From patchwork Tue Mar 12 12:52:19 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Linus Walleij X-Patchwork-Id: 13589949 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 3B206C54E60 for ; Tue, 12 Mar 2024 12:52:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Cc:To:In-Reply-To:References:Message-Id :MIME-Version:Subject:Date:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=jpx9JLKAKwj3/itE2iDx+ir3z/zfBhsVjqZoZXrQGhI=; b=nOc8iXtzt6nlvl AFuNjPDkxGpj659/FaAJmzqqKA9+UqoGf7BTgY9Ic1ZrRUuigx+gYrA7Y8n5uSraIV9y3dxEWn2Xo X+v4smDetPU+F5lmH8fATmyp7H/GRRX+p/twhIoIn4ugJRgYkqXv6Wcz0G6rUj4chT+Ax1TRdtqua 5XZYPa7J3zST+mScRMT4sMB9S7YOvl5/LesPKl1S2aabIa4Xf6P558c21wdEJdp8bKVIwonIQsKcx wy+iqtO1LRuQNzPxBvEd4gUNyq7m0WTiZmERGQ1+gOw5qMMnWT1YU2S/uo8/jxLakvJJmI+ARdzL6 nImx0YLVj/isbO//BNww==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rk1cc-00000005pHt-31Wy; Tue, 12 Mar 2024 12:52:46 +0000 Received: from mail-ej1-x62c.google.com ([2a00:1450:4864:20::62c]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rk1cV-00000005pBr-3b4t for linux-arm-kernel@lists.infradead.org; Tue, 12 Mar 2024 12:52:41 +0000 Received: by mail-ej1-x62c.google.com with SMTP id a640c23a62f3a-a44665605f3so771846666b.2 for ; Tue, 12 Mar 2024 05:52:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1710247951; x=1710852751; darn=lists.infradead.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=17ArG1M9fJDron0YzHnlfTGUNG1cg1KK8VZYlzu8rLI=; b=Z4G2EGu2mUDoD4Ko8V8JWNwP7/ZPxRWjmULuBkrd8/am841qQvxLLv332eVZDfcWYL rNjQgNww4jBrT4hdo+P4WRnN+6rzTppAXRJh2MaWOZX9kTNaRxO9GQLD++adPTNEyUk0 KmUxgtZUlQ/9btfzvaOPtglairpQIRNuIudAtLjUE/uGhs+43x3viREGWZT5cIZ7APYu k/sUuYog+QsMaS3d61jmW68zaecTDH9yDd6VAiJxwuBdWQ/kZs5OB55e9ot0V3KSFIRS iDfBJrsghQwVP9SMmvktXpZks+Ma+s8cxl3p/uDBkvGFA1WBGDHG0PJw0dpsCruxCtnm 7ojA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710247951; x=1710852751; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=17ArG1M9fJDron0YzHnlfTGUNG1cg1KK8VZYlzu8rLI=; b=TNnFwJEsszPsNNiIBggzzmkB9LCmGNcFwVOqlHlBMFkMcVbkF2r+lqnQ6wvgnTAHqf RF39cDAQKFaItl3NyZTkU+XTHD/mQVQRz2+kxSbxy39oLtPz9R+qbW4vpOmRqPXzW7Lz 7Jo5Qwwz3NAAyLiIUx0mA4vJh/jsHMuUA0seI7KxrDd9vrfuWsSDO/xpJMbIIUDvSNhT SL2xovFusmMqgi0kw2jl6PvBhqkb/Y6oi5NwU7DIFnLomH1NGDrj6fNVXitUeOMIAgw9 /aNwVKqh3E4heAUbn6jfa8+rjAdNsp7wb2UM2/us67E0+NmN39mk62jCW2kPjdLG8RiH 5KwA== X-Gm-Message-State: AOJu0YxbekTayFE+SOxcspgRT3C9sDPV87yFGwXMgM6MR1YaaNq+E5QF xj3ijQs/ioqYLWfdbtCQ6uv0BBFhoJcip0PlCQzdgTvLBenXI0s8RLv4ZzZNNsY= X-Google-Smtp-Source: AGHT+IEE9hdxo/s6q3o6swTsCsuikwsIDmifjoKQg5K0quiEBYvUQGfuy8jPmRfIDO1jpds87eQ5Bg== X-Received: by 2002:a17:906:694d:b0:a46:471e:b3e4 with SMTP id c13-20020a170906694d00b00a46471eb3e4mr901844ejs.10.1710247951589; Tue, 12 Mar 2024 05:52:31 -0700 (PDT) Received: from [127.0.1.1] ([85.235.12.238]) by smtp.gmail.com with ESMTPSA id gc5-20020a170906c8c500b00a45a09e7e23sm3845088ejb.136.2024.03.12.05.52.