~hc/RK356X_SDK_RELEASE.git

..	..	@@ -1,9 +1,6 @@
	1	+// SPDX-License-Identifier: GPL-2.0-only
1	2	/*
2	3	* Copyright (C) 2016 Linaro Ltd <ard.biesheuvel@linaro.org>
3		- *
4		- * This program is free software; you can redistribute it and/or modify
5		- * it under the terms of the GNU General Public License version 2 as
6		- * published by the Free Software Foundation.
7	4	*/
8	5
9	6	#include <linux/cache.h>
..	..	@@ -13,15 +10,25 @@
13	10	#include <linux/mm_types.h>
14	11	#include <linux/sched.h>
15	12	#include <linux/types.h>
	13	+#include <linux/pgtable.h>
	14	+#include <linux/random.h>
16	15
17	16	#include <asm/cacheflush.h>
18	17	#include <asm/fixmap.h>
19	18	#include <asm/kernel-pgtable.h>
20	19	#include <asm/memory.h>
21	20	#include <asm/mmu.h>
22		-#include <asm/pgtable.h>
23	21	#include <asm/sections.h>
	22	+#include <asm/setup.h>
24	23
	24	+enum kaslr_status {
	25	+ KASLR_ENABLED,
	26	+ KASLR_DISABLED_CMDLINE,
	27	+ KASLR_DISABLED_NO_SEED,
	28	+ KASLR_DISABLED_FDT_REMAP,
	29	+};
	30	+
	31	+static enum kaslr_status __initdata kaslr_status;
25	32	u64 __ro_after_init module_alloc_base;
26	33	u16 __initdata memstart_offset_seed;
27	34
..	..	@@ -44,26 +51,7 @@
44	51	return ret;
45	52	}
46	53
47		-static __init const u8 kaslr_get_cmdline(void fdt)
48		-{
49		- static __initconst const u8 default_cmdline[] = CONFIG_CMDLINE;
50		-
51		- if (!IS_ENABLED(CONFIG_CMDLINE_FORCE)) {
52		- int node;
53		- const u8 *prop;
54		-
55		- node = fdt_path_offset(fdt, "/chosen");
56		- if (node < 0)
57		- goto out;
58		-
59		- prop = fdt_getprop(fdt, node, "bootargs", NULL);
60		- if (!prop)
61		- goto out;
62		- return prop;
63		- }
64		-out:
65		- return default_cmdline;
66		-}
	54	+struct arm64_ftr_override kaslr_feature_override __initdata;
67	55
68	56	/*
69	57	* This routine will be executed with the kernel mapped at its default virtual
..	..	@@ -73,12 +61,11 @@
73	61	* containing function pointers) to be reinitialized, and zero-initialized
74	62	* .bss variables will be reset to 0.
75	63	*/
76		-u64 __init kaslr_early_init(u64 dt_phys)
	64	+u64 __init kaslr_early_init(void)
77	65	{
78	66	void *fdt;
79	67	u64 seed, offset, mask, module_range;
80		- const u8 cmdline, str;
81		- int size;
	68	+ unsigned long raw;
82	69
83	70	/*
84	71	* Set a reasonable default for module_alloc_base in case
..	..	@@ -92,51 +79,66 @@
92	79	* and proceed with KASLR disabled. We will make another
93	80	* attempt at mapping the FDT in setup_machine()
94	81	*/
95		- early_fixmap_init();
96		- fdt = fixmap_remap_fdt(dt_phys, &size, PAGE_KERNEL);
97		- if (!fdt)
	82	+ fdt = get_early_fdt_ptr();
	83	+ if (!fdt) {
	84	+ kaslr_status = KASLR_DISABLED_FDT_REMAP;
98	85	return 0;
	86	+ }
99	87
100	88	/*
101	89	* Retrieve (and wipe) the seed from the FDT
102	90	*/
103	91	seed = get_kaslr_seed(fdt);
104		- if (!seed)
105		- return 0;
106	92
107	93	/*
108	94	* Check if 'nokaslr' appears on the command line, and
109	95	* return 0 if that is the case.
