From nobody Tue Jun 16 20:37:09 2026 Received: from mail-pg1-f182.google.com (mail-pg1-f182.google.com [209.85.215.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7ADA237FF4B for ; Wed, 29 Apr 2026 05:14:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.182 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777439643; cv=none; b=IzbAS3zk1JbAPYETkQ4qmoefdG/nlnwJPIn0RC6LI/M0khGLcrc3Ew2uZ1O8Fk2O7OpWHsLWYEWt8URQBfrmIEInAd3nkmW2/ymKo73IuQWU3oaPqB0ltz9o+vJ/0now+MqgCukmHEty8t1i3OBd6Ywg2erdirdm5rHKcTnOlHE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777439643; c=relaxed/simple; bh=ZtZZjU14tH4CI7Qi3EwJbsIUSfhgGfNFvjX3BbzBTUU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=VJHTRn80MmVTUXS0siUOVQZ1u2oQG8quIoLCB8oe+vK3DDMOhOoGDwaOc2PkG8AdRv+CZsv3jb5VlqFoadImavkyaVzC5jeQ+9yLafuo3wLiYMHlxNEah8Rh21F5mRRqsMSQSAW7R0Ot2jDY+9mgVUwI+OFHNoxtqe3gotE+MnY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=hev.cc; spf=pass smtp.mailfrom=hev.cc; dkim=pass (2048-bit key) header.d=hev-cc.20251104.gappssmtp.com header.i=@hev-cc.20251104.gappssmtp.com header.b=Y97wC5uI; arc=none smtp.client-ip=209.85.215.182 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=hev.cc Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=hev.cc Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=hev-cc.20251104.gappssmtp.com header.i=@hev-cc.20251104.gappssmtp.com header.b="Y97wC5uI" Received: by mail-pg1-f182.google.com with SMTP id 41be03b00d2f7-c7961d7bc09so4945266a12.1 for ; Tue, 28 Apr 2026 22:14:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hev-cc.20251104.gappssmtp.com; s=20251104; t=1777439642; x=1778044442; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=c434K46vhUUFgUVT8fa10pxpFGP8ckGFIv5A6TmNO0w=; b=Y97wC5uIhmG5oCBhUhz428YGmU/XTcGeeYgcS0RHzkkSNIYX125fCaSL5VZUxUJUoJ WFBNLI0sTVLA0klBWOCjFnj6GoOJ5a/frLxDykPiHZFDOKkxRGNG3M2773241uExoNqp e853KCPO/cDEErtvxoqIK+rRDRk5vW4LY0iA0P9I712Hb7vomdXirIbUPPkq7m9G+MLR S+9Yxiddw0GjPWIxJH2xhzOD6Kascb1RtR5LjgLF9caTjgwZdvihlAbGM+5vPH7wy6J6 t+dnxOK1VHBJVKnYfErlVr8wo/BPs67lGZ+jMwkjLikA/ItT8Gtnf2sM4xNMY03E59yj tx+A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1777439642; x=1778044442; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=c434K46vhUUFgUVT8fa10pxpFGP8ckGFIv5A6TmNO0w=; b=T6FnAW0leoW1650lrIU0yy9Ljy9r1bXwz72RrI9ufQx2G5oo8ZD0pkTJPHfy0vngdN rskwtxSGRrVGTc8hvY2h1qjRAbhYBYQFT2LeuUN4zD5j5EA4I+z9LF5AVHAjROwBcQlI brLZ6jr+u0T/Uh6yjwz+lhhA3Qemyk+nDRexUTeM4JyQ2Xvzp3R/zClDnjspVAYcLp9L IMx0D+KZBZ548ZWjIpzDPWgeGC3b3Y6wKf8RW9uWeOtAC+Toxg87WRvWOKcQ3xzj15Oz E1jJp5Xn3JJ79LyPD1qnadsnrbUjMQE58EayUISnG7F1O5+xbVDMAA9iOalF2QAHOqQN K3Tw== X-Forwarded-Encrypted: i=1; AFNElJ/uGOtyym4IAKjJIb4O0Z4S87SsFraonOnfNnts/IPoBwxbqIx5ghH/7VsqOuH3p3T3cyAg30kyuDy9uPU=@vger.kernel.org X-Gm-Message-State: AOJu0Yy87+z6Mdhq4l7kBGvPc6xKiSXKVyMN3455Ktuy26ObQU6WNw0H HNtQeQmGltI9//2SCwB9zpq2VE4NwajRd7l7m3g+vnGa4bjPxJKTiqkjEI2EbPPYmmE= X-Gm-Gg: AeBDievQOa15ju1K4vng+WsuaaBkeVpQsA3ia6p79DEivlkSkJQWHId0EceSNJSSspx JfpR6CNBtN5lW353+tc4g4D5tS2FMcLS9vexXfCqkCJ7N6/ol0whsqbVsGAqsGePHRGPXN42bB1 