16b56beb5SAlexandre Ghiti // SPDX-License-Identifier: GPL-2.0 26b56beb5SAlexandre Ghiti /* 36b56beb5SAlexandre Ghiti * Helper functions used by the EFI stub on multiple 46b56beb5SAlexandre Ghiti * architectures to deal with physical address space randomization. 56b56beb5SAlexandre Ghiti */ 66b56beb5SAlexandre Ghiti #include <linux/efi.h> 76b56beb5SAlexandre Ghiti 86b56beb5SAlexandre Ghiti #include "efistub.h" 96b56beb5SAlexandre Ghiti 106b56beb5SAlexandre Ghiti /** 116b56beb5SAlexandre Ghiti * efi_kaslr_get_phys_seed() - Get random seed for physical kernel KASLR 126b56beb5SAlexandre Ghiti * @image_handle: Handle to the image 136b56beb5SAlexandre Ghiti * 146b56beb5SAlexandre Ghiti * If KASLR is not disabled, obtain a random seed using EFI_RNG_PROTOCOL 156b56beb5SAlexandre Ghiti * that will be used to move the kernel physical mapping. 166b56beb5SAlexandre Ghiti * 176b56beb5SAlexandre Ghiti * Return: the random seed 186b56beb5SAlexandre Ghiti */ 196b56beb5SAlexandre Ghiti u32 efi_kaslr_get_phys_seed(efi_handle_t image_handle) 206b56beb5SAlexandre Ghiti { 216b56beb5SAlexandre Ghiti efi_status_t status; 226b56beb5SAlexandre Ghiti u32 phys_seed; 236b56beb5SAlexandre Ghiti efi_guid_t li_fixed_proto = LINUX_EFI_LOADED_IMAGE_FIXED_GUID; 246b56beb5SAlexandre Ghiti void *p; 256b56beb5SAlexandre Ghiti 266b56beb5SAlexandre Ghiti if (!IS_ENABLED(CONFIG_RANDOMIZE_BASE)) 276b56beb5SAlexandre Ghiti return 0; 286b56beb5SAlexandre Ghiti 296b56beb5SAlexandre Ghiti if (efi_nokaslr) { 306b56beb5SAlexandre Ghiti efi_info("KASLR disabled on kernel command line\n"); 316b56beb5SAlexandre Ghiti } else if (efi_bs_call(handle_protocol, image_handle, 326b56beb5SAlexandre Ghiti &li_fixed_proto, &p) == EFI_SUCCESS) { 336b56beb5SAlexandre Ghiti efi_info("Image placement fixed by loader\n"); 346b56beb5SAlexandre Ghiti } else { 356b56beb5SAlexandre Ghiti status = efi_get_random_bytes(sizeof(phys_seed), 366b56beb5SAlexandre Ghiti (u8 *)&phys_seed); 376b56beb5SAlexandre Ghiti if (status == EFI_SUCCESS) { 386b56beb5SAlexandre Ghiti return phys_seed; 396b56beb5SAlexandre Ghiti } else if (status == EFI_NOT_FOUND) { 406b56beb5SAlexandre Ghiti efi_info("EFI_RNG_PROTOCOL unavailable\n"); 416b56beb5SAlexandre Ghiti efi_nokaslr = true; 426b56beb5SAlexandre Ghiti } else if (status != EFI_SUCCESS) { 436b56beb5SAlexandre Ghiti efi_err("efi_get_random_bytes() failed (0x%lx)\n", 446b56beb5SAlexandre Ghiti status); 456b56beb5SAlexandre Ghiti efi_nokaslr = true; 466b56beb5SAlexandre Ghiti } 476b56beb5SAlexandre Ghiti } 486b56beb5SAlexandre Ghiti 496b56beb5SAlexandre Ghiti return 0; 506b56beb5SAlexandre Ghiti } 516b56beb5SAlexandre Ghiti 526b56beb5SAlexandre Ghiti /* 536b56beb5SAlexandre Ghiti * Distro versions of GRUB may ignore the BSS allocation entirely (i.e., fail 546b56beb5SAlexandre Ghiti * to provide space, and fail to zero it). Check for this condition by double 556b56beb5SAlexandre Ghiti * checking that the first and the last byte of the image are covered by the 566b56beb5SAlexandre Ghiti * same EFI memory map entry. 576b56beb5SAlexandre Ghiti */ 586b56beb5SAlexandre Ghiti static bool check_image_region(u64 base, u64 size) 596b56beb5SAlexandre Ghiti { 606b56beb5SAlexandre Ghiti struct efi_boot_memmap *map; 616b56beb5SAlexandre Ghiti efi_status_t status; 626b56beb5SAlexandre Ghiti bool ret = false; 636b56beb5SAlexandre Ghiti int map_offset; 646b56beb5SAlexandre Ghiti 656b56beb5SAlexandre Ghiti status = efi_get_memory_map(&map, false); 666b56beb5SAlexandre Ghiti if (status != EFI_SUCCESS) 676b56beb5SAlexandre Ghiti return false; 686b56beb5SAlexandre Ghiti 696b56beb5SAlexandre Ghiti for (map_offset = 0; map_offset < map->map_size; map_offset += map->desc_size) { 706b56beb5SAlexandre Ghiti efi_memory_desc_t *md = (void *)map->map + map_offset; 716b56beb5SAlexandre Ghiti u64 end = md->phys_addr + md->num_pages * EFI_PAGE_SIZE; 726b56beb5SAlexandre Ghiti 736b56beb5SAlexandre Ghiti /* 746b56beb5SAlexandre Ghiti * Find the region that covers base, and return whether 756b56beb5SAlexandre Ghiti * it covers base+size bytes. 766b56beb5SAlexandre Ghiti */ 776b56beb5SAlexandre Ghiti if (base >= md->phys_addr && base < end) { 786b56beb5SAlexandre Ghiti ret = (base + size) <= end; 796b56beb5SAlexandre Ghiti break; 806b56beb5SAlexandre Ghiti } 816b56beb5SAlexandre Ghiti } 826b56beb5SAlexandre Ghiti 836b56beb5SAlexandre Ghiti efi_bs_call(free_pool, map); 846b56beb5SAlexandre Ghiti 856b56beb5SAlexandre Ghiti return ret; 866b56beb5SAlexandre Ghiti } 876b56beb5SAlexandre Ghiti 886b56beb5SAlexandre Ghiti /** 896b56beb5SAlexandre Ghiti * efi_kaslr_relocate_kernel() - Relocate the kernel (random if KASLR enabled) 906b56beb5SAlexandre Ghiti * @image_addr: Pointer to the current kernel location 916b56beb5SAlexandre Ghiti * @reserve_addr: Pointer to the relocated kernel location 926b56beb5SAlexandre Ghiti * @reserve_size: Size of the relocated kernel 936b56beb5SAlexandre Ghiti * @kernel_size: Size of the text + data 946b56beb5SAlexandre Ghiti * @kernel_codesize: Size of the text 956b56beb5SAlexandre Ghiti * @kernel_memsize: Size of the text + data + bss 966b56beb5SAlexandre Ghiti * @phys_seed: Random seed used for the relocation 976b56beb5SAlexandre Ghiti * 986b56beb5SAlexandre Ghiti * If KASLR is not enabled, this function relocates the kernel to a fixed 996b56beb5SAlexandre Ghiti * address (or leave it as its current location). If KASLR is enabled, the 1006b56beb5SAlexandre Ghiti * kernel physical location is randomized using the seed in parameter. 1016b56beb5SAlexandre Ghiti * 1026b56beb5SAlexandre Ghiti * Return: status code, EFI_SUCCESS if relocation is successful 1036b56beb5SAlexandre Ghiti */ 1046b56beb5SAlexandre Ghiti efi_status_t efi_kaslr_relocate_kernel(unsigned long *image_addr, 1056b56beb5SAlexandre Ghiti unsigned long *reserve_addr, 1066b56beb5SAlexandre Ghiti unsigned long *reserve_size, 1076b56beb5SAlexandre Ghiti unsigned long kernel_size, 1086b56beb5SAlexandre Ghiti unsigned long kernel_codesize, 1096b56beb5SAlexandre Ghiti unsigned long kernel_memsize, 1106b56beb5SAlexandre Ghiti u32 phys_seed) 1116b56beb5SAlexandre Ghiti { 1126b56beb5SAlexandre Ghiti efi_status_t status; 1136b56beb5SAlexandre Ghiti u64 min_kimg_align = efi_get_kimg_min_align(); 1146b56beb5SAlexandre Ghiti 1156b56beb5SAlexandre Ghiti if (IS_ENABLED(CONFIG_RANDOMIZE_BASE) && phys_seed != 0) { 1166b56beb5SAlexandre Ghiti /* 1176b56beb5SAlexandre Ghiti * If KASLR is enabled, and we have some randomness available, 1186b56beb5SAlexandre Ghiti * locate the kernel at a randomized offset in physical memory. 1196b56beb5SAlexandre Ghiti */ 1206b56beb5SAlexandre Ghiti status = efi_random_alloc(*reserve_size, min_kimg_align, 1216b56beb5SAlexandre Ghiti reserve_addr, phys_seed, 1226b56beb5SAlexandre Ghiti EFI_LOADER_CODE); 1236b56beb5SAlexandre Ghiti if (status != EFI_SUCCESS) 1246b56beb5SAlexandre Ghiti efi_warn("efi_random_alloc() failed: 0x%lx\n", status); 1256b56beb5SAlexandre Ghiti } else { 1266b56beb5SAlexandre Ghiti status = EFI_OUT_OF_RESOURCES; 1276b56beb5SAlexandre Ghiti } 1286b56beb5SAlexandre Ghiti 1296b56beb5SAlexandre Ghiti if (status != EFI_SUCCESS) { 1306b56beb5SAlexandre Ghiti if (!check_image_region(*image_addr, kernel_memsize)) { 1316b56beb5SAlexandre Ghiti efi_err("FIRMWARE BUG: Image BSS overlaps adjacent EFI memory region\n"); 1326b56beb5SAlexandre Ghiti } else if (IS_ALIGNED(*image_addr, min_kimg_align) && 133*3c35d1a0SAlexandre Ghiti (unsigned long)_end < EFI_ALLOC_LIMIT) { 1346b56beb5SAlexandre Ghiti /* 1356b56beb5SAlexandre Ghiti * Just execute from wherever we were loaded by the 1366b56beb5SAlexandre Ghiti * UEFI PE/COFF loader if the placement is suitable. 1376b56beb5SAlexandre Ghiti */ 1386b56beb5SAlexandre Ghiti *reserve_size = 0; 1396b56beb5SAlexandre Ghiti return EFI_SUCCESS; 1406b56beb5SAlexandre Ghiti } 1416b56beb5SAlexandre Ghiti 1426b56beb5SAlexandre Ghiti status = efi_allocate_pages_aligned(*reserve_size, reserve_addr, 1436b56beb5SAlexandre Ghiti ULONG_MAX, min_kimg_align, 1446b56beb5SAlexandre Ghiti EFI_LOADER_CODE); 1456b56beb5SAlexandre Ghiti 1466b56beb5SAlexandre Ghiti if (status != EFI_SUCCESS) { 1476b56beb5SAlexandre Ghiti efi_err("Failed to relocate kernel\n"); 1486b56beb5SAlexandre Ghiti *reserve_size = 0; 1496b56beb5SAlexandre Ghiti return status; 1506b56beb5SAlexandre Ghiti } 1516b56beb5SAlexandre Ghiti } 1526b56beb5SAlexandre Ghiti 1536b56beb5SAlexandre Ghiti memcpy((void *)*reserve_addr, (void *)*image_addr, kernel_size); 1546b56beb5SAlexandre Ghiti *image_addr = *reserve_addr; 1556b56beb5SAlexandre Ghiti efi_icache_sync(*image_addr, *image_addr + kernel_codesize); 1566b56beb5SAlexandre Ghiti efi_remap_image(*image_addr, *reserve_size, kernel_codesize); 1576b56beb5SAlexandre Ghiti 1586b56beb5SAlexandre Ghiti return status; 1596b56beb5SAlexandre Ghiti } 160