From patchwork Wed Jul 19 16:01:27 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Rutland X-Patchwork-Id: 9852777 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 58EB6602BD for ; Wed, 19 Jul 2017 16:07:13 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4A46C237F1 for ; Wed, 19 Jul 2017 16:07:13 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 3ED0E2866A; Wed, 19 Jul 2017 16:07:13 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID autolearn=unavailable version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [65.50.211.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id B9129237F1 for ; Wed, 19 Jul 2017 16:07:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=bH7Be18V/dmgFVXTBq3m8Buf6vx+V5FvSjD4d81nG+g=; b=pLeAZJ3uEIEUeF4ekrXkQjYpTI azDdHE/thJd54You0mq7Glren5JG2VfYOhu1ujBVi0SB+lFLinFM2U6+caEC8hL0W9wKR6da4LcqN fk89FDQKB/uCPZ5ohbqo1NtOKkbpkxazFAJc8EgafXCPHpinNrBgBWDLxw69I8qS8PCZtup8UxpHx DCA173FO0RrR0i/Fy2O0L0KXBLx8AqvY9El+38TmLKJAmDvfCb4ffPSg4JzUKfcxjolqhhfRi2Day RIHeBQ0/SSlcbjQdTLAKbkeBQLr1qVPXD/e76TMprbGa4TyTcu3auiw8KRHB46Gad2XZcmFYzromA 75B+coNQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.87 #1 (Red Hat Linux)) id 1dXrVG-0007r5-0C; Wed, 19 Jul 2017 16:07:10 +0000 Received: from merlin.infradead.org ([2001:8b0:10b:1231::1]) by bombadil.infradead.org with esmtps (Exim 4.87 #1 (Red Hat Linux)) id 1dXrSN-0004OS-7h for linux-arm-kernel@bombadil.infradead.org; Wed, 19 Jul 2017 16:04:11 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=merlin.20170209; h=References:In-Reply-To:Message-Id:Date: Subject:Cc:To:From:Sender:Reply-To:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=Z6O+aBZy6eRPrlztAzvL6M+urmrlnj8UAqMUJppyNLo=; b=isnJe6j4ZHfbLZ967LwHizfq5 X2B6gnDOr4gVrn/vZCyth7596WVmOj0LNZ/J4NDurWB1h7c7D6Ft7fI4OEf4ntMXmTvFzwpHPkDpX h4wG0uQ0kzbqt/tQz2O8RgBQhg/T9W0fVMCZKzLVZ9SEVMwqdesUex7ierx/mFRFPO6Rzn/6qn1FP 0VyFrVgTZ9c/uwm6C4nMhTnzh5ujuq0Go8N6yQ6/axqugD9Sd1PmMxVM8ojs60PefDW4il9b1WmKj tlz73U5tncDcT7o43SpRdP8PxK6PYoCQU7pDUQphUconJwsKI4hsDYH5JaZtIQG7RLjndWLKACUQq h3mAfdcrw==; Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70] helo=foss.arm.com) by merlin.infradead.org with esmtp (Exim 4.87 #1 (Red Hat Linux)) id 1dXrRh-0001Zz-RH for linux-arm-kernel@lists.infradead.org; Wed, 19 Jul 2017 16:03:31 +0000 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id F3B602B; Wed, 19 Jul 2017 09:03:06 -0700 (PDT) Received: from leverpostej.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.72.51.249]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 9AFE83F577; Wed, 19 Jul 2017 09:03:04 -0700 (PDT) From: Mark Rutland To: linux-arm-kernel@lists.infradead.org Subject: [PATCH 06/11] arm64: Don't trap host pointer auth use to EL2 Date: Wed, 19 Jul 2017 17:01:27 +0100 Message-Id: <1500480092-28480-7-git-send-email-mark.rutland@arm.com> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1500480092-28480-1-git-send-email-mark.rutland@arm.com> References: <1500480092-28480-1-git-send-email-mark.rutland@arm.com> X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: linux-arch@vger.kernel.org, mark.rutland@arm.com, arnd@arndb.de, jiong.wang@arm.com, marc.zyngier@arm.com, catalin.marinas@arm.com, yao.qi@arm.com, suzuki.poulose@arm.com, will.deacon@arm.com, linux-kernel@vger.kernel.org, Dave.Martin@arm.com, kernel-hardening@lists.openwall.com, kvmarm@lists.cs.columbia.edu, christoffer.dall@linaro.org MIME-Version: 1.0 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP To allow EL0 (and/or EL1) to use pointer authentication functionality, we must ensure that pointer authentication instructions and accesses to pointer authentication keys are not trapped to EL2 (where we will not be able to handle them). This patch ensures that HCR_EL2 is configured appropriately when the kernel is booted at EL2. For non-VHE kernels we set HCR_EL2.{API,APK}, ensuring that EL1 can access keys and permit EL0 use of instructions. For VHE kernels, EL2 access is controlled by EL3, and we need not set anything. This does not enable support for KVM guests, since KVM manages HCR_EL2 itself. Signed-off-by: Mark Rutland Cc: Catalin Marinas Cc: Christoffer Dall Cc: Marc Zyngier Cc: Will Deacon Cc: kvmarm@lists.cs.columbia.edu --- arch/arm64/include/asm/kvm_arm.h | 2 ++ arch/arm64/kernel/head.S | 19 +++++++++++++++++-- 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/arch/arm64/include/asm/kvm_arm.h b/arch/arm64/include/asm/kvm_arm.h index 61d694c..c1267e8 100644 --- a/arch/arm64/include/asm/kvm_arm.h +++ b/arch/arm64/include/asm/kvm_arm.h @@ -23,6 +23,8 @@ #include /* Hyp Configuration Register (HCR) bits */ +#define HCR_API (UL(1) << 41) +#define HCR_APK (UL(1) << 40) #define HCR_E2H (UL(1) << 34) #define HCR_ID (UL(1) << 33) #define HCR_CD (UL(1) << 32) diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S index 973df7d..8b8e8d7 100644 --- a/arch/arm64/kernel/head.S +++ b/arch/arm64/kernel/head.S @@ -412,10 +412,25 @@ CPU_LE( bic x0, x0, #(1 << 25) ) // Clear the EE bit for EL2 /* Hyp configuration. */ mov x0, #HCR_RW // 64-bit EL1 - cbz x2, set_hcr + cbz x2, 1f orr x0, x0, #HCR_TGE // Enable Host Extensions orr x0, x0, #HCR_E2H -set_hcr: +1: +#ifdef CONFIG_ARM64_POINTER_AUTHENTICATION + /* + * Disable pointer authentication traps to EL2. The HCR_EL2.{APK,API} + * bits exist iff at least one authentication mechanism is implemented. + */ + mrs x1, id_aa64isar1_el1 + mov_q x3, ((0xf << ID_AA64ISAR1_GPI_SHIFT) | \ + (0xf << ID_AA64ISAR1_GPA_SHIFT) | \ + (0xf << ID_AA64ISAR1_API_SHIFT) | \ + (0xf << ID_AA64ISAR1_APA_SHIFT)) + and x1, x1, x3 + cbz x1, 1f + orr x0, x0, #(HCR_APK | HCR_API) +1: +#endif msr hcr_el2, x0 isb