[v5,14/17] arm64: suspend: restore the kernel ptrauth keys

Message ID	1581931668-11559-15-git-send-email-amit.kachhap@arm.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <SRS0=brU+=4F=lists.infradead.org=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@kernel.org> DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C054820726 From: Amit Daniel Kachhap <amit.kachhap@arm.com> To: linux-arm-kernel@lists.infradead.org Subject: [PATCH v5 14/17] arm64: suspend: restore the kernel ptrauth keys Date: Mon, 17 Feb 2020 14:57:45 +0530 Message-Id: <1581931668-11559-15-git-send-email-amit.kachhap@arm.com> In-Reply-To: <1581931668-11559-1-git-send-email-amit.kachhap@arm.com> References: <1581931668-11559-1-git-send-email-amit.kachhap@arm.com> summary: Content analysis details: (-2.3 points) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [217.140.110.172 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record Precedence: list Cc: Mark Rutland <mark.rutland@arm.com>, Kees Cook <keescook@chromium.org>, Suzuki K Poulose <suzuki.poulose@arm.com>, Catalin Marinas <catalin.marinas@arm.com>, Kristina Martsenko <kristina.martsenko@arm.com>, Dave Martin <Dave.Martin@arm.com>, Mark Brown <broonie@kernel.org>, James Morse <james.morse@arm.com>, Ramana Radhakrishnan <ramana.radhakrishnan@arm.com>, Amit Daniel Kachhap <amit.kachhap@arm.com>, Vincenzo Frascino <Vincenzo.Frascino@arm.com>, Will Deacon <will@kernel.org>, Ard Biesheuvel <ardb@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org> Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org
Series	arm64: return address signing \| expand [v5,00/17] arm64: return address signing [v5,01/17] arm64: cpufeature: Fix meta-capability cpufeature check [v5,02/17] arm64: cpufeature: add pointer auth meta-capabilities [v5,03/17] arm64: rename ptrauth key structures to be user-specific [v5,04/17] arm64: install user ptrauth keys at kernel exit time [v5,05/17] arm64: create macro to park cpu in an infinite loop [v5,06/17] arm64: add bootup/runtime flags for __cpu_setup [v5,07/17] arm64: cpufeature: handle conflicts based on capability [v5,08/17] arm64: enable ptrauth earlier [v5,09/17] arm64: initialize and switch ptrauth kernel keys [v5,10/17] arm64: initialize ptrauth keys for kernel booting task [v5,11/17] arm64: mask PAC bits of __builtin_return_address [v5,12/17] arm64: unwind: strip PAC from kernel addresses [v5,13/17] arm64: __show_regs: strip PAC from lr in printk [v5,14/17] arm64: suspend: restore the kernel ptrauth keys [v5,15/17] kconfig: Add support for 'as-option' [v5,16/17] arm64: compile the kernel with ptrauth return address signing [v5,17/17] lkdtm: arm64: test kernel pointer authentication

Message ID

1581931668-11559-15-git-send-email-amit.kachhap@arm.com (mailing list archive)

State

New, archived

Headers

DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C054820726
From: Amit Daniel Kachhap <amit.kachhap@arm.com>
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH v5 14/17] arm64: suspend: restore the kernel ptrauth keys
Date: Mon, 17 Feb 2020 14:57:45 +0530
Message-Id: <1581931668-11559-15-git-send-email-amit.kachhap@arm.com>
In-Reply-To: <1581931668-11559-1-git-send-email-amit.kachhap@arm.com>
References: <1581931668-11559-1-git-send-email-amit.kachhap@arm.com>
Precedence: list
Cc: Mark Rutland <mark.rutland@arm.com>, Kees Cook <keescook@chromium.org>,
 Suzuki K Poulose <suzuki.poulose@arm.com>,
 Catalin Marinas <catalin.marinas@arm.com>,
 Kristina Martsenko <kristina.martsenko@arm.com>,
 Dave Martin <Dave.Martin@arm.com>, Mark Brown <broonie@kernel.org>,
 James Morse <james.morse@arm.com>,
 Ramana Radhakrishnan <ramana.radhakrishnan@arm.com>,
 Amit Daniel Kachhap <amit.kachhap@arm.com>,
 Vincenzo Frascino <Vincenzo.Frascino@arm.com>, Will Deacon <will@kernel.org>,
 Ard Biesheuvel <ardb@kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org

Series

arm64: return address signing | expand

Commit Message

Amit Daniel Kachhap Feb. 17, 2020, 9:27 a.m. UTC

This patch restores the kernel keys from current task during
cpu resume after the mmu is turned on and ptrauth is enabled.

