Merge branch 'tip-x86-kaslr' of git://git.kernel.org/pub/scm/linux/kernel/git/bp/bp into x86/urgent

Pull ASLR and kASLR fixes from Borislav Petkov: - Add a global flag announcing KASLR state so that relevant code can do informed decisions based on its setting. (Jiri Kosina) - Fix a stack randomization entropy decrease bug. (Hector Marco-Gisbert) Signed-off-by: Ingo Molnar <mingo@kernel.org>
author: Ingo Molnar <mingo@kernel.org> 2015-02-19 06:06:04 -0500
committer: Ingo Molnar <mingo@kernel.org> 2015-02-19 06:31:34 -0500
commit: a267b0a349bb021c010e36a2a13e1e16657b1b0f (patch)
tree: 4438a10ecc864f15ce6f37c1764fffa995a9a175 /arch/x86/boot
parent: ee408b4207c8281a91f039e89d06de264d319466 (diff)
parent: 4e7c22d447bb6d7e37bfe39ff658486ae78e8d77 (diff)
3 files changed, 39 insertions, 4 deletions
diff --git a/arch/x86/boot/compressed/aslr.c b/arch/x86/boot/compressed/aslr.c
index bb1376381985..7083c16cccba 100644
--- a/arch/x86/boot/compressed/aslr.c
+++ b/arch/x86/boot/compressed/aslr.c
@@ -14,6 +14,13 @@
 static const char build_str[] = UTS_RELEASE " (" LINUX_COMPILE_BY "@"
                LINUX_COMPILE_HOST ") (" LINUX_COMPILER ") " UTS_VERSION;
+struct kaslr_setup_data {
+        __u64 next;
+        __u32 type;
+        __u32 len;
+        __u8 data[1];
+} kaslr_setup_data;
 #define I8254_PORT_CONTROL      0x43
 #define I8254_PORT_COUNTER0     0x40
 #define I8254_CMD_READBACK      0xC0
@@ -295,7 +302,29 @@ static unsigned long find_random_addr(unsigned long minimum,
        return slots_fetch_random();
 }
-unsigned char *choose_kernel_location(unsigned char *input,
+static void add_kaslr_setup_data(struct boot_params *params, __u8 enabled)
+{
+        struct setup_data *data;
+        kaslr_setup_data.type = SETUP_KASLR;
+        kaslr_setup_data.len = 1;
+        kaslr_setup_data.next = 0;
+        kaslr_setup_data.data[0] = enabled;
+        data = (struct setup_data *)(unsigned long)params->hdr.setup_data;
+        while (data && data->next)
+                data = (struct setup_data *)(unsigned long)data->next;
+        if (data)
+                data->next = (unsigned long)&kaslr_setup_data;
+        else
+                params->hdr.setup_data = (unsigned long)&kaslr_setup_data;
+}
+unsigned char *choose_kernel_location(struct boot_params *params,
+                                      unsigned char *input,
                                      unsigned long input_size,
                                      unsigned char *output,
                                      unsigned long output_size)
@@ -306,14 +335,17 @@ unsigned char *choose_kernel_location(unsigned char *input,
 #ifdef CONFIG_HIBERNATION
        if (!cmdline_find_option_bool("kaslr")) {
                debug_putstr("KASLR disabled by default...\n");
+                add_kaslr_setup_data(params, 0);
                goto out;
        }
 #else
        if (cmdline_find_option_bool("nokaslr")) {
                debug_putstr("KASLR disabled by cmdline...\n");
+                add_kaslr_setup_data(params, 0);
                goto out;
        }
 #endif
+        add_kaslr_setup_data(params, 1);
        /* Record the various known unsafe memory ranges. */
        mem_avoid_init((unsigned long)input, input_size,
diff --git a/arch/x86/boot/compressed/misc.c b/arch/x86/boot/compressed/misc.c
index a950864a64da..5903089c818f 100644
--- a/arch/x86/boot/compressed/misc.c
+++ b/arch/x86/boot/compressed/misc.c
@@ -401,7 +401,8 @@ asmlinkage __visible void *decompress_kernel(void *rmode, memptr heap,
         * the entire decompressed kernel plus relocation table, or the
         * entire decompressed kernel plus .bss and .brk sections.
         */
-        output = choose_kernel_location(input_data, input_len, output,
+        output = choose_kernel_location(real_mode, input_data, input_len,
+                                        output,
                                        output_len > run_size ? output_len
                                                              : run_size);
diff --git a/arch/x86/boot/compressed/misc.h b/arch/x86/boot/compressed/misc.h
index 24e3e569a13c..6d6730743024 100644
--- a/arch/x86/boot/compressed/misc.h
+++ b/arch/x86/boot/compressed/misc.h
@@ -56,7 +56,8 @@ int cmdline_find_option_bool(const char *option);
 #if CONFIG_RANDOMIZE_BASE
 /* aslr.c */
-unsigned char *choose_kernel_location(unsigned char *input,
+unsigned char *choose_kernel_location(struct boot_params *params,
+                                      unsigned char *input,
                                      unsigned long input_size,
                                      unsigned char *output,
                                      unsigned long output_size);
@@ -64,7 +65,8 @@ unsigned char *choose_kernel_location(unsigned char *input,
 bool has_cpuflag(int flag);
 #else
 static inline
-unsigned char *choose_kernel_location(unsigned char *input,
+unsigned char *choose_kernel_location(struct boot_params *params,
+                                      unsigned char *input,
                                      unsigned long input_size,
                                      unsigned char *output,
                                      unsigned long output_size)
author	Ingo Molnar <mingo@kernel.org>	2015-02-19 06:06:04 -0500
committer	Ingo Molnar <mingo@kernel.org>	2015-02-19 06:31:34 -0500
commit	a267b0a349bb021c010e36a2a13e1e16657b1b0f (patch)
tree	4438a10ecc864f15ce6f37c1764fffa995a9a175 /arch/x86/boot
parent	ee408b4207c8281a91f039e89d06de264d319466 (diff)
parent	4e7c22d447bb6d7e37bfe39ff658486ae78e8d77 (diff)