cdpU+qf0K/lPl2H92ui2lf2ZiwVE4+QxWCi8coiGQfih1gjV7zEr5gZP4WEaAnMzIVgvOHQTV3H FB89vqIiDJbWuVSR6FS9MggN09qSM0gsrUDKnlJNZEnF4FUnSqPaOfE0ynK0vtJl718sjm4oqZF 4SwPZ+GJviMoIYIqEtyRQXSI3xggJYzZvCZukY3neZqaeuLTlkjc3rH+4yW1jAzDo5l7y+bQ0xw W03QBXhNhKHJ6TxPfcBL/3Kmqwb4oED1sdlSseDboFvDy0A8EpC6DlXqRVV3Qh472QsOubQ4XA9 qR2lvcE8LIOp1UXvo+2lqTatYBwWR5 X-Received: by 2002:a17:902:d591:b0:2b4:460e:6fa8 with SMTP id d9443c01a7336-2b97c4dd4b6mr55225105ad.34.1777439641576; Tue, 28 Apr 2026 22:14:01 -0700 (PDT) Received: from localhost ([2400:8902:e002:de33:3dbd:69cf:4a22:309]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2b988787360sm8846935ad.20.2026.04.28.22.13.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 28 Apr 2026 22:14:01 -0700 (PDT) From: WANG Rui To: Huacai Chen , Ard Biesheuvel Cc: WANG Xuerui , Ilias Apalodimas , Haiyong Sun , Lisa Robinson , loongarch@lists.linux.dev, linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org, WANG Rui Subject: [PATCH v3 1/3] efi/loongarch: Randomize kernel preferred address for KASLR Date: Wed, 29 Apr 2026 13:13:16 +0800 Message-ID: <20260429051318.1581350-2-r@hev.cc> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260429051318.1581350-1-r@hev.cc> References: <20260429051318.1581350-1-r@hev.cc> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Introduce efi_get_kimg_kaslr_address() to compute the preferred kernel image address dynamically when CONFIG_RANDOMIZE_BASE is enabled. The function derives a random offset using EFI-provided randomness combined with the timer value, and constrains it within CONFIG_RANDOMIZE_BASE_MAX_OFFSET. Update EFI_KIMG_PREFERRED_ADDRESS to call this helper so that the EFI stub can select a randomized load address when KASLR is active, while preserving the original base address behavior when KASLR is disabled or nokaslr is specified. Signed-off-by: WANG Rui Acked-by: Ard Biesheuvel --- arch/loongarch/include/asm/efi.h | 4 +++- drivers/firmware/efi/libstub/loongarch.c | 16 ++++++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/arch/loongarch/include/asm/efi.h b/arch/loongarch/include/asm/= efi.h index eddc8e79b3fa..f831320efd41 100644 --- a/arch/loongarch/include/asm/efi.h +++ b/arch/loongarch/include/asm/efi.h @@ -30,6 +30,8 @@ static inline unsigned long efi_get_kimg_min_align(void) return SZ_2M; } =20 -#define EFI_KIMG_PREFERRED_ADDRESS PHYSADDR(VMLINUX_LOAD_ADDRESS) +unsigned long efi_get_kimg_kaslr_address(void); + +#define EFI_KIMG_PREFERRED_ADDRESS efi_get_kimg_kaslr_address() =20 #endif /* _ASM_LOONGARCH_EFI_H */ diff --git a/drivers/firmware/efi/libstub/loongarch.c b/drivers/firmware/ef= i/libstub/loongarch.c index 9825f5218137..51997a0e83bd 100644 --- a/drivers/firmware/efi/libstub/loongarch.c +++ b/drivers/firmware/efi/libstub/loongarch.c @@ -38,6 +38,22 @@ static efi_status_t exit_boot_func(struct efi_boot_memma= p *map, void *priv) return EFI_SUCCESS; } =20 +unsigned long efi_get_kimg_kaslr_address(void) +{ + unsigned int random_offset =3D 0; + +#ifdef CONFIG_RANDOMIZE_BASE + if (!efi_nokaslr) { + efi_get_random_bytes(sizeof(random_offset), (u8 *)&random_offset); + random_offset ^=3D (random_get_entropy() << 16); + random_offset &=3D (CONFIG_RANDOMIZE_BASE_MAX_OFFSET - 1); + random_offset =3D ALIGN(random_offset + SZ_64K, SZ_64K); + } +#endif + + return PHYSADDR(VMLINUX_LOAD_ADDRESS) + random_offset; +} + unsigned long __weak kernel_entry_address(unsigned long kernel_addr, efi_loaded_image_t *image) { --=20 2.54.0 From nobody Tue Jun 16 20:37:09 2026 Received: from mail-pl1-f176.google.com (mail-pl1-f176.google.com [209.85.214.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2434C38B133 for ; Wed, 29 Apr 2026 05:14:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.176 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777439646; cv=none; b=tMgL6PMNMbizL5Q6DIQ+r953E5b82mtl6vZ1uI2wCDyXqDvbqFrsRji9i26NZUBAoDqVTxM/EbIi6QGk3nd8REsk9rZb70dpRO7M4pnu7SuVGyRAajxMN0fau8Eam7i4v4J/+SEZ3OOdgH8NSNAT72SZm3HJAqTdM7nMrvRMFFM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777439646; c=relaxed/simple; bh=AFxDVPfqDD1fX+0U3m7t2OJUKJfWgyTTwFDtosrykxU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=KWLo2BJRa8Cs4PtpBuFBoHBE1rhlmwHLAjiaP8qNSWcBEg6h2wbPu1z4FFm9WX/KX3MtWybZhystJHjxqpDwwn+k/BvMpRK4+DK6z9KF+oJX6EyaME06JiJpra4yugezTX7v5RONRPjajA0C/+mpOPCGvhmgeC5iV3Y7Gs7bkTE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=hev.cc; spf=pass smtp.mailfrom=hev.cc; dkim=pass (2048-bit key) header.d=hev-cc.20251104.gappssmtp.com header.i=@hev-cc.20251104.gappssmtp.com header.b=WVKtCJ/j; arc=none smtp.client-ip=209.85.214.176 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=hev.cc Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=hev.cc Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=hev-cc.20251104.gappssmtp.com header.i=@hev-cc.20251104.gappssmtp.com header.b="WVKtCJ/j" Received: by mail-pl1-f176.google.com with SMTP id d9443c01a7336-2b23fcf90b2so116141315ad.3 for ; Tue, 28 Apr 2026 22:14:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hev-cc.20251104.gappssmtp.com; s=20251104; t=1777439644; x=1778044444; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=s1M23bGh5Hxam/8XaoRaHHo8c9kozCZBAlQpB9hznRA=; b=WVKtCJ/jXip4lCFUgLcr8SGqOY2Hd4vjk5C+fjAvRy28GR9slBnqcnbtMiwuz3d1NB u5mvu8RkzEDyP78Ui9Pt5TIs1SqD8eCQA0EizLzV4eou0qfj+HxxqeZsPqD8G8m2pldg QDW+kGtzQpC6FEw73dXFmbckNYmigqyzGrRXWQAkMqh7oLKvj1dd+16EmBoEK4CrADhY 07lHupqY/f1ye2Lx+RIsdqx/aBW+QUmGtgP1NHiSHrPi6zVoDycTZOgDr5UwC5ExwbGv uZTyuEEeBEWq3WdHEWvn8hZwv0pte4gM12Ng6/1k5AiGbIi/KaUQ+nOgO1B09DeTv7ir XPug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1777439644; x=1778044444; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=s1M23bGh5Hxam/8XaoRaHHo8c9kozCZBAlQpB9hznRA=; b=blYmae+9wGRy17oml6P2RdSKb1JfaHVzGveM6ZrZFEnWwGxvpgMUi/1igTM7bEON69 b868YhVTgMnwnKNrj/TDEvE8th0b0X0NM7glVwx5B14VMjbC6MUdE/LEbsdus+zl98x8 0Mz0Sn+FFHuAXZvAsWCcBxcuEzT4S6IF9cWCDzEC0eW3/eNBTdutw3FwSgjcxmxS+xKm x/Gb0E46hIwb4MKnX6UzEMOW15vpLAlz5ZdrdLyPY2SSRc1WhoQB0aFsg8h0zqZTcVYV GKf5XAl8IgvIw4kD+ZH1dM2oHGKus5oSqMAJJDLTPyUWVHiHDgxHbNYQZ0kW140SSAy6 kB3g== X-Forwarded-Encrypted: i=1; AFNElJ9m8P/hLSXuRF45lhqtPFpzF2IyX0YDo3Yr6QpTUH6qCEuNi9Imc+uhrtc3pXthNhA9JX4hfhhvhuzRegU=@vger.kernel.org X-Gm-Message-State: AOJu0Yx3sUOdE+RCj9hVRegqutgNPSpf2fQbJ0AvdclZEZxx2NyPgidH OOJKf9SQ1GbryChSyzgZpBnK8iaJpqF4UJe7gDXmuP2EWFZmSC+bmu96mgL0VTRZS2Y= X-Gm-Gg: AeBDietXuvJzrOihWMX2SPl7S5c9sKnlbG806JMrTciCCMtqh0Y4eh/IsHtFGrC0eem DwdIqCo/0Fy6Gxq0jemnM2wmzwf3KZOJRRXi7C/0OmggfzIOgVtSLp7Pjo5/41qZCyva0Lr2a3c TqPjI+XeJUkPSVblYESWtNpdmU+I6J9H2LEKEe7FE4GSOMB6nzv9w9SHnTbnx6NPNF7n/gaTKLE uHgs48/0A/0ufVmlsZUbOn7wDoSngt12BQI+b21xmhut3AzWXXXwjdM/4s63dLB7WeSnAYrDIrs 8qo1BUVo2v5TvcsuIUy8ROn1FQnG6h26XyfwIaTR2Fk2zoxetLCLKt36LOIw32sSdny0iBY7q6d /VdeZhtQHPFD2wOul2mb9lG587VAco1x5GDmqLjCyX6NGn5nTQHUTd2MKiORXkpJREXJHa/2dDf CIaw3D9QeBKW7hyB/fpb40D33IMiyT X-Received: by 2002:a17:903:2acc:b0:2b2:4cd2:e162 with SMTP id d9443c01a7336-2b97c48d869mr58904515ad.34.1777439644464; Tue, 28 Apr 2026 22:14:04 -0700 (PDT) Received: from localhost ([2400:8902:e002:de33:3dbd:69cf:4a22:309]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2b988787360sm8846935ad.20.2026.04.28.22.14.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 28 Apr 2026 22:14:04 -0700 (PDT) From: WANG Rui To: Huacai Chen , Ard Biesheuvel Cc: WANG Xuerui , Ilias Apalodimas , Haiyong Sun , Lisa Robinson , loongarch@lists.linux.dev, linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org, WANG Rui Subject: [PATCH v3 2/3] LoongArch: Skip relocation-time KASLR if it has already been applied Date: Wed, 29 Apr 2026 13:13:17 +0800 Message-ID: <20260429051318.1581350-3-r@hev.cc> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260429051318.1581350-1-r@hev.cc> References: <20260429051318.1581350-1-r@hev.cc> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" When the kernel is relocated during early boot, a randomized load address may already have been selected and applied. In this case, performing KASLR again in relocate.c is unnecessary. Signed-off-by: WANG Rui Acked-by: Ard Biesheuvel --- arch/loongarch/kernel/relocate.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/loongarch/kernel/relocate.c b/arch/loongarch/kernel/reloc= ate.c index 16f6a9b39659..c36604a81d08 100644 --- a/arch/loongarch/kernel/relocate.c +++ b/arch/loongarch/kernel/relocate.c @@ -139,6 +139,10 @@ static inline __init bool kaslr_disabled(void) char *str; const char *builtin_cmdline =3D CONFIG_CMDLINE; =20 + /* KASLR is performed during early boot. */ + if (kaslr_offset()) + return true; + str =3D strstr(builtin_cmdline, "nokaslr"); if (str =3D=3D builtin_cmdline || (str > builtin_cmdline && *(str - 1) = =3D=3D ' ')) { pr_info(KASLR_DISABLED_MESSAGE, "\'nokaslr\'", "built-in"); --=20 2.54.0 From nobody Tue Jun 16 20:37:09 2026 Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com [209.85.214.