From patchwork Mon Nov 19 21:49:24 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10689569 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 31A6D6C5 for ; Mon, 19 Nov 2018 21:55:36 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 24E352A583 for ; Mon, 19 Nov 2018 21:55:36 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 17FD22A6EE; Mon, 19 Nov 2018 21:55:36 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A747F2A583 for ; Mon, 19 Nov 2018 21:55:35 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 2FD776B1CB0; Mon, 19 Nov 2018 16:54:56 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 25C246B1CB1; Mon, 19 Nov 2018 16:54:56 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 0DCA56B1CB2; Mon, 19 Nov 2018 16:54:55 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pf1-f197.google.com (mail-pf1-f197.google.com [209.85.210.197]) by kanga.kvack.org (Postfix) with ESMTP id A822C6B1CB0 for ; Mon, 19 Nov 2018 16:54:55 -0500 (EST) Received: by mail-pf1-f197.google.com with SMTP id i22-v6so26684750pfj.1 for ; Mon, 19 Nov 2018 13:54:55 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references; bh=QCHYrD5sAwVf/rvr/h1K17NE542y7XSPWeOeWJqblEc=; b=kL2h9bcwfOxLwxaZUt0zZefKOXeHnvFbXkld1C19O45Ub7xBvJiftf3NoRa4CSJBuA nJde5IUvfMVwr5KCP/W2HPim7OdzOkAZI83+0H6QEqxwMNWdYrUyJM2LF8sKOYPa/io9 5H58vvHRJbopK5BwV8cS7fhRRlhbl5WfbFe4juzCM8I04fohrOPIlOUEgt4YTXqQKTTk BXObwqNoU4iY6XYXeKSSmFiHqg6vMTZV3tpdyWs8gmepDxmdEr1WIPj/B7+hJUNlUiWf swZsCQm2BioeOPMwPc2GPApdmulNGO95M4KbvKnWhC33n0qsvx6Gd72+VMJue3xM6riW gWbQ== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: AGRZ1gLuVDUPqMmA67CXaZk78U/vWbpyq/WBDy7WSadIWExhzib112Em ii8vNSUfhLVxsISf1Y/AioSk71amiy1QRCsgGE+0teVp4WmfFOJWXceKbAkdFEu08t9nblIyxUQ XB8K8JbrhcapSVI4VEsOe14lhXPB9VV3gtjFNjH6pbgB+fSYIkRO42bDQyAxVwEnAeg== X-Received: by 2002:a62:3101:: with SMTP id x1-v6mr25569312pfx.204.1542664495368; Mon, 19 Nov 2018 13:54:55 -0800 (PST) X-Google-Smtp-Source: AJdET5coHqItvzU8slVq1+rwK2cnKLW3pHOhh2cKW0bgnzpTDafDibHMAxuNcF3/xflQJ/kWsOwD X-Received: by 2002:a62:3101:: with SMTP id x1-v6mr25569278pfx.204.1542664494658; Mon, 19 Nov 2018 13:54:54 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542664494; cv=none; d=google.com; s=arc-20160816; b=NaEsCbezp880013t+CPVNu/1u15AoGCDpewzoR84kBK4OjcCTEKm6DYMb372XgO/Qn th58AsAliMyX/bHlRX9lgPaogT+c4wOjLZ42NkDPS082B4b18iiHe9dAOo4SP6H21HJi 409ZcRxqgqSPPd9pL5BBtn+t0amKP2kEgTfPCT3FqnFxnFc69Z5e8pTbfDVWDsAGYbst VxtMHYxmsGLluJbtzJPU7BgbqxO5fw+dCm7qrg0HQWcT0BLZopurcu5GuO5cAVA1RCce YlmzPoFsDFGS7hyqi/ECZMHYkYWQRUZ0J1R1D2G+dRX4Dgsw6y9ESZ/fGjnZJ951YGQ1 6CFg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from; bh=QCHYrD5sAwVf/rvr/h1K17NE542y7XSPWeOeWJqblEc=; b=tLdk+YRp51pU21cdh3sEuTTRu6RR3EeS6Ou4Zr31VIbK1nzDIc9SPk9BwAbem9t8Zo KbAtEXx66iRPfNJtCNqxN66G1bAvthPXTDzsOqgZ0gQyArPP9LdN7T9URvaxOkURoL1Z F2EFKcj7G77uqrs4bNL3Sn6afmUBA4NO4Fq0cgRSGmPvVIALITWdFaU+ZuGpC6ppHJqn 3OdcAs33VUdbfa/ryHCBtYzDh9XbyI2kLOiZmOcBPoX5OQDuFCeiwvmH1dNXULrw2Fmv NWWUjzP/qWCL4hb03tcf2BaE0LiyYiFpl9sG/6ruNxxw/rJT6ohU/l+eMefraG/c/GGF 6qHA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga11.intel.com (mga11.intel.com. [192.55.52.93]) by mx.google.com with ESMTPS id s8si4586261plq.345.2018.11.19.13.54.54 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 19 Nov 2018 13:54:54 -0800 (PST) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) client-ip=192.55.52.93; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 19 Nov 2018 13:54:54 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,254,1539673200"; d="scan'208";a="92423879" Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by orsmga006.jf.intel.com with ESMTP; 19 Nov 2018 13:54:52 -0800 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue Cc: Yu-cheng Yu Subject: [RFC PATCH v6 01/11] x86/cet/ibt: Add Kconfig option for user-mode Indirect Branch Tracking Date: Mon, 19 Nov 2018 13:49:24 -0800 Message-Id: <20181119214934.6174-2-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181119214934.6174-1-yu-cheng.yu@intel.com> References: <20181119214934.6174-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP The user-mode indirect branch tracking support is done mostly by GCC to insert ENDBR64/ENDBR32 instructions at branch targets. The kernel provides CPUID enumeration and feature setup. Signed-off-by: Yu-cheng Yu --- arch/x86/Kconfig | 16 ++++++++++++++++ arch/x86/Makefile | 7 +++++++ 2 files changed, 23 insertions(+) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 73dfb94cde71..b7f30ac89e27 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1925,6 +1925,9 @@ config X86_INTEL_CET config ARCH_HAS_SHSTK def_bool n +config ARCH_HAS_AS_LIMIT + def_bool n + config ARCH_HAS_PROGRAM_PROPERTIES def_bool n @@ -1948,6 +1951,19 @@ config X86_INTEL_SHADOW_STACK_USER If unsure, say y. +config X86_INTEL_BRANCH_TRACKING_USER + prompt "Intel Indirect Branch Tracking for user-mode" + def_bool n + depends on CPU_SUP_INTEL && X86_64 + select X86_INTEL_CET + select ARCH_HAS_AS_LIMIT + select ARCH_HAS_PROGRAM_PROPERTIES + ---help--- + Indirect Branch Tracking provides hardware protection against return-/jmp- + oriented programming attacks. + + If unsure, say y + config EFI bool "EFI runtime service support" depends on ACPI diff --git a/arch/x86/Makefile b/arch/x86/Makefile index 0e4746814452..7e6c4aeb0d92 100644 --- a/arch/x86/Makefile +++ b/arch/x86/Makefile @@ -159,6 +159,13 @@ ifdef CONFIG_X86_INTEL_SHADOW_STACK_USER endif endif +# Check compiler ibt support +ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER + ifeq ($(call cc-option-yn, -fcf-protection=branch), n) + $(error CONFIG_X86_INTEL_BRANCH_TRACKING_USER not supported by compiler) + endif +endif + # # If the function graph tracer is used with mcount instead of fentry, # '-maccumulate-outgoing-args' is needed to prevent a GCC bug From patchwork Mon Nov 19 21:49:25 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10689571 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8FE7E13BB for ; Mon, 19 Nov 2018 21:55:39 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8164E2A583 for ; Mon, 19 Nov 2018 21:55:39 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 747FF2A6EE; Mon, 19 Nov 2018 21:55:39 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C5F3B2A583 for ; Mon, 19 Nov 2018 21:55:38 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A500D6B1CB3; Mon, 19 Nov 2018 16:54:57 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 9D7F76B1CB2; Mon, 19 Nov 2018 16:54:57 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 806C96B1CB3; Mon, 19 Nov 2018 16:54:57 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pg1-f200.google.com (mail-pg1-f200.google.com [209.85.215.200]) by kanga.kvack.org (Postfix) with ESMTP id 378826B1CB1 for ; Mon, 19 Nov 2018 16:54:57 -0500 (EST) Received: by mail-pg1-f200.google.com with SMTP id s27so6449629pgm.4 for ; Mon, 19 Nov 2018 13:54:57 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references; bh=UEdfJmpF4/HmvCD4J9WnxeFLFwSQdJ6zEZfUUUfGTVs=; b=fpzUrT1DlIA7XxekOp2sjDQa8IWeeuNUFDYmfcwCA0A6q+qp8SktpsuwVpUjDrDBVm mSko1P9cej+wgc6HFxzlgf5xNrmK3/eZVgTdl6O2pT1QUa0+qkOcoxXBksPppBfmR4ah lm3+70wYdfNx/E68nwhOY0417hov/CqxNCNcvwu1AEdVL+g6XzesqZXuSmvnkWictIHk 1vszY8o1GI2yp1Zd8fG2jP7w6fjB4xsnK+DcEaZyXNGCGY9Meci4RgIk1KtqHVP6aSa+ MasB30axcC6rNZIsc69TNbSgiG5hoIo0ptxGYET9auBdjjfcmQ2h7SAmrOucZtqovxLv 43kg== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: AGRZ1gJHzVBz1V0Osr3KUHiq47gqvf/pe729xLDsO3VCUbAKFJ2Bov+/ 3GJWR1kvgZ21+82SfegfBbYYXG61leGnOoQZJZQYySSDausJw1oa7unKcgwNHm17KCnTrf3Iz5R RSUY4wqO1ueSZergAl4zfYGGOg0/rAl9taOrL4I7W/kDXHZDUCHgsCi7MpYXivwt4qQ== X-Received: by 2002:a63:2c82:: with SMTP id s124mr21216390pgs.73.1542664496872; Mon, 19 Nov 2018 13:54:56 -0800 (PST) X-Google-Smtp-Source: AJdET5d4vzJfDWOmtHnMxNTsZ/ad+x1HTay846IWDCriodD9NhlBeK+oU63cTFFDCoAiuD628glh X-Received: by 2002:a63:2c82:: with SMTP id s124mr21216358pgs.73.1542664495969; Mon, 19 Nov 2018 13:54:55 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542664495; cv=none; d=google.com; s=arc-20160816; b=ya9pxoUTgaqCN+VT+Gk/HAxEX2pxkFEFy05+DdWsejGdRMtBbHrTZyIKkpPO446xIP 5JqNqEDxI5e+r/PylY9lV0/h9UL7Osr7XmMDWcjVIbD9DqETuNCHxYa2q20YeEUbdVgW VIve56V5sUdXc7z5Ve2+zFA1yD4FAA3Y3CAThF3fYyAr2sXCo7lnY/XYwMxQU8pf4XZ9 SYY2ugoLW+qHJFw8eSVYsCXtiAtyU0kkxIc1iU/bS2SkKNpFkKK1PBxm2a8ZgCgjO0Ui Fo8U9YE5BR7uT4JS+5d0D6+/giDHu855ozfqRn0glNwv78R5dB2J1UPM3ixP+cz2j5T+ 4HIA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from; bh=UEdfJmpF4/HmvCD4J9WnxeFLFwSQdJ6zEZfUUUfGTVs=; b=bJ24DJ3g2neNA0iubbDixHQAFgbPG1wfKdunRgY4H/9k3PqOkA5oZDgLo1gkHO8yKY xOfRF2kA0Yo1kxF6kuyWY5UhVT4P2TZxTYpcY5PmMPGzT5BxnnsRRQca+j2w037LOB0Y eTcXFH+/WTFCHtVuESIW61G7sGkYFmtYM0qjufOis1njNaGl0o+e/Wttohc4SQHsYyNs 1c1220YDFD4QA5UpaFlhz9UBo+NFvUU7h7J98zO/D9Sv0+CCE10BPdbKjqfCY1rM7bp5 