From nobody Tue Jun 16 19:34:16 2026 Received: from mail-pf1-f182.google.com (mail-pf1-f182.google.com [209.85.210.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 977353F65F3 for ; Wed, 29 Apr 2026 12:03:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.182 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777464221; cv=none; b=X0cTgQfODka+qr4eWUEW6RqDhISBvMNpBwKqDaAtY148VO4nD8q4Q3DoQl10TTdL+kvnT7jakpnIULCLEMgTPsB52M1rCZLxElyGzcZ9S959qBWwzKKDxJE9Ku3R2s8pYYX3w/eRS/aGlNgm5TGt0b9Z6wd3jGEldbQoAeqsMgU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777464221; c=relaxed/simple; bh=B2X2RPQv8ZrL3d489WU0ngl6i9tgLyFWZKtm0iXeYVc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=dL2blLls73w3CyKfcIYj1JYHR6XkTpOiWojFbNEyUSvpW1RE6E7tSBLmcuMkOcixYvq47XfF5i/+9HqElJL5p6rtf1vQR5rIi7mtj0Npv+5e3jcDet5kYlV/NRPK7aLMQ08jVURo60ANmQdLSksnsHdQ92j/ieMoc20DE/B5EBQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=hev.cc; spf=pass smtp.mailfrom=hev.cc; dkim=pass (2048-bit key) header.d=hev-cc.20251104.gappssmtp.com header.i=@hev-cc.20251104.gappssmtp.com header.b=ab7Dr4zI; arc=none smtp.client-ip=209.85.210.182 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=hev.cc Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=hev.cc Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=hev-cc.20251104.gappssmtp.com header.i=@hev-cc.20251104.gappssmtp.com header.b="ab7Dr4zI" Received: by mail-pf1-f182.google.com with SMTP id d2e1a72fcca58-82f8cebc935so5433073b3a.0 for ; Wed, 29 Apr 2026 05:03:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hev-cc.20251104.gappssmtp.com; s=20251104; t=1777464220; x=1778069020; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=yj3F3gFjpGG2RrkSlaKuTLLorI2CDb5ydvcn8Xu7mtk=; b=ab7Dr4zIgShNyPOuYbhVbqaFAzUbKjUQvXQAQa0qejmFK9ETJqPpU/SFQMU31HILz8 lbcQ+ViPSDlPk54TbJquyekCkWNDciuH7KW9Wqu3lGSMo3W/XOwGxKlOazrrXS9paaT1 x/5GgFwA08i0awu5olozGB9lCtubdKCxGkgW7p+NSNHW2E7Ic3V0rYwbXYz5GaxJJ7jL nEIOolXFVjLscj0kUD5g1lVYPRCf0BPifuvYpLgn4FOvtoHg9plpcOct6Zwcy6y90GVP aGjCY3UbYnd2AJBAT1FG9cyzPTaeXb/uDpkfi/JSL7P78YyrGs3I2Wv/gnD0oSjl0lOM IRdA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1777464220; x=1778069020; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=yj3F3gFjpGG2RrkSlaKuTLLorI2CDb5ydvcn8Xu7mtk=; b=UO5ow7zdqSXaBpo+DqryRSS8LxC82bG/W3wilTvncdpZSZRjhNkeTaD0gm2RL7aCBH cxplTLw0XsvK1VIP+ypiP8dV+Wba3rLuvGUCf4oBw73GuZyVC1zTrLmkB0Rfj6LcU/aU bOL/jNSnkw5KhlTzDNWFqkNlbqtwurXH1jWKWZHsLdGoMIyMmCOzZRVrzc20Hk8g8m1a tBwNN9SVYPUD6Om5LMAJjxSHYHhFggdYNFDk9hOSHRZAUz/ICXWduW1pzvwo089lkhIm eGCRnxO0yq958/6hVV0DEpeF2lX7EivvktHa26E/1V0Vkw5sY3hOgMW9pad94EbIg7Gi R9pA== X-Forwarded-Encrypted: i=1; AFNElJ8mdGZCa+801qrt2otRWUT1YduG3yuYaA4rX+tKnKjekPEW7Jo55SRCStXcP/sLCJaRAOxWFx1Yp6oDz70=@vger.kernel.org X-Gm-Message-State: AOJu0YzO7ch1/so84QpF+hXOG8/2Z5AIAvaU6mEOTBWK98JmJhxzkhes O6+7rD+7g1ZKIYKL/CW8nIgxW3Eusm8qhWhrinvySS4DGKn4MUtWLORbTjUaDE5wHBA= X-Gm-Gg: AeBDiev9CTrMTa6W4o7KuJmX84OxxTNgyOizc2WB1TXg4zfLgf1JylHdLeihPu87umC S5FG86Qa/gamn3QILYKACld+ZQrLShWoFKibJsw6cqkM0K1ZXG+YO3O77Px1kulfZXcHtqZu9+c 