From patchwork Fri Nov 4 22:35:59 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Rick Edgecombe X-Patchwork-Id: 13032670 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9F245C43217 for ; Fri, 4 Nov 2022 22:40:10 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A82788E001A; Fri, 4 Nov 2022 18:39:52 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 9456C8E0018; Fri, 4 Nov 2022 18:39:52 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6FC738E001A; Fri, 4 Nov 2022 18:39:52 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 5947B8E0018 for ; Fri, 4 Nov 2022 18:39:52 -0400 (EDT) Received: from smtpin07.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 3700412033D for ; Fri, 4 Nov 2022 22:39:52 +0000 (UTC) X-FDA: 80097228624.07.3D03FF0 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by imf17.hostedemail.com (Postfix) with ESMTP id BA38040002 for ; Fri, 4 Nov 2022 22:39:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667601591; x=1699137591; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=Q2WzLNvi+uaoeKQh1K+WrXv9LEwAcETs+iDQvlLduko=; b=PJjgbTcJ7uo5jEqPA2arXrxkEzQVQhJ8e7xxqmua85A4ce2JD9XwcFCn ucfNW/pWeAa2dDjhiToGhknDFyiPSA5VYu5j+elm8TwfVGJ5lkzcBas8G v0CzAMa6aKXoYjQphCoYw7GPvjC0EgT78+caYkzzsPfQ2odBFdLPhMKgs 5sIZTf7z0bdxLf06fobqgegJInCVLm9SHfvR+N6RRh7Uy31meYjy1bk4C yqX/C49KlxGiBaobsI5yXORKd/3vo2PouKGgf3R5Lyx0dc90f65D/F2c+ 1e/LRb+7yucsEuR3UJgB/+G9sI4ktWDBKYqCrIfqHmm3nb/Rtc+SY0aii Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10521"; a="297559713" X-IronPort-AV: E=Sophos;i="5.96,138,1665471600"; d="scan'208";a="297559713" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Nov 2022 15:39:51 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10521"; a="668514147" X-IronPort-AV: E=Sophos;i="5.96,138,1665471600"; d="scan'208";a="668514147" Received: from adhjerms-mobl1.amr.corp.intel.com (HELO rpedgeco-desk.amr.corp.intel.com) ([10.212.227.68]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Nov 2022 15:39:50 -0700 From: Rick Edgecombe To: x86@kernel.org, "H . Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H . J . Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V . Shankar" , Weijiang Yang , "Kirill A . Shutemov" , John Allen , kcc@google.com, eranian@google.com, rppt@kernel.org, jamorris@linux.microsoft.com, dethoma@microsoft.com, akpm@linux-foundation.org Cc: rick.p.edgecombe@intel.com Subject: [PATCH v3 32/37] x86/cet/shstk: Wire in CET interface Date: Fri, 4 Nov 2022 15:35:59 -0700 Message-Id: <20221104223604.29615-33-rick.p.edgecombe@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20221104223604.29615-1-rick.p.edgecombe@intel.com> References: <20221104223604.29615-1-rick.p.edgecombe@intel.com> ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1667601592; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references:dkim-signature; bh=Csl/uHSVigsX3hH5FQ/OeAa/No2MfkHUHzhB7SHX95Y=; b=UXzi0V5zqp/cXpn9mBYjKPJYF7iT/RmrXUIDKehCqzBHnsxkws9Y04oSrFIw/o2wFGHlXI 9sO80VwaaqtEiwz3JILD8YUMD6qmVCyUtuyhstZOyVxtaI+0p0V50h9smDyVB0JkWbMUwz 0osFQ1UXWksry8NPKpNjGXg3l+f5IXM= ARC-Authentication-Results: i=1; imf17.hostedemail.com; dkim=none ("invalid DKIM record") header.d=intel.com header.s=Intel header.b=PJjgbTcJ; spf=pass (imf17.hostedemail.com: domain of rick.p.edgecombe@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=rick.p.edgecombe@intel.com; dmarc=pass (policy=none) header.from=intel.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1667601592; a=rsa-sha256; cv=none; b=JDeKYchE0uTRZuCYI6CO9AS7So106L1gC1J2pFbJb8up/WsFPP16zUifdsZz0kZ9H20SVX NXuTxnJ8WxbdwhiWY4to8KcBewha0roI140y4fqFFdp2mwPMJP9fCnjSHeH3zPUPDLnalF 7EQSLazSJcbuOteVlptXWmuOJSYe9y4= Authentication-Results: imf17.hostedemail.com; dkim=none ("invalid DKIM record") header.d=intel.com header.s=Intel header.b=PJjgbTcJ; spf=pass (imf17.hostedemail.com: domain of rick.p.edgecombe@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=rick.p.edgecombe@intel.com; dmarc=pass (policy=none) header.from=intel.com X-Stat-Signature: o54gbyj4pnjoqx6aghocpbjg6uoym8ck X-Rspam-User: X-Rspamd-Server: rspam11 X-Rspamd-Queue-Id: BA38040002 X-HE-Tag: 1667601591-185173 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: The kernel now has the main CET functionality to support applications. Wire in the WRSS and shadow stack enable/disable functions into the existing CET API skeleton. Tested-by: Pengfei Xu Tested-by: John Allen Reviewed-by: Kees Cook Signed-off-by: Rick Edgecombe --- v2: - Split from other patches arch/x86/kernel/shstk.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/arch/x86/kernel/shstk.c b/arch/x86/kernel/shstk.c index cbd0970b26d7..71620b77a654 100644 --- a/arch/x86/kernel/shstk.c +++ b/arch/x86/kernel/shstk.c @@ -463,9 +463,17 @@ long cet_prctl(struct task_struct *task, int option, unsigned long features) return -EINVAL; if (option == ARCH_CET_DISABLE) { + if (features & CET_WRSS) + return wrss_control(false); + if (features & CET_SHSTK) + return shstk_disable(); return -EINVAL; } /* Handle ARCH_CET_ENABLE */ + if (features & CET_SHSTK) + return shstk_setup(); + if (features & CET_WRSS) + return wrss_control(true); return -EINVAL; }