From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.7 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 94B95C3526A for ; Thu, 3 Dec 2020 14:46:32 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 83B61207E1 for ; Thu, 3 Dec 2020 14:30:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730791AbgLCOa3 (ORCPT ); Thu, 3 Dec 2020 09:30:29 -0500 Received: from mail-oo1-f68.google.com ([209.85.161.68]:39101 "EHLO mail-oo1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727922AbgLCOa3 (ORCPT ); Thu, 3 Dec 2020 09:30:29 -0500 Received: by mail-oo1-f68.google.com with SMTP id l10so546313oom.6; Thu, 03 Dec 2020 06:30:13 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=qnScdmTa9jUhGlp19x28zc+ijbwexrDTUCyumi+GyL8=; b=CHc5AU2jAXgGI1aoBYI0g+4aZSHNxFFXL7avrpXlD7diOKR5XQIqXMlRKaXP41vTNs wV/D3biLXrYVswUY1n00M02naVmGO6r6+xpQzrEYngcd7iZsAfH/qeDMqhO8vhOqP9AN ENMHlgz1fI3zacFJPnXuR4ijwQFTdTKGoxKV+Ei+lXzehKkxi1etyi641EtVrAI7xOfH 6CSypv58Rjstt+OXMGG16Qyg233NycmHfihBNprOXvQVXTpa1q1pOvkJ2WBT3lRrbT+o 9UNFJtJT+1Vq6M7Xx2J7mcwMATcrvRiwbcCiiXtY9dygR9gJmZxW2GgX++1vbyGD83Oh HmLg== X-Gm-Message-State: AOAM532Nc408AuJwKILxH6LeZpLDTIsKtA+wSjKUaYrT7tkphjWPUtds zdvuwQJPIOtKJrBE/CA4ppaSszAj51ZIDCdqrfk= X-Google-Smtp-Source: ABdhPJxgsuYf1/RsJTmPbHm679dJlC38zcIxCRNs39CuPDekx5OtuPh2g9Ud54qa2R1YmAwODds+HvxZdB0JKkh82RA= X-Received: by 2002:a4a:dc1:: with SMTP id 184mr2292726oob.40.1607005787874; Thu, 03 Dec 2020 06:29:47 -0800 (PST) MIME-Version: 1.0 References: <20201203121916.2870975-1-geert+renesas@glider.be> <20201203121916.2870975-4-geert+renesas@glider.be> <20201203140450.GH1551@shell.armlinux.org.uk> In-Reply-To: <20201203140450.GH1551@shell.armlinux.org.uk> From: Geert Uytterhoeven Date: Thu, 3 Dec 2020 15:29:36 +0100 Message-ID: Subject: Re: [PATCH v10 3/3] ARM: uncompress: Validate start of physical memory against passed DTB To: Russell King - ARM Linux admin Cc: Nicolas Pitre , Ard Biesheuvel , Marek Szyprowski , Dmitry Osipenko , Linus Walleij , Arnd Bergmann , Eric Miao , =?UTF-8?Q?Uwe_Kleine=2DK=C3=B6nig?= , Lukasz Stelmach , Stephen Boyd , Chris Brandt , Linux ARM , Linux-Renesas , Linux Kernel Mailing List Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Russell, On Thu, Dec 3, 2020 at 3:05 PM Russell King - ARM Linux admin wrote: > On Thu, Dec 03, 2020 at 01:19:16PM +0100, Geert Uytterhoeven wrote: > > diff --git a/arch/arm/boot/compressed/head.S b/arch/arm/boot/compressed/head.S > > index d9cce7238a365081..1b6425df87e84e71 100644 > > --- a/arch/arm/boot/compressed/head.S > > +++ b/arch/arm/boot/compressed/head.S > > @@ -282,10 +282,36 @@ not_angel: > > * are already placing their zImage in (eg) the top 64MB > > * of this range. > > */ > > - mov r4, pc > > - and r4, r4, #0xf8000000 > > + mov r0, pc > > + and r0, r0, #0xf8000000 > > +#ifdef CONFIG_USE_OF > > + adr r1, LC1 > > +#ifdef CONFIG_ARM_APPENDED_DTB > > + /* > > + * Look for an appended DTB. If found, we cannot use it to > > + * validate the calculated start of physical memory, as its > > + * memory nodes may need to be augmented by ATAGS stored at > > + * an offset from the same start of physical memory. > > + */ > > + ldr r2, [r1, #4] @ get &_edata > > + add r2, r2, r1 @ relocate it > > + ldr r2, [r2] @ get DTB signature > > + ldr r3, =OF_DT_MAGIC > > + cmp r2, r3 @ do we have a DTB there? > > + beq 1f @ if