| Message ID | 20220701130444.2945106-1-ardb@kernel.org (mailing list archive) |
|---|---|
| Headers | show
Return-Path: <linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org> X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 72FA3C433EF for <linux-arm-kernel@archiver.kernel.org>; Fri, 1 Jul 2022 13:06:20 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:Cc :To:From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=SyRD85OAK6d2bhyq26GliUWTmKCTTpcfWkXube7lTOs=; b=1u4z2FeGfjT+pJ 8oOG0YaXASoY9EmVwL1GYxu6rL6r62ueLs4bnnaxkEAk6SXNvnfSjz91CG0LRUnGigi/Yd+4zgUka iuf9cVZ8VJNwtMaFvLt/VBlLAfSgov8fuvHs2t6M3kl6vm1uE4GtgMMpsusWr7DkwMLPe4v/5uRrS D6zmxZe7r12C0QGfj0/sPk7rjgCEnBhX20iD2qvYxglgGYuqFZwuyqxKLPjrnOvF+6eI1pQX33k1R sdD3bxOTz4yembwO7Zhq+s1kVrDxEJa61pcSLCuIwdnmNtawFYZ1H40yKnuzcZ6eWsBu/NVWWg1EN GUqE0umG3NZvEex/xJyg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1o7GKc-004vkf-4e; Fri, 01 Jul 2022 13:05:10 +0000 Received: from ams.source.kernel.org ([145.40.68.75]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1o7GKQ-004veg-02 for linux-arm-kernel@lists.infradead.org; Fri, 01 Jul 2022 13:04:59 +0000 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 0D8C0B8302C; Fri, 1 Jul 2022 13:04:56 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id BABD1C3411E; Fri, 1 Jul 2022 13:04:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1656680695; bh=pN0Oq+V6ekkhHgHIwFkj1yjxTt4E9nFqAHGmdhdgO68=; h=From:To:Cc:Subject:Date:From; b=IqHVDFyVQCenL1B3UlpCnVvgjK/TDpHskZR8vS4RJzRERjRHEGs3Prb4U1lWEvLsm s3O7zBBSO5Xoy9gbK3J7mscGGuoD1HQI6a2JA8/LGgLIjXpfEYm7ytiZK01T3VSFsJ ElG3yYt8599xQcpSmx/oKAJap1jERbzXC69yQdPlqcA3js48CkT2oCoTo481j+19mR xXaW4zb3oTlQ5E8vzUd/7lEod+/JsgLZFQufhI+q3BqfnQENXyVDpIjhassIVgdhD3 bttD0HjsI6Ubc3LmKrmyRO8U79TSqDJib5rH91/qw2mBxUZHyu4DTmghZRkISipiyn YSUL5G9Woc2FA== From: Ard Biesheuvel <ardb@kernel.org> To: linux-arm-kernel@lists.infradead.org Cc: Ard Biesheuvel <ardb@kernel.org>, Marc Zyngier <maz@kernel.org>, Will Deacon <will@kernel.org>, Mark Rutland <mark.rutland@arm.com>, Kees Cook <keescook@chromium.org>, Catalin Marinas <catalin.marinas@arm.com>, Mark Brown <broonie@kernel.org>, Anshuman Khandual <anshuman.khandual@arm.com> Subject: [PATCH v6 0/9] arm64: add support for WXN Date: Fri, 1 Jul 2022 15:04:35 +0200 Message-Id: <20220701130444.2945106-1-ardb@kernel.org> X-Mailer: git-send-email 2.35.1 MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=4467; h=from:subject; bh=pN0Oq+V6ekkhHgHIwFkj1yjxTt4E9nFqAHGmdhdgO68=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBivvDaZB98Lho5YhHT1PB+s1Ei/gIFsY2iurkUjPeX tffFfJGJAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCYr7w2gAKCRDDTyI5ktmPJLEhDA CVMMv72FlGZrGg7QeFhDdpuJ0R24FVscpygo2nRqrad222yjsTOy9Vzw0UxsTt9TOpy9GwQKgXA7Gx OVz0cjGjOjq7JPkcetMxzf+aFCxbGuX5xsdauP8zSQ2VYjHmPpgUNnQJcZs0CWrjrkYkWv8sP/jJ1t lLLAxwT1ky4Htj1eCPjAi9LpFdmdV//MNc9UXiNnfWop7yzyCGyGZpXwwmVhXOiyx7YB9wclXATuZQ nzon+TZUx+S/E3NXsl4SpwNpTD1cV9NgYbaG5BdvnlKr30aPQFgpvrYH5A0L5moHyUxqbjVRoDeoEw zs8IagfPgLfaTWXJzGu8oeFHB8/ZPL6Dz1JN/M2LWTw564DZJA9WCAyh8wfH6/UZ8E0XGAUx0gn+PH 15kt0k8/lXHEbVlPC30kvlg3krEiKU15oYXY++lSq7+shTvUU4tZTcA53UOQ4Q8eYkBQZfO4nDqa0Y xtbFelPVgFVjqK97ZvNckwjMY0vg19VxwddYd9f4TfEc8= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220701_060458_396302_D6920612 X-CRM114-Status: GOOD ( 24.46 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: <linux-arm-kernel.lists.infradead.org> List-Unsubscribe: <http://lists.infradead.org/mailman/options/linux-arm-kernel>, <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe> List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/> List-Post: <mailto:linux-arm-kernel@lists.infradead.org> List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help> List-Subscribe: <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>, <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org> Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org |
| Series |
arm64: add support for WXN
|
expand
|
This series covers the remaining changes that are needed to enable WXN support on arm64 now that a lot of the prerequisite work has been queued up. WXN support is desirable for robustness, given that writable, executable mappings of memory are too easy to subvert, and in the kernel, we never rely on such mappings anyway. Setting SCTLR_ELx.WXN makes all writable mappings implicitly non-executable, and when set at EL1, it affects EL0 as well as EL1. This means we need some diligence on the part of user space, but fortunately, most JITs and other user space components that actually need to manipulate the contents of their own executable code use split views on the same memory, or switch between RW- and R-X and back. (One notable exception is V8, which recently switched back to a full RWX mappings based JIT) So on the user space side, we need a couple of minor tweaks to validate the mmap()/mprotect() arguments when WXN is in effect, and to handle any faults that might occur on such mappings. On the kernel side, it is mostly about ensuring that we don't rely on writable, executable mappings, even during early boot. So for this reason, the two remaining sequences that create the kernel mapping are merged, moving the more elaborate logic to set the right attributes into a C implementation that executes from the ID map. This also allows us to move the relocation code into C as well, which only lived in asm because it runs before we have a stack. Finally, some cleanups are provided for the KASLR code, mainly to ensure that the early code's decision to use nG mappings or not is based on the exact same criteria. (v5 was a subset of v4 without the WXN specific pieces) Changes since v4: [0] - don't move __ro_after_init section now that we no longer need to, - don't complicate the asm kernel mapping routines further, but instead, merge the two existing passes into one implemented in C, - deal with rodata=off on WXN enabled builds (i.e., turn off WXN as well), - add some acks from Kees [0] https://lore.kernel.org/linux-arm-kernel/20220613144550.3760857-1-ardb@kernel.org/ Cc: Marc Zyngier <maz@kernel.org> Cc: Will Deacon <will@kernel.org> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Kees Cook <keescook@chromium.org> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Mark Brown <broonie@kernel.org> Cc: Anshuman Khandual <anshuman.khandual@arm.com> Ard Biesheuvel (9): arm64: kaslr: use an ordinary command line param for nokaslr arm64: kaslr: don't pretend KASLR is enabled if offset < MIN_KIMG_ALIGN arm64: kaslr: drop special case for ThunderX in kaslr_requires_kpti() arm64: head: allocate more pages for the kernel mapping arm64: head: move early kernel mapping and relocation code to C code arm64: mm: avoid fixmap for early swapper_pg_dir updates arm64: mm: omit redundant remap of kernel image mm: add arch hook to validate mmap() prot flags arm64: mm: add support for WXN memory translation attribute arch/arm64/Kconfig | 11 + arch/arm64/include/asm/cpufeature.h | 9 + arch/arm64/include/asm/kasan.h | 2 - arch/arm64/include/asm/kernel-pgtable.h | 11 +- arch/arm64/include/asm/memory.h | 11 + arch/arm64/include/asm/mman.h | 36 ++ arch/arm64/include/asm/mmu.h | 2 +- arch/arm64/include/asm/mmu_context.h | 30 +- arch/arm64/include/asm/pgtable-prot.h | 2 + arch/arm64/kernel/Makefile | 4 +- arch/arm64/kernel/cpufeature.c | 14 +- arch/arm64/kernel/head.S | 157 +------- arch/arm64/kernel/idreg-override.c | 15 - arch/arm64/kernel/image-vars.h | 17 + arch/arm64/kernel/kaslr.c | 8 +- arch/arm64/kernel/pi/Makefile | 2 +- arch/arm64/kernel/pi/early_map_kernel.c | 381 ++++++++++++++++++++ arch/arm64/kernel/pi/kaslr_early.c | 112 ------ arch/arm64/kernel/vmlinux.lds.S | 13 +- arch/arm64/mm/kasan_init.c | 15 - arch/arm64/mm/mmu.c | 150 +++----- arch/arm64/mm/proc.S | 24 ++ include/linux/mman.h | 15 + mm/mmap.c | 3 + 24 files changed, 630 insertions(+), 414 deletions(-) create mode 100644 arch/arm64/kernel/pi/early_map_kernel.c delete mode 100644 arch/arm64/kernel/pi/kaslr_early.c