From patchwork Fri Jan 15 12:00:40 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vincenzo Frascino X-Patchwork-Id: 12022357 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-17.0 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5519EC433E0 for ; Fri, 15 Jan 2021 12:02:42 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 141B423128 for ; Fri, 15 Jan 2021 12:02:42 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 141B423128 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=arm.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:Message-Id:Date: Subject:To:From:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=injodCgdKyDcm1N9GtXVEkaVuplloyfhckYFaX4BIog=; b=DtZcspQqhE36G0ypoKzdX/QdK UiMSKs0ic53eH80+rV5zI0zXKuF8lQdKe8eEFq6P1l0J/ysmwGb+hwNFpMc/SfQSUa2bmYXI/tn8j 6ewGGYNFDHlwSwlirDe2HRcePeq9IaMHGkV+U0270BGyqFKqzVFKd/kjsPq8+owZhaSsspmxUOEcT TPFJU2LqLAed5y8vYpaz8Ga1GwzmvrZ1rC6UKHGvSrX0Hcmlrz7PyiCR8dyAcXbaHdxLTLsvB8O1O TFYtUvJcpQPCWE++2vxAmYqa5A9IEppP9+8T/sEIRAhMkc29k24afQuQMNPLXJnUYY31jAN0AVyNm b1tgpzXUQ==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1l0Nmt-00050c-A2; Fri, 15 Jan 2021 12:01:07 +0000 Received: from foss.arm.com ([217.140.110.172]) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1l0Nmk-0004y3-24 for linux-arm-kernel@lists.infradead.org; Fri, 15 Jan 2021 12:00:59 +0000 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 5777411B3; Fri, 15 Jan 2021 04:00:55 -0800 (PST) Received: from e119884-lin.cambridge.arm.com (e119884-lin.cambridge.arm.com [10.1.196.72]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id ACBD73F70D; Fri, 15 Jan 2021 04:00:53 -0800 (PST) From: Vincenzo Frascino To: linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com Subject: [PATCH v3 1/4] kasan, arm64: Add KASAN light mode Date: Fri, 15 Jan 2021 12:00:40 +0000 Message-Id: <20210115120043.50023-2-vincenzo.frascino@arm.com> X-Mailer: git-send-email 2.30.0 In-Reply-To: <20210115120043.50023-1-vincenzo.frascino@arm.com> References: <20210115120043.50023-1-vincenzo.frascino@arm.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210115_070058_239319_9D60ACCC X-CRM114-Status: GOOD ( 25.05 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Catalin Marinas , Branislav Rankov , Alexander Potapenko , Evgenii Stepanov , Andrey Konovalov , Andrey Ryabinin , Vincenzo Frascino , Will Deacon , Dmitry Vyukov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Architectures supported by KASAN HW can provide a light mode of execution. On an MTE enabled arm64 hw for example this can be identified with the asynch mode of execution. In this mode, if a tag check fault occurs, the TFSR_EL1 register is updated asynchronously. The kernel checks the corresponding bits periodically. KASAN requires a specific mode of execution to make use of this hw feature. Add KASAN HW light execution mode. Note: This patch adds the KASAN_ARG_MODE_LIGHT config option and the "light" kernel command line option to enable the described feature. This patch introduces the kasan_def.h header to make easier to propagate the relevant enumerations to the architectural code. Cc: Dmitry Vyukov Cc: Andrey Ryabinin Cc: Alexander Potapenko Cc: Andrey Konovalov Signed-off-by: Vincenzo Frascino --- arch/arm64/include/asm/memory.h | 2 +- arch/arm64/include/asm/mte-kasan.h | 5 +++-- arch/arm64/kernel/mte.c | 2 +- include/linux/kasan.h | 1 + include/linux/kasan_def.h | 10 ++++++++++ mm/kasan/hw_tags.c | 19 ++++++++++++++++++- mm/kasan/kasan.h | 2 +- 7 files changed, 35 insertions(+), 6 deletions(-) create mode 100644 include/linux/kasan_def.h diff --git a/arch/arm64/include/asm/memory.h b/arch/arm64/include/asm/memory.h index 18fce223b67b..3a7c5beb7096 100644 --- a/arch/arm64/include/asm/memory.h +++ b/arch/arm64/include/asm/memory.h @@ -231,7 +231,7 @@ static inline const void *__tag_set(const void *addr, u8 tag) } #ifdef CONFIG_KASAN_HW_TAGS -#define arch_enable_tagging() mte_enable_kernel() +#define arch_enable_tagging(mode) mte_enable_kernel(mode) #define arch_init_tags(max_tag) mte_init_tags(max_tag) #define arch_get_random_tag() mte_get_random_tag() #define