From patchwork Fri Mar 29 04:44:48 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13610060 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 29646CD1283 for ; Fri, 29 Mar 2024 04:46:41 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A8BBE6B00AF; Fri, 29 Mar 2024 00:46:40 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id A147E6B00B0; Fri, 29 Mar 2024 00:46:40 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 866E86B00B1; Fri, 29 Mar 2024 00:46:40 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 5EF016B00AF for ; Fri, 29 Mar 2024 00:46:40 -0400 (EDT) Received: from smtpin26.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 26C6FC087E for ; Fri, 29 Mar 2024 04:46:40 +0000 (UTC) X-FDA: 81948840960.26.1F5662B Received: from mail-oa1-f43.google.com (mail-oa1-f43.google.com [209.85.160.43]) by imf09.hostedemail.com (Postfix) with ESMTP id 4B750140019 for ; Fri, 29 Mar 2024 04:46:38 +0000 (UTC) Authentication-Results: imf09.hostedemail.com; dkim=pass header.d=rivosinc-com.20230601.gappssmtp.com header.s=20230601 header.b="ekq/jReQ"; dmarc=none; spf=pass (imf09.hostedemail.com: domain of debug@rivosinc.com designates 209.85.160.43 as permitted sender) smtp.mailfrom=debug@rivosinc.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1711687598; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=jOjKUP7R2Pn5KHy+bcQHndffhGuedIhGkkiUJ74Ko2E=; b=Hnrdecn1v32XIBkx7XF2eOApcvX8xudfutanAwzo0o5I0RLWtbcbbXHi4Zh3GmP0h+Ogp0 7ZK/jHslsyI22Ue3vnMu7Hr8XU4SrRhYE8RdVm+QlmaH1MXl4FBmPWEu+/9I9N8FKYCRrs VyYQ4w3E0LSS6iMCFOilUf/dcYqooHU= ARC-Authentication-Results: i=1; imf09.hostedemail.com; dkim=pass header.d=rivosinc-com.20230601.gappssmtp.com header.s=20230601 header.b="ekq/jReQ"; dmarc=none; spf=pass (imf09.hostedemail.com: domain of debug@rivosinc.com designates 209.85.160.43 as permitted sender) smtp.mailfrom=debug@rivosinc.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1711687598; a=rsa-sha256; cv=none; b=Ed7IO7+ms9and/mwZmYpkmInrkZo9nVQ7y8DPAnXDgai5bhKEk4AgP0I55cvgGdXxdIE4M +tE+ElRwVOvECLUN5iWnzif4VC2cjk8YRDeaZiWYw2fflRkGbEm/pm9qR457oFVNVX+Mag h0YYiEQ0IMPcAm+OVO6sMOPWbwkESZk= Received: by mail-oa1-f43.google.com with SMTP id 586e51a60fabf-222ba2a19bdso1020961fac.1 for ; Thu, 28 Mar 2024 21:46:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1711687597; x=1712292397; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=jOjKUP7R2Pn5KHy+bcQHndffhGuedIhGkkiUJ74Ko2E=; b=ekq/jReQ8BhqkTdtyuKcBSaNHN/ORoRNrx1ZPHwrCwrG2gi9Co0uxsqRqZuOIxu5/U 4l5kwYJQSi8dRu4V1PrhK2MvMRYMMaTsO7nt8mas4IWWYE3HvD+aRyE8tRIQMojlKm9y P0mLfKcchHpfk7Bm36PvSVyD6HDhEhzGdNSB6vRrRbXwOG7NNfAoeWZbZZjeRDjFgu08 8nEKRiTTrvaGALCE/QinDIHVpc/nWLPN0st10+HJuA5i5qETHVxerfUpdNlNC+u8dZd3 fJAj1HHMX1gKr4e83GyoMXOZCT2kU8iGj3TnZP6fym6+x1bsc52kTLYGricXGn++z9AN 4+vw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1711687597; x=1712292397; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=jOjKUP7R2Pn5KHy+bcQHndffhGuedIhGkkiUJ74Ko2E=; b=IoPL90bu1lm+QsD4ktzj7L8XA5og6yVTVyuBh795Z0FaiY+W+bTuQxN3a7M+rNRmT0 