110	96	*/
111		- cmdline = kaslr_get_cmdline(fdt);
112		- str = strstr(cmdline, "nokaslr");
113		- if (str == cmdline \|\| (str > cmdline && *(str - 1) == ' '))
	97	+ if (kaslr_feature_override.val & kaslr_feature_override.mask & 0xf) {
	98	+ kaslr_status = KASLR_DISABLED_CMDLINE;
114	99	return 0;
	100	+ }
	101	+
	102	+ /*
	103	+ * Mix in any entropy obtainable architecturally if enabled
	104	+ * and supported.
	105	+ */
	106	+
	107	+ if (arch_get_random_seed_long_early(&raw))
	108	+ seed ^= raw;
	109	+
	110	+ if (!seed) {
	111	+ kaslr_status = KASLR_DISABLED_NO_SEED;
	112	+ return 0;
	113	+ }
115	114
116	115	/*
117	116	* OK, so we are proceeding with KASLR enabled. Calculate a suitable
118	117	* kernel image offset from the seed. Let's place the kernel in the
119		- * middle half of the VMALLOC area (VA_BITS - 2), and stay clear of
	118	+ * middle half of the VMALLOC area (VA_BITS_MIN - 2), and stay clear of
120	119	* the lower and upper quarters to avoid colliding with other
121	120	* allocations.
122	121	* Even if we could randomize at page granularity for 16k and 64k pages,
123	122	* let's always round to 2 MB so we don't interfere with the ability to
124	123	* map using contiguous PTEs
125	124	*/
126		- mask = ((1UL << (VA_BITS - 2)) - 1) & ~(SZ_2M - 1);
127		- offset = BIT(VA_BITS - 3) + (seed & mask);
	125	+ mask = ((1UL << (VA_BITS_MIN - 2)) - 1) & ~(SZ_2M - 1);
	126	+ offset = BIT(VA_BITS_MIN - 3) + (seed & mask);
128	127
129	128	/* use the top 16 bits to randomize the linear region */
130	129	memstart_offset_seed = seed >> 48;
131	130
132		- if (IS_ENABLED(CONFIG_KASAN))
	131	+ if (!IS_ENABLED(CONFIG_KASAN_VMALLOC) &&
	132	+ (IS_ENABLED(CONFIG_KASAN_GENERIC) \|\|
	133	+ IS_ENABLED(CONFIG_KASAN_SW_TAGS)))
133	134	/*
134		- * KASAN does not expect the module region to intersect the
135		- * vmalloc region, since shadow memory is allocated for each
136		- * module at load time, whereas the vmalloc region is shadowed
137		- * by KASAN zero pages. So keep modules out of the vmalloc
138		- * region if KASAN is enabled, and put the kernel well within
139		- * 4 GB of the module region.
	135	+ * KASAN without KASAN_VMALLOC does not expect the module region
	136	+ * to intersect the vmalloc region, since shadow memory is
	137	+ * allocated for each module at load time, whereas the vmalloc
	138	+ * region is shadowed by KASAN zero pages. So keep modules
	139	+ * out of the vmalloc region if KASAN is enabled without
	140	+ * KASAN_VMALLOC, and put the kernel well within 4 GB of the
	141	+ * module region.
140	142	*/
141	143	return offset % SZ_2G;
142	144
..	..	@@ -173,3 +175,24 @@
173	175
174	176	return offset;
175	177	}
	178	+
	179	+static int __init kaslr_init(void)
	180	+{
	181	+ switch (kaslr_status) {
	182	+ case KASLR_ENABLED:
	183	+ pr_info("KASLR enabled\n");
	184	+ break;
	185	+ case KASLR_DISABLED_CMDLINE:
	186	+ pr_info("KASLR disabled on command line\n");
	187	+ break;
	188	+ case KASLR_DISABLED_NO_SEED:
	189	+ pr_warn("KASLR disabled due to lack of seed\n");
	190	+ break;
	191	+ case KASLR_DISABLED_FDT_REMAP:
	192	+ pr_warn("KASLR disabled due to FDT remapping failure\n");
	193	+ break;
	194	+ }
	195	+
	196	+ return 0;
	197	+}
	198	+core_initcall(kaslr_init)