yes, skip validation > > +#endif /* CONFIG_ARM_APPENDED_DTB */ > > + > > + /* Make sure we have some stack */ > > + ldr sp, [r1] @ get stack location > > + add sp, sp, r1 @ apply relocation > > + > > + /* Validate calculated start against passed DTB */ > > + mov r1, r8 > > + bl fdt_check_mem_start > > I don't think this is going to work. You can only run C code when > it has been linked for a specific address and is loaded at the > correct address as it contains absolute addresses. We work around > that in the decompressor by (ab)using the GOT table, and the code > that fixes up the GOT table is run later, after you've called out > to some C code here. > > Quite how this works for you without the GOT fixups having been > done, I'm not sure. It works in the same way as the existing atags_to_fdt() works: * [...] No GOT fixup has occurred * yet, but none of the code we're about to call uses any * global variable. Gr{oetje,eeting}s, Geert -- Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@linux-m68k.org In personal conversations with technical people, I call myself a hacker. But when I'm talking to journalists I just say "programmer" or something like that. -- Linus Torvalds From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.2 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E643FC4361A for ; Thu, 3 Dec 2020 14:56:31 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 17105208B4 for ; Thu, 3 Dec 2020 14:31:20 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 17105208B4 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-m68k.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:Subject:Message-ID:Date:From:In-Reply-To: References:MIME-Version:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=Q+veNE1+ECkAfbUAgC24uGiA4x6PpPreyrRuDzSkiuU=; b=vMYlGsLU4rLsHWxbfoPF3sGTO mJDYcX/EHcTFx4C0Q9W0E3hNOczlt48c7FSBTKwzHtE3jsx3kz07V2+f+uqGvG6EzTis+0+AVWu+A qYcZ337/33ObJtEWvbBgS61tZqZhiDomhDLKFpC7D1YTZ+zkFu7Sr8nLP4OgCMUsSQGjRChDJ0BmH WxBR6HdkUZber4SRryDFCiQSGg/1NlcRLkwup4jSUl9++m93kSB05EJnqch5zltFIVxbzKb3Y1TDW F+z/xKMs235AlVNRJLhlCSrDxIQ3zV3nkFV63Y4Zeo31vbj/33JJKuTGLlESIvt+Itg/gKl4mDP/O vXC+rrILA==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1kkpcH-0000VA-2V; Thu, 03 Dec 2020 14:29:53 +0000 Received: from mail-oo1-f66.google.com ([209.85.161.66]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1kkpcE-0000Um-Bd for linux-arm-kernel@lists.infradead.org; Thu, 03 Dec 2020 14:29:51 +0000 Received: by mail-oo1-f66.google.com with SMTP id i30so538963ooh.9 for ; Thu, 03 Dec 2020 06:29:48 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=qnScdmTa9jUhGlp19x28zc+ijbwexrDTUCyumi+GyL8=; b=MrYtYX8SAfMrTaLkHuLwEg9yoq6HjuffcaZJ6RKuwCLBIeIpvreecu1srSKepIL8lC WO8Ju6gdu66id4T0z7isRTZzBCncWoLVUMyjU5TOGOyIF9j7MkyGuRsvH0VTHYLrGjeR CiiBZwNNPyoikAzKdTURhuN2UTKN+VixKDa3fABRR2XEdTmq/yP2rKHDUHt4S7DKeGar tFAO7Ktyv6IZA4hleXYRwcROhYktWh3y2DWNbzpS/vhOfhChLMorNCZh12wco11Tl3Ub lSrEdFv/DTwFAHGBrplgYQ0vmgJH7qgyxM0LyYX4Fv5dxGU7DoKc0gV7UZuwGpXRaZPM WuEw== X-Gm-Message-State: AOAM532MRIrtVPR/qkSjoBboB/vImTHVLqxlDyMB3O8dmTkA7MYX/1fJ kkMX6nNy+P0BsTj5zuZS88p/X/wyL5pRkFiTfbU= X-Google-Smtp-Source: ABdhPJxgsuYf1/RsJTmPbHm679dJlC38zcIxCRNs39CuPDekx5OtuPh2g9Ud54qa2R1YmAwODds+HvxZdB0JKkh82RA= X-Received: by 2002:a4a:dc1:: with SMTP id 184mr2292726oob.40.1607005787874; Thu, 03 Dec 2020 