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Mar 2024 05:52:31 -0700 (PDT) From: Linus Walleij Date: Tue, 12 Mar 2024 13:52:19 +0100 Subject: [PATCH v3 3/4] ARM: Reduce the number of #ifdef CONFIG_CPU_SW_DOMAIN_PAN MIME-Version: 1.0 Message-Id: <20240312-arm32-lpae-pan-v3-3-532647afcd38@linaro.org> References: <20240312-arm32-lpae-pan-v3-0-532647afcd38@linaro.org> In-Reply-To: <20240312-arm32-lpae-pan-v3-0-532647afcd38@linaro.org> To: Russell King , Ard Biesheuvel , Arnd Bergmann , Stefan Wahren , Kees Cook , Geert Uytterhoeven Cc: linux-arm-kernel@lists.infradead.org, Linus Walleij , Catalin Marinas X-Mailer: b4 0.12.4 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240312_055239_940910_01681288 X-CRM114-Status: GOOD ( 16.39 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org From: Catalin Marinas This is a clean-up patch aimed at reducing the number of checks on CONFIG_CPU_SW_DOMAIN_PAN, together with some empty lines for better clarity once the CONFIG_CPU_TTBR0_PAN is introduced. Signed-off-by: Catalin Marinas Reviewed-by: Kees Cook Signed-off-by: Linus Walleij --- ChangeLog v2->v3: - Don't ramdomly change ifdef to if defined(), let's save that for the last patch. --- arch/arm/include/asm/uaccess-asm.h | 16 ++++++++++++---- arch/arm/include/asm/uaccess.h | 21 +++++++++++++++------ 2 files changed, 27 insertions(+), 10 deletions(-) diff --git a/arch/arm/include/asm/uaccess-asm.h b/arch/arm/include/asm/uaccess-asm.h index 65da32e1f1c1..ea42ba25920f 100644 --- a/arch/arm/include/asm/uaccess-asm.h +++ b/arch/arm/include/asm/uaccess-asm.h @@ -39,8 +39,9 @@ #endif .endm - .macro uaccess_disable, tmp, isb=1 #ifdef CONFIG_CPU_SW_DOMAIN_PAN + + .macro uaccess_disable, tmp, isb=1 /* * Whenever we re-enter userspace, the domains should always be * set appropriately. @@ -50,11 +51,9 @@ .if \isb instr_sync .endif -#endif .endm .macro uaccess_enable, tmp, isb=1 -#ifdef CONFIG_CPU_SW_DOMAIN_PAN /* * Whenever we re-enter userspace, the domains should always be * set appropriately. @@ -64,9 +63,18 @@ .if \isb instr_sync .endif -#endif .endm +#else + + .macro uaccess_disable, tmp, isb=1 + .endm + + .macro uaccess_enable, tmp, isb=1 + .endm + +#endif + #if defined(CONFIG_CPU_SW_DOMAIN_PAN) || defined(CONFIG_CPU_USE_DOMAINS) #define DACR(x...) x #else diff --git a/arch/arm/include/asm/uaccess.h b/arch/arm/include/asm/uaccess.h index 9556d04387f7..2278769f1156 100644 --- a/arch/arm/include/asm/uaccess.h +++ b/arch/arm/include/asm/uaccess.h @@ -24,9 +24,10 @@ * perform such accesses (eg, via list poison values) which could then * be exploited for priviledge escalation. */ +#ifdef CONFIG_CPU_SW_DOMAIN_PAN + static __always_inline unsigned int uaccess_save_and_enable(void) { -#ifdef CONFIG_CPU_SW_DOMAIN_PAN unsigned int old_domain = get_domain(); /* Set the current domain access to permit user accesses */ @@ -34,19 +35,27 @@ static __always_inline unsigned int uaccess_save_and_enable(void) domain_val(DOMAIN_USER, DOMAIN_CLIENT)); return old_domain; -#else - return 0; -#endif } static __always_inline void uaccess_restore(unsigned int flags) { -#ifdef CONFIG_CPU_SW_DOMAIN_PAN /* Restore the user access mask */ set_domain(flags); -#endif } +#else + +static inline unsigned int uaccess_save_and_enable(void) +{ + return 0; +} + +static inline void uaccess_restore(unsigned int flags) +{ +} + +#endif + /* * These two are intentionally not defined anywhere - if the kernel * code generates any references to them, that's a bug.