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BE0F0388379 for ; Wed, 29 Apr 2026 05:14:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.169 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777439649; cv=none; b=dCxtpVHq7jGL+bRUPDKjA8f9ZGJQ3mkTAgLkxleC2fqHsbmNFBFQtxJszTriTvTlFj5kO6Q4anl6XDmZgyb5MK4P+6tcAWoRsRdB9yfeknD4jnd21VoMd67k7P/sXdB55N7SlLOHae0NFz9jLaPXKbrlJ1+RcSAnWpiqah2CZcw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777439649; c=relaxed/simple; bh=dItIsPbk/j3Cl3D6WqOm0NerVIalkv5nzvBY3Zn3xvQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=HteBbV8KgBjAcA+Q1tb9SOYwycs1q7DhR2Y3aVXkshpnT2lIsdfhS5bbSM/s0+O/KgUopfqjWj/Atg0bRFThYvzx/+IpTK8oJaCActn8+DyhEvdfAY1Whd7QCFQSbfv7NTIDAEdTPHEuaZ8aJznQeI88yXnzdx6vdL+oU5bA438= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=hev.cc; spf=pass smtp.mailfrom=hev.cc; dkim=pass (2048-bit key) header.d=hev-cc.20251104.gappssmtp.com header.i=@hev-cc.20251104.gappssmtp.com header.b=RaP71bfk; arc=none smtp.client-ip=209.85.214.169 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=hev.cc Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=hev.cc Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=hev-cc.20251104.gappssmtp.com header.i=@hev-cc.20251104.gappssmtp.com header.b="RaP71bfk" Received: by mail-pl1-f169.google.com with SMTP id d9443c01a7336-2ab39b111b9so50392495ad.1 for ; Tue, 28 Apr 2026 22:14:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hev-cc.20251104.gappssmtp.com; s=20251104; t=1777439647; x=1778044447; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=99tLjWOK/mLpAv9uxA8Gv2R+vi67znNvjWmjayf7030=; b=RaP71bfkiykOFpSz7etZdREtpyULq/YII+YILILuAhshL2M6GOcXWXdrogLgFm1JFL K1uP0Al4udjorWRiAVLOi82M4d0LzqM2Gy1BAw2D+3qq1p8bzddRdC7hyZkn5wLUUNRm 16ccIEYshP15EJg7b29StaAAOuCA95z8pkcqwKKUgRmWRvTno9nKLDEl8Na77tdhzCLY YYYOi7osZb74FB0sjxCebDD1UyiJBuN9ObGCuQaefoRywJG/QTKY3qsVROrJNi/vokRo 5LGxP1KQatZeVvJBCS+O7VXKbQWYhOnHinnwn9fmAL0NeXxAAsLMmrOxsdKMTDBhXXz9 EqJg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1777439647; x=1778044447; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=99tLjWOK/mLpAv9uxA8Gv2R+vi67znNvjWmjayf7030=; b=DEVX2vr3OLlUXyRqbVq8/iXFw1ghetOr//gD7xVG2VEWk2GeeVDvtU9j2QUEl3NKu2 1AG+M8r68yElgOIAL1WoWciFwQCt7DG8JcA/Gwrgr7/NESjrKiDPF2e0Ao59IDV7dOGk jUcyVp14X//uEsAI9jOiyOYFWKd4suMYZa8It/Dc/P7KMvflSp7nXak/SOPFNqGwU7Fd FPp3KB/1oiL7QFA9ezrW47072gwvDEmnhY6ozEeNbvIxrg0OlJ+Vp29yFYO23R9ORuGO xYsxBZQM7czqcoHCYKFMKVxVRHqxkE2qB256HSEPEmHOJXROOkHH2RolW+T2x++PLLe6 sj2A== X-Forwarded-Encrypted: i=1; AFNElJ8/Kw8KnrXMdsNDVRGnw2t7N8ZeX7YHpoPGSo+xPZif6MGOKKEWzNHzwzLBhOjGjrtV2+wZmNi7987Xqq4=@vger.kernel.org X-Gm-Message-State: AOJu0Yx2QQX1NJSqIaD7niDpUjcvbpBLH8WH4fLCQo1Af5ApEJMQaHLA tK53vMC4bvb4maR2YzQnUh3jb72+1jCmmJBVxi/7YjbQBNKZqeiDvtPzb5zNLLhBYQo= X-Gm-Gg: AeBDiesdYc83Lnsq1qpmHE0kWOc9E7FvxCKgwkLY7Zh2XRXUerNRxxTuzc2CEG5A6pT 4kZUUkdabV/95gxn38HEDEJscbCbCiANCk0/8nEujDFQChO8WQgWsluD0bzC2vCrkw+2dUQEVDt SX16OFzZO20okvOdgO0NVkT43Bm0Va012n9lMXjoKySJHsvAeJ5xdJNNjLimmTa9VsqaLsBBoFQ NreoPOwzed1287/ltonwpuamic6GPjIb4rQ/arR2RmcAN1kKc7au4c2cnIfIaP3B772TtVseXlJ DJ2uuoqqwXhjkGbyhzkxUqcyEDq1iGhQudt0axrwFPehB2c7k9RQvZjbxcgMsqmikFdSAq05P6/ ohZA5zVjnsc0GLvsOFzQUr2J1E4whKtVyMx6uVzXfG6zwCUVVpXAd7mIesegVh+5n+b2KRtlDf2 SmSjk25qbYDZod8MzY7+hC+kDznpgb X-Received: by 2002:a17:902:f907:b0:2b2:42b1:adac with SMTP id d9443c01a7336-2b97c412257mr40027755ad.3.1777439647157; Tue, 28 Apr 2026 22:14:07 -0700 (PDT) Received: from localhost ([2400:8902:e002:de33:3dbd:69cf:4a22:309]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2b988787360sm8846935ad.20.2026.04.28.22.14.