RAHV1ip5/kBIuRmpNc20MGDlzqjRE2hED+NZyiIDAdEeiPu/xMpZJitYC42c/JK7M9yN JioQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga11.intel.com (mga11.intel.com. [192.55.52.93]) by mx.google.com with ESMTPS id s8si4586261plq.345.2018.11.19.13.54.55 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 19 Nov 2018 13:54:55 -0800 (PST) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) client-ip=192.55.52.93; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 19 Nov 2018 13:54:55 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,254,1539673200"; d="scan'208";a="92423885" Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by orsmga006.jf.intel.com with ESMTP; 19 Nov 2018 13:54:54 -0800 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue Cc: Yu-cheng Yu Subject: [RFC PATCH v6 02/11] x86/cet/ibt: User-mode indirect branch tracking support Date: Mon, 19 Nov 2018 13:49:25 -0800 Message-Id: <20181119214934.6174-3-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181119214934.6174-1-yu-cheng.yu@intel.com> References: <20181119214934.6174-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Add user-mode indirect branch tracking enabling/disabling and supporting routines. Signed-off-by: H.J. Lu Signed-off-by: Yu-cheng Yu --- arch/x86/include/asm/cet.h | 7 +++++ arch/x86/include/asm/disabled-features.h | 8 ++++- arch/x86/kernel/cet.c | 31 +++++++++++++++++++ arch/x86/kernel/cpu/common.c | 17 ++++++++++ arch/x86/kernel/process.c | 1 + .../arch/x86/include/asm/disabled-features.h | 8 ++++- 6 files changed, 70 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/cet.h b/arch/x86/include/asm/cet.h index 29d88e4d8d5d..810d3e386fdb 100644 --- a/arch/x86/include/asm/cet.h +++ b/arch/x86/include/asm/cet.h @@ -12,8 +12,11 @@ struct task_struct; struct cet_status { unsigned long shstk_base; unsigned long shstk_size; + unsigned long ibt_bitmap_addr; + unsigned long ibt_bitmap_size; unsigned int locked:1; unsigned int shstk_enabled:1; + unsigned int ibt_enabled:1; }; #ifdef CONFIG_X86_INTEL_CET @@ -25,6 +28,8 @@ void cet_disable_shstk(void); void cet_disable_free_shstk(struct task_struct *p); int cet_restore_signal(unsigned long ssp); int cet_setup_signal(bool ia32, unsigned long rstor, unsigned long *new_ssp); +int cet_setup_ibt(void); +void cet_disable_ibt(void); #else static inline int prctl_cet(int option, unsigned long arg2) { return -EINVAL; } static inline int cet_setup_shstk(void) { return -EINVAL; } @@ -35,6 +40,8 @@ static inline void cet_disable_free_shstk(struct task_struct *p) {} static inline int cet_restore_signal(unsigned long ssp) { return -EINVAL; } static inline int cet_setup_signal(bool ia32, unsigned long rstor, unsigned long *new_ssp) { return -EINVAL; } +static inline int cet_setup_ibt(void) { return -EINVAL; } +static inline void cet_disable_ibt(void) {} #endif #define cpu_x86_cet_enabled() \ diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h index 3624a11e5ba6..ce5bdaf0f1ff 100644 --- a/arch/x86/include/asm/disabled-features.h +++ b/arch/x86/include/asm/disabled-features.h @@ -62,6 +62,12 @@ #define DISABLE_SHSTK (1<<(X86_FEATURE_SHSTK & 31)) #endif +#ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER +#define DISABLE_IBT 0 +#else +#define DISABLE_IBT (1<<(X86_FEATURE_IBT & 31)) +#endif + /* * Make sure to add features to the correct mask */ @@ -72,7 +78,7 @@ #define DISABLED_MASK4 (DISABLE_PCID) #define DISABLED_MASK5 0 #define DISABLED_MASK6 0 -#define DISABLED_MASK7 (DISABLE_PTI) +#define DISABLED_MASK7 (DISABLE_PTI|DISABLE_IBT) #define DISABLED_MASK8 0 #define DISABLED_MASK9 (DISABLE_MPX) #define DISABLED_MASK10 0 diff --git a/arch/x86/kernel/cet.c b/arch/x86/kernel/cet.c index 1b5d1ce4df8f..fd157a6208c3 100644 --- a/arch/x86/kernel/cet.c +++ b/arch/x86/kernel/cet.c @@ -13,6 +13,8 @@ #include #include #include +#include +#include #include #include #include @@ -302,3 +304,32 @@ int cet_setup_signal(bool ia32, unsigned long rstor_addr, set_shstk_ptr(ssp); return 0; } + +int cet_setup_ibt(void) +{ + u64 r; + + if (!cpu_feature_enabled(X86_FEATURE_IBT)) + return -EOPNOTSUPP; + + rdmsrl(MSR_IA32_U_CET, r); + r |= (MSR_IA32_CET_ENDBR_EN | MSR_IA32_CET_NO_TRACK_EN); + wrmsrl(MSR_IA32_U_CET, r); + + current->thread.cet.ibt_enabled = 1; + return 0; +} + +void cet_disable_ibt(void) +{ + u64 r; + + if (!cpu_feature_enabled(X86_FEATURE_IBT)) + return; + + rdmsrl(MSR_IA32_U_CET, r); + r &= ~(MSR_IA32_CET_ENDBR_EN | MSR_IA32_CET_LEG_IW_EN | + MSR_IA32_CET_NO_TRACK_EN | MSR_IA32_CET_BITMAP_MASK); + wrmsrl(MSR_IA32_U_CET, r); + current->thread.cet.ibt_enabled = 0; +} diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index 795e195bf2fe..16bcc85d3819 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -435,6 +435,23 @@ static __init int setup_disable_shstk(char *s) __setup("no_cet_shstk", setup_disable_shstk); #endif +#ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER +static __init int setup_disable_ibt(char *s) +{ + /* require an exact match without trailing characters */ + if (s[0] != '\0') + return 0; + + if (!boot_cpu_has(X86_FEATURE_IBT)) + return 1; + + setup_clear_cpu_cap(X86_FEATURE_IBT); + pr_info("x86: 'no_cet_ibt' specified, disabling Branch Tracking\n"); + return 1; +} +__setup("no_cet_ibt", setup_disable_ibt); +#endif + /* * Some CPU features depend on higher CPUID levels, which may not always * be available due to CPUID level capping or broken virtualization diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c index f240fce2b20f..f44c26bf6d28 100644 --- a/arch/x86/kernel/process.c +++ b/arch/x86/kernel/process.c @@ -137,6 +137,7 @@ void flush_thread(void) memset(tsk->thread.tls_array, 0, sizeof(tsk->thread.tls_array)); cet_disable_shstk(); + cet_disable_ibt(); fpu__clear(&tsk->thread.fpu); } diff --git a/tools/arch/x86/include/asm/disabled-features.h b/tools/arch/x86/include/asm/disabled-features.h index 3624a11e5ba6..ce5bdaf0f1ff 100644 --- a/tools/arch/x86/include/asm/disabled-features.h +++ b/tools/arch/x86/include/asm/disabled-features.h @@ -62,6 +62,12 @@ #define DISABLE_SHSTK (1<<(X86_FEATURE_SHSTK & 31)) #endif +#ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER +#define DISABLE_IBT 0 +#else +#define DISABLE_IBT (1<<(X86_FEATURE_IBT & 31)) +#endif + /* * Make sure to add features to the correct mask */ @@ -72,7 +78,7 @@ #define DISABLED_MASK4 (DISABLE_PCID) #define DISABLED_MASK5 0 #define DISABLED_MASK6 0 -#define DISABLED_MASK7 (DISABLE_PTI) +#define DISABLED_MASK7 (DISABLE_PTI|DISABLE_IBT) #define DISABLED_MASK8 0 #define DISABLED_MASK9 (DISABLE_MPX) #define DISABLED_MASK10 0 From patchwork Mon Nov 19 21:49:26 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10689573 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3A4C113BB for ; Mon, 19 Nov 2018 21:55:42 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2C74F2A583 for ; Mon, 19 Nov 2018 21:55:42 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 203F42A6EE; Mon, 19 Nov 2018 21:55:42 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id AE84C2A583 for ; Mon, 19 Nov 2018 21:55:41 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6F5D36B1CB1; Mon, 19 Nov 2018 16:54:58 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 655166B1CB2; Mon, 19 Nov 2018 16:54:58 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4F72C6B1CB4; Mon, 19 Nov 2018 16:54:58 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pf1-f198.google.com (mail-pf1-f198.google.com [209.85.210.198]) by kanga.kvack.org (Postfix) with ESMTP id 05ED36B1CB1 for ; Mon, 19 Nov 2018 16:54:58 -0500 (EST) Received: by mail-pf1-f198.google.com with SMTP id l15-v6so27594126pff.5 for ; Mon, 19 Nov 2018 13:54:57 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references; bh=qwvBk6j/AQhaRu5D52VWCF3xBckwceEXvsvcLNj5iAY=; b=aFCulnC2HwO2d+p1FPjfXKSF4uJC9hpKLdO4R4QPu3n7EQ4Z5tPN4bVW7+Qk4JLyh9 fAI8SWzeoMMKFu5TIVNtFGapm2wm+xgJEIrM75oFQye+yY1RqJWqIp2oevTTIzJNuIsO QynVjI+hzWLMk1MY4+Ar59gtqMq5x8uq6Nv2VtND6WB/sBHPCFpkLoH+21xv81p99Stn DFkLuYAAZZULlAfZciSy6+gmpMDQxh6K2fIP4fpKD4sYtjKGYUP3AS8C53h2YjmGDl6d 64yxUHSoQZOKfyVEsrbychDPpdaeYTKhB1kygEN2y8r0qic5Aglo3TINNFaKFzw3jdng gdXQ== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: AGRZ1gJ/8meRx8B0ISVWq0hsAzS4tpFagc1xNuGhLJ85dFFkGjWWRUZd vazx93Ox9ydEfSZ0Zs04MUwsITcvJp/TmhCi/2G6Jafr0OnugsSaXBzYbY/cZJMi+f+3VE4KDnE 53caRQ9vAeqyqyTYbLdWsfEEyg2ZNxqZwh9e063xoCk49H30VESsTegWbftNK8LyJnw== X-Received: by 2002:a62:2a04:: with SMTP id q4-v6mr24449493pfq.61.1542664497691; Mon, 19 Nov 2018 13:54:57 -0800 (PST) X-Google-Smtp-Source: AJdET5f2Mi83f0rAqwGOlWRjwdcX00/3/fGgWzfSKT5mc/eBkB3SgppjYRFYFqPclzLeEIvfLHbo X-Received: by 2002:a62:2a04:: with SMTP id q4-v6mr24449469pfq.61.1542664497038; Mon, 19 Nov 2018 