From patchwork Thu Jun 7 14:38:52 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10452339 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 5328460146 for ; Thu, 7 Jun 2018 14:42:51 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 44B36294DF for ; Thu, 7 Jun 2018 14:42:51 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 3995F29510; Thu, 7 Jun 2018 14:42:51 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00, MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id ADFBC294DF for ; Thu, 7 Jun 2018 14:42:50 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9DD246B029A; Thu, 7 Jun 2018 10:42:33 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 968FA6B029E; Thu, 7 Jun 2018 10:42:33 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4D4396B029A; Thu, 7 Jun 2018 10:42:33 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pf0-f198.google.com (mail-pf0-f198.google.com [209.85.192.198]) by kanga.kvack.org (Postfix) with ESMTP id A28846B029A for ; Thu, 7 Jun 2018 10:42:32 -0400 (EDT) Received: by mail-pf0-f198.google.com with SMTP id d20-v6so4647047pfn.16 for ; Thu, 07 Jun 2018 07:42:32 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references; bh=tH+6I7PJmD9CQZ/JBJu1zCJEOyXBjyyExvClY4AZD14=; b=gk/21/u5WOkjc1IRqNzrZG+yzlp3y9ULJHngnwv8oCxvAhIAU9zeFk2oZLM3h4jiKH Sv0LfxmGvLBx67tmt2VPCgUNOqgTkPEO4EgihwdBBZh01sbchSYaTscQ4LCN9xuPoAss ECqWOIW8+GFy+qZIpVJeXjEHZgbkDus3Ui4LR3nivKfHLg8GMRIfdqtCFhd3tts2wWDo wEnqGtVkM5cgi4EMVvvg6F78vtAW7D1acJRxq6ZlIHqMOIXf4LgGRm1zoN4mUohw5eNF WkjcmBR4G+JYxVMDG1bvZ48ElHLrAwiDHMy8fdDFImlnsrAoJedRhpvUT4NcKLu/lF/M TIOA== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.65 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: APt69E0LfS2gbJVlvATarPVsIE7guFPtxWsIKaOY7gMGGm0sJkx4+meC inq4zNFfufygupfvrWdyRpiKQ28MvSE4TmQ+1a8fz5mms+t4Mr3IfEE+E5xB3zO5B09vxi5fBGw K8o3YzpO6s/blrWzPAb8o4wy0BXO1scr6sgY5c+4w2kmPmW6lXOzOcwAASwpI22v0Vw== X-Received: by 2002:a65:5c46:: with SMTP id v6-v6mr1828034pgr.127.1528382552313; Thu, 07 Jun 2018 07:42:32 -0700 (PDT) X-Google-Smtp-Source: ADUXVKJdzUCj6Kr0z/NLkh56tmrb5oYZOW646eKkFY45EMf/3wE+bD8XRC+2B5CSRdZ2uTzHK+OC X-Received: by 2002:a65:5c46:: with SMTP id v6-v6mr1827985pgr.127.1528382551208; Thu, 07 Jun 2018 07:42:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528382551; cv=none; d=google.com; s=arc-20160816; b=aNlqh8bbfevAgi2BHTOpPmgu8QaRU1qA+Kdo5gkb/2UjE8yVMT7sS0OCXztHmblxGL B4O9xN8F5h17FFUDrNzs2nQMinygajkYfwaE72XE4OuE2XUHiYw+XGJ2iGoKLaiS/xmL eOTq7mDwJ36EgE/7Dw1DwwfL0UbmAOaz1cWcWt60pRIR/+eAv4aueMzsqcE930i9gcg3 Tr6uVTmaZAIDbnU6DwBCdswraP9Q6t4qt/TqUyxqzsJOK1jhjV1Ur9GVe/1mtLVUFRGW oFc2hYBvpp0OQCbyCZENTkIoFuy2fWnAXWPDXyxi1oAML1tePNFckuQ2lCpIrONt3+Kz jYCQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from :arc-authentication-results; bh=tH+6I7PJmD9CQZ/JBJu1zCJEOyXBjyyExvClY4AZD14=; b=oOkyUYqeAciWjKfaI0SsnaYzlcxuvwFdKxklSA7FNOjmxD7eHkd4hnzCy/yrQB52wY N2tmRCG5UQAIBL9QVyx6BiOp+cXXkpkvG1H2p3Vih1uHJeqQBubQScdMWGeT/Dj1rAJI 1Ir1x64xaLZ51rFwV6Lt5nVQvwUfDk2Rq450Vfn1P5ch91b0sNiVYFVKsgOefv+TPk55 zDUhxiC7vLZYC7CxkxfkA38FthOZDN/dWYSSlHl66ST6LUy1t7jJhrddOmLP6vQ8IAiX vl+rrpCR9mhOjVtJawmdhyecDl7tKh7gG7MoUJcuGQKuJVlGZzObeIE0xErI+1keJcz6 