From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.0 required=3.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B6AF6C001B4 for ; Thu, 3 Dec 2020 14:06:11 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 56052206F6 for ; Thu, 3 Dec 2020 14:06:11 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730875AbgLCOGJ (ORCPT ); Thu, 3 Dec 2020 09:06:09 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36426 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727242AbgLCOGI (ORCPT ); Thu, 3 Dec 2020 09:06:08 -0500 Received: from pandora.armlinux.org.uk (pandora.armlinux.org.uk [IPv6:2001:4d48:ad52:32c8:5054:ff:fe00:142]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 049C8C061A4E; Thu, 3 Dec 2020 06:05:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=armlinux.org.uk; s=pandora-2019; h=Sender:In-Reply-To:Content-Type: MIME-Version:References:Message-ID:Subject:Cc:To:From:Date:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=QFnw1VAMIMbQicaf3rgoSZRJ6IT9RzN8Pv4ZM1fxb14=; b=v+PlqEPtOHZQXJBag6IUKH0QS WYGHluAVUxystXwSqMh1BGc6fWamXExl7QyzeUjlsxhIZIztWKny4hYzmWwYfQucdiphA/W8IOi6J cyCixIG1llVtduxNbXriWI1n/DclNg/F5xPuAhA8pHIGwaOKEaWiHOKJuqBGijmdMiXto4YmIKysA sf62p2IGRAtwCAIYove4EDk61sfuvjUNyjmkjSLvzlGo5BI3Py+42hFjxKfl63O/7trDPkBqTB/q2 kNdsFI7jEEyZfWENgvZkBudMHZMcArbCBwl4JmWdyeXQLN5BOdNaUrxqUQVDp3fU9XnFAyibTDl45 3BzBafBdA==; Received: from shell.armlinux.org.uk ([fd8f:7570:feb6:1:5054:ff:fe00:4ec]:39274) by pandora.armlinux.org.uk with esmtpsa (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1kkpEB-00038k-FQ; Thu, 03 Dec 2020 14:04:59 +0000 Received: from linux by shell.armlinux.org.uk with local (Exim 4.92) (envelope-from ) id 1kkpE2-000871-J6; Thu, 03 Dec 2020 14:04:50 +0000 Date: Thu, 3 Dec 2020 14:04:50 +0000 From: Russell King - ARM Linux admin To: Geert Uytterhoeven Cc: Nicolas Pitre , Ard Biesheuvel , Marek Szyprowski , Dmitry Osipenko , Linus Walleij , Arnd Bergmann , Eric Miao , Uwe =?iso-8859-1?Q?Kleine-K=F6nig?= , Lukasz Stelmach , Stephen Boyd , Chris Brandt , linux-arm-kernel@lists.infradead.org, linux-renesas-soc@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v10 3/3] ARM: uncompress: Validate start of physical memory against passed DTB Message-ID: <20201203140450.GH1551@shell.armlinux.org.uk> References: <20201203121916.2870975-1-geert+renesas@glider.be> <20201203121916.2870975-4-geert+renesas@glider.be> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20201203121916.2870975-4-geert+renesas@glider.be> User-Agent: Mutt/1.10.1 (2018-07-13) Sender: Russell King - ARM Linux admin Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Dec 03, 2020 at 01:19:16PM +0100, Geert Uytterhoeven wrote: > diff --git a/arch/arm/boot/compressed/head.S b/arch/arm/boot/compressed/head.S > index d9cce7238a365081..1b6425df87e84e71 100644 > --- a/arch/arm/boot/compressed/head.S > +++ b/arch/arm/boot/compressed/head.S > @@ -282,10 +282,36 @@ not_angel: > * are already placing their zImage in (eg) the top 64MB > * of this range. > */ > - mov r4, pc > - and r4, r4, #0xf8000000 > + mov r0, pc > + and r0, r0, #0xf8000000 > +#ifdef CONFIG_USE_OF > + adr r1, LC1 > +#ifdef CONFIG_ARM_APPENDED_DTB > + /* > + * Look for an appended DTB. If