From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.1 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 00181C433EF for ; Mon, 13 Sep 2021 22:46:07 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 9E77E61106 for ; Mon, 13 Sep 2021 22:46:07 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 9E77E61106 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Cc:To:Subject:Message-ID:Date:From: In-Reply-To:References:MIME-Version:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=HRItw8ExeLQtva/uZHV6Edt3JDIx6ZdbMYIgRiUgkSo=; b=UmoI/6x/zPcnSp QvsKCHsreePNKrp1nYuR2JBU7nze1vRUtRDqFVFZjP7p5UrW6UyQK1vIsqlsGJtnOc0aBt2ySmbGm nhoDSG/cA0gIhZRP7jV/yCDXWb+AsbjHIB2UChJXQtK0jRKwEiiPJtZcxG4ETt33DA/u9JssMaFD3 b2FwdRTRv2mUEiXVPguiMNdX/MnBJdOaxkLh5ZFwMKdRnO9f+lILcnvQTDddI+oBZYl4Ma3x+9lmF Fdja/yzSYOO783IqB+EnUalGwg/ZvT7+EsmLn56QTu0cpEGJ/RH68YdH1fuEHZdac6bpriYHEPwjS 9ojV2FpQSR4eY2obgtJQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1mPugG-003TdA-8C; Mon, 13 Sep 2021 22:44:04 +0000 Received: from mail-lj1-x22b.google.com ([2a00:1450:4864:20::22b]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1mPugC-003Tbv-0S for linux-arm-kernel@lists.infradead.org; Mon, 13 Sep 2021 22:44:01 +0000 Received: by mail-lj1-x22b.google.com with SMTP id s12so20117914ljg.0 for ; Mon, 13 Sep 2021 15:43:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=cpOEkgKG8NafgrWoZalakoEK1VhyBmhF7Y/WtmLd/Lg=; b=T5ELGMKQh/WTx6sFdvyr0FHHuaTzqk52ilOVadQrpui/HzUYzquSvX4ZbfGu94G3ge nTEseFMW7FCznEBsag51bLSvS5+rwLatAhdo2epXzKSYAv1LBYfLW4jhKFE1wE8Xggnq x0+1JZCwFtYYnL5he5N81fDIOPUxyItcGBT7RTnNl6evtY6UcBXTbwpMNnk8XEX9wIsb VXbjw6BTsQ9+N7sSC05xu2N514AN5PSgkoKHnhixAkED0kyG4ZvLwwVuSfk+3ASxkLjf YBUY/v3PPji3ut12qv1D+otpTo2ks05MRpyRc8do6MkN6pM4YQRtJ0PdX3WreEjad2bC 9OWw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=cpOEkgKG8NafgrWoZalakoEK1VhyBmhF7Y/WtmLd/Lg=; b=4UvfbRUWy9m8D2KFL5K8IqWI/3pPY5hOr0R9VXvE0P05OLmAfGLm2/h3sydrRBhT9e H/19tRbnTzpwLImq49XHSqRpQQwiSbJgx175atkRwJju7/hvhmSj0Uf0WejvYrez5hSh +zWqXR4U93+kNAEe1L9d03R43VdmFpUJ/yk06E9Nklxmzqjlx0TXjt8ADKlbW/yDXtTC +1N299vWgN5CLeQiaTZLDqm/vbVqUC2y+nY38WShM8mW2J97Lf7Yuyogfr0nGvdtyl6+ RvSWUbnU7bSAftuaOw1gLOYixg7DUp9kSlmKDq7XItGFvF+ZTD1w3etiifbgwVxp5peo a6NQ== X-Gm-Message-State: AOAM531tc+4d+fLmNNE78fDM3Ktzbuoi4RbEtZZAzq4u+4ytHSqK3L44 vUYAJtfh7E+CECeRGXV+8/lku+PeYtUEz7p38Jh4EQ== X-Google-Smtp-Source: ABdhPJzKO2FsVC4sg0vOItOJgZVIRszPr8OShfpu41ntSTwrHG41b5nNLLseS13wtPNoOwMAasLh+8NmvMAfmhBqi60= X-Received: by 2002:a2e:b5b9:: with SMTP id f25mr12459004ljn.145.1631573037580; Mon, 13 Sep 2021 15:43:57 -0700 (PDT) MIME-Version: 1.0 References: <20210908162617.104962-1-andre.przywara@arm.com> In-Reply-To: <20210908162617.104962-1-andre.przywara@arm.com> From: Linus Walleij Date: Tue, 14 Sep 2021 00:43:46 +0200 Message-ID: Subject: Re: [PATCH] ARM: decompressor: Avoid UNPREDICTABLE NOP encoding To: Andre Przywara Cc: Russell King , Ard Biesheuvel , linux-efi , Linux ARM , linux-kernel , Catalin Marinas , Adam Lackorzynski , Peter Maydell X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210913_154400_171301_3C2BD1BC X-CRM114-Status: GOOD ( 19.43 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Wed, Sep 8, 2021 at 6:26 PM Andre Przywara wrote: > In the decompressor's head.S we need to start with an instruction that > is some kind of NOP, but also mimics as the PE/COFF header, when the > kernel is linked as an UEFI application. The clever solution here is > "tstne r0, #0x4d000", which in the worst case just clobbers the > condition flags, and bears the magic "MZ" signature in the lowest 16 bits. > > However the encoding used (0x13105a4d) is actually not valid, since bits > [15:12] are supposed to be 0 (written as "(0)" in the ARM ARM). > Violating this is UNPREDICTABLE, and *can* trigger an UNDEFINED > exception. Common Cortex cores seem to ignore those bits, but QEMU > chooses to trap, so the code goes fishing because of a missing exception > handler at this point. We are just saved by the fact that commonly (with > -kernel or when running from U-Boot) the "Z" bit is set, so the > instruction is never executed. See [0] for more details. > > To make things more robust and avoid UNPREDICTABLE behaviour in the > kernel code, lets replace this with a "two-instruction NOP": > The first instruction is an exclusive OR, the effect of which the second > instruction reverts. This does not leave any trace, neither in a > register nor in the condition flags. Also it's a perfectly valid > encoding. Kudos to Peter Maydell for coming up with this gem. > > [0] https://lore.kernel.org/qemu-devel/YTPIdbUCmwagL5%2FD@os.inf.tu-dresden.de/T/ > > Signed-off-by: Andre Przywara > Reported-by: Adam Lackorzynski > Suggested-by: Peter Maydell Looks like a correct and clever solution to me! Reviewed-by: Linus Walleij Yours, Linus Walleij _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel