<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux.git/arch/mips/kernel/relocate.c, branch v5.11</title>
<subtitle>Linux kernel source tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/'/>
<entry>
<title>MIPS: relocatable: fix possible boot hangup with KASLR enabled</title>
<updated>2021-01-13T09:59:04+00:00</updated>
<author>
<name>Alexander Lobakin</name>
<email>alobakin@pm.me</email>
</author>
<published>2021-01-10T14:21:05+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=69e976831cd53f9ba304fd20305b2025ecc78eab'/>
<id>69e976831cd53f9ba304fd20305b2025ecc78eab</id>
<content type='text'>
LLVM-built Linux triggered a boot hangup with KASLR enabled.

arch/mips/kernel/relocate.c:get_random_boot() uses linux_banner,
which is a string constant, as a random seed, but accesses it
as an array of unsigned long (in rotate_xor()).
When the address of linux_banner is not aligned to sizeof(long),
such access emits unaligned access exception and hangs the kernel.

Use PTR_ALIGN() to align input address to sizeof(long) and also
align down the input length to prevent possible access-beyond-end.

Fixes: 405bc8fd12f5 ("MIPS: Kernel: Implement KASLR using CONFIG_RELOCATABLE")
Cc: stable@vger.kernel.org # 4.7+
Signed-off-by: Alexander Lobakin &lt;alobakin@pm.me&gt;
Tested-by: Nathan Chancellor &lt;natechancellor@gmail.com&gt;
Reviewed-by: Kees Cook &lt;keescook@chromium.org&gt;
Signed-off-by: Thomas Bogendoerfer &lt;tsbogend@alpha.franken.de&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
LLVM-built Linux triggered a boot hangup with KASLR enabled.

arch/mips/kernel/relocate.c:get_random_boot() uses linux_banner,
which is a string constant, as a random seed, but accesses it
as an array of unsigned long (in rotate_xor()).
When the address of linux_banner is not aligned to sizeof(long),
such access emits unaligned access exception and hangs the kernel.

Use PTR_ALIGN() to align input address to sizeof(long) and also
align down the input length to prevent possible access-beyond-end.

Fixes: 405bc8fd12f5 ("MIPS: Kernel: Implement KASLR using CONFIG_RELOCATABLE")
Cc: stable@vger.kernel.org # 4.7+
Signed-off-by: Alexander Lobakin &lt;alobakin@pm.me&gt;
Tested-by: Nathan Chancellor &lt;natechancellor@gmail.com&gt;
Reviewed-by: Kees Cook &lt;keescook@chromium.org&gt;
Signed-off-by: Thomas Bogendoerfer &lt;tsbogend@alpha.franken.de&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>MIPS: KASLR: Avoid endless loop in sync_icache if synci_step is zero</title>
<updated>2020-12-05T10:23:16+00:00</updated>
<author>
<name>Jinyang He</name>
<email>hejinyang@loongson.cn</email>
</author>
<published>2020-12-04T01:11:46+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=c0aac3a51cb6364bed367ee3e1a96ed414f386b4'/>
<id>c0aac3a51cb6364bed367ee3e1a96ed414f386b4</id>
<content type='text'>
Most platforms do not need to do synci instruction operations when
synci_step is 0. But for example, the synci implementation on Loongson64
platform has some changes. On the one hand, it ensures that the memory
access instructions have been completed. On the other hand, it guarantees
that all prefetch instructions need to be fetched again. And its address
information is useless. Thus, only one synci operation is required when
synci_step is 0 on Loongson64 platform. I guess that some other platforms
have similar implementations on synci, so add judgment conditions in
`while` to ensure that at least all platforms perform synci operations
once. For those platforms that do not need synci, they just do one more
operation similar to nop.

Signed-off-by: Jinyang He &lt;hejinyang@loongson.cn&gt;
Signed-off-by: Thomas Bogendoerfer &lt;tsbogend@alpha.franken.de&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Most platforms do not need to do synci instruction operations when
synci_step is 0. But for example, the synci implementation on Loongson64
platform has some changes. On the one hand, it ensures that the memory
access instructions have been completed. On the other hand, it guarantees
that all prefetch instructions need to be fetched again. And its address
information is useless. Thus, only one synci operation is required when
synci_step is 0 on Loongson64 platform. I guess that some other platforms
have similar implementations on synci, so add judgment conditions in
`while` to ensure that at least all platforms perform synci operations
once. For those platforms that do not need synci, they just do one more
operation similar to nop.

Signed-off-by: Jinyang He &lt;hejinyang@loongson.cn&gt;
Signed-off-by: Thomas Bogendoerfer &lt;tsbogend@alpha.franken.de&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>MIPS: Loongson64: Add KASLR support</title>
<updated>2020-11-27T09:20:25+00:00</updated>
<author>
<name>Jinyang He</name>
<email>hejinyang@loongson.cn</email>
</author>
<published>2020-11-25T10:07:46+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=a307a4ce9ecd2e23c71318201330d9d648b3f818'/>
<id>a307a4ce9ecd2e23c71318201330d9d648b3f818</id>
<content type='text'>
Provide a weak plat_get_fdt() in relocate.c in case some platform enable
USE_OF while plat_get_fdt() is useless.

1MB RELOCATION_TABLE_SIZE is small for Loongson64 because too many
instructions should be relocated. 2MB is enough in present.

Add KASLR support for Loongson64.

KASLR(kernel address space layout randomization)

To enable KASLR on Loongson64:
First, make loongson3_defconfig.
Then, enable CONFIG_RELOCATABLE and CONFIG_RANDOMIZE_BASE.
Finally, compile the kernel.

To test KASLR on Loongson64:
Start machine with KASLR kernel.

The first time:
# cat /proc/iomem
00200000-0effffff : System RAM
  02f30000-03895e9f : Kernel code
  03895ea0-03bc7fff : Kernel data
  03e30000-04f43f7f : Kernel bss

The second time:
# cat /proc/iomem
00200000-0effffff : System RAM
  022f0000-02c55e9f : Kernel code
  02c55ea0-02f87fff : Kernel data
  031f0000-04303f7f : Kernel bss

We see that code, data and bss sections become randomize.

Signed-off-by: Jinyang He &lt;hejinyang@loongson.cn&gt;
Signed-off-by: Thomas Bogendoerfer &lt;tsbogend@alpha.franken.de&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Provide a weak plat_get_fdt() in relocate.c in case some platform enable
USE_OF while plat_get_fdt() is useless.

1MB RELOCATION_TABLE_SIZE is small for Loongson64 because too many
instructions should be relocated. 2MB is enough in present.

Add KASLR support for Loongson64.

KASLR(kernel address space layout randomization)

To enable KASLR on Loongson64:
First, make loongson3_defconfig.
Then, enable CONFIG_RELOCATABLE and CONFIG_RANDOMIZE_BASE.
Finally, compile the kernel.

To test KASLR on Loongson64:
Start machine with KASLR kernel.

The first time:
# cat /proc/iomem
00200000-0effffff : System RAM
  02f30000-03895e9f : Kernel code
  03895ea0-03bc7fff : Kernel data
  03e30000-04f43f7f : Kernel bss

The second time:
# cat /proc/iomem
00200000-0effffff : System RAM
  022f0000-02c55e9f : Kernel code
  02c55ea0-02f87fff : Kernel data
  031f0000-04303f7f : Kernel bss

We see that code, data and bss sections become randomize.

Signed-off-by: Jinyang He &lt;hejinyang@loongson.cn&gt;
Signed-off-by: Thomas Bogendoerfer &lt;tsbogend@alpha.franken.de&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>MIPS: KASLR: Correct valid bits in apply_r_mips_26_rel()</title>
<updated>2020-11-27T09:19:12+00:00</updated>
<author>
<name>Jinyang He</name>
<email>hejinyang@loongson.cn</email>
</author>
<published>2020-11-25T10:07:18+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=74a2810b7c1fcd60c87a8c47f95660628e00e97c'/>
<id>74a2810b7c1fcd60c87a8c47f95660628e00e97c</id>
<content type='text'>
Apply_r_mips_26_rel() relocates instructions like j, jal and etc. These
instructions consist of 6bits function field and 26bits address field.
The value of target_addr as follows,
=================================================================
|     high 4bits           |            low 28bits              |
=================================================================
|the high 4bits of this PC | the low 26bits of instructions &lt;&lt; 2|
=================================================================
Thus, loc_orig and log_new both need high 4bits rather than high 6bits.

Signed-off-by: Jinyang He &lt;hejinyang@loongson.cn&gt;
Signed-off-by: Thomas Bogendoerfer &lt;tsbogend@alpha.franken.de&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Apply_r_mips_26_rel() relocates instructions like j, jal and etc. These
instructions consist of 6bits function field and 26bits address field.
The value of target_addr as follows,
=================================================================
|     high 4bits           |            low 28bits              |
=================================================================
|the high 4bits of this PC | the low 26bits of instructions &lt;&lt; 2|
=================================================================
Thus, loc_orig and log_new both need high 4bits rather than high 6bits.

Signed-off-by: Jinyang He &lt;hejinyang@loongson.cn&gt;
Signed-off-by: Thomas Bogendoerfer &lt;tsbogend@alpha.franken.de&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>MIPS: Remove no-op/identity casts</title>
<updated>2018-08-31T18:49:20+00:00</updated>
<author>
<name>Paul Burton</name>
<email>paul.burton@mips.com</email>
</author>
<published>2018-08-31T18:49:20+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=4988154211adfd688bf7f3f7eb1691608083a1f9'/>
<id>4988154211adfd688bf7f3f7eb1691608083a1f9</id>
<content type='text'>
Clean up instances of casts to the type that a value already has, since
they are effectively no-ops and only serve to complicate the code.

This is the result of the following semantic patch:

  @identitycast@
  type T;
  T *A;
  @@
  -	(T *)(A)
  +	A

Signed-off-by: Paul Burton &lt;paul.burton@mips.com&gt;
Patchwork: https://patchwork.linux-mips.org/patch/19599/
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Clean up instances of casts to the type that a value already has, since
they are effectively no-ops and only serve to complicate the code.

This is the result of the following semantic patch:

  @identitycast@
  type T;
  T *A;
  @@
  -	(T *)(A)
  +	A

Signed-off-by: Paul Burton &lt;paul.burton@mips.com&gt;
Patchwork: https://patchwork.linux-mips.org/patch/19599/
</pre>
</div>
</content>
</entry>
<entry>
<title>Update MIPS email addresses</title>
<updated>2017-11-03T16:02:30+00:00</updated>
<author>
<name>Paul Burton</name>
<email>paul.burton@mips.com</email>
</author>
<published>2017-10-26T00:04:33+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=fb615d61b5583db92e3793709b97e35dc9499c2a'/>
<id>fb615d61b5583db92e3793709b97e35dc9499c2a</id>
<content type='text'>
MIPS will soon not be a part of Imagination Technologies, and as such
many @imgtec.com email addresses will no longer be valid. This patch
updates the addresses for those who:

 - Have 10 or more patches in mainline authored using an @imgtec.com
   email address, or any patches dated within the past year.

 - Are still with Imagination but leaving as part of the MIPS business
   unit, as determined from an internal email address list.

 - Haven't already updated their email address (ie. JamesH) or expressed
   a desire to be excluded (ie. Maciej).

 - Acked v2 or earlier of this patch, which leaves Deng-Cheng, Matt &amp;
   myself.

New addresses are of the form firstname.lastname@mips.com, and all
verified against an internal email address list.  An entry is added to
.mailmap for each person such that get_maintainer.pl will report the new
addresses rather than @imgtec.com addresses which will soon be dead.

Instances of the affected addresses throughout the tree are then
mechanically replaced with the new @mips.com address.

Signed-off-by: Paul Burton &lt;paul.burton@mips.com&gt;
Cc: Deng-Cheng Zhu &lt;dengcheng.zhu@imgtec.com&gt;
Cc: Deng-Cheng Zhu &lt;dengcheng.zhu@mips.com&gt;
Acked-by: Dengcheng Zhu &lt;dengcheng.zhu@mips.com&gt;
Cc: Matt Redfearn &lt;matt.redfearn@imgtec.com&gt;
Cc: Matt Redfearn &lt;matt.redfearn@mips.com&gt;
Acked-by: Matt Redfearn &lt;matt.redfearn@mips.com&gt;
Cc: Andrew Morton &lt;akpm@linux-foundation.org&gt;
Cc: linux-kernel@vger.kernel.org
Cc: linux-mips@linux-mips.org
Cc: trivial@kernel.org
Signed-off-by: Linus Torvalds &lt;torvalds@linux-foundation.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
MIPS will soon not be a part of Imagination Technologies, and as such
many @imgtec.com email addresses will no longer be valid. This patch
updates the addresses for those who:

 - Have 10 or more patches in mainline authored using an @imgtec.com
   email address, or any patches dated within the past year.

 - Are still with Imagination but leaving as part of the MIPS business
   unit, as determined from an internal email address list.

 - Haven't already updated their email address (ie. JamesH) or expressed
   a desire to be excluded (ie. Maciej).

 - Acked v2 or earlier of this patch, which leaves Deng-Cheng, Matt &amp;
   myself.

New addresses are of the form firstname.lastname@mips.com, and all
verified against an internal email address list.  An entry is added to
.mailmap for each person such that get_maintainer.pl will report the new
addresses rather than @imgtec.com addresses which will soon be dead.

Instances of the affected addresses throughout the tree are then
mechanically replaced with the new @mips.com address.

Signed-off-by: Paul Burton &lt;paul.burton@mips.com&gt;
Cc: Deng-Cheng Zhu &lt;dengcheng.zhu@imgtec.com&gt;
Cc: Deng-Cheng Zhu &lt;dengcheng.zhu@mips.com&gt;
Acked-by: Dengcheng Zhu &lt;dengcheng.zhu@mips.com&gt;
Cc: Matt Redfearn &lt;matt.redfearn@imgtec.com&gt;
Cc: Matt Redfearn &lt;matt.redfearn@mips.com&gt;
Acked-by: Matt Redfearn &lt;matt.redfearn@mips.com&gt;
Cc: Andrew Morton &lt;akpm@linux-foundation.org&gt;
Cc: linux-kernel@vger.kernel.org
Cc: linux-mips@linux-mips.org
Cc: trivial@kernel.org
Signed-off-by: Linus Torvalds &lt;torvalds@linux-foundation.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>MIPS: KASLR: Add missing header files</title>
<updated>2017-04-12T15:02:04+00:00</updated>
<author>
<name>Matt Redfearn</name>
<email>matt.redfearn@imgtec.com</email>
</author>
<published>2017-03-31T10:51:33+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=ec62a3bd84df90a19b7d59d032fa807bbfea7cbb'/>
<id>ec62a3bd84df90a19b7d59d032fa807bbfea7cbb</id>
<content type='text'>
After the split of linux/sched.h, KASLR stopped building.

Fix this by including the correct header file for init_thread_union

Signed-off-by: Matt Redfearn &lt;matt.redfearn@imgtec.com&gt;
Cc: James Hogan &lt;james.hogan@imgtec.com&gt;
Cc: Marcin Nowakowski &lt;marcin.nowakowski@imgtec.com&gt;
Cc: Steven J. Hill &lt;Steven.Hill@cavium.com&gt;
Cc: linux-mips@linux-mips.org
Cc: linux-kernel@vger.kernel.org
Patchwork: https://patchwork.linux-mips.org/patch/15849/
Signed-off-by: Ralf Baechle &lt;ralf@linux-mips.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
After the split of linux/sched.h, KASLR stopped building.

Fix this by including the correct header file for init_thread_union

Signed-off-by: Matt Redfearn &lt;matt.redfearn@imgtec.com&gt;
Cc: James Hogan &lt;james.hogan@imgtec.com&gt;
Cc: Marcin Nowakowski &lt;marcin.nowakowski@imgtec.com&gt;
Cc: Steven J. Hill &lt;Steven.Hill@cavium.com&gt;
Cc: linux-mips@linux-mips.org
Cc: linux-kernel@vger.kernel.org
Patchwork: https://patchwork.linux-mips.org/patch/15849/
Signed-off-by: Ralf Baechle &lt;ralf@linux-mips.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>MIPS: relocate: Optionally relocate the DTB</title>
<updated>2017-01-03T15:34:45+00:00</updated>
<author>
<name>Marcin Nowakowski</name>
<email>marcin.nowakowski@imgtec.com</email>
</author>
<published>2016-11-23T13:43:48+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=4c9fff362261d68cc35053a76afea85f1277ac66'/>
<id>4c9fff362261d68cc35053a76afea85f1277ac66</id>
<content type='text'>
If the DTB is located in the target memory area for the relocated kernel
it needs to be relocated as well before kernel relocation takes place.

After copying the DTB use the new plat_fdt_relocated() API from the
relocated kernel to ensure the relocated kernel updates any information
that it may have cached about the location of the DTB.

plat_fdt_relocated is declared as a weak symbol so that platforms that
do not require it do not need to implement the method.

Signed-off-by: Marcin Nowakowski &lt;marcin.nowakowski@imgtec.com&gt;
Cc: linux-mips@linux-mips.org
Patchwork: https://patchwork.linux-mips.org/patch/14616/
Signed-off-by: Ralf Baechle &lt;ralf@linux-mips.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
If the DTB is located in the target memory area for the relocated kernel
it needs to be relocated as well before kernel relocation takes place.

After copying the DTB use the new plat_fdt_relocated() API from the
relocated kernel to ensure the relocated kernel updates any information
that it may have cached about the location of the DTB.

plat_fdt_relocated is declared as a weak symbol so that platforms that
do not require it do not need to implement the method.

Signed-off-by: Marcin Nowakowski &lt;marcin.nowakowski@imgtec.com&gt;
Cc: linux-mips@linux-mips.org
Patchwork: https://patchwork.linux-mips.org/patch/14616/
Signed-off-by: Ralf Baechle &lt;ralf@linux-mips.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>MIPS: Relocatable: Provide plat_post_relocation hook</title>
<updated>2017-01-03T15:34:36+00:00</updated>
<author>
<name>Steven J. Hill</name>
<email>Steven.Hill@cavium.com</email>
</author>
<published>2016-12-09T08:36:22+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=8cc709d7d4f013f51d38ceb2e3c8c82d230cf457'/>
<id>8cc709d7d4f013f51d38ceb2e3c8c82d230cf457</id>
<content type='text'>
This hook provides the platform the chance to perform any required
setup before the boot processor switches to the relocated kernel.
The relocated kernel has been copied and fixed up ready for execution
at this point. Secondary CPUs may wish to switch to it early. There
is also the opportunity for the platform to abort jumping to the
relocated kernel if there is anything wrong with the chosen offset.

Signed-off-by: Matt Redfearn &lt;matt.redfearn@imgtec.com&gt;
Signed-off-by: Steven J. Hill &lt;Steven.Hill@cavium.com&gt;
Cc: linux-mips@linux-mips.org
Patchwork: https://patchwork.linux-mips.org/patch/14651/
Signed-off-by: Ralf Baechle &lt;ralf@linux-mips.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
This hook provides the platform the chance to perform any required
setup before the boot processor switches to the relocated kernel.
The relocated kernel has been copied and fixed up ready for execution
at this point. Secondary CPUs may wish to switch to it early. There
is also the opportunity for the platform to abort jumping to the
relocated kernel if there is anything wrong with the chosen offset.

Signed-off-by: Matt Redfearn &lt;matt.redfearn@imgtec.com&gt;
Signed-off-by: Steven J. Hill &lt;Steven.Hill@cavium.com&gt;
Cc: linux-mips@linux-mips.org
Patchwork: https://patchwork.linux-mips.org/patch/14651/
Signed-off-by: Ralf Baechle &lt;ralf@linux-mips.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>MIPS: KASLR: Fix handling of NULL FDT</title>
<updated>2016-11-03T23:30:49+00:00</updated>
<author>
<name>Matt Redfearn</name>
<email>matt.redfearn@imgtec.com</email>
</author>
<published>2016-10-17T16:21:46+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=4736697963385e6257ee8e260e97347e858cd962'/>
<id>4736697963385e6257ee8e260e97347e858cd962</id>
<content type='text'>
If platform code returns a NULL pointer to the FDT, initial_boot_params
will not get set to a valid pointer and attempting to find the /chosen
node in it will cause a NULL pointer dereference and the kernel to crash
immediately on startup - with no output to the console.

Fix this by checking that initial_boot_params is valid before using it.

Fixes: 405bc8fd12f5 ("MIPS: Kernel: Implement KASLR using CONFIG_RELOCATABLE")
Cc: stable@vger.kernel.org # 4.7+
Signed-off-by: Matt Redfearn &lt;matt.redfearn@imgtec.com&gt;
Cc: linux-mips@linux-mips.org
Cc: linux-kernel@vger.kernel.org
Patchwork: https://patchwork.linux-mips.org/patch/14414/
Signed-off-by: Ralf Baechle &lt;ralf@linux-mips.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
If platform code returns a NULL pointer to the FDT, initial_boot_params
will not get set to a valid pointer and attempting to find the /chosen
node in it will cause a NULL pointer dereference and the kernel to crash
immediately on startup - with no output to the console.

Fix this by checking that initial_boot_params is valid before using it.

Fixes: 405bc8fd12f5 ("MIPS: Kernel: Implement KASLR using CONFIG_RELOCATABLE")
Cc: stable@vger.kernel.org # 4.7+
Signed-off-by: Matt Redfearn &lt;matt.redfearn@imgtec.com&gt;
Cc: linux-mips@linux-mips.org
Cc: linux-kernel@vger.kernel.org
Patchwork: https://patchwork.linux-mips.org/patch/14414/
Signed-off-by: Ralf Baechle &lt;ralf@linux-mips.org&gt;
</pre>
</div>
</content>
</entry>
</feed>