3oHOXF8kCInt1szb9V0Rc+NlCXPcJY5tL/dZ5YkLPEj7ZigmPR/pqGKirnHRpqXBcBzS pDINSH0QDhvMt2/SMwcaz33r1e0uuLdvaBKKiXVsGAcyTdSrR9iyEDLRxdk4dzxaHOcB WuYUfun/EDVdF51WraPPSJGekgQgXan7/ujOv0HnUY4pj5gcn4FlEVkOcNJXa23dHlhG 2+d5g54vxRaYlyMoCpF3zaJReK44x8q2go+Jh8mYUjOIfvClCzL/Pjqv5yPK76LHG05q pTYA== X-Forwarded-Encrypted: i=1; AJvYcCW5XjFRPPoLpOlFekI4NQGF8mJZUaYw0bJdmGJ1GcK8PlMIfKjA2MlsBxyTn30n7L5Trs/mYv1znZ00zuPooVLbHsw= X-Gm-Message-State: AOJu0YzwLMrxIW/Ip++pOGsHG9Dk/phnE+ZczF9OL7VVmwB/Fizsjm+v j0vc4DModIjqGe1Qwu/eTNKe0/g6WTFtIDSKOZ0F9NqAzIooWah/7WaqfzY1TPY= X-Google-Smtp-Source: AGHT+IGJQSx7xjJ7n2mbejRm8WQQAwrhRnla3swVvKyB0ZaA2dVNGQk8U096glMvDQJ5OLMIlZU/5g== X-Received: by 2002:a05:6870:b698:b0:229:e636:921f with SMTP id cy24-20020a056870b69800b00229e636921fmr1250647oab.49.1711687597188; Thu, 28 Mar 2024 21:46:37 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id i18-20020aa78b52000000b006ea7e972947sm2217120pfd.130.2024.03.28.21.46.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 28 Mar 2024 21:46:36 -0700 (PDT) From: Deepak Gupta To: paul.walmsley@sifive.com, rick.p.edgecombe@intel.com, broonie@kernel.org, Szabolcs.Nagy@arm.com, kito.cheng@sifive.com, keescook@chromium.org, ajones@ventanamicro.com, conor.dooley@microchip.com, cleger@rivosinc.com, atishp@atishpatra.org, alex@ghiti.fr, bjorn@rivosinc.com, alexghiti@rivosinc.com, samuel.holland@sifive.com, palmer@sifive.com, conor@kernel.org, linux-doc@vger.kernel.org, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, devicetree@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-kselftest@vger.kernel.org Cc: corbet@lwn.net, tech-j-ext@lists.risc-v.org, palmer@dabbelt.com, aou@eecs.berkeley.edu, robh+dt@kernel.org, krzysztof.kozlowski+dt@linaro.org, oleg@redhat.com, akpm@linux-foundation.org, arnd@arndb.de, ebiederm@xmission.com, Liam.Howlett@oracle.com, vbabka@suse.cz, lstoakes@gmail.com, shuah@kernel.org, brauner@kernel.org, debug@rivosinc.com, andy.chiu@sifive.com, jerry.shih@sifive.com, hankuan.chen@sifive.com, greentime.hu@sifive.com, evan@rivosinc.com, xiao.w.wang@intel.com, charlie@rivosinc.com, apatel@ventanamicro.com, mchitale@ventanamicro.com, dbarboza@ventanamicro.com, sameo@rivosinc.com, shikemeng@huaweicloud.com, willy@infradead.org, vincent.chen@sifive.com, guoren@kernel.org, samitolvanen@google.com, songshuaishuai@tinylab.org, gerg@kernel.org, heiko@sntech.de, bhe@redhat.com, jeeheng.sia@starfivetech.com, cyy@cyyself.name, maskray@google.com, ancientmodern4@gmail.com, mathis.salmen@matsal.de, cuiyunhui@bytedance.com, bgray@linux.ibm.com, mpe@ellerman.id.au, baruch@tkos.co.il, alx@kernel.org, david@redhat.com, catalin.marinas@arm.com, revest@chromium.org, josh@joshtriplett.org, shr@devkernel.io, deller@gmx.de, omosnace@redhat.com, ojeda@kernel.org, jhubbard@nvidia.com Subject: [PATCH v2 16/27] prctl: arch-agnostic prtcl for indirect branch tracking Date: Thu, 28 Mar 2024 21:44:48 -0700 Message-Id: <20240329044459.3990638-17-debug@rivosinc.