From patchwork Thu Oct 11 15:16:46 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Yu-cheng Yu <yu-cheng.yu@intel.com>
X-Patchwork-Id: 10636909
Return-Path: <owner-linux-mm@kvack.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
 [172.30.200.125])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 13BD3112B
	for <patchwork-linux-mm@patchwork.kernel.org>;
 Thu, 11 Oct 2018 15:22:52 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id F32E92B9A5
	for <patchwork-linux-mm@patchwork.kernel.org>;
 Thu, 11 Oct 2018 15:22:51 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id E689A2BA52; Thu, 11 Oct 2018 15:22:51 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI,
	RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2ECC22BA08
	for <patchwork-linux-mm@patchwork.kernel.org>;
 Thu, 11 Oct 2018 15:22:49 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 563246B0299; Thu, 11 Oct 2018 11:21:46 -0400 (EDT)
Delivered-To: linux-mm-outgoing@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 4C2D26B029D; Thu, 11 Oct 2018 11:21:46 -0400 (EDT)
X-Original-To: int-list-linux-mm@kvack.org
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 38F5A6B029F; Thu, 11 Oct 2018 11:21:46 -0400 (EDT)
X-Original-To: linux-mm@kvack.org
X-Delivered-To: linux-mm@kvack.org
Received: from mail-pg1-f197.google.com (mail-pg1-f197.google.com
 [209.85.215.197])
	by kanga.kvack.org (Postfix) with ESMTP id C8E9D6B0299
	for <linux-mm@kvack.org>; Thu, 11 Oct 2018 11:21:45 -0400 (EDT)
Received: by mail-pg1-f197.google.com with SMTP id k66-v6so6225699pga.21
        for <linux-mm@kvack.org>; Thu, 11 Oct 2018 08:21:45 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-original-authentication-results:x-gm-message-state:from:to:cc
         :subject:date:message-id:in-reply-to:references;
        bh=r2Tz1zF9viesqgaQ/f+Tq24NzwdM6shBdg3m8QU3p4g=;
        b=rE04D7baNAY1t76mQh54UOFD0EJRpqVNW0RYOwIBoMFwWG31kHlTCk7xH92haOpN3V
         L7VjS6c496Rof0Xpn0t5a3oay+L6Rzf6xLsBG2CRV6uq7jo7IWbsl85cGIHkI8tl633g
         wjn/YXK4P2Q8x9eOkkCt39XxQ0fm2HcA6G16XagzYzrK37pqrM0wbtkEJNLV8TNNWrFJ
         aIc1rF3XPzsFQFN7AbynjsPevfm//IWMlCScFJ//fFeSD/4G5PAUhiMTDTNJxSGrSwRQ
         tgdlsUYeB2M2pBcOBHyzsF/Y/XObAEIp0bR6PtoC653ng9XJ2MEWotmHaiTySN90FuGG
         F1Kw==
X-Original-Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of yu-cheng.yu@intel.com designates
 134.134.136.24 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
X-Gm-Message-State: ABuFfojxyWQnJTZgaPgHWBsX+x5FDsMxEp54sIa3G8QpBcQIRobmuMQd
	RaVy5Cel9z4iF8l5qaTODZJXE1+4icdQWQWK/gH+Mr9C8wXzl2bJidQtu6Klj11gF/Vxj9pxH9N
	71Zh/xmjJGRW6NnrmkULttDJuKb4RQ9p3vfrI0ewf1CytuaU8yaf9O+mmrBlQFDDbpQ==
X-Received: by 2002:a63:f848:: with SMTP id
 v8-v6mr1831427pgj.82.1539271305504;
        Thu, 11 Oct 2018 08:21:45 -0700 (PDT)
X-Google-Smtp-Source: 
 ACcGV63OkstG7tMoz6DJiX31XTD00NRs2oCZ/Wf3Bjz21sUkHM0XJF3512ANLOGKvz5Q1/Ra00de
X-Received: by 2002:a63:f848:: with SMTP id
 v8-v6mr1831379pgj.82.1539271304681;
        Thu, 11 Oct 2018 08:21:44 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1539271304; cv=none;
        d=google.com; s=arc-20160816;
        b=KzHmkcoWEEhkwfnWbIOOa5sCs5mXrYNLsfP4N7ngavlK4cacK1/ruAXytAZBtbbnP4
         KEK9l1b/m6GBR9cpeW/iRt84a80nOkjC6I/BmMf1JApoiEQFFHUV8s3SYnkYKGN/eOKC
         BeUtJsTH/bGzte36+yyeBGIck+SYhyCqylrZE6HcQlUfUUm79CnOUI3QVOfV2fCjFVq6