jETA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.65 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga03.intel.com (mga03.intel.com. [134.134.136.65]) by mx.google.com with ESMTPS id l22-v6si26243115pgu.353.2018.06.07.07.42.31 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 07 Jun 2018 07:42:31 -0700 (PDT) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.65 as permitted sender) client-ip=134.134.136.65; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.65 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 07 Jun 2018 07:42:30 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.49,486,1520924400"; d="scan'208";a="235505947" Received: from 2b52.sc.intel.com ([143.183.136.51]) by fmsmga006.fm.intel.com with ESMTP; 07 Jun 2018 07:42:30 -0700 From: Yu-cheng Yu To: linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , "H.J. Lu" , Vedvyas Shanbhogue , "Ravi V. Shankar" , Dave Hansen , Andy Lutomirski , Jonathan Corbet , Oleg Nesterov , Arnd Bergmann , Mike Kravetz Cc: Yu-cheng Yu Subject: [PATCH 4/7] x86/cet: add arcp_prctl functions for indirect branch tracking Date: Thu, 7 Jun 2018 07:38:52 -0700 Message-Id: <20180607143855.3681-5-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.15.1 In-Reply-To: <20180607143855.3681-1-yu-cheng.yu@intel.com> References: <20180607143855.3681-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Signed-off-by: H.J. Lu Signed-off-by: Yu-cheng Yu --- arch/x86/include/asm/cet.h | 1 + arch/x86/include/uapi/asm/prctl.h | 1 + arch/x86/kernel/cet_prctl.c | 54 ++++++++++++++++++++++++++++++++++++--- arch/x86/kernel/elf.c | 12 ++++++--- arch/x86/kernel/process.c | 1 + 5 files changed, 62 insertions(+), 7 deletions(-) diff --git a/arch/x86/include/asm/cet.h b/arch/x86/include/asm/cet.h index d07bdeb27db4..5b71a2b44eb1 100644 --- a/arch/x86/include/asm/cet.h +++ b/arch/x86/include/asm/cet.h @@ -19,6 +19,7 @@ struct cet_stat { unsigned int ibt_enabled:1; unsigned int locked:1; unsigned int exec_shstk:2; + unsigned int exec_ibt:2; }; #ifdef CONFIG_X86_INTEL_CET diff --git a/arch/x86/include/uapi/asm/prctl.h b/arch/x86/include/uapi/asm/prctl.h index f9965403b655..fef476d2d2f6 100644 --- a/arch/x86/include/uapi/asm/prctl.h +++ b/arch/x86/include/uapi/asm/prctl.h @@ -20,6 +20,7 @@ #define ARCH_CET_EXEC 0x3004 #define ARCH_CET_ALLOC_SHSTK 0x3005 #define ARCH_CET_PUSH_SHSTK 0x3006 +#define ARCH_CET_LEGACY_BITMAP 0x3007 /* * Settings for ARCH_CET_EXEC diff --git a/arch/x86/kernel/cet_prctl.c b/arch/x86/kernel/cet_prctl.c index 326996e2ea80..948f7ba98dc2 100644 --- a/arch/x86/kernel/cet_prctl.c +++ b/arch/x86/kernel/cet_prctl.c @@ -19,6 +19,7 @@ * ARCH_CET_EXEC: set default features for exec() * ARCH_CET_ALLOC_SHSTK: allocate shadow stack * ARCH_CET_PUSH_SHSTK: put a return address on shadow stack + * ARCH_CET_LEGACY_BITMAP: allocate legacy bitmap */ static int handle_get_status(unsigned long arg2) @@ -28,8 +29,12 @@ static int handle_get_status(unsigned long arg2) if (current->thread.cet.shstk_enabled) features |= GNU_PROPERTY_X86_FEATURE_1_SHSTK; + if (current->thread.cet.ibt_enabled) + features |= GNU_PROPERTY_X86_FEATURE_1_IBT; if (current->thread.cet.exec_shstk == CET_EXEC_ALWAYS_ON) cet_exec |= GNU_PROPERTY_X86_FEATURE_1_SHSTK; + if (current->thread.cet.exec_ibt == CET_EXEC_ALWAYS_ON) + cet_exec |= GNU_PROPERTY_X86_FEATURE_1_IBT; shstk_size = current->thread.cet.exec_shstk_size; if (in_compat_syscall()) { @@ -94,9 +99,18 @@ static int handle_set_exec(unsigned long arg2) return -EPERM; } + if (features & GNU_PROPERTY_X86_FEATURE_1_IBT) { + if (!cpu_feature_enabled(X86_FEATURE_IBT)) + return -EINVAL; + if ((current->thread.cet.exec_ibt == CET_EXEC_ALWAYS_ON) && + (cet_exec != CET_EXEC_ALWAYS_ON)) + return -EPERM; + } + if (features & GNU_PROPERTY_X86_FEATURE_1_SHSTK) current->thread.cet.exec_shstk = cet_exec; - + if (features & GNU_PROPERTY_X86_FEATURE_1_IBT) + current->thread.cet.exec_ibt = cet_exec; current->thread.cet.exec_shstk_size = shstk_size; return 0; } @@ -167,9 +181,36 @@ static int handle_alloc_shstk(unsigned long arg2) return 0; } +static int handle_bitmap(unsigned long arg2) +{ + unsigned long addr, size; + + if (current->thread.cet.ibt_enabled) { + if (!current->thread.cet.ibt_bitmap_addr) + cet_setup_ibt_bitmap(); + addr = current->thread.cet.ibt_bitmap_addr; + size = current->thread.cet.ibt_bitmap_size; + } else { + addr = 0; + size = 0; + } + + if (in_compat_syscall()) { + if (put_user(addr, (unsigned int __user *)arg2) || + put_user(size, (unsigned int __user *)arg2 + 1)) + return -EFAULT; + } else { + if (put_user(addr, (unsigned long __user *)arg2) || + put_user(size, (unsigned long __user *)arg2 + 1)) + return -EFAULT; + } + return 0; +} + int prctl_cet(int option, unsigned long arg2) { - if (!cpu_feature_enabled(X86_FEATURE_SHSTK)) + if (!cpu_feature_enabled(X86_FEATURE_SHSTK) && + !cpu_feature_enabled(X86_FEATURE_IBT)) return -EINVAL; switch (option) { @@ -181,7 +222,8 @@ int prctl_cet(int option, unsigned long arg2) return -EPERM; if (arg2 & GNU_PROPERTY_X86_FEATURE_1_SHSTK) cet_disable_free_shstk(current); - + if (arg2 & GNU_PROPERTY_X86_FEATURE_1_IBT) + cet_disable_ibt(); return 0; case ARCH_CET_LOCK: @@ -197,6 +239,12 @@ int prctl_cet(int option, unsigned long arg2) case ARCH_CET_PUSH_SHSTK: return handle_push_shstk(arg2); + /* + * Allocate legacy bitmap and return address & size to user. + */ + case ARCH_CET_LEGACY_BITMAP: + return handle_bitmap(arg2); + default: return -EINVAL; } diff --git a/arch/x86/kernel/elf.c b/arch/x86/kernel/elf.c index a3995c8c2fc2..c2a89f3c7186 100644 --- a/arch/x86/kernel/elf.c +++ b/arch/x86/kernel/elf.c @@ -230,10 +230,14 @@ int arch_setup_features(void *ehdr_p, void *phdr_p, } if (cpu_feature_enabled(X86_FEATURE_IBT)) { - if (ibt) { - err = cet_setup_ibt(); - if (err < 0) - goto out; + int exec = current->thread.cet.exec_ibt; + + if (exec != CET_EXEC_ALWAYS_OFF) { + if (ibt || (exec == CET_EXEC_ALWAYS_ON)) { + err = cet_setup_ibt(); + if (err < 0) + goto out; + } } } diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c index 9bec164e7958..c69576b4abd1 100644 --- a/arch/x86/kernel/process.c +++ b/arch/x86/kernel/process.c @@ -801,6 +801,7 @@ long do_arch_prctl_common(struct task_struct *task, int option, case ARCH_CET_EXEC: case ARCH_CET_ALLOC_SHSTK: case ARCH_CET_PUSH_SHSTK: + case ARCH_CET_LEGACY_BITMAP: return prctl_cet(option, cpuid_enabled); }