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240329044459.3990638-1-debug@rivosinc.com> References: <20240329044459.3990638-1-debug@rivosinc.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: 4B750140019 X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: 6ci97g6yg4k4ihya3cgcjw8yztd6zm5s X-HE-Tag: 1711687598-993491 X-HE-Meta: U2FsdGVkX1+Wkqvv3ChKRC+sugBUFkvFBsimzCUP5qmKIYHe0gpyx9+hXU+7Yf4eHlK6y7XdjiLrS5iWpQgj8L5aHS80iCcHG3DBic5VqcwB64XEhKSzcHGae4ybP18VsAL7GR5AA0SBN0CnBRlpwevSKdud8KtY9RCl/2lbXw9hzm4f+ifxc/3mniulS9Waojl0WHGBDYdfcDecdhwHZKAv+9Vyjfnd5gTYvbptClmn75Vh5f3JXMtb3+umb8JI5q+pb0yCEo36si/6AJLy6ASnl2vtRkrMrREyfaVkD//qFyX0VLj9tRaY9HqUlgo/ne3BMaMYUICiK2OJkLUKftpmlfIEZ7jWTIsQKib9VTecV/pLDT4EjPUZ0SfAfgyXBt0I0Mgv+2sx71tQGhFgBwUwnybJlzOu/SljuhGWGNvFXK39XOVcDf+3qrS39lap85vtJvXhYXyOsTY5jYUOc2hGCPSivPlI8DbtLKg1Zc203v6/WY1eFpwGmRfSI0HKC4wHRtk9DOrK+MdqF1aC5kbKlN30E0zJthCCsckLdbzB1E5Vj5T1T9X3Y9RZQVTsaHPO63EenEH9mzssRadGrMJ4SrWQv/eaK5A1+gbp+dC83VwO6iZXUJKhStbm+yOz6GOMKGjZCdUK1593afNEvUj3nbsLbRjJ3Ja3GF38LKbIX27Z2nRekbOId8H34hu/KsLIAPn+MYGRATZPCoq4bqjtb0lyYXiDoNcwUCP+Ah8aWtx4moxGT2VJt6s6FTJt1W5W+hMiogkwhmiGDPe6N+FIKv2H9Jf/irJ0H2yEO7zXP4d7Kra5XLEMLi/Sebw9RCXrZPbEY4OL0TWW2a6uIrKIp2fD5DgvpvOsNWVF9fWCIqHncPQA/ccm/pBFBmOnkuMPnb9rUcVtxhahHIHrMZ0P4Zfy1rmAAlmBurlJCCorVd8rvQMp8ezOmcdxpBmbGETI9phe7PD6sODaHU+ kDJ1ylbj Fzt8I/i4pMUlsSDMujdjXk9BaenskqI6+3qHcELoWhZS6aEo9aL38z7fOFDb7tbHcCVVQvrxDVfNyAn/xDctu3GaG6i6laaOl8xn1DhIWpxOaA6W8WMjKFG/HZIT9OpcgKn90GFrttaj9s/53/vEYxGlLU5tvRnVcp15p1uKPXI9CIqD9wYOmM4RPXro+wZ0aDD6kLc+G9SPlopu874MiZeBcBDVd0c7Y0ztiLVvT5LfL1NRwbdHzljh3smMURWK3hMvMqW+/PG6iv597bfkc6DQFxFW+YAsNN1FUP8O17Apdc8MCqan8ajsRG+RRgBsMcN3O5+tFRN+joooY4uikLDGTbuB+l/18DtfohSOsKs+J8JXDamtszen4OGwPQwR1vR1vgVVF1FLMqrf3PvQk/cT7EOA7n3J2y4fiuOYnPgtKOQz0oe4pQNSrzqThZvtx4h3yCK9RadeaC29yUiv0ET11HrImwLmO3X1J+rM3ebYBkXH4/+wjq7f5WUAyAJMjp3kFj1IUbX7+SBE= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Three architectures (x86, aarch64, riscv) have support for indirect branch tracking feature in a very similar fashion. On a very high level, indirect branch tracking is a CPU feature where CPU tracks branches which uses memory operand to perform control transfer in program. As part of this tracking on indirect branches, CPU goes in a state where it expects a landing pad instr on target and if not found then CPU raises some fault (architecture dependent) x86 landing pad instr - `ENDBRANCH` aarch64 landing pad instr - `BTI` riscv landing instr - `lpad` Given that three major arches have support for indirect branch tracking, This patch makes `prctl` for indirect branch tracking arch agnostic. To allow userspace to enable this feature for itself, following prtcls are defined: - PR_GET_INDIR_BR_LP_STATUS: Gets current configured status for indirect branch tracking. - PR_SET_INDIR_BR_LP_STATUS: Sets a configuration for indirect branch tracking Following status options are allowed - PR_INDIR_BR_LP_ENABLE: Enables indirect branch tracking on user thread. - PR_INDIR_BR_LP_DISABLE; Disables indirect branch tracking on user thread. - PR_LOCK_INDIR_BR_LP_STATUS: Locks configured status for indirect branch tracking for user thread. Signed-off-by: Deepak Gupta --- include/uapi/linux/prctl.h | 27 +++++++++++++++++++++++++++ kernel/sys.c | 30 ++++++++++++++++++++++++++++++ 2 files changed, 57 insertions(+) diff --git a/include/uapi/linux/prctl.h b/include/uapi/linux/prctl.h index 3c66ed8f46d8..b7a8212a068e 100644 --- a/include/uapi/linux/prctl.h +++ b/include/uapi/linux/prctl.h @@ -328,4 +328,31 @@ struct prctl_mm_map { */ #define PR_LOCK_SHADOW_STACK_STATUS 73 +/* + * Get the current indirect branch tracking configuration for the current + * thread, this will be the value configured via PR_SET_INDIR_BR_LP_STATUS. + */ +#define PR_GET_INDIR_BR_LP_STATUS 74 + +/* + * Set the indirect branch tracking configuration. PR_INDIR_BR_LP_ENABLE will + * enable cpu feature for user thread, to track all indirect branches and ensure + * they land on arch defined landing pad instruction. + * x86 - If enabled, an indirect branch must land on `ENDBRANCH` instruction. + * arch64 - If enabled, an indirect branch must land on `BTI` instruction. + * riscv - If enabled, an indirect branch must land on `lpad` instruction. + * PR_INDIR_BR_LP_DISABLE will disable feature for user thread and indirect + * branches will no more be tracked by cpu to land on arch defined landing pad + * instruction. + */ +#define PR_SET_INDIR_BR_LP_STATUS 75 +# define PR_INDIR_BR_LP_ENABLE (1UL << 0) + +/* + * Prevent further changes to the specified indirect branch tracking + * configuration. All bits may be locked via this call, including + * undefined bits. + */ +#define PR_LOCK_INDIR_BR_LP_STATUS 76 + #endif /* _LINUX_PRCTL_H */ diff --git a/kernel/sys.c b/kernel/sys.c index 242e9f147791..c770060c3f06 100644 --- a/kernel/sys.c +++ b/kernel/sys.c @@ -2330,6 +2330,21 @@ int __weak arch_lock_shadow_stack_status(struct task_struct *t, unsigned long st return -EINVAL; } +int __weak arch_get_indir_br_lp_status(struct task_struct *t, unsigned long __user *status) +{ + return -EINVAL; +} + +int __weak arch_set_indir_br_lp_status(struct task_struct *t, unsigned long __user *status) +{ + return -EINVAL; +} + +int __weak arch_lock_indir_br_lp_status(struct task_struct *t, unsigned long __user *status) +{ + return -EINVAL; +} + #define PR_IO_FLUSHER (PF_MEMALLOC_NOIO | PF_LOCAL_THROTTLE) #ifdef CONFIG_ANON_VMA_NAME @@ -2787,6 +2802,21 @@ SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3, return -EINVAL; error = arch_lock_shadow_stack_status(me, arg2); break; + case PR_GET_INDIR_BR_LP_STATUS: + if (arg3 || arg4 || arg5) + return -EINVAL; + error = arch_get_indir_br_lp_status(me, (unsigned long __user *) arg2); + break; + case PR_SET_INDIR_BR_LP_STATUS: + if (arg3 || arg4 || arg5) + return -EINVAL; + error = arch_set_indir_br_lp_status(me, (unsigned long __user *) arg2); + break; + case PR_LOCK_INDIR_BR_LP_STATUS: + if (arg3 || arg4 || arg5) + return -EINVAL; + error = arch_lock_indir_br_lp_status(me, (unsigned long __user *) arg2); + break; default: error = -EINVAL; break;