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 28 Apr 2026 22:14:06 -0700 (PDT) From: WANG Rui To: Huacai Chen , Ard Biesheuvel Cc: WANG Xuerui , Ilias Apalodimas , Haiyong Sun , Lisa Robinson , loongarch@lists.linux.dev, linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org, WANG Rui Subject: [PATCH v3 3/3] LoongArch: Avoid initrd overlap during kernel relocation Date: Wed, 29 Apr 2026 13:13:18 +0800 Message-ID: <20260429051318.1581350-4-r@hev.cc> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260429051318.1581350-1-r@hev.cc> References: <20260429051318.1581350-1-r@hev.cc> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Validate the relocation address against the initrd region specified via "initrd=3D" or "initrdmem=3D" on the command line. Reject relocation targets that overlap the initrd to prevent memory corruption during early boot. Signed-off-by: WANG Rui Acked-by: Ard Biesheuvel --- arch/loongarch/kernel/relocate.c | 45 ++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/arch/loongarch/kernel/relocate.c b/arch/loongarch/kernel/reloc= ate.c index c36604a81d08..c303c0be8f06 100644 --- a/arch/loongarch/kernel/relocate.c +++ b/arch/loongarch/kernel/relocate.c @@ -214,14 +214,59 @@ static inline void __init *determine_relocation_addre= ss(void) return RELOCATED_KASLR(destination); } =20 +static unsigned long __init try_get_initrd(unsigned long *size) +{ + unsigned long start =3D 0; + unsigned int key_length; + const char *key; + char *p; + + key =3D "initrd=3D"; + key_length =3D strlen(key); + p =3D strstr(boot_command_line, key); + + if (!p) { + key =3D "initrdmem=3D"; + key_length =3D strlen(key); + p =3D strstr(boot_command_line, key); + } + + if (p =3D=3D boot_command_line || (p > boot_command_line && *(p - 1) =3D= =3D ' ')) { + char *endp; + + p +=3D key_length; + start =3D memparse(p, &endp); + if (*endp =3D=3D ',') + *size =3D memparse(endp + 1, NULL); + } + + return start; +} + static inline int __init relocation_addr_valid(void *location_new) { + unsigned long initrd_start; + unsigned long initrd_size =3D 0; + if ((unsigned long)location_new & 0x00000ffff) return 0; /* Inappropriately aligned new location */ =20 if ((unsigned long)location_new < (unsigned long)_end) return 0; /* New location overlaps original kernel */ =20 + initrd_start =3D try_get_initrd(&initrd_size); + if (initrd_start && initrd_size) { + unsigned long kernel_start; + unsigned long kernel_size; + + kernel_start =3D PHYSADDR(location_new); + kernel_size =3D (unsigned long)_end - (unsigned long)_text; + + if (kernel_start < (initrd_start + initrd_size) && + initrd_start < (kernel_start + kernel_size)) + return 0; /* Initrd overlaps kernel */ + } + return 1; } #endif --=20 2.54.0