From patchwork Fri Nov 3 17:04:49 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chris Metcalf X-Patchwork-Id: 10040827 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 324B1603D7 for ; Fri, 3 Nov 2017 17:13:10 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 19217296EF for ; Fri, 3 Nov 2017 17:13:10 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 0D9AE296F6; Fri, 3 Nov 2017 17:13:10 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, RCVD_IN_DNSWL_MED, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [65.50.211.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 0CA60296F3 for ; Fri, 3 Nov 2017 17:13:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=1q4B7eH3BQ4ICaVnIu/eNRfc7jkTd2Cv2cYFq19QegI=; b=Vb45IS22YOiSapqdOqOVrk9UvS 9AEkKiBCB8eIzioVqzLxqIvgtXh5CscAHA1Di/8VCCTWbgPfpne7kQHdTmci+S1GMQuneRcVhPQxF VgHqQdjd5Dn772JwQFDppYOURCvsBOlsLjPhcSmtYJ/MV1rbUHhaeh8oJHkqY3nXGhFP+wUsm55QE /zaX8pi/wLnU/xGmIeIuR+BSDmYyo3F/XZQfm7mxNGNel4trktlNqi0COLlo9aP4p+feEaHL2d5+h 4vl81HX9vjHoD8YtpzYL8jUP0pCiOefJXpj2GExJk8Tf8Gi4/t9p7Sl7aizbCua10aGAAKVgoyLEA qs5xyOKA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.87 #1 (Red Hat Linux)) id 1eAfWf-00005B-Sm; Fri, 03 Nov 2017 17:13:01 +0000 Received: from mail-il-dmz.mellanox.com ([193.47.165.129] helo=mellanox.co.il) by bombadil.infradead.org with esmtp (Exim 4.87 #1 (Red Hat Linux)) id 1eAfWZ-0008F5-RL for linux-arm-kernel@lists.infradead.org; Fri, 03 Nov 2017 17:12:58 +0000 Received: from Internal Mail-Server by MTLPINE1 (envelope-from cmetcalf@mellanox.com) with ESMTPS (AES256-SHA encrypted); 3 Nov 2017 19:05:12 +0200 Received: from ld-1.internal.tilera.com (ld-1.internal.tilera.com [10.15.7.41]) by mtbu-labmail01.internal.tilera.com (8.14.4/8.14.4) with ESMTP id vA3H5AAG008355; Fri, 3 Nov 2017 13:05:10 -0400 Received: (from cmetcalf@localhost) by ld-1.internal.tilera.com (8.14.7/8.13.8/Submit) id vA3H59P9010524; Fri, 3 Nov 2017 13:05:09 -0400 From: Chris Metcalf To: Steven Rostedt , Ingo Molnar , Peter Zijlstra , Andrew Morton , Rik van Riel , Tejun Heo , Frederic Weisbecker , Thomas Gleixner , "Paul E. McKenney" , Christoph Lameter , Viresh Kumar , Catalin Marinas , Will Deacon , Andy Lutomirski , Mark Rutland , Russell King , linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org Subject: [PATCH v16 10/13] arch/arm: enable task isolation functionality Date: Fri, 3 Nov 2017 13:04:49 -0400 Message-Id: <1509728692-10460-11-git-send-email-cmetcalf@mellanox.com> X-Mailer: git-send-email 2.1.2 In-Reply-To: <1509728692-10460-1-git-send-email-cmetcalf@mellanox.com> References: <1509728692-10460-1-git-send-email-cmetcalf@mellanox.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20171103_101256_372059_3D62EAF9 X-CRM114-Status: GOOD ( 20.96 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Francis Giraldeau , Chris Metcalf MIME-Version: 1.0 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP From: Francis Giraldeau This patch is a port of the task isolation functionality to the arm 32-bit architecture. The task isolation needs an additional thread flag that requires to change the entry assembly code to accept a bitfield larger than one byte. The constants _TIF_SYSCALL_WORK and _TIF_WORK_MASK are now defined in the literal pool. The rest of the patch is straightforward and reflects what is done on other architectures. To avoid problems with the tst instruction in the v7m build, we renumber TIF_SECCOMP to bit 8 and let TIF_TASK_ISOLATION use bit 7. Signed-off-by: Francis Giraldeau Signed-off-by: Chris Metcalf [with