arch_get_mem_tag(addr) mte_get_mem_tag(addr) diff --git a/arch/arm64/include/asm/mte-kasan.h b/arch/arm64/include/asm/mte-kasan.h index 26349a4b5e2e..5402f4c8e88d 100644 --- a/arch/arm64/include/asm/mte-kasan.h +++ b/arch/arm64/include/asm/mte-kasan.h @@ -9,6 +9,7 @@ #ifndef __ASSEMBLY__ +#include #include /* @@ -29,7 +30,7 @@ u8 mte_get_mem_tag(void *addr); u8 mte_get_random_tag(void); void *mte_set_mem_tag_range(void *addr, size_t size, u8 tag); -void mte_enable_kernel(void); +void mte_enable_kernel(enum kasan_hw_tags_mode mode); void mte_init_tags(u64 max_tag); #else /* CONFIG_ARM64_MTE */ @@ -52,7 +53,7 @@ static inline void *mte_set_mem_tag_range(void *addr, size_t size, u8 tag) return addr; } -static inline void mte_enable_kernel(void) +static inline void mte_enable_kernel(enum kasan_hw_tags_mode mode) { } diff --git a/arch/arm64/kernel/mte.c b/arch/arm64/kernel/mte.c index dc9ada64feed..53a6d734e29b 100644 --- a/arch/arm64/kernel/mte.c +++ b/arch/arm64/kernel/mte.c @@ -151,7 +151,7 @@ void mte_init_tags(u64 max_tag) write_sysreg_s(SYS_GCR_EL1_RRND | gcr_kernel_excl, SYS_GCR_EL1); } -void mte_enable_kernel(void) +void mte_enable_kernel(enum kasan_hw_tags_mode mode) { /* Enable MTE Sync Mode for EL1. */ sysreg_clear_set(sctlr_el1, SCTLR_ELx_TCF_MASK, SCTLR_ELx_TCF_SYNC); diff --git a/include/linux/kasan.h b/include/linux/kasan.h index 5e0655fb2a6f..026031444217 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -2,6 +2,7 @@ #ifndef _LINUX_KASAN_H #define _LINUX_KASAN_H +#include #include #include diff --git a/include/linux/kasan_def.h b/include/linux/kasan_def.h new file mode 100644 index 000000000000..0a55400809c9 --- /dev/null +++ b/include/linux/kasan_def.h @@ -0,0 +1,10 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef _LINUX_KASAN_DEF_H +#define _LINUX_KASAN_DEF_H + +enum kasan_hw_tags_mode { + KASAN_HW_TAGS_SYNC, + KASAN_HW_TAGS_ASYNC, +}; + +#endif /* _LINUX_KASAN_DEF_H */ diff --git a/mm/kasan/hw_tags.c b/mm/kasan/hw_tags.c index 55bd6f09c70f..6c3b0742f639 100644 --- a/mm/kasan/hw_tags.c +++ b/mm/kasan/hw_tags.c @@ -22,6 +22,7 @@ enum kasan_arg_mode { KASAN_ARG_MODE_DEFAULT, KASAN_ARG_MODE_OFF, + KASAN_ARG_MODE_LIGHT, KASAN_ARG_MODE_PROD, KASAN_ARG_MODE_FULL, }; @@ -60,6 +61,8 @@ static int __init early_kasan_mode(char *arg) if (!strcmp(arg, "off")) kasan_arg_mode = KASAN_ARG_MODE_OFF; + else if (!strcmp(arg, "light")) + kasan_arg_mode = KASAN_ARG_MODE_LIGHT; else if (!strcmp(arg, "prod")) kasan_arg_mode = KASAN_ARG_MODE_PROD; else if (!strcmp(arg, "full")) @@ -105,9 +108,21 @@ static int __init early_kasan_fault(char *arg) } early_param("kasan.fault", early_kasan_fault); +static inline int hw_init_mode(enum kasan_arg_mode mode) +{ + switch (mode) { + case KASAN_ARG_MODE_LIGHT: + return KASAN_HW_TAGS_ASYNC; + default: + return KASAN_HW_TAGS_SYNC; + } +} + /* kasan_init_hw_tags_cpu() is called for each CPU. */ void kasan_init_hw_tags_cpu(void) { + enum kasan_hw_tags_mode hw_mode; + /* * There's no need to check that the hardware is MTE-capable here, * as this function is only called for MTE-capable hardware. @@ -118,7 +133,8 @@ void kasan_init_hw_tags_cpu(void) return; hw_init_tags(KASAN_TAG_MAX); - hw_enable_tagging(); + hw_mode = hw_init_mode(kasan_arg_mode); + hw_enable_tagging(hw_mode); } /* kasan_init_hw_tags() is called once on boot CPU. */ @@ -145,6 +161,7 @@ void __init kasan_init_hw_tags(void) case KASAN_ARG_MODE_OFF: /* If KASAN is disabled, do nothing. */ return; + case KASAN_ARG_MODE_LIGHT: case KASAN_ARG_MODE_PROD: static_branch_enable(&kasan_flag_enabled); break; diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h index cc4d9e1d49b1..78c09279327e 100644 --- a/mm/kasan/kasan.h +++ b/mm/kasan/kasan.h @@ -284,7 +284,7 @@ static inline const void *arch_kasan_set_tag(const void *addr, u8 tag) #define arch_set_mem_tag_range(addr, size, tag) ((void *)(addr)) #endif -#define hw_enable_tagging() arch_enable_tagging() +#define hw_enable_tagging(mode) arch_enable_tagging(mode) #define hw_init_tags(max_tag) arch_init_tags(max_tag) #define hw_get_random_tag() arch_get_random_tag() #define hw_get_mem_tag(addr) arch_get_mem_tag(addr)