From patchwork Wed Aug 28 23:27:21 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Mark Brown <broonie@kernel.org>
X-Patchwork-Id: 13782167
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 4244FC7114C
	for <linux-mm@archiver.kernel.org>; Wed, 28 Aug 2024 23:29:15 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id C92016B009B; Wed, 28 Aug 2024 19:29:14 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id C41E06B009C; Wed, 28 Aug 2024 19:29:14 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id B09E46B009D; Wed, 28 Aug 2024 19:29:14 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com
 [216.40.44.10])
	by kanga.kvack.org (Postfix) with ESMTP id 92B316B009B
	for <linux-mm@kvack.org>; Wed, 28 Aug 2024 19:29:14 -0400 (EDT)
Received: from smtpin17.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay02.hostedemail.com (Postfix) with ESMTP id 458431201F2
	for <linux-mm@kvack.org>; Wed, 28 Aug 2024 23:29:14 +0000 (UTC)
X-FDA: 82503247428.17.C3331B7
Received: from sin.source.kernel.org (sin.source.kernel.org [145.40.73.55])
	by imf03.hostedemail.com (Postfix) with ESMTP id D4B092001F
	for <linux-mm@kvack.org>; Wed, 28 Aug 2024 23:29:11 +0000 (UTC)
Authentication-Results: imf03.hostedemail.com;
	dkim=pass header.d=kernel.org header.s=k20201202 header.b=ZtDMwdQp;
	spf=pass (imf03.hostedemail.com: domain of broonie@kernel.org designates
 145.40.73.55 as permitted sender) smtp.mailfrom=broonie@kernel.org;
	dmarc=pass (policy=quarantine) header.from=kernel.org
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1724887708; a=rsa-sha256;
	cv=none;
	b=3K3Vh7K4WbcVod731mlmebVnAvIP7J6gXUefs5csN0YUsNL3ASPRG8m3Vos2ZQNMeEAfZz
	GjkmHs0QvXp1sORmysCGC95O5bwIa0OezPWvQLo2ktKFxoOVtKJIsgrZmYiNq5hbEWQlqG
	AlNBekfoWgUwwqErpbG/VKdNGeAPbKo=
ARC-Authentication-Results: i=1;
	imf03.hostedemail.com;
	dkim=pass header.d=kernel.org header.s=k20201202 header.b=ZtDMwdQp;
	spf=pass (imf03.hostedemail.com: domain of broonie@kernel.org designates
 145.40.73.55 as permitted sender) smtp.mailfrom=broonie@kernel.org;
	dmarc=pass (policy=quarantine) header.from=kernel.org
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=hostedemail.com;
	s=arc-20220608; t=1724887707;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=KtmuWL5rPnJxunKis4r+zJuOmfs6tLevqw0vcnqTYxQ=;
	b=ny1gS7meKeLHW8kXo3Al54Q8dXKC4kHYds90bEsFO3hYepZMOo4/oXzJXZV5G61Sgeb4AZ
	W0SN4vDmbdBedTLL/96tMjybRwqWD1aeCJCM2KrU6I7tGJ+v31FnwbozdHxaYJmgoz/oPr
	PVfmJhoPp1eXA34FrwVThEBEAGHp7UM=
Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58])
	by sin.source.kernel.org (Postfix) with ESMTP id 09C74CE1736;
	Wed, 28 Aug 2024 23:29:09 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 76D85C4CEC9;
	Wed, 28 Aug 2024 23:29:01 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1724887748;
	bh=rOh4m4fj2wClbocRq0H+LpbzuLewpkO3M5BRFF5QA9g=;
	h=From:Date:Subject:References:In-Reply-To:To:Cc:From;
	b=ZtDMwdQpJIDs2Rkwg0UYeDSZGl9Kgy35c06eDIK4/xNomEaD++8/p8t2QXdJEAztH
	 wSDe8Jup97ATXtYoBygYSHUOvxgA0EtDFbcoVHiHXkZU64s+4e7QdTpYwjHwYUNNA4
	 fmXhbKdf9yiRBra8gOySoZ5GyegNK29pluB9SC4oXQpTUsASjznj/+gelnrStbMUCQ
	 mzoDrv+bTHH8lLa0Z0jhD+yocQgZqM15phOtwWzVvG0Hlip8JN4BaxASDLVEXK4jb0
	 ciKTdIgx29iXFhoHHZ6RBmDIqv5QKOIIhKW1Dsd8YOdLxp4HP/wwySaJA5xzlpY4PO
	 wYLCOROxVvtxw==
From: Mark Brown <broonie@kernel.org>
Date: Thu, 29 Aug 2024 00:27:21 +0100
Subject: [PATCH v12 05/39] arm64: Document boot requirements for Guarded
 Control Stacks
MIME-Version: 1.0
Message-Id: <20240829-arm64-gcs-v12-5-42fec947436a@kernel.org>
References: <20240829-arm64-gcs-v12-0-42fec947436a@kernel.org>
In-Reply-To: <20240829-arm64-gcs-v12-0-42fec947436a@kernel.org>
To: Catalin Marinas <catalin.marinas@arm.com>,
 Will Deacon <will@kernel.org>, Jonathan Corbet <corbet@lwn.net>,
