[PATCH 1/1] KVM: arm64: Make nVHE ASLR conditional on nokaslr

From: qixiang . xu
Date: Thu Sep 05 2024 - 02:31:20 EST

Next message: Krzysztof Kozlowski: "Re: [PATCH v4 2/7] dt-bindings: PCI: ti,am65: Extend for use with PVU"
Previous message: qixiang . xu: "[PATCH 0/1] KVM: arm64: Make nVHE ASLR conditional on cmdline nokaslr"
Next in thread: Marc Zyngier: "Re: [PATCH 1/1] KVM: arm64: Make nVHE ASLR conditional on nokaslr"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Qxiang Xu <qixiang.xu@xxxxxxxxxxx>

The random tag of hyp VA is determined by the `CONFIG_RANDOMIZE_BASE`
option, so even if `nokaslr` is set in the cmdline, KASLR cannot be
disabled for hyp VA. To align with kernel behavior, disable KASLR if
the kernel cmdline includes `nokaslr`.

Link: https://lore.kernel.org/r/20240905061659.3410362-1-qixiang.xu@xxxxxxxxxxx
Signed-off-by: Qxiang Xu <qixiang.xu@xxxxxxxxxxx>
---
arch/arm64/kvm/va_layout.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/arm64/kvm/va_layout.c b/arch/arm64/kvm/va_layout.c
index 91b22a014610..bebb4b1ddc82 100644
--- a/arch/arm64/kvm/va_layout.c
+++ b/arch/arm64/kvm/va_layout.c
@@ -72,7 +72,7 @@ __init void kvm_compute_layout(void)
va_mask = GENMASK_ULL(tag_lsb - 1, 0);
tag_val = hyp_va_msb;

- if (IS_ENABLED(CONFIG_RANDOMIZE_BASE) && tag_lsb != (vabits_actual - 1)) {
+ if (kaslr_enabled() && tag_lsb != (vabits_actual - 1)) {
/* We have some free bits to insert a random tag. */
tag_val |= get_random_long() & GENMASK_ULL(vabits_actual - 2, tag_lsb);
}
--
2.25.1

Next message: Krzysztof Kozlowski: "Re: [PATCH v4 2/7] dt-bindings: PCI: ti,am65: Extend for use with PVU"
Previous message: qixiang . xu: "[PATCH 0/1] KVM: arm64: Make nVHE ASLR conditional on cmdline nokaslr"
Next in thread: Marc Zyngier: "Re: [PATCH 1/1] KVM: arm64: Make nVHE ASLR conditional on nokaslr"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]