13:54:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542664497; cv=none; d=google.com; s=arc-20160816; b=nY2w3yW8jEYppqKLJMjPi/uD+tjJ/tS+AXhN/Qd3xPeyMMHZ3TRqJEJK6Anpel1L6e 24wJMPN1pSB3ERfSd9p61wRcaPKGBtLXARTxiI/gPkEavuoSGw2EWigKC5E2fLqEitEF z3wWpskzXnG0RtpJsVtdYfQfd2h/4Bh68GuM9rLTaHqCsmxPwMteY59239fvJ96r6PP8 IqRi73REqV94f5RINRHZV+3XJe11Jve/27ZAgmktd0k7/p8mvwQYPr7s6BZzkfEJ5T2Y cc15rIUWkLwN+CuWg/Gm4TZftWXjvP46MXQWKfIzqrTjepN9HCpVEhyWlzP6heIhr7eG NlRQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from; bh=qwvBk6j/AQhaRu5D52VWCF3xBckwceEXvsvcLNj5iAY=; b=T9IYy9/vvbS8oMYNEgRa9PRXQknVXy/TCWD/V115IIx1Jf+qgGwk0bD1Cq/OiqNNWe HU38rorANeZDnlmDzACILUxK5CR8/JR/jzroSHzLQim1qxnNCu4xgJsogxH1QbkSanxC 4uv2lekxBs2d4sElby06U9SKVl6nAVX7dURD/qCDYMmqvl/V0p1NNqM/qZ3DMHbhNdHK /dz5xSd5URHgvZaqOMK4Bho+q1dluSIOU6+4zaFZxI4Wx4/xcGIrYTKzDoIH9/Umlh4b nkKDpw0YepXSUbhl7v9euHwzumDf+OfLTO9C5G0wQaKxNVcDnOJau9vAM129LH6qUPZl nTrw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga11.intel.com (mga11.intel.com. [192.55.52.93]) by mx.google.com with ESMTPS id s8si4586261plq.345.2018.11.19.13.54.56 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 19 Nov 2018 13:54:57 -0800 (PST) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) client-ip=192.55.52.93; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 19 Nov 2018 13:54:56 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,254,1539673200"; d="scan'208";a="92423889" Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by orsmga006.jf.intel.com with ESMTP; 19 Nov 2018 13:54:55 -0800 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue Cc: Yu-cheng Yu Subject: [RFC PATCH v6 03/11] x86/cet/ibt: Add IBT legacy code bitmap setup function Date: Mon, 19 Nov 2018 13:49:26 -0800 Message-Id: <20181119214934.6174-4-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181119214934.6174-1-yu-cheng.yu@intel.com> References: <20181119214934.6174-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Indirect Branch Tracking (IBT) provides an optional legacy code bitmap that allows execution of legacy, non-IBT compatible library by an IBT-enabled application. When set, each bit in the bitmap indicates one page of legacy code. The bitmap is allocated and setup from the application. Signed-off-by: Yu-cheng Yu --- arch/x86/include/asm/cet.h | 1 + arch/x86/kernel/cet.c | 23 +++++++++++++++++++++++ 2 files changed, 24 insertions(+) diff --git a/arch/x86/include/asm/cet.h b/arch/x86/include/asm/cet.h index 810d3e386fdb..db40fc54a905 100644 --- a/arch/x86/include/asm/cet.h +++ b/arch/x86/include/asm/cet.h @@ -29,6 +29,7 @@ void cet_disable_free_shstk(struct task_struct *p); int cet_restore_signal(unsigned long ssp); int cet_setup_signal(bool ia32, unsigned long rstor, unsigned long *new_ssp); int cet_setup_ibt(void); +int cet_setup_ibt_bitmap(unsigned long bitmap, unsigned long size); void cet_disable_ibt(void); #else static inline int prctl_cet(int option, unsigned long arg2) { return -EINVAL; } diff --git a/arch/x86/kernel/cet.c b/arch/x86/kernel/cet.c index fd157a6208c3..18a92a92c50f 100644 --- a/arch/x86/kernel/cet.c +++ b/arch/x86/kernel/cet.c @@ -21,6 +21,7 @@ #include #include #include +#include static int set_shstk_ptr(unsigned long addr) { @@ -333,3 +334,25 @@ void cet_disable_ibt(void) wrmsrl(MSR_IA32_U_CET, r); current->thread.cet.ibt_enabled = 0; } + +int cet_setup_ibt_bitmap(unsigned long bitmap, unsigned long size) +{ + u64 r; + + if (!current->thread.cet.ibt_enabled) + return -EINVAL; + + if (!PAGE_ALIGNED(bitmap) || (size > TASK_SIZE_MAX)) + return -EINVAL; + + current->thread.cet.ibt_bitmap_addr = bitmap; + current->thread.cet.ibt_bitmap_size = size; + + /* + * Turn on IBT legacy bitmap. + */ + rdmsrl(MSR_IA32_U_CET, r); + r |= (MSR_IA32_CET_LEG_IW_EN | bitmap); + wrmsrl(MSR_IA32_U_CET, r); + return 0; +} From patchwork Mon Nov 19 21:49:27 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10689575 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 1FADA1923 for ; Mon, 19 Nov 2018 21:55:45 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 12D7B2A583 for ; Mon, 19 Nov 2018 21:55:45 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 05F2A2A6EE; Mon, 19 Nov 2018 21:55:45 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 975C92A583 for ; Mon, 19 Nov 2018 21:55:44 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B0FF76B1CB2; Mon, 19 Nov 2018 16:54:59 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 9FEB36B1CB4; Mon, 19 Nov 2018 16:54:59 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 803EE6B1CB5; Mon, 19 Nov 2018 16:54:59 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pf1-f199.google.com (mail-pf1-f199.google.com [209.85.210.199]) by kanga.kvack.org (Postfix) with ESMTP id 3BDE06B1CB2 for ; Mon, 19 Nov 2018 16:54:59 -0500 (EST) Received: by mail-pf1-f199.google.com with SMTP id s14so4876845pfk.16 for ; Mon, 19 Nov 2018 13:54:59 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references; bh=UDsB1X8qrhTibz/44k1UitNwkiMYishcV/n5jBRYRiI=; b=fWZ9m/dzUjcUXcOxos0vO1GkWZxlb7pP9aq5hq++LOjNsbKbhisvx7DF1rytfFuAK7 B8SgkeMWAoV2nJ/vCdTuhTom11w8x3Qe4g0PbgHXD5z2szBUBmFOFbIrxWktAiStGnhi YObVgudl0SswFZtuMVDYQQ0IdbMpuAHYUweQxfSQeGmsSyrKKTKLV6NzzYFbhapknhNb xlTMTTQBhBBJVPNYqQ8/gXqzkG9powHWylpSRosVKFhhpR7d1yH6Isy5XYAHZlQE/x9G eKxEsOV/KDp2k85jyiwPQwaVVlcKmSWYdYLvAPffUUUOBu7QPS/98TyxhHBMJemLIyy+ 4ipw== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: AGRZ1gIzJUMj+7TSYGrfMR6Le9dwPi12rGPKprHXnSuWVEnXH+ANLEZ8 6gwco6YCefY/ISHf4iVTwtspaY8Lo+HvLtnDI8Lu/q4tCyroEOAJZn6wImjyy09hLndtrwaVh0V g5jxnDKiOASMjM21LkZkcmFoA82iiCp1cBgnFZMBSBsT4qx5oo318Xb6MsTvfJjBWZA== X-Received: by 2002:a62:178c:: with SMTP id 134-v6mr25302455pfx.29.1542664498943; Mon, 19 Nov 2018 13:54:58 -0800 (PST) X-Google-Smtp-Source: AJdET5cQAsO+8bVSLFv1pEGeTeukbt5l1gLDoQI//GJ+LoIg39fVrmRtW/3HFacAf9LhrjG8QMlO X-Received: by 2002:a62:178c:: with SMTP id 134-v6mr25302432pfx.29.1542664498322; Mon, 19 Nov 2018 13:54:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542664498; cv=none; d=google.com; s=arc-20160816; b=ng26eojhZNDt8D4XqHSIldSCS0rmZXD/2ZEddu1jSlwDIOfYHNOUgtynxVVOIWBLKX 5ur1RCyFk8jEXTfjMxuKh2GDvE1euPUGI3OZ3S/BlzBhqjNCabb4L1YRdwWch870EDJp F8DmxcR16ngKYOaMBCGYho1aRHvccRBgEPYlVbrbXmqsfRslBl18xLuwi0rKvpnJE/YL ubKg7CyXp1/Rw+ehplD+JiLb6eaiR5fy8EtfsdceD90A2KtkaospGTRPBEtmTYn/m+i8 Ar4Bc3xdM99gG2MyROxES2tvtu+W2x4ndCxdZV0bLnI1JZGwQxGj2J6+vyZBkban3ka5 QvCQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from; bh=UDsB1X8qrhTibz/44k1UitNwkiMYishcV/n5jBRYRiI=; b=NzTwMw013GcKdhZvvSMc+gxMT/DwErBZTvxaY/oMi4mmE0C1y6vOJfJizPL6k9td5S F7iFVglgDtGQBc20NW360O7jP86Hv5VIGGaiGJh8bT45y/Q22f2J0ooPgGdNn93x0fXS IjIj9PAT8hL2L0eGBkXc6ykiVqVDdxkEjMM9uYx5x9LP/fHmrslvU/9dLIysbefxb068 TKXXxs0H7ozdiIZkH3oaDpo17WebHYCdGSNxWnNC9sVpHVqAtf4CHTu19fUv0lfBaHre xUCK7mY5L4Es3hWBTIKRYpDmpmi631V7CKtJQfWK7tWJiEIopIfP4N5iUs/e54PHSMVN tpLQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga11.intel.com (mga11.intel.com. [192.55.52.93]) by mx.google.com with ESMTPS id s8si4586261plq.345.2018.11.19.13.54.58 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 19 Nov 2018 13:54:58 -0800 (PST) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) client-ip=192.55.52.93; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 19 Nov 2018 13:54:57 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,254,1539673200"; d="scan'208";a="92423896" Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by orsmga006.jf.intel.com with ESMTP; 19 Nov 2018 13:54:56 -0800 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue Cc: Yu-cheng Yu Subject: [RFC PATCH v6 04/11] mm/mmap: Add IBT bitmap size to address space limit check Date: Mon, 19 Nov 2018 13:49:27 -0800 Message-Id: <20181119214934.6174-5-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181119214934.6174-1-yu-cheng.yu@intel.com> References: <20181119214934.6174-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP The indirect branch tracking legacy bitmap takes a large address space. This causes may_expand_vm() failure on the address limit check. For a IBT-enabled task, add the bitmap size to the address limit. Signed-off-by: Yu-cheng Yu --- arch/x86/include/asm/mmu_context.h | 10 ++++++++++ mm/mmap.c | 19 ++++++++++++++++++- 2 files changed, 28 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/mmu_context.h b/arch/x86/include/asm/mmu_context.h index 57c1f6c42bef..97a101267dd5 100644 --- a/arch/x86/include/asm/mmu_context.h +++ b/arch/x86/include/asm/mmu_context.h @@ -341,4 +341,14 @@ static inline unsigned long __get_current_cr3_fast(void) return cr3; } +#ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER +static inline unsigned long arch_as_limit(void) +{ + if (current->thread.cet.ibt_enabled) + return current->thread.cet.ibt_bitmap_size; + else + return 0; +} +#endif + #endif /* _ASM_X86_MMU_CONTEXT_H */ diff --git a/mm/mmap.c b/mm/mmap.c index 9560d69fa08c..3de023f3e565 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -3283,13 +3283,30 @@ struct vm_area_struct *copy_vma(struct vm_area_struct **vmap, return NULL; } +#ifndef CONFIG_ARCH_HAS_AS_LIMIT +static inline unsigned long arch_as_limit(void) +{ + return 0; +} +#endif + /* * Return true if the calling process may expand its vm space by the passed * number of pages */ bool may_expand_vm(struct mm_struct *mm, vm_flags_t flags, unsigned long npages) { - if (mm->total_vm + npages > rlimit(RLIMIT_AS) >> PAGE_SHIFT) + unsigned long as_limit = rlimit(RLIMIT_AS); + unsigned long as_limit_plus = as_limit + arch_as_limit(); + + /* as_limit_plus overflowed */ + if (as_limit_plus < as_limit) + as_limit_plus = RLIM_INFINITY; + + if (as_limit_plus > as_limit) + as_limit = as_limit_plus; + + if (mm->total_vm + npages > as_limit >> PAGE_SHIFT) return false; if (is_data_mapping(flags) && From patchwork Mon Nov 19 21:49:28 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10689577 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 29C9A13BB for ; Mon, 19 Nov 2018 21:55:48 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 1D95B2A583 for ; Mon, 19 Nov 2018 21:55:48 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 10DA22A6EE; Mon, 19 Nov 2018 21:55:48 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9A0A42A583 for ; Mon, 19 Nov 2018 21:55:47 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D81C66B1CB4; Mon, 19 Nov 2018 16:55:00 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id CBBE06B1CB5; Mon, 19 Nov 2018 16:55:00 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B36646B1CB6; Mon, 19 Nov 2018 16:55:00 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pg1-f199.google.com (mail-pg1-f199.google.com [209.85.215.199]) by kanga.kvack.org (Postfix) with ESMTP id 6EA5D6B1CB4 for ; Mon, 19 Nov 2018 16:55:00 -0500 (EST) Received: by mail-pg1-f199.google.com with SMTP id 143so18932668pgc.3 for ; Mon, 19 Nov 2018 13:55:00 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references; bh=o/PBQ3CkV7J/3jACeeurg2rtp1WiDpNRBsfd4DxQg+o=; b=o7JdaYWWlHoaQd7Dg+gByyORiQbzxCCndOP+29IfarW5rhODs1S9XmV6vdFTssD9mn dc2JHO1CsJi8BdMKQjoCOCy/z3tabogZB4fjQSHxv7RjdnmUtUc+/RMZDdrZgI0Ba6LS G61n+XNNJb7rqScr8Ue1xMAhTZAvmzeyH/ZBpOWTfeypk1L7rqA0b8bCzduS3WPlTuEp ZMg+cJgpL1hUhil8dedpx60I+Xg4Yv9dQ88VPxvuu+Vj+wK8XbiJU3SWIrF4s+U1dorI 52jI/DP1JhFqSPF/7xPefdDlN5OBTOxyT2x+IOZmGHOAfL/hupO1JDbH39H4BwfkV/Wo VjwA== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: AGRZ1gI+r7703eZRrOcUF/0z/2V0f2L4swrsoqU2yeiRXdOiSriMKnoe I52lc2UYkTCK+1+9ljKV7OBCJD8vCdANovnv4+brl9ZA/HLORlVLqKw6s6z6olVw6Ym7kKs0L8c UB64GQpngk07Flw+5bp1vW7CbZmLD1sXz4iRVferFzgh4zSeoaiJv0nHZqfsE+1lekA== X-Received: by 2002:a62:31c2:: with SMTP id x185-v6mr24897091pfx.39.1542664500142; Mon, 19 Nov 2018 13:55:00 -0800 (PST) X-Google-Smtp-Source: AJdET5dSPOAyu6VnO1Bv8h81wMVnTddd8aE0helMuP4w5E+xEYnC0GmAcZegK99RN4UH6+NZZ3zm X-Received: by 2002:a62:31c2:: with SMTP id x185-v6mr24897069pfx.39.1542664499544; Mon, 19 Nov 2018 13:54:59 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542664499; cv=none; d=google.com; s=arc-20160816; b=CgOodowgNXy5j6i42IXW0DwgNrPK7WCuDl9Hf43H1HZPa4PzCl2DWR+0WXL+q7HWMo dibVCPYcnwWMnjNF49pBAoX+I0scOn5ai2HTa85szCZQdDiJt8AKB8MuzxEC1csAo6DJ S+0nE6QJnewdsFYPu+O2BdO77LNKLtTNXH/JYuUZrxQlNtkYzHm+u27isRh9uGmf9KuL Dp+lLDEroAF6H9Dp/8ImsikzDMJVrHFLrtS2OftXfZkFbCqlv1d4YVHL7UXAl34+q7zp TXysj6eKN+aNb6SnmpRQCGHcTTTAXzfs7spT2wIfP4p+jaMRBgrWBVYz61NKImry+GUr gjGQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from; bh=o/PBQ3CkV7J/3jACeeurg2rtp1WiDpNRBsfd4DxQg+o=; b=HIVp/YEaGkEPgdF+a16tZ6UIeR0bu22oyJlZUujHoqdvkX3lcvHh/RS3+USiU2v4jJ m9Jba1PJ3UC+XxmtCiS1f0cMd29kfVXuQNnFHOE7C0H6IokEyrB6i/iZe02g2lx8nXV2 9D26TxXnrGPl9+VqR2oGMwq8qZ0NC6bhBMZ/MDLFdudLGq93nfjSek+GmJ7aV4r+wf1E ai79wujOsdjOdHAhDZcw/3MBSAjB6Kerc59TN0o8flV7nyLL83UFKx4qstiGmKPtyz3i SNKiSKwNDtmWHGG3dfKlqBgS44PGZhgkwTHjPEtNNvepPCJHyIUvAgqtSQvqf/I/vx3y y2Kw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga11.intel.com (mga11.intel.com. [192.55.52.93]) by mx.google.com with ESMTPS id s8si4586261plq.345.2018.11.19.13.54.59 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 19 Nov 2018 13:54:59 -0800 (PST) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) client-ip=192.55.52.93; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 19 Nov 2018 13:54:59 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,254,1539673200"; d="scan'208";a="92423899" Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by orsmga006.jf.intel.com with ESMTP; 19 Nov 2018 13:54:57 -0800 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue Cc: Yu-cheng Yu Subject: [RFC PATCH v6 05/11] x86/cet/ibt: ELF header parsing for IBT Date: Mon, 19 Nov 2018 13:49:28 -0800 Message-Id: <20181119214934.6174-6-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181119214934.6174-1-yu-cheng.yu@intel.com> References: <20181119214934.6174-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Look in .note.gnu.property of an ELF file and check if Indirect Branch Tracking needs to be enabled for the task. Signed-off-by: H.J. Lu Signed-off-by: Yu-cheng Yu --- arch/x86/include/uapi/asm/elf_property.h | 1 + arch/x86/kernel/elf.c | 5 +++++ 2 files changed, 6 insertions(+) diff --git a/arch/x86/include/uapi/asm/elf_property.h b/arch/x86/include/uapi/asm/elf_property.h index af361207718c..343a871b8fc1 100644 --- a/arch/x86/include/uapi/asm/elf_property.h +++ b/arch/x86/include/uapi/asm/elf_property.h @@ -11,5 +11,6 @@ * Bits for GNU_PROPERTY_X86_FEATURE_1_AND */ #define GNU_PROPERTY_X86_FEATURE_1_SHSTK (0x00000002) +#define GNU_PROPERTY_X86_FEATURE_1_IBT (0x00000001) #endif /* _UAPI_ASM_X86_ELF_PROPERTY_H */ diff --git a/arch/x86/kernel/elf.c b/arch/x86/kernel/elf.c index 60e396e2abe9..7727b9332097 100644 --- a/arch/x86/kernel/elf.c +++ b/arch/x86/kernel/elf.c @@ -353,6 +353,11 @@ int arch_setup_features(void *ehdr_p, void *phdr_p, } } + if (cpu_feature_enabled(X86_FEATURE_IBT)) { + if (feature & GNU_PROPERTY_X86_FEATURE_1_IBT) + err = cet_setup_ibt(); + } + out: return err; } From patchwork Mon Nov 19 21:49:29 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10689579 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id F12B713BB for ; Mon, 19 Nov 2018 21:55:50 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E314F2A583 for ; Mon, 19 Nov 2018 21:55:50 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D644B2A6EE; Mon, 19 Nov 2018 21:55:50 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 698F42A583 for ; Mon, 19 Nov 2018 21:55:50 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4336F6B1CB6; Mon, 19 Nov 2018 16:55:02 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 3BB466B1CB7; Mon, 19 Nov 2018 16:55:02 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 238B06B1CB8; Mon, 19 Nov 2018 16:55:02 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pg1-f199.google.com (mail-pg1-f199.google.com [209.85.215.199]) by kanga.kvack.org (Postfix) with ESMTP id B8BE26B1CB6 for ; Mon, 19 Nov 2018 16:55:01 -0500 (EST) Received: by mail-pg1-f199.google.com with SMTP id t26so4674344pgu.18 for ; Mon, 19 Nov 2018 13:55:01 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references; bh=Jr5OEgZMFm1CVpCy6A4/sKFO9JSC7hHXqBtrAH6VUPw=; b=lGtEa0JZvIkHb5Vpybq/mbLwcCGc9GUwRNXZarU07FD0g94EjeXic9/xR02yv05jKe pg1CZa4B3P0+/6rLVqdOiPKPgNXAtEzOrlycEEZRhjwF92J5Rgq5/gEd67LwNAWoJiq+ mwdCLFL63bH8Qn+H6CyO5eng7K43wROMaSGZN9zhSJ0IIgMP9PVdEpqsHs5XvmO8eNj2 pvZMadnF19++BNTAmdubAI47vC0nvPU+PwgeHXxwytDanM4pn8UvCk6vjuFBqjY8On77 iZ02k/r/1w1sRMVYN/CyQPBdLQkzvU2Tf0+QEDT/rkq91xqIH/qczTPv1U4yzXsiYAgr L3LA== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: AGRZ1gJdj0X1Vl8hrtW6MXhzr+2WKk7cxm65y07Sh2AC2ALmtITPXyGX CZ4hd6swgin7krRp7M7c3RmRWESANW7NVtMIWmUkK33g/Ts/9QlK7DHL7KkZUIGVnoPJvAcgL5y zwbzs0V66gCxvOUhKgZTT8ll52VrBmk1EHr/sKZXdcnfmaxD6PcraEhf+9ENvizG3ug== X-Received: by 2002:a62:d449:: with SMTP id u9-v6mr12874294pfl.116.1542664501424; Mon, 19 Nov 2018 13:55:01 -0800 (PST) X-Google-Smtp-Source: AJdET5eWiZpXcXcYeI8LjWCu5CK0WCK/z8cd/yBYZ3/iiVCrRZ3dq1xELfJj+ctmK7olf84KHZZ5 X-Received: by 2002:a62:d449:: with SMTP id u9-v6mr12874269pfl.116.1542664500709; Mon, 19 Nov 2018 13:55:00 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542664500; cv=none; d=google.com; s=arc-20160816; b=E24slrAUSDSoVWENNbFdmlu++WThzPRQZppFNdwjQDvXUm/F3lk93i+dfPORd8hjN6 aK1HOVGbgXYFFcOWOtuy3UC1tmdcUN+0k2vJEpdjvjiGweaA3OPArpbVUTcafbZNZWUc XzbSQGz3zY3YJxsuyvQZ0MDy8Wib2gqlHJrXh7EBoKGgI7JtFi4BwlV81o5fYo66wfYf 73TqFBFCFV7d7gX+aeVo9koolMG1n5zLHFyyRc0TvJpJnEY9FAKWxUGPUugWSLap9ZWK hy0Upcpi3QITBXGlZocSIttaB7uNdGEndRy/XGvVxiMaJ7Y78QvQXazHw8k2yGUOxbX0 