9KDMBlOIeFLfjW5gkgor1aQVEvkRbNQrJ3Nm4KJ4dtRJvBrC11Zs5AKvqDVf70elW15NI2BQI5B i5hZ/Ik2AH6JCtF8H/+lgxcPMNAiDPzDYqbVblMP4H1RivbZ0pBz304BtWdYIkCVKfQ/ulq7Piz DO6L02mz9WlHi03VRuNWRvQKmGyLWOuulFjSYUfAZ9aD6zoyS5FTXa87To9VttM+eHRdHsKqE6U 7lQQrkN0ENzfAKtIvDa560tQ+eJZSrjpoi9SodnASTwW5qoXzUQeSFBHqWn4lAEJCZvkJQz5VR+ OYPM2uWzRTxNeMeT+M/A== X-Received: by 2002:a05:6a00:408d:b0:829:8942:2c93 with SMTP id d2e1a72fcca58-834ea5688acmr3462864b3a.9.1777464219832; Wed, 29 Apr 2026 05:03:39 -0700 (PDT) Received: from localhost ([2400:8902:e002:de33:3dbd:69cf:4a22:309]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-834ed5efaaasm2016493b3a.27.2026.04.29.05.03.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 29 Apr 2026 05:03:39 -0700 (PDT) From: WANG Rui To: Huacai Chen , Ard Biesheuvel Cc: WANG Xuerui , Ilias Apalodimas , Haiyong Sun , Lisa Robinson , loongarch@lists.linux.dev, linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org, WANG Rui Subject: [PATCH v4 1/3] efi/loongarch: Randomize kernel preferred address for KASLR Date: Wed, 29 Apr 2026 20:02:58 +0800 Message-ID: <20260429120300.1786210-2-r@hev.cc> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260429120300.1786210-1-r@hev.cc> References: <20260429120300.1786210-1-r@hev.cc> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Introduce efi_get_kimg_kaslr_address() to compute the preferred kernel image address dynamically when CONFIG_RANDOMIZE_BASE is enabled. The function derives a random offset using EFI-provided randomness combined with the timer value, and constrains it within CONFIG_RANDOMIZE_BASE_MAX_OFFSET. Update EFI_KIMG_PREFERRED_ADDRESS to call this helper so that the EFI stub can select a randomized load address when KASLR is active, while preserving the original base address behavior when KASLR is disabled or nokaslr is specified. Acked-by: Ard Biesheuvel Signed-off-by: WANG Rui --- arch/loongarch/include/asm/efi.h | 4 +++- drivers/firmware/efi/libstub/loongarch.c | 16 ++++++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/arch/loongarch/include/asm/efi.h b/arch/loongarch/include/asm/= efi.h index eddc8e79b3fa..f831320efd41 100644 --- a/arch/loongarch/include/asm/efi.h +++ b/arch/loongarch/include/asm/efi.h @@ -30,6 +30,8 @@ static inline unsigned long efi_get_kimg_min_align(void) return SZ_2M; } =20 -#define EFI_KIMG_PREFERRED_ADDRESS PHYSADDR(VMLINUX_LOAD_ADDRESS) +unsigned long efi_get_kimg_kaslr_address(void); + +#define EFI_KIMG_PREFERRED_ADDRESS efi_get_kimg_kaslr_address() =20 #endif /* _ASM_LOONGARCH_EFI_H */ diff --git a/drivers/firmware/efi/libstub/loongarch.c b/drivers/firmware/ef= i/libstub/loongarch.c index 9825f5218137..51997a0e83bd 100644 --- a/drivers/firmware/efi/libstub/loongarch.c +++ b/drivers/firmware/efi/libstub/loongarch.c @@ -38,6 +38,22 @@ static efi_status_t exit_boot_func(struct efi_boot_memma= p *map, void *priv) return EFI_SUCCESS; } =20 +unsigned long efi_get_kimg_kaslr_address(void) +{ + unsigned int random_offset =3D 0; + +#ifdef CONFIG_RANDOMIZE_BASE + if (!efi_nokaslr) { + efi_get_random_bytes(sizeof(random_offset), (u8 *)&random_offset); + random_offset ^=3D (random_get_entropy() << 16); + random_offset &=3D (CONFIG_RANDOMIZE_BASE_MAX_OFFSET - 1); + random_offset =3D ALIGN(random_offset + SZ_64K, SZ_64K); + } +#endif + + return PHYSADDR(VMLINUX_LOAD_ADDRESS) + random_offset; +} + unsigned long __weak kernel_entry_address(unsigned long kernel_addr, efi_loaded_image_t *image) { --=20 2.54.0 From nobody Tue Jun 16 19:34:16 2026 Received: from mail-pf1-f180.google.com (mail-pf1-f180.google.com [209.85.210.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 509FC3F65F9 for ; Wed, 29 Apr 2026 12:03:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.180 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777464227; cv=none; b=Bxco7B1xRzBD3lC6SjlG+JUoAAU9yx1c/GO0WfU8Y3qq6SrJ1orcwaZYpOLo1tMi4ECEcQ6qklDfJdlpPmLUl7JKxFFqC7KSkGKJk51eKk1yBg4LOUOMT2gdRtKWcnOuwtYwLr73FlHMnPtKo6DQxbmWPuiO2M1BN+pZE1mu/jY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777464227; c=relaxed/simple; bh=0HbWEFap/x2oXNG2YyKXf3ucWF6UibURcORpeo/4CBA=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=bgr481JEGDUS7hljSlSlv9q42Q/aS51mhASN7FIaCi6i57ZHxzEgEN4uu3CNGNeCpsL7Sdvd8Fp78QnfLQ7sD6Vwm0BmeCDxcHOzNqWlzgZUInl4ZLUw3I73tdRVO+FkB02wmwHfmE24GmzaI7WhePiisCsGzOP/SS4pCBTWxFE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=hev.cc; spf=pass smtp.mailfrom=hev.cc; dkim=pass (2048-bit key) header.d=hev-cc.20251104.gappssmtp.com header.i=@hev-cc.20251104.gappssmtp.com header.b=MWaHbiCo; arc=none smtp.client-ip=209.85.210.180 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=hev.cc Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=hev.cc Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=hev-cc.20251104.gappssmtp.com header.i=@hev-cc.20251104.gappssmtp.com header.b="MWaHbiCo" Received: by mail-pf1-f180.google.com with SMTP id d2e1a72fcca58-82f9fdfc965so5124846b3a.1 for ; Wed, 29 Apr 2026 05:03:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hev-cc.20251104.gappssmtp.com; s=20251104; t=1777464223; x=1778069023; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=pZSqUPVvVHrJHdl2goTYBViyTH/4ppdxe03roQ8yBtI=; b=MWaHbiCo9GvWce/x9FS2h4kFLwJ08rc5w02ewLCG98WTRLwAdDMoU30QgAzpE3CpSR SJzbfJJKoJEVeN+QrNpvQzT5l9lcs3+Rmd9U4IjR7lms2dIlfrGcufCm1XDmXIiEbGRh TqigoOowWmJYn8HfJvAZ1G/xlysh6nMyDGlxJcMXqWUpLvqZsUMt74Lv11r9qZ20yZws DpIhJxImvLi7oaxONjOcvvN8Joa6twGXnqUV4JE5xB3eVfdgafP8kLW7nhcVAthy43GK jIP+gNHoCXPPbs6fHDyWOPWH9lls5kvr9GsCJe9Q+xxO90yHpd7xV6OMTLuwPBPFlE2O 8pkQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1777464223; x=1778069023; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=pZSqUPVvVHrJHdl2goTYBViyTH/4ppdxe03roQ8yBtI=; b=EiaHnWoeMiT6Q0jP/5cqh3kqwXKuko0mrVBFJSOuntmumkBI5bia2BgLDVZvKjNBLV TZHJUboWK1J+JFjkoLpgND3c8Tha4g//cy/vgBds0esqPf0faTpN7bAFHvE2Ujv1KS4r dgGGsEgw2HspUY0KO7nG1xR0dSRZcdyiWVE6z52WnAhBNgfuUIQxvbNy0mB28hmegTPp 7e4GIVB0fIHBQXdzeHTpLXUW9SefNLEO+CfkylbWpPJpIDESrl4ER9nZQb4J5iQtVHz4 V8w6Utv/9ZasCCYn1D/TWDu8Y6HbGpfHBKEZqgyYhaVEN6ADzkf9oMLBSQZVae/+fcIk iZwQ== X-Forwarded-Encrypted: i=1; AFNElJ9fCg15luN1xm/GLcPOfGn5hlpG6TpZIZx+XEg3P5/E3PGKZHjEQTufo6JFl0hfboDhzxmmewD0llhinw4=@vger.kernel.org X-Gm-Message-State: AOJu0YyQZDgSCQIQJPO8ZhOVUYAAwCZbvGoT7Rs6qCri0SuUJeMGDnwT 5BRFFM1vDgX5ULV+bEZwv2YSeQ1gwpeDlifb0BmZoUCgHEt8s/K6Tnn+JYuiQ5+yUkg= X-Gm-Gg: AeBDieuf2dYAy/5tY89/k2hDuUp3n3hnbjMS6iU2xgfZVp/JSGMkMPshA2074JJxKCx GYL1c2LbOkAu9J7iOQiHBx3ksU51BjirbzLRHWygo4nTpLLKOB2qrBf6+qlhtga5gdio3Ti+fmJ muhmy9O/1DvwsmAzpz5Yyy0Prn/DhKRqT3PdsJ8OQELiBXtLwnNb7stGRhQ9uTKVzZ5RorZYTkx E79HG8aJc/OgKJOj7TrGuHEhYmiRAQoPHhZAIKm22R9l/q+uKOsAb4q/U5mewf4+DPDfBaPvkc8 8UCHXKL61UMqOa/QA65oAJYCaZvrzJJadc5qARzqvQpznOwTTBeEmV4SjVJIy/wW7DNMw5ZvQPf SNBAfDWNISWJd42uL/tvlqzAgoLN6yga6WhTpUhHx9PzOwfQa5MXJR8qDLwq9YUd0LahrbPQuuq EG4buBLgJAH84Ui8NILhqb/seiz8T9 X-Received: by 2002:a05:6a00:9092:b0:82d:556b:7a01 with SMTP id d2e1a72fcca58-834ddb05a5dmr7285440b3a.16.1777464222678; Wed, 29 Apr 2026 05:03:42 -0700 (PDT) Received: from localhost ([2400:8902:e002:de33:3dbd:69cf:4a22:309]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-834ed5efaaasm2016493b3a.27.2026.04.29.05.03.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 29 Apr 2026 05:03:42 -0700 (PDT) From: WANG Rui To: Huacai Chen , Ard Biesheuvel Cc: WANG Xuerui , Ilias Apalodimas , Haiyong Sun , Lisa Robinson , loongarch@lists.linux.dev, linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org, WANG Rui Subject: [PATCH v4 2/3] LoongArch: Skip relocation-time KASLR if it has already been applied Date: Wed, 29 Apr 2026 20:02:59 +0800 Message-ID: <20260429120300.1786210-3-r@hev.cc> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260429120300.1786210-1-r@hev.cc> References: <20260429120300.1786210-1-r@hev.cc> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" When the kernel is relocated during early boot, a randomized load address may already have been selected and applied. In this case, performing KASLR again in relocate.c is unnecessary. Acked-by: Ard Biesheuvel Signed-off-by: WANG Rui --- arch/loongarch/kernel/relocate.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/loongarch/kernel/relocate.c b/arch/loongarch/kernel/reloc= ate.c index 16f6a9b39659..c36604a81d08 100644 --- a/arch/loongarch/kernel/relocate.c +++ b/arch/loongarch/kernel/relocate.c @@ -139,6 +139,10 @@ static inline __init bool kaslr_disabled(void) char *str; const char *builtin_cmdline =3D CONFIG_CMDLINE; =20 + /* KASLR is performed during early boot. */ + if (kaslr_offset()) + return true; + str =3D strstr(builtin_cmdline, "nokaslr"); if (str =3D=3D builtin_cmdline || (str > builtin_cmdline && *(str - 1) = =3D=3D ' ')) { pr_info(KASLR_DISABLED_MESSAGE, "\'nokaslr\'", "built-in"); --=20 2.54.0 From nobody Tue Jun 16 19:34:16 2026 Received: from mail-pf1-f177.google.com (mail-pf1-f177.google.com [209.85.210.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6B4B63F54CB for ; Wed, 29 Apr 2026 12:03:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.177 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777464227; cv=none; b=NiQ26ApXoHM9nxUKuSyng6puaCiHWRazWY5i85yOZP5rBT7r4NY0r2Mi+APKmus4Dq0Flj5ZjGbTSmD9tJzfD7K1HMc6NF7GUpnvtV0Q30Iv1DeH97eg2mRUPBGi2l+CJRje9a6Dyy0deBGFWgimWncWYs+HX5ycaCcJPzg2CCw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777464227; c=relaxed/simple; bh=a34ACn1Sgal11ZBxSg+Hb4pRuQubJyFhjmNMgVieRzo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=aQqTSqT/06ksWeoNA0x9UI4hA5WrNMbds0Y21YuAn1LTPbDCk2I56DEA+qwyDZsnmI6tEmnLqGb8JpKnkaQUGD3j0P8t/OAMHCio+Y8mrvqBR3iAPUAovtsVRyfU3kca8DQO7J9WGyy4r3PG032pskGvLmdqV5cpi/e+WJMKuy4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=hev.cc; spf=pass smtp.mailfrom=hev.cc; dkim=pass (2048-bit key) header.d=hev-cc.20251104.gappssmtp.com header.i=@hev-cc.20251104.gappssmtp.com header.b=wK92ALMv; arc=none smtp.client-ip=209.85.210.177 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=hev.cc Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=hev.cc Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=hev-cc.20251104.gappssmtp.com header.i=@hev-cc.20251104.gappssmtp.com header.b="wK92ALMv" Received: by mail-pf1-f177.google.com with SMTP id d2e1a72fcca58-82f8892d4d6so5472801b3a.0 for ; Wed, 29 Apr 2026 05:03:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hev-cc.20251104.gappssmtp.com; s=20251104; t=1777464226; x=1778069026; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=gUMOs2k5LZ6uSx/H9Ms2dy+Y0TfQtSGfCzkhnixfHJw=; b=wK92ALMvpZJ7Eod0hSLs57IWZPcK8pCf1I2z2on5ieKP1hn6iVREzbwNgQCtmDised OA2ZDLxkP56JOOLzqjIFiPhMPsLM9r6sxKwzJVOa4LXfHe1n10r+JsVIvHfQGuB4r3t/ kugn+WIReUkP1TvsxUsz3ILpxokhlB8hk7jXWMCD/aMXhnflhcVVTCmXlU1GAxsdaCXW gAEVojFj3Lij+nxYNBHZNw69rB9ssGej6k6IE2lVTX0XT9x9fz6C1sluH89t1RuFbXdT VvYj/xkfmuCMr5Bpu3Gye3utPExNpl1/BNkha14drzSJc2gN5Baa3/dCpdzpIGyu61Tj /Etg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1777464226; x=1778069026; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=gUMOs2k5LZ6uSx/H9Ms2dy+Y0TfQtSGfCzkhnixfHJw=; b=HdYQGfzL/w0lZZ6pUibrGXzRVNdZxJrpl8KjCAcLqQVmImy3GpV8emG9HWC0LtY26Z Ayeyfph07BAzRed7O0+jQV7Pe+CWHGsl1PsaGsE3JN27whDVEzJR2HoBQs4iFFcvQVWC NW6tTgjhyGc1e4LGMsikfr4RdQY8SoF9SmtMTzmbwta9Uv69ekt6moXgBAD9ts9pjW37 rAKyIwdPXWhlvHIBcqMiYclCtRidwFKfZtQuSljrTd8KZBQli04hvtieTEosnM+vLqBw qOnIyDbYUmeds/Q6oL2X/p0a6GP1ARO/PW35+hD6D2k+abUOvIuQ2Jt7MEcLl0rD8Mqf UhPQ== X-Forwarded-Encrypted: i=1; AFNElJ/f1BMqwKaCutF4JcMwYxmmHcS1o8Btoes1tHT3sW4xlMfAKcJIsTliZ5UVMr5iV9KNGdSemDN8pXG1DVE=@vger.kernel.org X-Gm-Message-State: AOJu0YzNQD/3ox/xnqIajYBgnltadF4z6QPeFEk/pjCVtmMq65o4fiwR K0uTgTpO2vg3UnNsZcx0O5AyO8ikDMjwnADo6MddfqxJlGMNOl1uVKfOLgNtbcUAv8g= X-Gm-Gg: AeBDievrbhkmnqTivy9q9hfN5Xt7PQoP+bY3rRdKxbYE0MjzQWKsPp7DWNp0q9xeFL4 Vu74yRn8eLkTjdUP/EmRy3Q6jU6AmT+V7SJ7gz0fBo0LfhjPimYtYTnntJO6R1KyoIAWcX6PXOF BKClO57Jrf23DRWFBmoTh/PwEX3hm0NvBKVTWRy6OtkYB1Obq0Yoy3+zFdlyQLghU7BAVfM4+Fg KU+FozhZs+H9SgD4zhr9D/esk91V5EY8QAlgO8/Cu9edOmJIFE54dtTeJ/z+8ZWyFEQAYIhdAhp i8ZmvTstTFR/iGFU5H8gCrh7bCz1IsQZa7UlIOuh4w4h1/1RBnbDsb8GM3qWCjlx4rpaS46OPpq uIplUoPiZjvdtxBAslmkAHW5CpRf9i1KbL+kDVU14cIU0RNZ5ck00qgwB6JCQbSwqDEgOKl2LZr j4JKK4cZ5Tcci7xcrZUQ== X-Received: by 2002:a05:6a00:2999:b0:834:e15a:19f7 with SMTP id d2e1a72fcca58-834ea68c89amr3427366b3a.44.1777464225343; Wed, 29 Apr 2026 05:03:45 -0700 (PDT) Received: from localhost ([2400:8902:e002:de33:3dbd:69cf:4a22:309]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-834ed5efaaasm2016493b3a.27.2026.04.29.05.03.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 29 Apr 2026 05:03:44 -0700 (PDT) From: WANG Rui To: Huacai Chen , Ard Biesheuvel Cc: WANG Xuerui , Ilias Apalodimas , Haiyong Sun , Lisa Robinson , loongarch@lists.linux.dev, linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org, WANG Rui Subject: [PATCH v4 3/3] LoongArch: Avoid initrd overlap during kernel relocation Date: Wed, 29 Apr 2026 20:03:00 +0800 Message-ID: <20260429120300.1786210-4-r@hev.cc> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260429120300.1786210-1-r@hev.cc> References: <20260429120300.1786210-1-r@hev.cc> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Validate the relocation address against the initrd region specified via "initrd=3D" or "initrdmem=3D" on the command line. Reject relocation targets that overlap the initrd to prevent memory corruption during early boot. Acked-by: Ard Biesheuvel Signed-off-by: WANG Rui --- arch/loongarch/kernel/relocate.c | 45 ++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/arch/loongarch/kernel/relocate.c b/arch/loongarch/kernel/reloc= ate.c index c36604a81d08..721b982f194b 100644 --- a/arch/loongarch/kernel/relocate.c +++ b/arch/loongarch/kernel/relocate.c @@ -214,14 +214,59 @@ static inline void __init *determine_relocation_addre= ss(void) return RELOCATED_KASLR(destination); } =20 +static unsigned long __init determine_initrd_address(unsigned long *size) +{ + unsigned long start =3D 0; + unsigned long key_length; + const char *key; + char *p; + + key =3D "initrd=3D"; + key_length =3D strlen(key); + p =3D strstr(boot_command_line, key); + + if (!p) { + key =3D "initrdmem=3D"; + key_length =3D strlen(key); + p =3D strstr(boot_command_line, key); + } + + if (p =3D=3D boot_command_line || (p > boot_command_line && *(p - 1) =3D= =3D ' ')) { + char *endp; + + p +=3D key_length; + start =3D memparse(p, &endp); + if (*endp =3D=3D ',') + *size =3D memparse(endp + 1, NULL); + } + + return start; +} + static inline int __init relocation_addr_valid(void *location_new) { + unsigned long initrd_start; + unsigned long initrd_size =3D 0; + if ((unsigned long)location_new & 0x00000ffff) return 0; /* Inappropriately aligned new location */ =20 if ((unsigned long)location_new < (unsigned long)_end) return 0; /* New location overlaps original kernel */ =20 + initrd_start =3D determine_initrd_address(&initrd_size); + if (initrd_start && initrd_size) { + unsigned long kernel_start; + unsigned long kernel_size; + + kernel_start =3D PHYSADDR(location_new); + kernel_size =3D (unsigned long)_end - (unsigned long)_text; + + if (kernel_start < (initrd_start + initrd_size) && + initrd_start < (kernel_start + kernel_size)) + return 0; /* Initrd overlaps kernel */ + } + return 1; } #endif --=20 2.54.0