modifications] --- arch/arm/Kconfig | 1 + arch/arm/include/asm/thread_info.h | 10 +++++++--- arch/arm/kernel/entry-common.S | 12 ++++++++---- arch/arm/kernel/ptrace.c | 10 ++++++++++ arch/arm/kernel/signal.c | 10 +++++++++- arch/arm/kernel/smp.c | 4 ++++ arch/arm/mm/fault.c | 8 +++++++- 7 files changed, 46 insertions(+), 9 deletions(-) diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig index 7888c9803eb0..3423c655a32b 100644 --- a/arch/arm/Kconfig +++ b/arch/arm/Kconfig @@ -48,6 +48,7 @@ config ARM select HAVE_ARCH_KGDB if !CPU_ENDIAN_BE32 && MMU select HAVE_ARCH_MMAP_RND_BITS if MMU select HAVE_ARCH_SECCOMP_FILTER if (AEABI && !OABI_COMPAT) + select HAVE_ARCH_TASK_ISOLATION select HAVE_ARCH_TRACEHOOK select HAVE_ARM_SMCCC if CPU_V7 select HAVE_EBPF_JIT if !CPU_ENDIAN_BE32 diff --git a/arch/arm/include/asm/thread_info.h b/arch/arm/include/asm/thread_info.h index 776757d1604a..a7b76ac9543d 100644 --- a/arch/arm/include/asm/thread_info.h +++ b/arch/arm/include/asm/thread_info.h @@ -142,7 +142,8 @@ extern int vfp_restore_user_hwstate(struct user_vfp __user *, #define TIF_SYSCALL_TRACE 4 /* syscall trace active */ #define TIF_SYSCALL_AUDIT 5 /* syscall auditing active */ #define TIF_SYSCALL_TRACEPOINT 6 /* syscall tracepoint instrumentation */ -#define TIF_SECCOMP 7 /* seccomp syscall filtering active */ +#define TIF_TASK_ISOLATION 7 /* task isolation active */ +#define TIF_SECCOMP 8 /* seccomp syscall filtering active */ #define TIF_NOHZ 12 /* in adaptive nohz mode */ #define TIF_USING_IWMMXT 17 @@ -156,18 +157,21 @@ extern int vfp_restore_user_hwstate(struct user_vfp __user *, #define _TIF_SYSCALL_TRACE (1 << TIF_SYSCALL_TRACE) #define _TIF_SYSCALL_AUDIT (1 << TIF_SYSCALL_AUDIT) #define _TIF_SYSCALL_TRACEPOINT (1 << TIF_SYSCALL_TRACEPOINT) +#define _TIF_TASK_ISOLATION (1 << TIF_TASK_ISOLATION) #define _TIF_SECCOMP (1 << TIF_SECCOMP) #define _TIF_USING_IWMMXT (1 << TIF_USING_IWMMXT) /* Checks for any syscall work in entry-common.S */ #define _TIF_SYSCALL_WORK (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT | \ - _TIF_SYSCALL_TRACEPOINT | _TIF_SECCOMP) + _TIF_SYSCALL_TRACEPOINT | _TIF_SECCOMP | \ + _TIF_TASK_ISOLATION) /* * Change these and you break ASM code in entry-common.S */ #define _TIF_WORK_MASK (_TIF_NEED_RESCHED | _TIF_SIGPENDING | \ - _TIF_NOTIFY_RESUME | _TIF_UPROBE) + _TIF_NOTIFY_RESUME | _TIF_UPROBE | \ + _TIF_TASK_ISOLATION) #endif /* __KERNEL__ */ #endif /* __ASM_ARM_THREAD_INFO_H */ diff --git a/arch/arm/kernel/entry-common.S b/arch/arm/kernel/entry-common.S index 99c908226065..9ae3ef2dbc1e 100644 --- a/arch/arm/kernel/entry-common.S +++ b/arch/arm/kernel/entry-common.S @@ -53,7 +53,8 @@ ret_fast_syscall: cmp r2, #TASK_SIZE blne addr_limit_check_failed ldr r1, [tsk, #TI_FLAGS] @ re-check for syscall tracing - tst r1, #_TIF_SYSCALL_WORK | _TIF_WORK_MASK + ldr r2, =_TIF_SYSCALL_WORK | _TIF_WORK_MASK + tst r1, r2 bne fast_work_pending @@ -83,7 +84,8 @@ ret_fast_syscall: cmp r2, #TASK_SIZE blne addr_limit_check_failed ldr r1, [tsk, #TI_FLAGS] @ re-check for syscall tracing - tst r1, #_TIF_SYSCALL_WORK | _TIF_WORK_MASK + ldr r2, =_TIF_SYSCALL_WORK | _TIF_WORK_MASK + tst r1, r2 beq no_work_pending UNWIND(.fnend ) ENDPROC(ret_fast_syscall) @@ -91,7 +93,8 @@ ENDPROC(ret_fast_syscall) /* Slower path - fall through to work_pending */ #endif - tst r1, #_TIF_SYSCALL_WORK + ldr r2, =_TIF_SYSCALL_WORK + tst r1, r2 bne __sys_trace_return_nosave slow_work_pending: mov r0, sp @ 'regs' @@ -238,7 +241,8 @@ local_restart: ldr r10, [tsk, #TI_FLAGS] @ check for syscall tracing stmdb sp!, {r4, r5} @ push