| Message ID | 20240311-arm32-cfi-v3-0-224a0f0a45c2@linaro.org (mailing list archive) |
|---|---|
| Headers | show
Return-Path:
<linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from bombadil.infradead.org (bombadil.infradead.org
[198.137.202.133])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by smtp.lore.kernel.org (Postfix) with ESMTPS id 52D5AC5475B
for <linux-arm-kernel@archiver.kernel.org>;
Mon, 11 Mar 2024 09:16:13 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=lists.infradead.org; s=bombadil.20210309; h=Sender:
Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:
List-Archive:List-Unsubscribe:List-Id:Cc:To:MIME-Version:Message-Id:Date:
Subject:From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:
Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:
List-Owner; bh=uiGFcQCXWlK7M2OiGm0doJ8BNgAQEAijnxHEGEp+COs=; b=AZX7Qmzj4FCzqr
lhTTJx/yHp6jQpgPakkiiaUBRU73YnZgNqVh6ajLnoWeKpdLYiN6k043PLprMms4hbunO6f7oGTQF
4uBH8dt4lfqo1ynA29kgIYmnt2srSeO15mC1JTvmx+TmdGfTEw2ZGSvuL4JW2olTKDs5spQHs88Gt
0Dzj504Os5s+DYwYkSeb3uq6TP30SXBOPGJW4LrFbS3ivQS6Vbtd9EmkjaSvBGwbHbpFVGEEjztyK
uMmZ2lTocR3FqeJj0WYBnOmzjP9uqWO8/ttAIYIvTS3lCa295ihLCOxGQN4SKG7mV0wa/crwWhgif
2qdf8pqqKBIcEcRnz+CQ==;
Received: from localhost ([::1] helo=bombadil.infradead.org)
by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux))
id 1rjblF-00000000mYE-1ZHq;
Mon, 11 Mar 2024 09:15:57 +0000
Received: from mail-ed1-x52f.google.com ([2a00:1450:4864:20::52f])
by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux))
id 1rjbl3-00000000mOf-1LGe
for linux-arm-kernel@lists.infradead.org;
Mon, 11 Mar 2024 09:15:48 +0000
Received: by mail-ed1-x52f.google.com with SMTP id
4fb4d7f45d1cf-565c6cf4819so8867285a12.1
for <linux-arm-kernel@lists.infradead.org>;
Mon, 11 Mar 2024 02:15:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=linaro.org; s=google; t=1710148541; x=1710753341;
darn=lists.infradead.org;
h=cc:to:content-transfer-encoding:mime-version:message-id:date
:subject:from:from:to:cc:subject:date:message-id:reply-to;
bh=zbNdf3cWroV5dO6V7Sle8ThanLSbwGGwoWZKSypPYNY=;
b=w5Ct28r1lCUC1M4Ff2po9zTIQAD65pahR33pHeFjGB7/bJ/GVA2PGtF6fFGLDW4oQc
XTyFkS22mxk6OPiD19K00xok3PecijyPjcyPhNX9BOXSc1DOaPboNZywZBEbDXi4RJF7
UIihgAUBg5trWl3eTG6HOIN8c9ahe7odJLM9itejRIH9vQ/Rw4PlYJVNcMBK4M/VCges
WVqpPZpaWuezN9Lpdf3FNx71L5B2L4ayZb9/4v1KvsM18P2lu5B6mPYpRk71Y0cG8GBb
t4obKg5TJDdzv0AaFzy9rH009nQK0ypArxvt+S8/oigkZpotSNa5KZlAJ1qEkxH5b/k5
EtWg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1710148541; x=1710753341;
h=cc:to:content-transfer-encoding:mime-version:message-id:date
:subject:from:x-gm-message-state:from:to:cc:subject:date:message-id
:reply-to;
bh=zbNdf3cWroV5dO6V7Sle8ThanLSbwGGwoWZKSypPYNY=;
b=a9ECermt8mp/ugkLLwMUjubkdN9G6z4wWGcr5IBzjLa+LmAQe35071ipynwWaCqTQE
1yzrSQ2aONNYfEiy4sZt4ucsXa1YoBTIgXTLg6H64vOgLeRkK9HmDK3Lcol+ulh+xY0F
gGvLHZzTX+TvzFQaAAXbAi66WyQq99DOBSVkzbsXb03txL40QGFngwWpZFpdu7U5uu1S
wYvxf740MU6D0b8Juee2fBAUI6xL8yYFdHlUIszKjSD1bN/A/VONI3QQ8N2EcKWNa5nU
D/EE5DyHmcJbHTu5cgKEGSnvQO+oqI4AHCULrzqiu/b8Mb/OPudS5ocoJ6KnycicAZfN
JbnA==
X-Gm-Message-State: AOJu0YwQg5UnCyLYi/oZ9Pb3iaZpXQ2g+mSOLT4ykfyFkA8IvciC42GH
mfcVKch9IXE+b2IOxOzi93A5UvC/kxN8OvOzavxiQbpx3k1QC7EFJgvAd399vPNo2/9sIhqa7xx
o
X-Google-Smtp-Source:
AGHT+IEBJQ7BgKcOCBvzwQqQpmFmMXEWcBCRiScYlAQFN6ifQ/5W98Y1ZtgEjJ6LNTP6hyoAHcv2Yw==
X-Received: by 2002:a17:906:3ad3:b0:a45:a2cc:eb93 with SMTP id
z19-20020a1709063ad300b00a45a2cceb93mr4627139ejd.4.1710148540779;
Mon, 11 Mar 2024 02:15:40 -0700 (PDT)
Received: from [127.0.1.1] ([85.235.12.238])
by smtp.gmail.com with ESMTPSA id
js23-20020a170906ca9700b00a4617f1ccf3sm1601256ejb.169.2024.03.11.02.15.39
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Mon, 11 Mar 2024 02:15:40 -0700 (PDT)
From: Linus Walleij <linus.walleij@linaro.org>
Subject: [PATCH v3 0/9] CFI for ARM32 using LLVM
Date: Mon, 11 Mar 2024 10:15:37 +0100
Message-Id: <20240311-arm32-cfi-v3-0-224a0f0a45c2@linaro.org>
MIME-Version: 1.0
X-B4-Tracking: v=1; b=H4sIALnL7mUC/1WMQQ7CIBBFr9KwFjMMlKor72FcUArtJFoMGKJpe
ndpXViX78+8N7HkIrnETtXEosuUKIwF5K5idjBj7zh1hRkCKhCi5ibeJXLrieu60+CxrHBg5f8
RnafX2rpcCw+UniG+13QWy/qtIG4rWXDg+qikBO1B1+35RqOJYR9iz5ZMxp8qodmqWFRrG+VMu
ehW/qnzPH8AufZv7N4AAAA=
To: Russell King <linux@armlinux.org.uk>,
Sami Tolvanen <samitolvanen@google.com>, Kees Cook <keescook@chromium.org>,
Nathan Chancellor <nathan@kernel.org>,
Nick Desaulniers <ndesaulniers@google.com>,
Ard Biesheuvel <ardb@kernel.org>, Arnd Bergmann <arnd@arndb.de>
Cc: linux-arm-kernel@lists.infradead.org, llvm@lists.linux.dev,
Linus Walleij <linus.walleij@linaro.org>
X-Mailer: b4 0.12.4
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3
X-CRM114-CacheID: sfid-20240311_021545_619499_32EEE6D0
X-CRM114-Status: GOOD ( 18.35 )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe:
<http://lists.infradead.org/mailman/options/linux-arm-kernel>,
<mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe:
<http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
<mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To:
linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org
|
| Series |
CFI for ARM32 using LLVM
|
expand
|
This is a first patch set to support CLANG CFI (Control Flow Integrity) on ARM32. For information about what CFI is, see: https://clang.llvm.org/docs/ControlFlowIntegrity.html For the kernel KCFI flavor, see: https://lwn.net/Articles/898040/ The base changes required to bring up KCFI on ARM32 was mostly related to the use of custom vtables in the kernel, combined with defines to call into these vtable members directly from sites where they are used. The approach to all of these vtable+define issues has been the same: instead of a define, wrap the call in a static inline function that explicitly calls the vtable member. The permissive mode handles the new breakpoint type (0x03) that LLVM CLANG is emitting. To runtime-test the patches: - Enable CONFIG_LKDTM - echo CFI_FORWARD_PROTO > /sys/kernel/debug/provoke-crash/DIRECT The patch set has been booted to userspace on the following test platforms: - Arm Versatile (QEMU) - Arm Versatile Express (QEMU) - multi_v7 booted on Versatile Express (QEMU) - Footbridge Netwinder (SA110 ARMv4) - Ux500 (ARMv7 SMP) I am not saying there will not be corner cases that we need to fix in addition to this, but it is enough to get started. Looking at what was fixed for arm64 I am a bit weary that e.g. BPF might need something to trampoline properly. But hopefullt people can get to testing it and help me fix remaining issues before the final version, or we can fix it in-tree. Signed-off-by: Linus Walleij <linus.walleij@linaro.org> --- Changes in v3: - Use report_cfi_failure() like everyone else in the breakpoint handler. - I think we cannot implement target and type for the report callback without operand bundling compiler extensions, so just leaving these as zero. - Link to v2: https://lore.kernel.org/r/20240307-arm32-cfi-v2-0-cc74ea0306b3@linaro.org Changes in v2: - Add the missing ftrace graph tracer stub. - Enable permissive mode using a breakpoint handler. - Link to v1: https://lore.kernel.org/r/20240225-arm32-cfi-v1-0-6943306f065b@linaro.org --- Linus Walleij (9): ARM: Support CLANG CFI ARM: tlbflush: Make TLB flushes into static inlines ARM: bugs: Check in the vtable instead of defined aliases ARM: proc: Use inlines instead of defines ARM: delay: Turn delay functions into static inlines ARM: turn CPU cache flush functions into static inlines ARM: page: Turn highpage accesses into static inlines ARM: ftrace: Define ftrace_stub_graph ARM: KCFI: Allow permissive CFI mode arch/arm/Kconfig | 1 + arch/arm/common/mcpm_entry.c | 10 ++----- arch/arm/include/asm/cacheflush.h | 45 ++++++++++++++++++++++------ arch/arm/include/asm/delay.h | 16 ++++++++-- arch/arm/include/asm/hw_breakpoint.h | 1 + arch/arm/include/asm/page.h | 36 ++++++++++++++++++----- arch/arm/include/asm/proc-fns.h | 57 +++++++++++++++++++++++++++++------- arch/arm/include/asm/tlbflush.h | 18 ++++++++---- arch/arm/kernel/bugs.c | 2 +- arch/arm/kernel/entry-ftrace.S | 4 +++ arch/arm/kernel/hw_breakpoint.c | 30 +++++++++++++++++++ arch/arm/mach-sunxi/mc_smp.c | 7 +---- arch/arm/mm/dma.h | 28 ++++++++++++++---- arch/arm/mm/proc-syms.c | 7 +---- arch/arm/mm/proc-v7-bugs.c | 4 +-- 15 files changed, 202 insertions(+), 64 deletions(-) --- base-commit: 6613476e225e090cc9aad49be7fa504e290dd33d change-id: 20240115-arm32-cfi-65d60f201108 Best regards,