Signed-off-by: Amit Daniel Kachhap <amit.kachhap@arm.com>
---
 arch/arm64/kernel/sleep.S | 6 ++++++
 1 file changed, 6 insertions(+)

Comments

Catalin Marinas Feb. 28, 2020, 6:18 p.m. UTC | #1

On Mon, Feb 17, 2020 at 02:57:45PM +0530, Amit Daniel Kachhap wrote:
> This patch restores the kernel keys from current task during
> cpu resume after the mmu is turned on and ptrauth is enabled.
> 
> Signed-off-by: Amit Daniel Kachhap <amit.kachhap@arm.com>
> ---
>  arch/arm64/kernel/sleep.S | 6 ++++++
>  1 file changed, 6 insertions(+)
> 
> diff --git a/arch/arm64/kernel/sleep.S b/arch/arm64/kernel/sleep.S
> index 7b2f2e6..f9db925 100644
> --- a/arch/arm64/kernel/sleep.S
> +++ b/arch/arm64/kernel/sleep.S
> @@ -2,6 +2,7 @@
>  #include <linux/errno.h>
>  #include <linux/linkage.h>
>  #include <asm/asm-offsets.h>
> +#include <asm/asm_pointer_auth.h>
>  #include <asm/assembler.h>
>  #include <asm/smp.h>
>  
> @@ -134,6 +135,11 @@ ENTRY(_cpu_resume)
>  	 */
>  	bl	cpu_do_resume
>  
> +#ifdef CONFIG_ARM64_PTR_AUTH
> +	get_current_task x1
> +	ptrauth_keys_install_kernel x1, x2, x3, x4
> +#endif

Could we move this to cpu_do_resume? Most of the sysreg initialisation
during resume is done there.

Amit Daniel Kachhap March 2, 2020, 10:13 a.m. UTC | #2

On 2/28/20 11:48 PM, Catalin Marinas wrote:
> On Mon, Feb 17, 2020 at 02:57:45PM +0530, Amit Daniel Kachhap wrote:
>> This patch restores the kernel keys from current task during
>> cpu resume after the mmu is turned on and ptrauth is enabled.
>>
>> Signed-off-by: Amit Daniel Kachhap <amit.kachhap@arm.com>
>> ---
>>   arch/arm64/kernel/sleep.S | 6 ++++++
>>   1 file changed, 6 insertions(+)
>>
>> diff --git a/arch/arm64/kernel/sleep.S b/arch/arm64/kernel/sleep.S
>> index 7b2f2e6..f9db925 100644
>> --- a/arch/arm64/kernel/sleep.S
>> +++ b/arch/arm64/kernel/sleep.S
>> @@ -2,6 +2,7 @@
>>   #include <linux/errno.h>
>>   #include <linux/linkage.h>
>>   #include <asm/asm-offsets.h>
>> +#include <asm/asm_pointer_auth.h>
>>   #include <asm/assembler.h>
>>   #include <asm/smp.h>
>>   
>> @@ -134,6 +135,11 @@ ENTRY(_cpu_resume)
>>   	 */
>>   	bl	cpu_do_resume
>>   
>> +#ifdef CONFIG_ARM64_PTR_AUTH
>> +	get_current_task x1
>> +	ptrauth_keys_install_kernel x1, x2, x3, x4
>> +#endif
> 
> Could we move this to cpu_do_resume? Most of the sysreg initialisation
> during resume is done there.

Yes it makes sense. I will implement in my v6 series.

>

diff --git a/arch/arm64/kernel/sleep.S b/arch/arm64/kernel/sleep.S
index 7b2f2e6..f9db925 100644
--- a/arch/arm64/kernel/sleep.S
+++ b/arch/arm64/kernel/sleep.S
@@ -2,6 +2,7 @@ 
 #include <linux/errno.h>
 #include <linux/linkage.h>
 #include <asm/asm-offsets.h>
+#include <asm/asm_pointer_auth.h>
 #include <asm/assembler.h>
 #include <asm/smp.h>
 
@@ -134,6 +135,11 @@  ENTRY(_cpu_resume)
 	 */
 	bl	cpu_do_resume
 
+#ifdef CONFIG_ARM64_PTR_AUTH
+	get_current_task x1
+	ptrauth_keys_install_kernel x1, x2, x3, x4
+#endif
+
 #ifdef CONFIG_KASAN
 	mov	x0, sp
 	bl	kasan_unpoison_task_stack_below

[v5,14/17] arm64: suspend: restore the kernel ptrauth keys

Commit Message

Comments

Patch