From patchwork Tue Nov 10 16:24:45 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 11894823 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id BE254697 for ; Tue, 10 Nov 2020 16:25:19 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 85B7920780 for ; Tue, 10 Nov 2020 16:25:19 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 85B7920780 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id DA1626B0081; Tue, 10 Nov 2020 11:25:09 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id D4D966B0085; Tue, 10 Nov 2020 11:25:09 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B2F896B0082; Tue, 10 Nov 2020 11:25:09 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0144.hostedemail.com [216.40.44.144]) by kanga.kvack.org (Postfix) with ESMTP id 75C606B0075 for ; Tue, 10 Nov 2020 11:25:09 -0500 (EST) Received: from smtpin28.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay05.hostedemail.com (Postfix) with ESMTP id 16522181AEF10 for ; Tue, 10 Nov 2020 16:25:09 +0000 (UTC) X-FDA: 77469033138.28.owl92_2417fa0272f6 Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin28.hostedemail.com (Postfix) with ESMTP id C24BB6D65 for ; Tue, 10 Nov 2020 16:25:08 +0000 (UTC) X-Spam-Summary: 1,0,0,,d41d8cd98f00b204,yu-cheng.yu@intel.com,,RULES_HIT:30045:30054:30056:30064:30070,0,RBL:134.134.136.24:@intel.com:.lbl8.mailshell.net-64.95.201.95 62.18.0.100;04y84qnhq1qy3gmqysuj14qmt4x5jopp4u4d7i7nokzxfn3zybip5azrxfc11uh.s4kit4wu364x1hqryuow685473qrnc4db7quxdtnsbydts1mpiso4z6y1ihjim8.w-lbl8.mailshell.net-223.238.255.100,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,MSF:not bulk,SPF:ft,MSBL:0,DNSBL:neutral,Custom_rules:0:0:0,LFtime:71,LUA_SUMMARY:none X-HE-Tag: owl92_2417fa0272f6 X-Filterd-Recvd-Size: 3906 Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by imf42.hostedemail.com (Postfix) with ESMTP for ; Tue, 10 Nov 2020 16:25:08 +0000 (UTC) IronPort-SDR: D4vVAcTsBZ2XZRdVp6IaQVnNZBNYCe5Wkm3be/703N6CqQqze+VqGnt6imZPFT9YhpnxLnK708 W6wF9sIstSpw== X-IronPort-AV: E=McAfee;i="6000,8403,9801"; a="170160150" X-IronPort-AV: E=Sophos;i="5.77,466,1596524400"; d="scan'208";a="170160150" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Nov 2020 08:25:03 -0800 IronPort-SDR: RvTRHeWqcPmBogoVhRwZDuePWp34W0iYiyfgdk+ztcfxi7zhe1GXFEtUgOnyI9OnXiphUGbjAa chWnHen7eUEA== X-IronPort-AV: E=Sophos;i="5.77,466,1596524400"; d="scan'208";a="308469043" Received: from yyu32-desk.sc.intel.com ([143.183.136.146]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Nov 2020 08:25:03 -0800 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin , Weijiang Yang , Pengfei Xu Cc: Yu-cheng Yu Subject: [PATCH v15 4/7] x86/cet/ibt: ELF header parsing for Indirect Branch Tracking Date: Tue, 10 Nov 2020 08:24:45 -0800 Message-Id: <20201110162448.9846-5-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20201110162448.9846-1-yu-cheng.yu@intel.com> References: <20201110162448.9846-1-yu-cheng.yu@intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Update arch_setup_elf_property() for Indirect Branch Tracking. Signed-off-by: Yu-cheng Yu --- arch/x86/Kconfig | 2 ++ arch/x86/kernel/process_64.c | 8 ++++++++ 2 files changed, 10 insertions(+) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index e27f0c19a4b3..7ee6e2957863 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1975,6 +1975,8 @@ config X86_BRANCH_TRACKING_USER depends on CPU_SUP_INTEL && X86_64 depends on $(cc-option,-fcf-protection) select X86_CET + select ARCH_USE_GNU_PROPERTY + select ARCH_BINFMT_ELF_STATE help Indirect Branch Tracking (IBT) provides protection against CALL-/JMP-oriented programming attacks. It is active when diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c index 7c4687a0f001..44ea5bd81a9f 100644 --- a/arch/x86/kernel/process_64.c +++ b/arch/x86/kernel/process_64.c @@ -866,6 +866,14 @@ int arch_setup_elf_property(struct arch_elf_state *state) r = cet_setup_shstk(); } + if (r < 0) + return r; + + if (static_cpu_has(X86_FEATURE_IBT)) { + if (state->gnu_property & GNU_PROPERTY_X86_FEATURE_1_IBT) + r = cet_setup_ibt(); + } + return r; } #endif