found, we cannot use it to > + * validate the calculated start of physical memory, as its > + * memory nodes may need to be augmented by ATAGS stored at > + * an offset from the same start of physical memory. > + */ > + ldr r2, [r1, #4] @ get &_edata > + add r2, r2, r1 @ relocate it > + ldr r2, [r2] @ get DTB signature > + ldr r3, =OF_DT_MAGIC > + cmp r2, r3 @ do we have a DTB there? > + beq 1f @ if yes, skip validation > +#endif /* CONFIG_ARM_APPENDED_DTB */ > + > + /* Make sure we have some stack */ > + ldr sp, [r1] @ get stack location > + add sp, sp, r1 @ apply relocation > + > + /* Validate calculated start against passed DTB */ > + mov r1, r8 > + bl fdt_check_mem_start I don't think this is going to work. You can only run C code when it has been linked for a specific address and is loaded at the correct address as it contains absolute addresses. We work around that in the decompressor by (ab)using the GOT table, and the code that fixes up the GOT table is run later, after you've called out to some C code here. Quite how this works for you without the GOT fixups having been done, I'm not sure. -- RMK's Patch system: https://www.armlinux.org.uk/developer/patches/ FTTP is here! 40Mbps down 10Mbps up. Decent connectivity at last! From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-11.7 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id D50F2C001B0 for ; Thu, 3 Dec 2020 14:06:46 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 52446206F6 for ; Thu, 3 Dec 2020 14:06:46 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 52446206F6 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=armlinux.org.uk Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References:Message-ID: Subject:To:From:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=71uJ1Pd6OYxwcFlsdtzGwP7Yj/7yaOfMTdjsN0TJYJM=; b=JhwHvagmQq+sLAofILcoFnBKc eq9rYP4cMrKso0bzjTMYLvKX3gMqHEwNNQMSxdWbeP+nhFSy8ViR0IGnZCvY4eHwWOLb67Qq+mcF7 Tzb0rbINbhTPrP3jNyEyBWU0a2ZtCZmZWX5cmiC9vUfoKFD3+gfPio28vWZjLKSjKFufDUiFBZVS+ rdCpsQabFTfiWiAQp8Uf5c+IYbr/Jx5WiiL9xNtd2YNI6P2yYS3ibmZ4ebL30gJ+Su1JOc68EK2/C jOG3hEVeWebPRiAFzDPvCQhxPfN0GuCzANfktT7qaykww5vIE5qEYkmAsb1gx4hVpVms6Gzn3pqTj kwoG+OprA==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1kkpEf-00038q-AN; Thu, 03 Dec 2020 14:05:29 +0000 Received: from pandora.armlinux.org.uk ([2001:4d48:ad52:32c8:5054:ff:fe00:142]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1kkpEb-00038C-JB for linux-arm-kernel@lists.infradead.org; Thu, 03 Dec 2020 14:05:27 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=armlinux.org.uk; s=pandora-2019; h=Sender:In-Reply-To:Content-Type: MIME-Version:References:Message-ID:Subject:Cc:To:From:Date:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=QFnw1VAMIMbQicaf3rgoSZRJ6IT9RzN8Pv4ZM1fxb14=; b=v+PlqEPtOHZQXJBag6IUKH0QS WYGHluAVUxystXwSqMh1BGc6fWamXExl7QyzeUjlsxhIZIztWKny4hYzmWwYfQucdiphA/W8IOi6J cyCixIG1llVtduxNbXriWI1n/DclNg/F5xPuAhA8pHIGwaOKEaWiHOKJuqBGijmdMiXto4YmIKysA sf62p2IGRAtwCAIYove4EDk61sfuvjUNyjmkjSLvzlGo5BI3Py+42hFjxKfl63O/7trDPkBqTB/q2 kNdsFI7jEEyZfWENgvZkBudMHZMcArbCBwl4JmWdyeXQLN5BOdNaUrxqUQVDp3fU9XnFAyibTDl45 3BzBafBdA==; Received: from shell.armlinux.org.uk ([fd8f:7570:feb6:1:5054:ff:fe00:4ec]:39274) by pandora.armlinux.org.uk with esmtpsa (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1kkpEB-00038k-FQ; Thu, 03 Dec 2020 14:04:59 +0000 Received: from linux by shell.armlinux.org.uk with local (Exim 4.92) (envelope-from ) id 1kkpE2-000871-J6; Thu, 03 Dec 2020 14:04:50 +0000 Date: Thu, 3 Dec 2020 14:04:50 +0000 From: Russell King - ARM Linux admin To: Geert Uytterhoeven Subject: Re: [PATCH v10 3/3] ARM: uncompress: Validate start of physical memory against passed DTB Message-ID: <20201203140450.GH1551@shell.armlinux.org.uk> References: <20201203121916.2870975-1-geert+renesas@glider.be> <20201203121916.2870975-4-geert+renesas@glider.be> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20201203121916.2870975-4-geert+renesas@glider.be> User-Agent: Mutt/1.10.1 (2018-07-13) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20201203_090525_675962_A58BED09 X-CRM114-Status: GOOD ( 22.49 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Arnd Bergmann , Nicolas Pitre , Stephen Boyd , Linus Walleij , Lukasz Stelmach , linux-kernel@vger.kernel.org, linux-renesas-soc@vger.kernel.org, Chris Brandt , Uwe =?iso-8859-1?Q?Kleine-K=F6nig?= , Eric Miao , Dmitry Osipenko , Ard Biesheuvel , linux-arm-kernel@lists.infradead.org, Marek Szyprowski Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Thu, Dec 03, 2020 at 01:19:16PM +0100, Geert Uytterhoeven wrote: > diff --git a/arch/arm/boot/compressed/head.S b/arch/arm/boot/compressed/head.S > index d9cce7238a365081..1b6425df87e84e71 100644 > --- a/arch/arm/boot/compressed/head.S > +++ b/arch/arm/boot/compressed/head.S > @@ -282,10 +282,36 @@ not_angel: > * are already placing their zImage in (eg) the top 64MB > * of this range. > */ > - mov r4, pc > - and r4, r4, #0xf8000000 > + mov r0, pc > + and r0, r0, #0xf8000000 > +#ifdef CONFIG_USE_OF > + adr r1, LC1 > +#ifdef CONFIG_ARM_APPENDED_DTB > + /* > + * Look for an appended DTB. If found, we cannot use it to > + * validate the calculated start of physical memory, as its > + * memory nodes may need to be augmented by ATAGS stored at > + * an offset from the same start of physical memory. > + */ > + ldr r2, [r1, #4] @ get &_edata > + add r2, r2, r1 @ relocate it > + ldr r2, [r2] @ get DTB signature > + ldr r3, =OF_DT_MAGIC > + cmp r2, r3 @ do we have a DTB there? > + beq 1f @ if yes, skip validation > +#endif /* CONFIG_ARM_APPENDED_DTB */ > + > + /* Make sure we have some stack */ > + ldr sp, [r1] @ get stack location > + add sp, sp, r1 @ apply relocation > + > + /* Validate calculated start against passed DTB */ > + mov r1, r8 > + bl fdt_check_mem_start I don't think this is going to work. You can only run C code when it has been linked for a specific address and is loaded at the correct address as it contains absolute addresses. We work around that in the decompressor by (ab)using the GOT table, and the code that fixes up the GOT table is run later, after you've called out to some C code here. Quite how this works for you without the GOT fixups having been done, I'm not sure. -- RMK's Patch system: https://www.armlinux.org.uk/developer/patches/ FTTP is here! 40Mbps down 10Mbps up. Decent connectivity at last! _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel