From b3e0423c4e76b19f04799e01b6443949f5fecbbc Mon Sep 17 00:00:00 2001
From: Vasily Gorbik <gor@linux.ibm.com>
Date: Wed, 15 Mar 2023 13:54:14 +0100
Subject: [PATCH] s390/kaslr: randomize amode31 base address

When the KASLR is enabled, randomize the base address of the amode31 image
within the first 2 GB, similar to the approach taken for the vmlinux
image. This makes it harder to predict the location of amode31 data
and code.

Reviewed-by: Alexander Gordeev <agordeev@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
---
 arch/s390/boot/startup.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/arch/s390/boot/startup.c b/arch/s390/boot/startup.c
index 638a6cf8a075b..64bd7ac3e35d1 100644
--- a/arch/s390/boot/startup.c
+++ b/arch/s390/boot/startup.c
@@ -278,7 +278,7 @@ void startup_kernel(void)
 {
 	unsigned long max_physmem_end;
 	unsigned long vmlinux_lma = 0;
-	unsigned long amode31_lma;
+	unsigned long amode31_lma = 0;
 	unsigned long asce_limit;
 	unsigned long safe_addr;
 	void *img;
@@ -338,7 +338,9 @@ void startup_kernel(void)
 
 	/* vmlinux decompression is done, shrink reserved low memory */
 	physmem_reserve(RR_DECOMPRESSOR, 0, (unsigned long)_decompressor_end);
-	amode31_lma = vmlinux.default_lma - vmlinux.amode31_size;
+	if (kaslr_enabled())
+		amode31_lma = randomize_within_range(vmlinux.amode31_size, PAGE_SIZE, 0, SZ_2G);
+	amode31_lma = amode31_lma ?: vmlinux.default_lma - vmlinux.amode31_size;
 	physmem_reserve(RR_AMODE31, amode31_lma, vmlinux.amode31_size);
 
 	/*
-- 
GitLab