From patchwork Tue Nov 29 16:14:18 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 13058808 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 224ECC433FE for ; Tue, 29 Nov 2022 16:19:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=7DANx9wJJ6wfLPuC+eSw5N0ysNQAaL60cUjAz3ayz9A=; b=wbj3aCP3z+svKT c1aUyfzBIrRkyYvBReWsZqQmsVfngd7YxCtCr+PxApoQByMfDjH9LnJuUmbZt6kU9QgUoiHl+ZSFU B+6o75gs4+FizMku9yuiVnUGB0cbixQ/DgPGF8Rye71SbHq2EfZL3EfPK187egZZlOPQ6aVV9PicI DQ4xxs8Q3Qdvwyj+J5l10ln774aF6hFb5oY3nJqvkEI71p/ZMBvOc/zgGgNqTZjsuP7JARiHTwfSs pODAAOGkkX63PXaRQt/VIDn3t7VMgQcqnMS4nsk36XogUDtnNkLD3VF3Pb7sjVFNr5VuprWlanFkf XTP3QVjQ0/oGVeDZqG4g==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1p03Jb-00A213-M7; Tue, 29 Nov 2022 16:18:35 +0000 Received: from dfw.source.kernel.org ([139.178.84.217]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1p03Fj-00A0aH-Em for linux-arm-kernel@lists.infradead.org; Tue, 29 Nov 2022 16:14:37 +0000 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id EB896617D5; Tue, 29 Nov 2022 16:14:34 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 142D7C433C1; Tue, 29 Nov 2022 16:14:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1669738474; bh=tSjYOPJsaij17TN4QuwS8cUzZGIxtcHzEAMZyGu8Xj8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=nSF2sIkH/TjFf8Z85Kf4Hg0CMieuBl8Qml5UO/5b56U4HgGqy8EW+tYSv/t8BOzFP Le/ppMl3y2bYTbYg6xd1BUu6W7lDR1zVkbNGJzw5nGxsPKVZ+EcjSn1lPvT0leBrrb JnMPccg7BWflO1XScRrrNHDbTXvdt7zQtBaXEwZs1whT8SXM5SM4c73vj9FuFqUY/d +qqBpLeQ9UBXiWwMIbzmfdtyyuPs85XzeKmn3+5i8DskY54+VUwmdHcmMAhfiA1ZhQ ke3IQRqaVgy5Zuwt5eALt7LxU12mgnCJ/JsdQBxYNW7IIwp+drTvcxnhtbENlQ4NHF WbC9jyAOfAO6A== From: Ard Biesheuvel To: linux-arm-kernel@lists.infradead.org Cc: Ard Biesheuvel , Will Deacon , Catalin Marinas , Marc Zyngier , Mark Rutland Subject: [PATCH v6 6/6] arm64: lds: reduce effective minimum image alignment to 64k Date: Tue, 29 Nov 2022 17:14:18 +0100 Message-Id: <20221129161418.1968319-7-ardb@kernel.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20221129161418.1968319-1-ardb@kernel.org> References: <20221129161418.1968319-1-ardb@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=5121; i=ardb@kernel.org; h=from:subject; bh=tSjYOPJsaij17TN4QuwS8cUzZGIxtcHzEAMZyGu8Xj8=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBjhi/YJtSt2893zV6KhY/9M7qGlR8We0E7r3zzGEDs 3wdT0w+JAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCY4Yv2AAKCRDDTyI5ktmPJBeKC/ 9TGK4diBULm5C/HjO0jLolGQIgRpoZ0lUYLXg1c2Xptf2jz1CBf0B7G0FE1Zygho48WlelCBrtt2Hy 1WL7xbIfBP3Gh0N962vNwXLeu2q/Rfs+A5Q1jawfps4ZQDOn1FvW/aGBvlONU5tDcDtq9tQMObo17r gqmUIv6I0JC0slwzwoOV7LH82E30MNdNGYA3njCgRsco46EGhs+6HFx2+THV+UX2aeWbxMaU5+p4YO jB58J2GXMisMom0oNDpyzxtbR4p7oGZ6V10okQ/irUv91EE6ab1ULf56p37fiOp9nHcYujxsKc8FVo ws3mt/pI00X7M+28oy4P4Ml864UKKhO/F5hfYyO+CcpEOX7Y6oFuGWWVFL/hexNZvrvdTjT8YHCRWl 5Hi8C+gRl0cN5Yn2eF6MI9kytVu6L10HTTSqCFSlWtBwEqw4Dv+AoLAfQXZSlSFF5oqwTNJtATNUKK mnLNP+RHsRHZm0IdO2mocj6mMcFbw0/+tJxpI8kx5bfmg= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221129_081435_646571_31A56759 X-CRM114-Status: GOOD ( 23.82 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Our segment alignment is 64k for all configurations, and coincidentally, this is the largest alignment supported by the PE/COFF executable format used by EFI. This means that generally, there is no need to move the image around in memory after it has been loaded by the firmware, which can be advantageous as it also permits us to rely on the memory attributes set by the firmware (R-X for [_text, __inittext_end] and RW- for [__initdata_begin, _end]. However, the minimum alignment of the image is actually 128k on 64k pages configurations with CONFIG_VMAP_STACK=y, due to the existence of a single 128k aligned object in the image, which is the stack of the init task. Let's work around this by adding some padding before the init stack allocation, so we can round down the stack pointer to a suitably aligned value if the image is not aligned to 128k