 Andrew Morton <akpm@linux-foundation.org>, Marc Zyngier <maz@kernel.org>,
 Oliver Upton <oliver.upton@linux.dev>, James Morse <james.morse@arm.com>,
 Suzuki K Poulose <suzuki.poulose@arm.com>, Arnd Bergmann <arnd@arndb.de>,
 Oleg Nesterov <oleg@redhat.com>, Eric Biederman <ebiederm@xmission.com>,
 Shuah Khan <shuah@kernel.org>,
 "Rick P. Edgecombe" <rick.p.edgecombe@intel.com>,
 Deepak Gupta <debug@rivosinc.com>, Ard Biesheuvel <ardb@kernel.org>,
 Szabolcs Nagy <Szabolcs.Nagy@arm.com>, Kees Cook <kees@kernel.org>
Cc: "H.J. Lu" <hjl.tools@gmail.com>,
 Paul Walmsley <paul.walmsley@sifive.com>,
 Palmer Dabbelt <palmer@dabbelt.com>, Albert Ou <aou@eecs.berkeley.edu>,
 Florian Weimer <fweimer@redhat.com>, Christian Brauner <brauner@kernel.org>,
 Thiago Jung Bauermann <thiago.bauermann@linaro.org>,
 Ross Burton <ross.burton@arm.com>,
 Yury Khrustalev <yury.khrustalev@arm.com>,
 Wilco Dijkstra <wilco.dijkstra@arm.com>,
 linux-arm-kernel@lists.infradead.org, linux-doc@vger.kernel.org,
 kvmarm@lists.linux.dev, linux-fsdevel@vger.kernel.org,
 linux-arch@vger.kernel.org, linux-mm@kvack.org,
 linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org,
 linux-riscv@lists.infradead.org, Mark Brown <broonie@kernel.org>
X-Mailer: b4 0.15-dev-37811
X-Developer-Signature: v=1; a=openpgp-sha256; l=2380; i=broonie@kernel.org;
 h=from:subject:message-id; bh=rOh4m4fj2wClbocRq0H+LpbzuLewpkO3M5BRFF5QA9g=;
 b=owEBbQGS/pANAwAKASTWi3JdVIfQAcsmYgBmz7J8Z5KYwVa17Tubvy4OA5GT6N3rKn+DrkFI1TFj
 ZrKgfK2JATMEAAEKAB0WIQSt5miqZ1cYtZ/in+ok1otyXVSH0AUCZs+yfAAKCRAk1otyXVSH0MAcB/
 9SchQoHpvxwB9OxCqShz/dLftqcvRCIWxO9ZgoadV/U4Z50nuJqBdPypaRBS3bZjxOdOISP6XQ/CbU
 3V5v+g4JXxiGcKDkpOi/GfmZ6t1GA/fgPZdFp7Ckdq8Pt0Zt/kwqhC/xwj48+HPd3g5yzqtjHeJ9VG
 yMVnneUwHH2TzyyvgGOyEVPO6GLr8arjGFoQ31TxvfiC+NskBEnNqcixA8MMAzSn+sZ8Xfxuyxmvgi
 MILIA4dpUWrY3uWd/x5J6+znHC9MOgmcxRhX2X16jFT1Zd5K/rFTcP6Wz1FXTwZMdn/T7eo3Yjz4iO
 RIWXdgHpzMXKw6EeHaoiWr7gUCLOry
X-Developer-Key: i=broonie@kernel.org; a=openpgp;
 fpr=3F2568AAC26998F9E813A1C5C3F436CA30F5D8EB
X-Stat-Signature: zity4qygk68fr9hue6quwxmrojartie4
X-Rspamd-Queue-Id: D4B092001F
X-Rspam-User: 
X-Rspamd-Server: rspam10
X-HE-Tag: 1724887751-978939
X-HE-Meta: 
 U2FsdGVkX1+5orgVnefh20mWrBq+ZPrD8i3UTOiCNG4eBaNRlRwj5Mq7G3LFuWm8nXdWUrkhR+foiwxrC2Qh8hlsecnvMaPgLhTgKp5fZxnPAwx+6KgZ2iZ75uMQ4MjaUMydDQwsGZUcNh/Kon05BUU0Atn9i4c+Nm+tojrGFeok3DC2UWL0IKOQ5M5/si+rUng0Ttfip5kLlpQa8f8EhFZ7OMEKeelu9ut8xA1JfYOzMd33LLswFMG6LxH32f2Z6rbGZ/l1bl5xKzAvdrjRgRmTDgULD/QMXybayqQy2SAa3BaWvqrG5LQ0TcWC+aGKaLaLM6wBUaHbnBzuIbXybBilc1s9cPCy4w0EuB8PcKHfIhv9nE1DFbgoZhqp7RtvPsi2g5ekbJCcSxZkdtGyuzeKAfSDZQxC4Vdjwx1cIbBN6I9E6+U8QQCu/LYu8Js/W+PTHl1JHWaMh6xSrdvCm0hGC5Hr5TEOcKXSircB9bC7d6GktxDV8m2ZjT8lVEpMwgd+eyOnuCp5VbV3g9ekjgPRDMmsAaOWi4eOeFd8XlCcilLvjRt5bZXfH9WcPytTd0PJ4VozkG+Thw3Aap9NnMLddPhoOL87IaCjM1ILqYmoZxDl8mmuwD/1yqFSRyhPLjB8WSwwlU7Z3780synV2akjHYNLNfCKrkSi0kwUuYq/nxgy04cQq/9jGiWg56OnbBVMo+S23la5rP3iTUIbZ52Q45/Q1yUmETeaqkLQVjbsfU/hyhEw8ObmcCcuN2y4yZbOvnJgZUwuoosQqF7Y/0/fVHsQdOJcm3zaQNJ8cuPurJr9C/KbaHAO+Wd70RNtgpR+2Zng8Mk3ruZOTKCaMGw/kyDd0qFYHqlLFlR+T2CnS+7e49XCrMXByDrJUdVZY6LVf+AYUvtTYN6qfsEk0902P100N6BpsNthL46qerH4380hTy4z32qp9wK0MxYjCDdpa8sCdBbeuVhhQIl
 momaRc8o
 XBAQdNE3u2+R8rbHyt2OKjfIfKU43baKNSxjAvI9A57ldJBqeQnYhsM5MiU7+YFiIvyyFQYDhs3mfGRnnk/fM+0l2mwlcAneESmXrN9eyIz8z+T5Wzu7jicUJEUna+D1rLVLBeQaxErkBkDdKLsXTmnYH5ISkV2V9uWb5Zgm7vFbtFEytyFz7TKuu708YXo+hE2AtHI1jyRZJcIvclrumncrvkgZR8szvjur5ByA6PApgti52WRL+5fXI2JWwjkrenDOMCufNp+dFS4Vhf1CVPa9ojY9gcMmUHkPGKjQaCJraqmCXvCp0D1rf3HMRp9ObPepzeu2sEBlQVOie7hbF+Y1RC5w2wmLHpB5idIiLPyV3jGlm6QPn9HrYbG616dGoHf8TbqB5z3+uAqeljXaU+sf1ir3xyqFDd9dLemSiGhlC/mNw+hxXoagwMJbZBzmqPO+sEO0j9k6RYf9bE/Xi9vcGrA==
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>

