh
	 Bz+svjbY0yoWW17SE2Isbo4NH/xmR+Ldpcw21vnaovAepBDX5aQCR9LSCaVCICU/fn
	 vV07g1uvE++NSKQprTssI1MNPJngoLARbTK5S4bl8s0yl7d43dnFS76qJT33c+2Ab+
	 ApS3CGDWvdA6g==
Received: by mail-lf1-f43.google.com with SMTP id 2adb3069b0e04-50e7ddd999bso6555137e87.1;
        Tue, 02 Jan 2024 08:27:11 -0800 (PST)
X-Gm-Message-State: AOJu0YxIo2WvvZQbTm+mZHTGUViB2MkCGemNFoD1uwrGdxDNcnITqVkM
	DPnf6rmetddH+Si/RmJdFujZXFaB3RhpiQVhtCc=
X-Received: by 2002:a05:6512:159c:b0:50e:7c6e:b411 with SMTP id
 bp28-20020a056512159c00b0050e7c6eb411mr7629688lfb.103.1704212829567; Tue, 02
 Jan 2024 08:27:09 -0800 (PST)
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
References: <20231226140250.224516-1-ytcoode@gmail.com> <CAMj1kXGE9JUoPUqBMJkwVUco67dEa8N95=gMJwE+Sj1ux1+5tQ@mail.gmail.com>
 <b2c4835d-0076-47f0-b0d1-792dc32cc305@amd.com>
In-Reply-To: <b2c4835d-0076-47f0-b0d1-792dc32cc305@amd.com>
From: Ard Biesheuvel <ardb@kernel.org>
Date: Tue, 2 Jan 2024 17:26:58 +0100
X-Gmail-Original-Message-ID: <CAMj1kXELiSzz75EGJuYwvSURfjGmZaRLEQghvGVVc5JMN+Npow@mail.gmail.com>
Message-ID: <CAMj1kXELiSzz75EGJuYwvSURfjGmZaRLEQghvGVVc5JMN+Npow@mail.gmail.com>
Subject: Re: [PATCH] x86/efistub: fix the missing KASLR_FLAG bit in boot_params->hdr.loadflags
To: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Yuntao Wang <ytcoode@gmail.com>, linux-efi@vger.kernel.org, 
	linux-kernel@vger.kernel.org, "Borislav Petkov (AMD)" <bp@alien8.de>, 
	"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>, Ingo Molnar <mingo@kernel.org>, 
	Dionna Glaze <dionnaglaze@google.com>, Nikolay Borisov <nik.borisov@suse.com>
Content-Type: text/plain; charset="UTF-8"

On Tue, 2 Jan 2024 at 17:26, Tom Lendacky <thomas.lendacky@amd.com> wrote:
>
> On 1/2/24 09:29, Ard Biesheuvel wrote:
> > On Tue, 26 Dec 2023 at 15:03, Yuntao Wang <ytcoode@gmail.com> wrote:
> >>
> >> When KASLR is enabled, the KASLR_FLAG bit in boot_params->hdr.loadflags
> >> should be set to 1 to propagate KASLR status from compressed kernel to
> >> kernel, just as the choose_random_location() function does.
> >>
> >> Currently, when kernel is booted via efi stub, the KASLR_FLAG bit in
> >> boot_params->hdr.loadflags is not set, even though it should be. This
> >> causes some functions, such as kernel_randomize_memory(), not to execute
> >> as expected. Fix it.
> >>
> >> Signed-off-by: Yuntao Wang <ytcoode@gmail.com>
> >> ---
> >>   drivers/firmware/efi/libstub/x86-stub.c | 5 ++++-
> >>   1 file changed, 4 insertions(+), 1 deletion(-)
> >>
> >> diff --git a/drivers/firmware/efi/libstub/x86-stub.c b/drivers/firmware/efi/libstub/x86-stub.c
> >> index da9b7b8d0716..b0c68593ad40 100644
> >> --- a/drivers/firmware/efi/libstub/x86-stub.c
> >> +++ b/drivers/firmware/efi/libstub/x86-stub.c
> >> @@ -787,7 +787,10 @@ static efi_status_t efi_decompress_kernel(unsigned long *kernel_entry)
> >>                          efi_debug("AMI firmware v2.0 or older detected - disabling physical KASLR\n");
> >>                          seed[0] = 0;
> >>                  }
> >> -       }
> >> +
> >> +               boot_params_ptr->hdr.loadflags |= KASLR_FLAG;
> >> +       } else
> >> +               boot_params_ptr->hdr.loadflags &= ~KASLR_FLAG;
> >>
> >
> > Thanks for the fix.
>
> Does it need a Fixes: tag?
>

Yes, I've added that.