Tlfw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from; bh=Jr5OEgZMFm1CVpCy6A4/sKFO9JSC7hHXqBtrAH6VUPw=; b=RHg1Yy/CC/cHkuSveDmfuji/2SkX9WrjFYNh9jb8iGXJZx5Qpd6VXdjUr8ZCqkMgB8 2cSNMbccMeBK+BFATAjfIqoRS3cXbNnsu23OnT7wDuCvK8bFrUfnlSWwRzN1WV9HrQDd NGJUMrecPB0JjKIyW2TSeYoCwHLPTAz0ltinlGB0iUVziVNT7L8Ew436ZV6AAITpvskL jZ6aFtCs8YDcVur+rbVAiwNI8L/YcDjrtnFD53KKliZ14j2g+qBctU5Fj/or5gfmLsPq t2+YIgSzOKlcRoH7iITx+EYTccHeZ0VVCOoF5FqwMJUbUE7MXbhA0TG6Ke4L+Y70J1XN +Kig== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga11.intel.com (mga11.intel.com. [192.55.52.93]) by mx.google.com with ESMTPS id s8si4586261plq.345.2018.11.19.13.55.00 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 19 Nov 2018 13:55:00 -0800 (PST) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) client-ip=192.55.52.93; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 19 Nov 2018 13:55:00 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,254,1539673200"; d="scan'208";a="92423905" Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by orsmga006.jf.intel.com with ESMTP; 19 Nov 2018 13:54:59 -0800 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue Cc: Yu-cheng Yu Subject: [RFC PATCH v6 06/11] x86/cet/ibt: Add arch_prctl functions for IBT Date: Mon, 19 Nov 2018 13:49:29 -0800 Message-Id: <20181119214934.6174-7-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181119214934.6174-1-yu-cheng.yu@intel.com> References: <20181119214934.6174-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Update ARCH_X86_CET_STATUS and ARCH_X86_CET_DISABLE to include Indirect Branch Tracking features. Introduce: arch_prctl(ARCH_X86_CET_SET_LEGACY_BITMAP, unsigned long *addr) Enable the Indirect Branch Tracking legacy code bitmap. The parameter 'addr' is a pointer to a user buffer that has: *addr = IBT bitmap base address *(addr + 1) = IBT bitmap size Signed-off-by: H.J. Lu Signed-off-by: Yu-cheng Yu --- arch/x86/include/uapi/asm/prctl.h | 2 ++ arch/x86/kernel/cet_prctl.c | 21 +++++++++++++++++++++ 2 files changed, 23 insertions(+) diff --git a/arch/x86/include/uapi/asm/prctl.h b/arch/x86/include/uapi/asm/prctl.h index d962f0ec9ccf..5eb9aeb5c662 100644 --- a/arch/x86/include/uapi/asm/prctl.h +++ b/arch/x86/include/uapi/asm/prctl.h @@ -18,5 +18,7 @@ #define ARCH_X86_CET_DISABLE 0x3002 #define ARCH_X86_CET_LOCK 0x3003 #define ARCH_X86_CET_ALLOC_SHSTK 0x3004 +#define ARCH_X86_CET_GET_LEGACY_BITMAP 0x3005 /* deprecated */ +#define ARCH_X86_CET_SET_LEGACY_BITMAP 0x3006 #endif /* _ASM_X86_PRCTL_H */ diff --git a/arch/x86/kernel/cet_prctl.c b/arch/x86/kernel/cet_prctl.c index 320dbb620d61..a752d73cb1f4 100644 --- a/arch/x86/kernel/cet_prctl.c +++ b/arch/x86/kernel/cet_prctl.c @@ -21,6 +21,8 @@ static int handle_get_status(unsigned long arg2) if (current->thread.cet.shstk_enabled) features |= GNU_PROPERTY_X86_FEATURE_1_SHSTK; + if (current->thread.cet.ibt_enabled) + features |= GNU_PROPERTY_X86_FEATURE_1_IBT; shstk_base = current->thread.cet.shstk_base; shstk_size = current->thread.cet.shstk_size; @@ -56,6 +58,17 @@ static int handle_alloc_shstk(unsigned long arg2) return 0; } +static int handle_bitmap(unsigned long arg2) +{ + unsigned long addr, size; + + if (get_user(addr, (unsigned long __user *)arg2) || + get_user(size, (unsigned long __user *)arg2 + 1)) + return -EFAULT; + + return cet_setup_ibt_bitmap(addr, size); +} + int prctl_cet(int option, unsigned long arg2) { if (!cpu_x86_cet_enabled()) @@ -70,6 +83,8 @@ int prctl_cet(int option, unsigned long arg2) return -EPERM; if (arg2 & GNU_PROPERTY_X86_FEATURE_1_SHSTK) cet_disable_free_shstk(current); + if (arg2 & GNU_PROPERTY_X86_FEATURE_1_IBT) + cet_disable_ibt(); return 0; @@ -80,6 +95,12 @@ int prctl_cet(int option, unsigned long arg2) case ARCH_X86_CET_ALLOC_SHSTK: return handle_alloc_shstk(arg2); + /* + * Allocate legacy bitmap and return address & size to user. + */ + case ARCH_X86_CET_SET_LEGACY_BITMAP: + return handle_bitmap(arg2); + default: return -EINVAL; } From patchwork Mon Nov 19 21:49:30 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10689581 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id B000A6C5 for ; Mon, 19 Nov 2018 21:55:53 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A396E2A583 for ; Mon, 19 Nov 2018 21:55:53 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 96C7B2A6EE; Mon, 19 Nov 2018 21:55:53 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 232572A583 for ; Mon, 19 Nov 2018 21:55:53 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E92856B1CB7; Mon, 19 Nov 2018 16:55:03 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id E1CA76B1CB8; Mon, 19 Nov 2018 16:55:03 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C94236B1CB9; Mon, 19 Nov 2018 16:55:03 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pl1-f198.google.com (mail-pl1-f198.google.com [209.85.214.198]) by kanga.kvack.org (Postfix) with ESMTP id 821C56B1CB7 for ; Mon, 19 Nov 2018 16:55:03 -0500 (EST) Received: by mail-pl1-f198.google.com with SMTP id t22so642444plo.10 for ; Mon, 19 Nov 2018 13:55:03 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references; bh=TK8EDeMGPZ2hWiuLL/i5vI4+eG5g0kdJ6UAxh9hkMGQ=; b=po5QyTchZS1su6Ior8N+f5RqYLbHHbyftgu9Q9chQbdFUZI70saGNmgE+hLou0+nwl ncs4lNIW9FxQe+xse5Jmqc6CEjMbE6o3qxem5EdbDvSymiSmGBdxu06opIkYV9ZhZJzC KyoJtu+8OA8mlrV6v5i1xECEOudhVstTU8o3Ud6k1X94gN/NPyT4kOtzZM54ngvSs8i1 T12uXYH2ktEl9HI7I4iOAX7SbC2RItKqR62MPSFn8RLH7wQdOpWaWp339TJb2qWJSA3+ AoFWaNuPU7mMXukoQIfzMpbRyfo8tYes9dLd+/4RbQ2Q6Mtues596MHGZAclzg/N6AsC eiZQ== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: AGRZ1gIkgG7qBta2HM0hSKIO7JQ4LHMzlJEd0WnLi5885OlrVeNZqBby YbCtE0SBDxr00stp/fbC2XiQXmVRf2x8dB+UHfUKlsCaAk5EXdTz01JbNRJ0BE3bhWuk0px7mgO 0J6pvpuuu+H5aHzxZ52gG2QiIR03WQhag+3M0FLME4axtJeNjJOPRyvowHalkxLh45g== X-Received: by 2002:a62:cf02:: with SMTP id b2mr17818606pfg.183.1542664503155; Mon, 19 Nov 2018 13:55:03 -0800 (PST) X-Google-Smtp-Source: AJdET5cFtBrrZWxxLfMe0X9PV49uI6Rq1sJ9dcfkpHh2e1BALmjgMDjWJS/sTk7XgKe4O4GnwvCr X-Received: by 2002:a62:cf02:: with SMTP id b2mr17818555pfg.183.1542664501957; Mon, 19 Nov 2018 13:55:01 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542664501; cv=none; d=google.com; s=arc-20160816; b=rtazDkiRKjcouYU0cLVWlrekCsFR9lSZiKB5KByNlGftu6c7g7g56EcXB87ADgnV0G Gm+xL+koLfyCeZ6sNJRsnkOOIjN3qmiZq/SbP79D5VKo5junY5k8RuYuJIUbuZQcbvgd kA89INBiJ2CFTXvyp6Xa6aCDLKFR8b02hVQavi19sv/z/PTHQMyiqium6RGRIQ2eqmUU mHj3jAUNeyQcahXd1w6V/fapdu1gJEvBGHcAaNsxIPEzh5NpWm7DlzhbgTHC+CJEZ6wM 9kQWTPQwaBUANu1gYug3+f6Io7gHj7CKZNkp9oSTexNzuZp2Gq4RtKsK6MGJpAWhkPNv ppAQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from; bh=TK8EDeMGPZ2hWiuLL/i5vI4+eG5g0kdJ6UAxh9hkMGQ=; b=ZqsbPfNI6BHlExju3Q4Dxza/MSTZC5V0Td6Btiz14Cg1z+3weAqwsoofewhe3SpWfp xOxyfmDhxHZG6Wd9JE+6QxJgJDpQq7RkDy2Zy+ZwFhJUFEZNTdgpf5v2dMrXdm8D6Drm fhtu532T85EWPrSGC5QHAa3ZbRVY5ywRNALnOHv9MQyiQMzz/6qRDMllu56pWsUH1KU+ jN8ce4cg2ziGIMWzsWfLJdlGed1fvb6hqeY5cpeSySd37Jq3a1+9u8bqFK0qgRr0jRZc Sy+/QsE0YBqwjucJaKJzDJoB0EFOasokhr3kNbdvCaEP3KQS+oOJyaQTIXNcNgMNDdWX 6GhA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga11.intel.com (mga11.intel.com. [192.55.52.93]) by mx.google.com with ESMTPS id s8si4586261plq.345.2018.11.19.13.55.01 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 19 Nov 2018 13:55:01 -0800 (PST) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) client-ip=192.55.52.93; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 19 Nov 2018 13:55:01 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,254,1539673200"; d="scan'208";a="92423910" Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by orsmga006.jf.intel.com with ESMTP; 19 Nov 2018 13:55:00 -0800 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue Cc: Yu-cheng Yu Subject: [RFC PATCH v6 07/11] x86/cet/ibt: Add ENDBR to op-code-map Date: Mon, 19 Nov 2018 13:49:30 -0800 Message-Id: <20181119214934.6174-8-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181119214934.6174-1-yu-cheng.yu@intel.com> References: <20181119214934.6174-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Add control transfer terminating instructions: ENDBR64/ENDBR32: Mark a valid 64/32-bit control transfer endpoint. Signed-off-by: Yu-cheng Yu --- arch/x86/lib/x86-opcode-map.txt | 13 +++++++++++-- tools/objtool/arch/x86/lib/x86-opcode-map.txt | 13 +++++++++++-- 2 files changed, 22 insertions(+), 4 deletions(-) diff --git a/arch/x86/lib/x86-opcode-map.txt b/arch/x86/lib/x86-opcode-map.txt index c5e825d44766..fbc53481bc59 100644 --- a/arch/x86/lib/x86-opcode-map.txt +++ b/arch/x86/lib/x86-opcode-map.txt @@ -620,7 +620,16 @@ ea: SAVEPREVSSP (f3) # Skip 0xeb-0xff EndTable -Table: 3-byte opcode 2 (0x0f 0x38) +Table: 3-byte opcode 2 (0x0f 0x1e) +Referrer: +AVXcode: +# Skip 0x00-0xf9 +fa: ENDBR64 (f3) +fb: ENDBR32 (f3) +#skip 0xfc-0xff +EndTable + +Table: 3-byte opcode 3 (0x0f 0x38) Referrer: 3-byte escape 1 AVXcode: 2 # 0x0f 0x38 0x00-0x0f @@ -804,7 +813,7 @@ f6: ADCX Gy,Ey (66) | ADOX Gy,Ey (F3) | MULX By,Gy,rDX,Ey (F2),(v) | WRSS Pq,Qq f7: BEXTR Gy,Ey,By (v) | SHLX Gy,Ey,By (66),(v) | SARX Gy,Ey,By (F3),(v) | SHRX Gy,Ey,By (F2),(v) EndTable -Table: 3-byte opcode 3 (0x0f 0x3a) +Table: 3-byte opcode 4 (0x0f 0x3a) Referrer: 3-byte escape 2 AVXcode: 3 # 0x0f 0x3a 0x00-0xff diff --git a/tools/objtool/arch/x86/lib/x86-opcode-map.txt b/tools/objtool/arch/x86/lib/x86-opcode-map.txt index c5e825d44766..fbc53481bc59 100644 --- a/tools/objtool/arch/x86/lib/x86-opcode-map.txt +++ b/tools/objtool/arch/x86/lib/x86-opcode-map.txt @@ -620,7 +620,16 @@ ea: SAVEPREVSSP (f3) # Skip 0xeb-0xff EndTable -Table: 3-byte opcode 2 (0x0f 0x38) +Table: 3-byte opcode 2 (0x0f 0x1e) +Referrer: +AVXcode: +# Skip 0x00-0xf9 +fa: ENDBR64 (f3) +fb: ENDBR32 (f3) +#skip 0xfc-0xff +EndTable + +Table: 3-byte opcode 3 (0x0f 0x38) Referrer: 3-byte escape 1 AVXcode: 2 # 0x0f 0x38 0x00-0x0f @@ -804,7 +813,7 @@ f6: ADCX Gy,Ey (66) | ADOX Gy,Ey (F3) | MULX By,Gy,rDX,Ey (F2),(v) | WRSS Pq,Qq f7: BEXTR Gy,Ey,By (v) | SHLX Gy,Ey,By (66),(v) | SARX Gy,Ey,By (F3),(v) | SHRX Gy,Ey,By (F2),(v) EndTable -Table: 3-byte opcode 3 (0x0f 0x3a) +Table: 3-byte opcode 4 (0x0f 0x3a) Referrer: 3-byte escape 2 AVXcode: 3 # 0x0f 0x3a 0x00-0xff From patchwork Mon Nov 19 21:49:31 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10689583 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8E2A613BB for ; Mon, 19 Nov 2018 21:55:56 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 80B3C2A583 for ; Mon, 19 Nov 2018 21:55:56 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 723312A6EE; Mon, 19 Nov 2018 21:55:56 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id ECD952A583 for ; Mon, 19 Nov 2018 21:55:55 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 8A06B6B1CB8; Mon, 19 Nov 2018 16:55:04 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 82A036B1CB9; Mon, 19 Nov 2018 16:55:04 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 62C1B6B1CBA; Mon, 19 Nov 2018 16:55:04 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pl1-f199.google.com (mail-pl1-f199.google.com [209.85.214.199]) by kanga.kvack.org (Postfix) with ESMTP id 1ADAE6B1CB9 for ; Mon, 19 Nov 2018 16:55:04 -0500 (EST) Received: by mail-pl1-f199.google.com with SMTP id w19-v6so24653811plq.1 for ; Mon, 19 Nov 2018 13:55:04 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to :subject:date:message-id:in-reply-to:references; bh=0lwKd3VCdluxV9TIoAnzM2ZXz+CjhIEXN1/3QJINxnU=; b=btIEvoaOdbJ7jYHfnvXJGtZKbJoODp5iHFOsNIeOHI3fHPN8gW0icjq6QxYiJFcZ45 o/NAeFm+C+JD0dUQVYbKsUvsCqucxwhrsXQMCVWJRgDPq/YQGEbboen+th5FUnzCjb8b 11mxwONaIn2CTLJuqSo4ksYFYAahJbBLbtX9gDeMGUoEqrd3Jv4RExJpWS7yIfYF57S9 CQQikVp3bKjKKhOatuyZpkqrrFtW+j+bb8EuSgXApkLmS9dUGw+5kTRK8w9cTEHtvqwR mqIrGX5KkNEvm987Zgl/GirryuUofJYToZkTTP+bKCrUNrwZNCjKt4yRFW7+1tSqPGNK 6Jbw== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: AGRZ1gLJ0GDbUXnYzH9Z6Dy4QUOyWqm1NPkvivgyE1XI+5M/r19RvI8L ayzDVAjIZxhIF0YRw78L0vbVK13IRZC3Z2P015+Lp9BU6zVVSRj89VpDr0NF9zja1hV/u0hPbfO HqckaW4LSOzHXJ0QwTh1JL7qUHBVnhqTIbhMJJluKpkPGv0oP2rViC9gayQ8wKSZEog== X-Received: by 2002:a62:4e49:: with SMTP id c70mr24471179pfb.167.1542664503764; Mon, 19 Nov 2018 13:55:03 -0800 (PST) X-Google-Smtp-Source: AJdET5dByl0V0lBXSxjAIYjBjVnW2fjfJJgOhJUmWXkl8k8J8IiVZv7CF0k1sCACOjJIdxLHjwut X-Received: by 2002:a62:4e49:: with SMTP id c70mr24471157pfb.167.1542664503088; Mon, 19 Nov 2018 13:55:03 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542664503; cv=none; d=google.com; s=arc-20160816; b=oCDDclkBv9PXzKs9bkfIxblQgw8sD/QEIMIoevzXgIL+9yGn6Y0bzfGxATG286Bqlh AZFGxa+OCp39tDvC0givnsMNfz+48Xj4fJKKHWX2TFrIy3WQI2lAeQ2l5x6lNQP1BovM 3a6+BMpyV0v4QtcA8yTWm2GOthQMtnVu5i2YaM1BlNwX/3yyAOtB9MwOyZ84j5dSiqyM B/mIANjw8hJZ3getYsvGTN6rptHfp9XRTbFHUN4+lOBNRj6tn05FrCsCFQG/eNnvPsh2 7RTQmulglgmAgLUztyu2zT2Hjz9PeVCF7K6nqkCilOhhtqoxI5LwbdwMcNDf4LoR4+NB BCjw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:to:from; bh=0lwKd3VCdluxV9TIoAnzM2ZXz+CjhIEXN1/3QJINxnU=; b=glt+sNwbCMqhli1JvsHDiw5MAgSuoABBtd8vFoI9USMOuixjmQ5CkY5WoXe+EfxScX IOnKO9ShHXebFv3gTlvN4hf97AhInMUSeZiphVTlu26w/pM7qrP6ypCMStuMQjeK3OKd f1Q33nsskLlOXW4cmIN2OjpsdBUiq6kUDLN+5p/ppwKkJ96XQC5tVj31XupVcgSEj8SY o1wFRqzJ8Hk508cO99wmFY2kOHK8ThFPYZKBWIjlBOAl3iHKXs0MaotpAEJmYnysMqcN XG2vzQS6Ru9xcScEeuS7zjGNOLZG7Si9Ll+G+xQ76X/rl+cFHITHUT7jUrUfSBlOvDnX jBfA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga11.intel.com (mga11.intel.com. [192.55.52.93]) by mx.google.com with ESMTPS id s8si4586261plq.345.2018.11.19.13.55.02 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 19 Nov 2018 13:55:03 -0800 (PST) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) client-ip=192.55.52.93; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 19 Nov 2018 13:55:02 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,254,1539673200"; d="scan'208";a="92423920" Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by orsmga006.jf.intel.com with ESMTP; 19 Nov 2018 13:55:01 -0800 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue Subject: [RFC PATCH v6 08/11] x86: Insert endbr32/endbr64 to vDSO Date: Mon, 19 Nov 2018 13:49:31 -0800 Message-Id: <20181119214934.6174-9-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181119214934.6174-1-yu-cheng.yu@intel.com> References: <20181119214934.6174-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: "H.J. Lu" When Intel indirect branch tracking is enabled, functions in vDSO which may be called indirectly must have endbr32 or endbr64 as the first instruction. Compiler must support -fcf-protection=branch so that it can be used to compile vDSO. Signed-off-by: H.J. Lu --- arch/x86/entry/vdso/.gitignore | 4 ++++ arch/x86/entry/vdso/Makefile | 12 +++++++++++- arch/x86/entry/vdso/vdso-layout.lds.S | 1 + 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/arch/x86/entry/vdso/.gitignore b/arch/x86/entry/vdso/.gitignore index aae8ffdd5880..552941fdfae0 100644 --- a/arch/x86/entry/vdso/.gitignore +++ b/arch/x86/entry/vdso/.gitignore @@ -5,3 +5,7 @@ vdso32-sysenter-syms.lds vdso32-int80-syms.lds vdso-image-*.c vdso2c +vclock_gettime.S +vgetcpu.S +vclock_gettime.asm +vgetcpu.asm diff --git a/arch/x86/entry/vdso/Makefile b/arch/x86/entry/vdso/Makefile index 141d415a8c80..0b1b464e7ae7 100644 --- a/arch/x86/entry/vdso/Makefile +++ b/arch/x86/entry/vdso/Makefile @@ -108,13 +108,17 @@ vobjx32s := $(foreach F,$(vobjx32s-y),$(obj)/$F) # Convert 64bit object file to x32 for x32 vDSO. quiet_cmd_x32 = X32 $@ - cmd_x32 = $(OBJCOPY) -O elf32-x86-64 $< $@ + cmd_x32 = $(OBJCOPY) -R .note.gnu.property -O elf32-x86-64 $< $@ $(obj)/%-x32.o: $(obj)/%.o FORCE $(call if_changed,x32) targets += vdsox32.lds $(vobjx32s-y) +ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER + $(obj)/vclock_gettime.o $(obj)/vgetcpu.o $(obj)/vdso32/vclock_gettime.o: KBUILD_CFLAGS += -fcf-protection=branch +endif + $(obj)/%.so: OBJCOPYFLAGS := -S $(obj)/%.so: $(obj)/%.so.dbg $(call if_changed,objcopy) @@ -172,6 +176,12 @@ quiet_cmd_vdso = VDSO $@ VDSO_LDFLAGS = -shared $(call ld-option, --hash-style=both) \ $(call ld-option, --build-id) -Bsymbolic +ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER + VDSO_LDFLAGS += $(call ldoption, -z$(comma)ibt) +endif +ifdef CONFIG_X86_INTEL_SHADOW_STACK_USER + VDSO_LDFLAGS += $(call ldoption, -z$(comma)shstk) +endif GCOV_PROFILE := n # diff --git a/arch/x86/entry/vdso/vdso-layout.lds.S b/arch/x86/entry/vdso/vdso-layout.lds.S index acfd5ba7d943..cabaeedfed78 100644 --- a/arch/x86/entry/vdso/vdso-layout.lds.S +++ b/arch/x86/entry/vdso/vdso-layout.lds.S @@ -74,6 +74,7 @@ SECTIONS .fake_shstrtab : { *(.fake_shstrtab) } :text + .note.gnu.property : { *(.note.gnu.property) } :text :note .note : { *(.note.*) } :text :note .eh_frame_hdr : { *(.eh_frame_hdr) } :text :eh_frame_hdr From patchwork Mon Nov 19 21:49:32 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10689585 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 12FF96C5 for ; Mon, 19 Nov 2018 21:55:59 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 042F52A583 for ; Mon, 19 Nov 2018 21:55:59 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id EC2E92A6EE; Mon, 19 Nov 2018 21:55:58 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8BA1C2A583 for ; Mon, 19 Nov 2018 21:55:58 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id AC7616B1CB9; Mon, 19 Nov 2018 16:55:05 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 9D5726B1CBA; Mon, 19 Nov 2018 16:55:05 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 852AD6B1CBB; Mon, 19 Nov 2018 16:55:05 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pf1-f199.google.com (mail-pf1-f199.google.com [209.85.210.199]) by kanga.kvack.org (Postfix) with ESMTP id 3DBC46B1CB9 for ; Mon, 19 Nov 2018 16:55:05 -0500 (EST) Received: by mail-pf1-f199.google.com with SMTP id p9so15752146pfj.3 for ; Mon, 19 Nov 2018 13:55:05 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to :subject:date:message-id:in-reply-to:references; bh=Ug0e6c/ePrlKqmU4ndzY3elEK3Oaa/JjFSkVe5cWmmg=; b=QzQtpjQe3zdHSwxTNDsqHRV+RMsNKw8ARpNsRVjm1Z5IqobWo2ydQunL/dGGvAE00X Xp0eRHRMoBzvon5VDpP8r7K5MptLb2dRktboeNWxE3mz3S9naFm6n3nGPvSKcMuNmlwh SAJcP1yImFJKNNOjo3PGbzg6iORbS7drOFZ9YjhU5X8SDd+nh5T6w+iuCgrdn2J7b7eA bqBoh0YWbB3Vok836AJ9kgFZOFqnGADUK72m+mGLOSZRaOeZE+IxnmNrV35dVJKAzBvJ sX/IBWGnTeWEU/p/UxkrrUv7KqZNNtC000v6KFvPmAN8ZF24eMAlU2kIHHf9nDFsizo7 cL6Q== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: AGRZ1gLOYi0M0v5FbFOjG+ZdIDxROb5xS7ZTKVjvMaZGwAiIaBgf+6+E U5bfsaHx/bz39edchGf6UWnXEVV5PyXd+2VtKpeFg0nhsUtjGlzTui80XzMSmET1SvhlIWcJHyg wzigaz7K9fY1oV4b00K07Uwsb4QWQIpgJoeEN+TQsPXd2H2A0U616omxy8+mL5LQOTQ== X-Received: by 2002:a62:9302:: with SMTP id b2-v6mr24739174pfe.108.1542664504935; Mon, 19 Nov 2018 13:55:04 -0800 (PST) X-Google-Smtp-Source: AJdET5dDOGu8NO6pgeonTYviNW4bkxjSD1rJ0bB8TqApMgh3/nU90rhEL2kASDt/9M2iZe4BXbgS X-Received: by 2002:a62:9302:: with SMTP id b2-v6mr24739137pfe.108.1542664504274; Mon, 19 Nov 2018 13:55:04 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542664504; cv=none; d=google.com; s=arc-20160816; b=btu8ksiZlduB9QNRxApM2qYa2+mjPCB2qmbaDSSfDfkkvtt+2lRLeQnny0sE5uqF4/ P0Cq225nTtUUSQdnrODp7DGO4q1v8FGa9OhcU5sBvKnaMItA/2MhNS1/smHAfhNHq0PK JJRwlYBQTTFa3p/PkvJ8TowOKYei5bMJoKmxglJvzsQTiPRmENKSU8RiGlqCpM8Ca44J 9/t47S7EghyqeUjgEUl9FlSnzIkDslBnOqZwEm8uM6EgNDt0eB2K9fEM6/84ukDskNT1 LpZQyhHg8ZLgLv8/hGur9MwRy4tt3/MHgd7lvURh0dJInO5njPVZgh3Vf8BZdH8dV/31 m6DA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:to:from; bh=Ug0e6c/ePrlKqmU4ndzY3elEK3Oaa/JjFSkVe5cWmmg=; b=uulPVE6sX1PhwH9AM9Bnd7w4hFeZiywaM0O55YSqifOm5RyhCXhwhShb3gktuqPNnf MblR5XrbAvoFfkoet7aIGclt2iulGHi7wH8nTNJDxfloT2H6mwMQTk89i3IlCAVuCEQZ 8qnToPgLkG5/l1gcxul999N/J7bLW+wvgI0tPMw6l1cYynYLK4gTGFG3HLNjJlUmIDGk 1U9cq6MWUvkZXQzzp8JaDcs/PSMvNf6ZiGFPmArCYg5ec7kmpbfLDlXtS1fTXtU+o4l8 bAsXLNKgaW+9OjOKt+BXwkE0sQ+qBQYmTbpkuEZqsH5xmnWAtS6TLbXjQpE+9vxvrIyD oeyA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga11.intel.com (mga11.intel.com. [192.55.52.93]) by mx.google.com with ESMTPS id s8si4586261plq.345.2018.11.19.13.55.04 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 19 Nov 2018 13:55:04 -0800 (PST) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) client-ip=192.55.52.93; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 19 Nov 2018 13:55:03 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,254,1539673200"; d="scan'208";a="92423926" Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by orsmga006.jf.intel.com with ESMTP; 19 Nov 2018 13:55:02 -0800 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue Subject: [RFC PATCH v6 09/11] x86/vsyscall/32: Add ENDBR32 to vsyscall entry point Date: Mon, 19 Nov 2018 13:49:32 -0800 Message-Id: <20181119214934.6174-10-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181119214934.6174-1-yu-cheng.yu@intel.com> References: <20181119214934.6174-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: "H.J. Lu" Add ENDBR32 to vsyscall entry point. Signed-off-by: H.J. Lu --- arch/x86/entry/vdso/vdso32/system_call.S | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/entry/vdso/vdso32/system_call.S b/arch/x86/entry/vdso/vdso32/system_call.S index 263d7433dea8..2fc8141fff4e 100644 --- a/arch/x86/entry/vdso/vdso32/system_call.S +++ b/arch/x86/entry/vdso/vdso32/system_call.S @@ -14,6 +14,9 @@ ALIGN __kernel_vsyscall: CFI_STARTPROC +#ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER + endbr32 +#endif /* * Reshuffle regs so that all of any of the entry instructions * will preserve enough state. From patchwork Mon Nov 19 21:49:33 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10689587 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D94F96C5 for ; Mon, 19 Nov 2018 21:56:01 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CC4D32A583 for ; Mon, 19 Nov 2018 21:56:01 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id C06AA2A6EE; Mon, 19 Nov 2018 21:56:01 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 632F12A583 for ; Mon, 19 Nov 2018 21:56:01 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 015C16B1CBA; Mon, 19 Nov 2018 16:55:07 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id E429C6B1CBB; Mon, 19 Nov 2018 16:55:06 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D0A686B1CBC; Mon, 19 Nov 2018 16:55:06 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pl1-f200.google.com (mail-pl1-f200.google.com [209.85.214.200]) by kanga.kvack.org (Postfix) with ESMTP id 8B86B6B1CBA for ; Mon, 19 Nov 2018 16:55:06 -0500 (EST) Received: by mail-pl1-f200.google.com with SMTP id o23so13359752pll.0 for ; Mon, 19 Nov 2018 13:55:06 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to :subject:date:message-id:in-reply-to:references; bh=3ugSYk0cuonbsBh5Oq+uwsNMoaUkt7zsjtm/OCNTtIE=; b=U46MZyt4bVNgEhPHTf4wtx2h9Ao1YI4VVdt0SGmdzJgjv6sWIzo6+nYyt+ZHeTm7MN 6sjELp4eO78/z+KY9i7xcacGZ8kuxkLCRbner2Ejq4inW1jWEaTqA13cbrdoqqTKHFUf nHtb9UfsP/yH5vlHxHOCybA7u9P/umDT0c+NsJuSnX2Krzv7FkGxRcHF2fA0LvM6LWhW iYBOqXzt7fvwX6EIsGyEHP8cIYRlpO5Yr83G8iyleB5Ipy80UqlhzKDTY1nbp8HsTtqC xjKCHT4jlSlQHrOc64DuU8bHJeLuL0E6hokrlwVGv8p+VZYvxFXjqWbZcRlWqKHQmaJG M3Qw== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: AGRZ1gLv5wioZQg7Ui8D9e7t5GVtEgKUHWXnn/S55SrbTD3F5tmHYZzY 8x4piBQ007jWs8efiZTwrg8UCrqL33xF4KPx451SrDhPCLQ3ZKiX5wCslHF/Sjl3kvSZFUboGpB 5r3+eTZ1c1bose0dk83ktog97GbifvNozcX0XxSBffZKEvz0uwHkpat/Q2mkCl5qnWw== X-Received: by 2002:a17:902:bd8e:: with SMTP id q14mr23242447pls.146.1542664506272; Mon, 19 Nov 2018 13:55:06 -0800 (PST) X-Google-Smtp-Source: AJdET5eacT/uZgxeQpIOwcA11F67n5TIwjQWq5rZrZ560MpcdEhOnHZQLrT3fQWNeKMRGgHHzEgc X-Received: by 2002:a17:902:bd8e:: with SMTP id q14mr23242413pls.146.1542664505421; Mon, 19 Nov 2018 13:55:05 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542664505; cv=none; d=google.com; s=arc-20160816; b=vrvGO1H0qhjK8g3k+DU0O2Ttct7kyhCofMnTqAOLa3p9RNJ3LPKFtUswWGu2hbeRpk RuztsOcY/8QseVyKdwajnEsAsLY19A/h/cWtrmvlVLAaHKzUpIzDLANek2+rIAYGZ5wo RimsXomkHlx43fHMrNkJAFgQM6cIHjdFgn1fm9kMq00rSATpt4bzI5gU+FeFgNxOd7Gt FybxgJjFMx2Y5ulqIT708xbJ6PgAhExSZgi2qwA/He+98t0rMGJwNUMsYf6XCBfvT+qE xb+NTMTxpYFr2z4ApBs5A9c6tIgMvGr368bgjlk4xB9NjFQOItIaeUGWAImezWlzEcTI KbHA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:to:from; bh=3ugSYk0cuonbsBh5Oq+uwsNMoaUkt7zsjtm/OCNTtIE=; b=OEnBlzda6b8p24xXczkoQphULfm6QrdDYmOx4a+BF8N7yVfUCVb+MsYvmPQzwPEzty gu3Fd8UmwSvM+fLkBDbLqKBRJuGcVf6Ev+b3QvGXZ4Sa3ZlmZbzcAK09wPghFuDQCHfW UkPDYPUM2hRg48P74l95c7lPosrgPUDyL3LE0HqUwNLpHlesSn7XLYE7ccCUM9PRvFpK 8HfZQbYkPePVPIMbpeJOhZ5MBjcRts7LJsDBFj+gx8JFQcMri2YEr1v2iBJiidyPoeF2 S0GmK0RqXM77O5CIWgfMKluZVe2Konl88F/BEkU3HheSFphIKO6s/9WnLrRh/vllOCg9 /QBQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga11.intel.com (mga11.intel.com. [192.55.52.93]) by mx.google.com with ESMTPS id s8si4586261plq.345.2018.11.19.13.55.05 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 19 Nov 2018 13:55:05 -0800 (PST) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) client-ip=192.55.52.93; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 19 Nov 2018 13:55:05 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,254,1539673200"; d="scan'208";a="92423933" Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by orsmga006.jf.intel.com with ESMTP; 19 Nov 2018 13:55:03 -0800 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue Subject: [RFC PATCH v6 10/11] x86/vsyscall/64: Add ENDBR64 to vsyscall entry points Date: Mon, 19 Nov 2018 13:49:33 -0800 Message-Id: <20181119214934.6174-11-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181119214934.6174-1-yu-cheng.yu@intel.com> References: <20181119214934.6174-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: "H.J. Lu" Add ENDBR64 to vsyscall entry points. Signed-off-by: H.J. Lu Acked-by: Andy Lutomirski --- arch/x86/entry/vsyscall/vsyscall_emu_64.S | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/arch/x86/entry/vsyscall/vsyscall_emu_64.S b/arch/x86/entry/vsyscall/vsyscall_emu_64.S index c9596a9af159..08554445bef1 100644 --- a/arch/x86/entry/vsyscall/vsyscall_emu_64.S +++ b/arch/x86/entry/vsyscall/vsyscall_emu_64.S @@ -18,16 +18,25 @@ __PAGE_ALIGNED_DATA .type __vsyscall_page, @object __vsyscall_page: +#ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER + endbr64 +#endif mov $__NR_gettimeofday, %rax syscall ret .balign 1024, 0xcc +#ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER + endbr64 +#endif mov $__NR_time, %rax syscall ret .balign 1024, 0xcc +#ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER + endbr64 +#endif mov $__NR_getcpu, %rax syscall ret From patchwork Mon Nov 19 21:49:34 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10689589 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E395C13BB for ; Mon, 19 Nov 2018 21:56:04 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D4AB52A583 for ; Mon, 19 Nov 2018 21:56:04 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id C8C312A6EE; Mon, 19 Nov 2018 21:56:04 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 34F6B2A583 for ; Mon, 19 Nov 2018 21:56:04 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 2FBE66B1CBB; Mon, 19 Nov 2018 16:55:08 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 25BB66B1CBC; Mon, 19 Nov 2018 16:55:08 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 100B16B1CBD; Mon, 19 Nov 2018 16:55:07 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pl1-f198.google.com (mail-pl1-f198.google.com [209.85.214.198]) by kanga.kvack.org (Postfix) with ESMTP id AE6096B1CBB for ; Mon, 19 Nov 2018 16:55:07 -0500 (EST) Received: by mail-pl1-f198.google.com with SMTP id h10so6902992plk.12 for ; Mon, 19 Nov 2018 13:55:07 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references; bh=zu5NeJf5RMqlUWUdu0IGKhL8xoton6ubAdximKz6P48=; b=JJwfjw6C7HbJOEy32r7c1CMYGOrgmJDvgenG1MIFxJT30Z9ypAeU569ZL0I8jkWiHo 49cQw6SkYWbW8uC4zijS7XGu+mVHGdWJdDvVvM5iKl+TEDAHFk8lQlete8CHb/VI2yz/ eujmnkKYV6Kbh+Xm1YOSS4mn3+8f+nXP4TVHY5kUVJmLSlwi7rAPUjedJNN6L//Hha09 UCz2d7KoWFgVNkdqosf/5ERN1fFHVaLt3z10DIf0jW4hcjy5GcPMrX56NfG6p7j38OF8 xv9tbuPcm8otPQJglfDXyfchTM4ypXatkYLU3T997x9Dn2sn18oZ3uJqryvcM8c4DXB+ 35ww== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: AGRZ1gJTi/9nSmZXXv3UIERzsOTHwz/Q0uClFvupDZP+A0qOItdS2exn nKde4SEfHzFsQZgDAa8RcnyxSwOS/0glCNxTLn2oWmEw9Ls3tPwRkTz74m9T/JSIXtiaaLJWN2Y xHgNXSD7Av4/rn+/BigkKMdDvU2/muUs//sK0LmjpPD+lyeCjI3XmFHyTcCJ2kh3rCg== X-Received: by 2002:a62:e044:: with SMTP id f65mr24700972pfh.208.1542664507386; Mon, 19 Nov 2018 13:55:07 -0800 (PST) X-Google-Smtp-Source: AJdET5dKbnMaM1SZYcZI9KKKYrXk2UixxGWKjHmQhh0HpHkiGkmjNbK4PigIJDGOWJ09MNg0SqbC X-Received: by 2002:a62:e044:: with SMTP id f65mr24700930pfh.208.1542664506640; Mon, 19 Nov 2018 13:55:06 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542664506; cv=none; d=google.com; s=arc-20160816; b=bWFLTQavAlBHFcesWW0VBWLhPVLWz9x5RLrpdG/osiNbbJrafPF6OX5BORF8QU8uKO 2bSIOa266EfwpT/8bFuHqhlBl/p6T2pjFOML2x/3Jh/rEIC4h1aa3KSkdBElNoCsj921 1q4D/rzBYO1nNbCy8+6/WDtIEG2QDd0CqmCeX5G+r2IOBUvUntJbgQwnjczQubCsfB7t gRKjF7PpYmMU1zqk1mhOllg58W+N5yHIcpMWNJtuoyKnYTZP4eXF8YGcx/KKZCqVAsyd iUwTjsMSUdt2f6E6AD7ml7DJ/s2hcW8/JSSx9l4zqSz0JzvIajCB8nH1b+tXybAVD5eF RAWw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from; bh=zu5NeJf5RMqlUWUdu0IGKhL8xoton6ubAdximKz6P48=; b=QUeMNQp5MwXjs+2tRQwj9r7Z7I7wyLX0oAbyrMO/pr+ymSgW3CGUOGXyqx67kS+4mL 727o1gA6x/MuTFLlah+wtSRbLOi1VADttOCavu+wX4IcEZDkVqfpVMHr8VQDUwo0Dkfz rg76sYx4pWpV+I5Mo99pNXe6Ni3eEI+Ti+Ir5i3H25IMOpcTznSt/LV4yfBHUsAQ+TWH On3tNQLZgr5Op6wULPKEwwFupS6q93YB9FePjpdWCiQM/OZZU2gHUEbc9aulvyVDQOla imAXPZ4Nl3605uZ4LaVANhLpe92r69BDt//SEnxNLyzhXgdbT3QpVf4Hk/wmJyaZe/Fx G8DA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga11.intel.com (mga11.intel.com. [192.55.52.93]) by mx.google.com with ESMTPS id s8si4586261plq.345.2018.11.19.13.55.06 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 19 Nov 2018 13:55:06 -0800 (PST) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) client-ip=192.55.52.93; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 19 Nov 2018 13:55:06 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,254,1539673200"; d="scan'208";a="92423937" Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by orsmga006.jf.intel.com with ESMTP; 19 Nov 2018 13:55:05 -0800 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue Cc: Yu-cheng Yu Subject: [RFC PATCH v6 11/11] x86/cet: Add PTRACE interface for CET Date: Mon, 19 Nov 2018 13:49:34 -0800 Message-Id: <20181119214934.6174-12-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181119214934.6174-1-yu-cheng.yu@intel.com> References: <20181119214934.6174-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Add REGSET_CET64/REGSET_CET32 to get/set CET MSRs: IA32_U_CET (user-mode CET settings) and IA32_PL3_SSP (user-mode shadow stack) Signed-off-by: Yu-cheng Yu --- arch/x86/include/asm/fpu/regset.h | 7 +++--- arch/x86/kernel/fpu/regset.c | 41 +++++++++++++++++++++++++++++++ arch/x86/kernel/ptrace.c | 16 ++++++++++++ include/uapi/linux/elf.h | 1 + 4 files changed, 62 insertions(+), 3 deletions(-) diff --git a/arch/x86/include/asm/fpu/regset.h b/arch/x86/include/asm/fpu/regset.h index d5bdffb9d27f..edad0d889084 100644 --- a/arch/x86/include/asm/fpu/regset.h +++ b/arch/x86/include/asm/fpu/regset.h @@ -7,11 +7,12 @@ #include -extern user_regset_active_fn regset_fpregs_active, regset_xregset_fpregs_active; +extern user_regset_active_fn regset_fpregs_active, regset_xregset_fpregs_active, + cetregs_active; extern user_regset_get_fn fpregs_get, xfpregs_get, fpregs_soft_get, - xstateregs_get; + xstateregs_get, cetregs_get; extern user_regset_set_fn fpregs_set, xfpregs_set, fpregs_soft_set, - xstateregs_set; + xstateregs_set, cetregs_set; /* * xstateregs_active == regset_fpregs_active. Please refer to the comment diff --git a/arch/x86/kernel/fpu/regset.c b/arch/x86/kernel/fpu/regset.c index bc02f5144b95..7008eb084d36 100644 --- a/arch/x86/kernel/fpu/regset.c +++ b/arch/x86/kernel/fpu/regset.c @@ -160,6 +160,47 @@ int xstateregs_set(struct task_struct *target, const struct user_regset *regset, return ret; } +int cetregs_active(struct task_struct *target, const struct user_regset *regset) +{ +#ifdef CONFIG_X86_INTEL_CET + if (target->thread.cet.shstk_enabled || target->thread.cet.ibt_enabled) + return regset->n; +#endif + return 0; +} + +int cetregs_get(struct task_struct *target, const struct user_regset *regset, + unsigned int pos, unsigned int count, + void *kbuf, void __user *ubuf) +{ + struct fpu *fpu = &target->thread.fpu; + struct cet_user_state *cetregs; + + if (!boot_cpu_has(X86_FEATURE_SHSTK)) + return -ENODEV; + + cetregs = get_xsave_addr(&fpu->state.xsave, XFEATURE_MASK_SHSTK_USER); + + fpu__prepare_read(fpu); + return user_regset_copyout(&pos, &count, &kbuf, &ubuf, cetregs, 0, -1); +} + +int cetregs_set(struct task_struct *target, const struct user_regset *regset, + unsigned int pos, unsigned int count, + const void *kbuf, const void __user *ubuf) +{ + struct fpu *fpu = &target->thread.fpu; + struct cet_user_state *cetregs; + + if (!boot_cpu_has(X86_FEATURE_SHSTK)) + return -ENODEV; + + cetregs = get_xsave_addr(&fpu->state.xsave, XFEATURE_MASK_SHSTK_USER); + + fpu__prepare_write(fpu); + return user_regset_copyin(&pos, &count, &kbuf, &ubuf, cetregs, 0, -1); +} + #if defined CONFIG_X86_32 || defined CONFIG_IA32_EMULATION /* diff --git a/arch/x86/kernel/ptrace.c b/arch/x86/kernel/ptrace.c index ffae9b9740fd..780b350577bc 100644 --- a/arch/x86/kernel/ptrace.c +++ b/arch/x86/kernel/ptrace.c @@ -50,7 +50,9 @@ enum x86_regset { REGSET_IOPERM64 = REGSET_XFP, REGSET_XSTATE, REGSET_TLS, + REGSET_CET64 = REGSET_TLS, REGSET_IOPERM32, + REGSET_CET32, }; struct pt_regs_offset { @@ -1266,6 +1268,13 @@ static struct user_regset x86_64_regsets[] __ro_after_init = { .size = sizeof(long), .align = sizeof(long), .active = ioperm_active, .get = ioperm_get }, + [REGSET_CET64] = { + .core_note_type = NT_X86_CET, + .n = sizeof(struct cet_user_state) / sizeof(u64), + .size = sizeof(u64), .align = sizeof(u64), + .active = cetregs_active, .get = cetregs_get, + .set = cetregs_set + }, }; static const struct user_regset_view user_x86_64_view = { @@ -1321,6 +1330,13 @@ static struct user_regset x86_32_regsets[] __ro_after_init = { .size = sizeof(u32), .align = sizeof(u32), .active = ioperm_active, .get = ioperm_get }, + [REGSET_CET32] = { + .core_note_type = NT_X86_CET, + .n = sizeof(struct cet_user_state) / sizeof(u64), + .size = sizeof(u64), .align = sizeof(u64), + .active = cetregs_active, .get = cetregs_get, + .set = cetregs_set + }, }; static const struct user_regset_view user_x86_32_view = { diff --git a/include/uapi/linux/elf.h b/include/uapi/linux/elf.h index 5ef25a565e88..f4cdfdc59c0a 100644 --- a/include/uapi/linux/elf.h +++ b/include/uapi/linux/elf.h @@ -401,6 +401,7 @@ typedef struct elf64_shdr { #define NT_386_TLS 0x200 /* i386 TLS slots (struct user_desc) */ #define NT_386_IOPERM 0x201 /* x86 io permission bitmap (1=deny) */ #define NT_X86_XSTATE 0x202 /* x86 extended state using xsave */ +#define NT_X86_CET 0x203 /* x86 cet state */ #define NT_S390_HIGH_GPRS 0x300 /* s390 upper register halves */ #define NT_S390_TIMER 0x301 /* s390 timer register */ #define NT_S390_TODCMP 0x302 /* s390 TOD clock comparator register */