FEAT_GCS introduces a number of new system registers, we require that
access to these registers is not trapped when we identify that the feature
is present.  There is also a HCRX_EL2 control to make GCS operations
functional.

Since if GCS is enabled any function call instruction will cause a fault
we also require that the feature be specifically disabled, existing
kernels implicitly have this requirement and especially given that the
MMU must be disabled it is difficult to see a situation where leaving
GCS enabled would be reasonable.

Reviewed-by: Thiago Jung Bauermann <thiago.bauermann@linaro.org>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Mark Brown <broonie@kernel.org>
---
 Documentation/arch/arm64/booting.rst | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/Documentation/arch/arm64/booting.rst b/Documentation/arch/arm64/booting.rst
index b57776a68f15..aed6e9f47cf3 100644
--- a/Documentation/arch/arm64/booting.rst
+++ b/Documentation/arch/arm64/booting.rst
@@ -411,6 +411,38 @@ Before jumping into the kernel, the following conditions must be met:
 
     - HFGRWR_EL2.nPIRE0_EL1 (bit 57) must be initialised to 0b1.
 
+ - For CPUs with Guarded Control Stacks (FEAT_GCS):
+
+  - GCSCR_EL1 must be initialised to 0.
+
+  - GCSCRE0_EL1 must be initialised to 0.
+
+  - If EL3 is present:
+
+    - SCR_EL3.GCSEn (bit 39) must be initialised to 0b1.
+
+  - If EL2 is present:
+
+    - GCSCR_EL2 must be initialised to 0.
+
+ - If the kernel is entered at EL1 and EL2 is present:
+
+    - HCRX_EL2.GCSEn must be initialised to 0b1.
+
+    - HFGITR_EL2.nGCSEPP (bit 59) must be initialised to 0b1.
+
+    - HFGITR_EL2.nGCSSTR_EL1 (bit 58) must be initialised to 0b1.
+
+    - HFGITR_EL2.nGCSPUSHM_EL1 (bit 57) must be initialised to 0b1.
+
+    - HFGRTR_EL2.nGCS_EL1 (bit 53) must be initialised to 0b1.
+
+    - HFGRTR_EL2.nGCS_EL0 (bit 52) must be initialised to 0b1.
+
+    - HFGWTR_EL2.nGCS_EL1 (bit 53) must be initialised to 0b1.
+
+    - HFGWTR_EL2.nGCS_EL0 (bit 52) must be initialised to 0b1.
+
 The requirements described above for CPU mode, caches, MMUs, architected
 timers, coherency and system registers apply to all CPUs.  All CPUs must
 enter the kernel in the same exception level.  Where the values documented