fifth and sixth args - tst r10, #_TIF_SYSCALL_WORK @ are we tracing syscalls? + ldr r11, =_TIF_SYSCALL_WORK @ are we tracing syscalls? + tst r10, r11 bne __sys_trace cmp scno, #NR_syscalls @ check upper syscall limit diff --git a/arch/arm/kernel/ptrace.c b/arch/arm/kernel/ptrace.c index 58e3771e4c5b..0cfcba5a93df 100644 --- a/arch/arm/kernel/ptrace.c +++ b/arch/arm/kernel/ptrace.c @@ -27,6 +27,7 @@ #include #include #include +#include #include #include @@ -936,6 +937,15 @@ asmlinkage int syscall_trace_enter(struct pt_regs *regs, int scno) if (test_thread_flag(TIF_SYSCALL_TRACE)) tracehook_report_syscall(regs, PTRACE_SYSCALL_ENTER); + /* + * In task isolation mode, we may prevent the syscall from + * running, and if so we also deliver a signal to the process. + */ + if (test_thread_flag(TIF_TASK_ISOLATION)) { + if (task_isolation_syscall(scno) == -1) + return -1; + } + /* Do seccomp after ptrace; syscall may have changed. */ #ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER if (secure_computing(NULL) == -1) diff --git a/arch/arm/kernel/signal.c b/arch/arm/kernel/signal.c index b67ae12503f3..7c526efb301a 100644 --- a/arch/arm/kernel/signal.c +++ b/arch/arm/kernel/signal.c @@ -15,6 +15,7 @@ #include #include #include +#include #include #include @@ -605,6 +606,9 @@ static int do_signal(struct pt_regs *regs, int syscall) return 0; } +#define WORK_PENDING_LOOP_FLAGS \ + (_TIF_NEED_RESCHED | _TIF_SIGPENDING | _TIF_NOTIFY_RESUME | _TIF_UPROBE) + asmlinkage int do_work_pending(struct pt_regs *regs, unsigned int thread_flags, int syscall) { @@ -641,7 +645,11 @@ do_work_pending(struct pt_regs *regs, unsigned int thread_flags, int syscall) } local_irq_disable(); thread_flags = current_thread_info()->flags; - } while (thread_flags & _TIF_WORK_MASK); + } while (thread_flags & WORK_PENDING_LOOP_FLAGS); + + if (thread_flags & _TIF_TASK_ISOLATION) + task_isolation_start(); + return 0; } diff --git a/arch/arm/kernel/smp.c b/arch/arm/kernel/smp.c index c9a0a5299827..76f8b2010ddf 100644 --- a/arch/arm/kernel/smp.c +++ b/arch/arm/kernel/smp.c @@ -29,6 +29,7 @@ #include #include #include +#include #include #include @@ -525,6 +526,7 @@ void arch_send_call_function_ipi_mask(const struct cpumask *mask) void arch_send_wakeup_ipi_mask(const struct cpumask *mask) { + task_isolation_remote_cpumask(mask, "wakeup IPI"); smp_cross_call(mask, IPI_WAKEUP); } @@ -544,6 +546,7 @@ void arch_irq_work_raise(void) #ifdef CONFIG_GENERIC_CLOCKEVENTS_BROADCAST void tick_broadcast(const struct cpumask *mask) { + task_isolation_remote_cpumask(mask, "timer IPI"); smp_cross_call(mask, IPI_TIMER); } #endif @@ -665,6 +668,7 @@ void handle_IPI(int ipinr, struct pt_regs *regs) void smp_send_reschedule(int cpu) { + task_isolation_remote(cpu, "reschedule IPI"); smp_cross_call(cpumask_of(cpu), IPI_RESCHEDULE); } diff --git a/arch/arm/mm/fault.c b/arch/arm/mm/fault.c index 42f585379e19..052860948771 100644 --- a/arch/arm/mm/fault.c +++ b/arch/arm/mm/fault.c @@ -20,6 +20,7 @@ #include #include #include +#include #include #include @@ -352,8 +353,13 @@ do_page_fault(unsigned long addr, unsigned int fsr, struct pt_regs *regs) /* * Handle the "normal" case first - VM_FAULT_MAJOR */ - if (likely(!(fault & (VM_FAULT_ERROR | VM_FAULT_BADMAP | VM_FAULT_BADACCESS)))) + if (likely(!(fault & (VM_FAULT_ERROR | VM_FAULT_BADMAP | + VM_FAULT_BADACCESS)))) { + /* No signal was generated, but notify task-isolation tasks. */ + if (user_mode(regs)) + task_isolation_interrupt("page fault at %#lx", addr); return 0; + } /* * If we are in kernel mode at this point, we