         WzU/duiAKMkyiHfSC2Jpd5Xyqurt0ioqX0ApkFLqxe0NJppoJp6HDQqO7T7M0dZnhnhr
         6O+URAIecfILPOAan3h+60bb7Hr+QOfke+HWpL/YZT1I0iWKDcoVWv8xkFVqDVMhEO3w
         PAmg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=references:in-reply-to:message-id:date:subject:cc:to:from;
        bh=r2Tz1zF9viesqgaQ/f+Tq24NzwdM6shBdg3m8QU3p4g=;
        b=zYgrgUhvNgfVXyXdiWtzRC5R9+DoFFAa19IYCFSN/ptBwt1+IWy+3bor8CbfymiPtr
         t6WfM1q9dU3lpT73OwFTrRFny7g8TIJxVzj02vUvKVMiu1gpvNu2w++5hQsT88gg7Q2N
         xvbbUmODniqIkBZWBnNMPOA8ZOCSRQ/ByEulxcB1VrvNaf/eZoirgTRQkh44CPt4WyWY
         D6g6gjJsqZX8ipkPRAtqILc3uLWUu+QHWx6vSGkAcNme0y35hG/9I3x3fUqx/8KCZ2Fx
         M5SlkNni0awuBk9lVOkOFVBg2noVnZRCM4M5JBpATOeBKHEMsDQXMVVvPElPgppPmedO
         BdYw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of yu-cheng.yu@intel.com designates
 134.134.136.24 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from mga09.intel.com (mga09.intel.com. [134.134.136.24])
        by mx.google.com with ESMTPS id
 w90-v6si28024425pfk.208.2018.10.11.08.21.44
        for <linux-mm@kvack.org>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 11 Oct 2018 08:21:44 -0700 (PDT)
Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates
 134.134.136.24 as permitted sender) client-ip=134.134.136.24;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of yu-cheng.yu@intel.com designates
 134.134.136.24 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga007.fm.intel.com ([10.253.24.52])
  by orsmga102.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 11 Oct 2018 08:21:44 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.54,368,1534834800";
   d="scan'208";a="77271624"
Received: from 2b52.sc.intel.com ([143.183.136.147])
  by fmsmga007.fm.intel.com with ESMTP; 11 Oct 2018 08:21:44 -0700
From: Yu-cheng Yu <yu-cheng.yu@intel.com>
To: x86@kernel.org,
	"H. Peter Anvin" <hpa@zytor.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@redhat.com>,
	linux-kernel@vger.kernel.org,
	linux-doc@vger.kernel.org,
	linux-mm@kvack.org,
	linux-arch@vger.kernel.org,
	linux-api@vger.kernel.org,
	Arnd Bergmann <arnd@arndb.de>,
	Andy Lutomirski <luto@amacapital.net>,
	Balbir Singh <bsingharora@gmail.com>,
	Cyrill Gorcunov <gorcunov@gmail.com>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	Eugene Syromiatnikov <esyr@redhat.com>,
	Florian Weimer <fweimer@redhat.com>,
	"H.J. Lu" <hjl.tools@gmail.com>,
	Jann Horn <jannh@google.com>,
	Jonathan Corbet <corbet@lwn.net>,
	Kees Cook <keescook@chromium.org>,
	Mike Kravetz <mike.kravetz@oracle.com>,
	Nadav Amit <nadav.amit@gmail.com>,
	Oleg Nesterov <oleg@redhat.com>,
	Pavel Machek <pavel@ucw.cz>,
	Peter Zijlstra <peterz@infradead.org>,
	Randy Dunlap <rdunlap@infradead.org>,
	"Ravi V. Shankar" <ravi.v.shankar@intel.com>,
	Vedvyas Shanbhogue <vedvyas.shanbhogue@intel.com>
Cc: Yu-cheng Yu <yu-cheng.yu@intel.com>
Subject: [PATCH v5 03/11] x86/cet/ibt: Add IBT legacy code bitmap allocation
 function
Date: Thu, 11 Oct 2018 08:16:46 -0700
Message-Id: <20181011151654.27221-4-yu-cheng.yu@intel.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20181011151654.27221-1-yu-cheng.yu@intel.com>
References: <20181011151654.27221-1-yu-cheng.yu@intel.com>
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
X-Virus-Scanned: ClamAV using ClamSMTP

Indirect branch tracking provides an optional legacy code bitmap
that indicates locations of non-IBT compatible code.  When set,
each bit in the bitmap represents a page in the linear address is
legacy code.

We allocate the bitmap only when the application requests it.
Most applications do not need the bitmap.

Signed-off-by: Yu-cheng Yu <yu-cheng.yu@intel.com>
---
 arch/x86/kernel/cet.c | 47 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)

diff --git a/arch/x86/kernel/cet.c b/arch/x86/kernel/cet.c
index 40c4c08e5e31..77ae4eaa9dea 100644
--- a/arch/x86/kernel/cet.c
+++ b/arch/x86/kernel/cet.c
@@ -21,6 +21,7 @@
 #include <asm/compat.h>
 #include <asm/cet.h>
 #include <asm/special_insns.h>
+#include <asm/elf.h>
 
 static int set_shstk_ptr(unsigned long addr)
 {
@@ -327,3 +328,49 @@ void cet_disable_ibt(void)
 	wrmsrl(MSR_IA32_U_CET, r);
 	current->thread.cet.ibt_enabled = 0;
 }
+
+int cet_setup_ibt_bitmap(void)
+{
+	u64 r;
+	unsigned long bitmap;
+	unsigned long size;
+
+	if (!cpu_feature_enabled(X86_FEATURE_IBT))
+		return -EOPNOTSUPP;
+
+	if (!current->thread.cet.ibt_bitmap_addr) {
+		/*
+		 * Calculate size and put in thread header.
+		 * may_expand_vm() needs this information.
+		 */
+		size = in_compat_syscall() ? task_size_32bit() : task_size_64bit(1);
+		size = size / PAGE_SIZE / BITS_PER_BYTE;
+		current->thread.cet.ibt_bitmap_size = size;
+		bitmap = do_mmap_locked(0, size, PROT_READ | PROT_WRITE,
+					MAP_ANONYMOUS | MAP_PRIVATE,
+					VM_DONTDUMP);
+
+		if ((bitmap >= TASK_SIZE) || (bitmap < size)) {
+			current->thread.cet.ibt_bitmap_size = 0;
+			return -ENOMEM;
+		}
+
+		current->thread.cet.ibt_bitmap_addr = bitmap;
+
+		/*
+		 * Lower bits of MSR_IA32_CET_LEG_IW_EN are for IBT
+		 * settings.  Clear lower bits even bitmap is already
+		 * page-aligned.
+		 */
+		bitmap &= PAGE_MASK;
+
+		/*
+		 * Turn on IBT legacy bitmap.
+		 */
+		rdmsrl(MSR_IA32_U_CET, r);
+		r |= (MSR_IA32_CET_LEG_IW_EN | bitmap);
+		wrmsrl(MSR_IA32_U_CET, r);
+	}
+
+	return 0;
+}