06:29:47 -0800 (PST) MIME-Version: 1.0 References: <20201203121916.2870975-1-geert+renesas@glider.be> <20201203121916.2870975-4-geert+renesas@glider.be> <20201203140450.GH1551@shell.armlinux.org.uk> In-Reply-To: <20201203140450.GH1551@shell.armlinux.org.uk> From: Geert Uytterhoeven Date: Thu, 3 Dec 2020 15:29:36 +0100 Message-ID: Subject: Re: [PATCH v10 3/3] ARM: uncompress: Validate start of physical memory against passed DTB To: Russell King - ARM Linux admin X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20201203_092950_455601_DE674F14 X-CRM114-Status: GOOD ( 28.01 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Arnd Bergmann , Nicolas Pitre , Stephen Boyd , Linus Walleij , Lukasz Stelmach , Linux Kernel Mailing List , Linux-Renesas , Chris Brandt , =?UTF-8?Q?Uwe_Kleine=2DK=C3=B6nig?= , Eric Miao , Dmitry Osipenko , Ard Biesheuvel , Linux ARM , Marek Szyprowski Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Hi Russell, On Thu, Dec 3, 2020 at 3:05 PM Russell King - ARM Linux admin wrote: > On Thu, Dec 03, 2020 at 01:19:16PM +0100, Geert Uytterhoeven wrote: > > diff --git a/arch/arm/boot/compressed/head.S b/arch/arm/boot/compressed/head.S > > index d9cce7238a365081..1b6425df87e84e71 100644 > > --- a/arch/arm/boot/compressed/head.S > > +++ b/arch/arm/boot/compressed/head.S > > @@ -282,10 +282,36 @@ not_angel: > > * are already placing their zImage in (eg) the top 64MB > > * of this range. > > */ > > - mov r4, pc > > - and r4, r4, #0xf8000000 > > + mov r0, pc > > + and r0, r0, #0xf8000000 > > +#ifdef CONFIG_USE_OF > > + adr r1, LC1 > > +#ifdef CONFIG_ARM_APPENDED_DTB > > + /* > > + * Look for an appended DTB. If found, we cannot use it to > > + * validate the calculated start of physical memory, as its > > + * memory nodes may need to be augmented by ATAGS stored at > > + * an offset from the same start of physical memory. > > + */ > > + ldr r2, [r1, #4] @ get &_edata > > + add r2, r2, r1 @ relocate it > > + ldr r2, [r2] @ get DTB signature > > + ldr r3, =OF_DT_MAGIC > > + cmp r2, r3 @ do we have a DTB there? > > + beq 1f @ if yes, skip validation > > +#endif /* CONFIG_ARM_APPENDED_DTB */ > > + > > + /* Make sure we have some stack */ > > + ldr sp, [r1] @ get stack location > > + add sp, sp, r1 @ apply relocation > > + > > + /* Validate calculated start against passed DTB */ > > + mov r1, r8 > > + bl fdt_check_mem_start > > I don't think this is going to work. You can only run C code when > it has been linked for a specific address and is loaded at the > correct address as it contains absolute addresses. We work around > that in the decompressor by (ab)using the GOT table, and the code > that fixes up the GOT table is run later, after you've called out > to some C code here. > > Quite how this works for you without the GOT fixups having been > done, I'm not sure. It works in the same way as the existing atags_to_fdt() works: * [...] No GOT fixup has occurred * yet, but none of the code we're about to call uses any * global variable. Gr{oetje,eeting}s, Geert -- Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@linux-m68k.org In personal conversations with technical people, I call myself a hacker. But when I'm talking to journalists I just say "programmer" or something like that. -- Linus Torvalds _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel