From patchwork Thu Apr 20 18:17:13 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kristina Martsenko X-Patchwork-Id: 9691095 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 264CB601D4 for ; Thu, 20 Apr 2017 18:22:42 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 1C0FB2844C for ; Thu, 20 Apr 2017 18:22:42 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 10D6F284F4; Thu, 20 Apr 2017 18:22:42 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [65.50.211.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id AD217284F2 for ; Thu, 20 Apr 2017 18:22:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=ONT1OMBUrR4Jrptjjp/yjp4fnfilUw30hGVNCxkw8ms=; b=L+1ew/fSzenTRGpP02kxI6UB9+ 5TzvH1+Q137sJMNloHHVBix+R+3NrhSKn+fgfOqGg2dqQkDuwbOhey1EICtZakfbHEbqdLTS87EKE Bj6E78dPe3AKM6qjJALuikr1hjnOWzDt8bNjnepr2kECV90/dcoBc6KfYjMojCw/WiQM80BkSA+sQ aoJD4pAvE2VGoRpC0sYC1KTARzS4N+4TsC0WYXkxx9DZLnMzfS6NVPDus28VFiVn/65iyY8Wpk8LN ZL6hvBmgumgKBXmscEEWefOKwLvoxpUGCnz/zpaG1bCRsbGY4iJ/nKOQMjCoHDkV3/4GVvrNpA5lK KBlNV7vA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.87 #1 (Red Hat Linux)) id 1d1Gj2-0007Xc-Vx; Thu, 20 Apr 2017 18:22:41 +0000 Received: from foss.arm.com ([217.140.101.70]) by bombadil.infradead.org with esmtp (Exim 4.87 #1 (Red Hat Linux)) id 1d1GiS-0006ep-Pe for linux-arm-kernel@lists.infradead.org; Thu, 20 Apr 2017 18:22:08 +0000 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id AE200169F; Thu, 20 Apr 2017 11:21:47 -0700 (PDT) Received: from moonbear.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.72.51.249]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 867683F3E1; Thu, 20 Apr 2017 11:21:46 -0700 (PDT) From: Kristina Martsenko To: Will Deacon , Catalin Marinas Subject: [PATCH 3/4] arm64: entry: improve data abort handling of tagged pointers Date: Thu, 20 Apr 2017 19:17:13 +0100 Message-Id: <1492712234-4950-4-git-send-email-kristina.martsenko@arm.com> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1492712234-4950-1-git-send-email-kristina.martsenko@arm.com> References: <1492712234-4950-1-git-send-email-kristina.martsenko@arm.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20170420_112205_111776_4F902FA6 X-CRM114-Status: GOOD ( 12.75 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Mark Rutland , Andre Przywara , Dave Martin , linux-arm-kernel@lists.infradead.org, Marc Zyngier MIME-Version: 1.0 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP When handling a data abort from EL0, we currently zero the top byte of the faulting address, as we assume the address is a TTBR0 address, which may contain a non-zero address tag. However, the address may be a TTBR1 address, in which case we should not zero the top byte. This patch fixes that. The effect is that the full TTBR1 address is passed to the task's signal handler (or printed out in the kernel log). When handling a data abort from EL1, we leave the faulting address intact, as we assume it's either a TTBR1 address or a TTBR0 address with tag 0x00. This is true as far as I'm aware, we don't seem to access a tagged TTBR0 address anywhere in the kernel. Regardless, it's easy to forget about address tags, and code added in the future may not always remember to remove tags from addresses before accessing them. So add tag handling to the EL1 data abort handler as well. This also makes it consistent with the EL0 data abort handler. Fixes: d50240a5f6ce ("arm64: mm: permit use of tagged pointers at EL0") Signed-off-by: Kristina Martsenko --- arch/arm64/include/asm/asm-uaccess.h | 9 +++++++++ arch/arm64/kernel/entry.S | 4 +++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/arch/arm64/include/asm/asm-uaccess.h b/arch/arm64/include/asm/asm-uaccess.h index df411f3e083c..790ce8e64f8d 100644 --- a/arch/arm64/include/asm/asm-uaccess.h +++ b/arch/arm64/include/asm/asm-uaccess.h @@ -62,4 +62,13 @@ alternative_if ARM64_ALT_PAN_NOT_UAO alternative_else_nop_endif .endm +/* + * Remove the address tag from a virtual address, if present. + */ + .macro clear_address_tag, addr, tmp + bic \tmp, \addr, #(0xff << 56) + tst \addr, #(1 << 55) + csel \addr, \tmp, \addr, eq + .endm + #endif diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S index 43512d4d7df2..2f7ec392ef50 100644 --- a/arch/arm64/kernel/entry.S +++ b/arch/arm64/kernel/entry.S @@ -434,6 +434,7 @@ el1_da: tbnz x23, #7, 1f // PSR_I_BIT enable_irq 1: + clear_address_tag x0, x3 mov x2, sp // struct pt_regs bl do_mem_abort @@ -594,7 +595,8 @@ el0_da: // enable interrupts before calling the main handler enable_dbg_and_irq ct_user_exit - bic x0, x26, #(0xff << 56) + mov x0, x26 + clear_address_tag x0, x3 mov x1, x25 mov x2, sp bl do_mem_abort