in memory. Note that this does not affect the boot protocol, which still requires 2 MiB alignment for bare metal boot, but is only part of the internal contract between the EFI stub and the kernel proper. Signed-off-by: Ard Biesheuvel --- arch/arm64/include/asm/efi.h | 7 ------- arch/arm64/kernel/head.S | 3 +++ arch/arm64/kernel/vmlinux.lds.S | 11 ++++++++++- drivers/firmware/efi/libstub/arm64-stub.c | 2 +- include/linux/efi.h | 6 +----- 5 files changed, 15 insertions(+), 14 deletions(-) diff --git a/arch/arm64/include/asm/efi.h b/arch/arm64/include/asm/efi.h index d6cf535d8352b324..a2321e92644d1c66 100644 --- a/arch/arm64/include/asm/efi.h +++ b/arch/arm64/include/asm/efi.h @@ -62,13 +62,6 @@ efi_status_t __efi_rt_asm_wrapper(void *, const char *, ...); /* arch specific definitions used by the stub code */ -/* - * In some configurations (e.g. VMAP_STACK && 64K pages), stacks built into the - * kernel need greater alignment than we require the segments to be padded to. - */ -#define EFI_KIMG_ALIGN \ - (SEGMENT_ALIGN > THREAD_ALIGN ? SEGMENT_ALIGN : THREAD_ALIGN) - /* * On arm64, we have to ensure that the initrd ends up in the linear region, * which is a 1 GB aligned region of size '1UL << (VA_BITS_MIN - 1)' that is diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S index d7b908c26253f7fe..13732e012db808bd 100644 --- a/arch/arm64/kernel/head.S +++ b/arch/arm64/kernel/head.S @@ -433,6 +433,9 @@ SYM_FUNC_END(create_kernel_mapping) msr sp_el0, \tsk ldr \tmp1, [\tsk, #TSK_STACK] +#if THREAD_ALIGN > SEGMENT_ALIGN + bic \tmp1, \tmp1, #THREAD_ALIGN - 1 +#endif add sp, \tmp1, #THREAD_SIZE sub sp, sp, #PT_REGS_SIZE diff --git a/arch/arm64/kernel/vmlinux.lds.S b/arch/arm64/kernel/vmlinux.lds.S index 407415a5163ab62f..fe0f8a09f1cca6fd 100644 --- a/arch/arm64/kernel/vmlinux.lds.S +++ b/arch/arm64/kernel/vmlinux.lds.S @@ -287,7 +287,16 @@ SECTIONS _data = .; _sdata = .; - RW_DATA(L1_CACHE_BYTES, PAGE_SIZE, THREAD_ALIGN) +#if THREAD_ALIGN > SEGMENT_ALIGN + /* + * Add some padding for the init stack so we can fix up any potential + * misalignment at runtime. In practice, this can only occur on 64k + * pages configurations with CONFIG_VMAP_STACK=y. + */ + . += THREAD_ALIGN - SEGMENT_ALIGN; + ASSERT(. == init_stack, "init_stack not at start of RW_DATA as expected") +#endif + RW_DATA(L1_CACHE_BYTES, PAGE_SIZE, SEGMENT_ALIGN) /* * Data written with the MMU off but read with the MMU on requires diff --git a/drivers/firmware/efi/libstub/arm64-stub.c b/drivers/firmware/efi/libstub/arm64-stub.c index 259e4b852d63276d..468872e07e6c171f 100644 --- a/drivers/firmware/efi/libstub/arm64-stub.c +++ b/drivers/firmware/efi/libstub/arm64-stub.c @@ -97,7 +97,7 @@ efi_status_t handle_kernel_image(unsigned long *image_addr, * 2M alignment if KASLR was explicitly disabled, even if it was not * going to be activated to begin with. */ - u64 min_kimg_align = efi_nokaslr ? MIN_KIMG_ALIGN : EFI_KIMG_ALIGN; + u64 min_kimg_align = efi_nokaslr ? MIN_KIMG_ALIGN : SEGMENT_ALIGN; if (IS_ENABLED(CONFIG_RANDOMIZE_BASE)) { efi_guid_t li_fixed_proto = LINUX_EFI_LOADED_IMAGE_FIXED_GUID; diff --git a/include/linux/efi.h b/include/linux/efi.h index 929d559ad41d29c6..32b83020c7a35269 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h @@ -421,11 +421,7 @@ void efi_native_runtime_setup(void); /* * This GUID may be installed onto the kernel image's handle as a NULL protocol * to signal to the stub that the placement of the image should be respected, - * and moving the image in physical memory is undesirable. To ensure - * compatibility with 64k pages kernels with virtually mapped stacks, and to - * avoid defeating physical randomization, this protocol should only be - * installed if the image was placed at a randomized 128k aligned address in - * memory. + * and moving the image in physical memory is undesirable. */ #define LINUX_EFI_LOADED_IMAGE_FIXED_GUID EFI_GUID(0xf5a37b6d, 0x3344, 0x42a5, 0xb6, 0xbb, 0x97, 0x86, 0x48, 0xc1, 0x89, 0x0a)