From patchwork Wed Apr 3 23:35:05 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13616781 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 71239CD1292 for ; Wed, 3 Apr 2024 23:42:23 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 8238A6B00B6; Wed, 3 Apr 2024 19:42:18 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 7AE7E6B00B7; Wed, 3 Apr 2024 19:42:18 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 5FEC96B00B9; Wed, 3 Apr 2024 19:42:18 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 4300B6B00B6 for ; Wed, 3 Apr 2024 19:42:18 -0400 (EDT) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id D4A4A1C0D69 for ; Wed, 3 Apr 2024 23:42:17 +0000 (UTC) X-FDA: 81969846714.19.0FB6BCD Received: from mail-pl1-f174.google.com (mail-pl1-f174.google.com [209.85.214.174]) by imf07.hostedemail.com (Postfix) with ESMTP id 0B40B40003 for ; Wed, 3 Apr 2024 23:42:15 +0000 (UTC) Authentication-Results: imf07.hostedemail.com; dkim=pass header.d=rivosinc-com.20230601.gappssmtp.com header.s=20230601 header.b=WAA5MF7U; dmarc=none; spf=pass (imf07.hostedemail.com: domain of debug@rivosinc.com designates 209.85.214.174 as permitted sender) smtp.mailfrom=debug@rivosinc.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1712187736; a=rsa-sha256; cv=none; b=O0hq7mLZUL6P29g1Kgp/JFCU/9L752hqTaGqyj5mBmJW8dUpUx5cYAqXWfnLWAAtW49Os0 ZjIF5xQf/MR++SMq/sPTxzCvzP9c/di0rTKE/5Er3IOucK/ENb92XePsz8xQY7ql8xlcpe zC0g07Zud97fe8MxwqzMzEMHkJZfPJ8= ARC-Authentication-Results: i=1; imf07.hostedemail.com; dkim=pass header.d=rivosinc-com.20230601.gappssmtp.com header.s=20230601 header.b=WAA5MF7U; dmarc=none; spf=pass (imf07.hostedemail.com: domain of debug@rivosinc.com designates 209.85.214.174 as permitted sender) smtp.mailfrom=debug@rivosinc.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1712187736; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=WP6SydUIEnIf7iJga0ecJJ8VROQQxV6mEOJWURQ0TH0=; b=CxVjhz4+RTd8b5fjnlM6tQ3/u2/CQOywDxk08cJOyuzwu53L/mtex/3TDvh74Cuhpx1T8B JFLvAijITA2o4EQH3qUPqRM8XOdK4PmulDTPJb0iI2+3oFvNVLRZ9G7MCKkeaVXaL8+1uC F3LcddLE9z1yn1WhA4OoKrOUaLgaZaI= Received: by mail-pl1-f174.google.com with SMTP id d9443c01a7336-1e2987e9d67so2186925ad.1 for ; Wed, 03 Apr 2024 16:42:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1712187735; x=1712792535; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=WP6SydUIEnIf7iJga0ecJJ8VROQQxV6mEOJWURQ0TH0=; b=WAA5MF7UOxQJhmXM/Zzc1dmK61kvakQuA7HRUPsObvVpOpnsH3Nqb6XssgTKPB+IIe oOB8HUuqzzZhxZlIxCzS8kY9Im3HaFEy+jSeeEEIak/lRve3uC6yiwymcfmkW4q1NP58 ACYLHOur0bv7ilXkC5/FkXeC0fAHmzghSX4mgzGa5OVtm/y7w68tiDbF1nhVBJKyTnlS xLmeMGpxj9/BO8azJybQFOyYy/xcuI2WEtMisOU2WhFU2onQiIAYuclDofjsyedIJ2Xm jooQDrmAikF5F1hWyGr3/QWQmjcVrN2vMqfZj/NlOB4f3d80kswG5bdovlC5rF8AGQzL B+Zg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712187735; x=1712792535; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=WP6SydUIEnIf7iJga0ecJJ8VROQQxV6mEOJWURQ0TH0=; b=QELAMW6N0tSRSHRfsdtovxClZZfFL4egtaK9LHRkVldxWW27YRU3qhqTAOjNKZ48XQ tZchloXKiD2cqU+3dae5JFTtrJpYrUBXK0AVWonAl008JQdOBMQN6s8PzN0Q95LWRP4W twnsR5iK++VrhCV6y2TjsC8HWpBDWOWZ+uqAGouxRetbaAqMXjCK+wYAj7c2J/WSgj4w CZDWoFRbKVRCL55LdgnnF5ba/+E268bltno5pYCIumYhZ5q24S+suOq7MtiKZJmaoAco J0TNulqaaiw8apPXB2EDh2QFW5M471j0fyGNfIXK+CiC35CphLUtS01kCcK3CXwofYb3 xMNg== X-Forwarded-Encrypted: i=1; AJvYcCUiYTOSzSdOcFVOxuxHuE2w72dYajZsWjNuzbhIux7RyNGw+OyCgxIMzyh/d98bS6IEKcQbuhjEc2lFU0g92cf1OQo= X-Gm-Message-State: AOJu0Yygntn69KpPPqpDEq22KSA+uJrq9Rys4FVOF6Dg1GXmKtsmDy5e /8Fnr7BpmQ1p4Z6BHgEW2v0L8mYemoLJ1jI6Y8/eaFLOG4721hKsPbM6tsO1/io= X-Google-Smtp-Source: AGHT+IG94ZCsKxcUmluscIk5n5e6k4tHROtb3Z4W0JVAcaXjptzg9lzBPMJPJjbNEv/0oFOKMb0Hdg== X-Received: by 2002:a17:902:d4cb:b0:1e0:e14:b19d with SMTP id o11-20020a170902d4cb00b001e00e14b19dmr1403019plg.18.1712187734816; Wed, 03 Apr 2024 16:42:14 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id b18-20020a170902d51200b001deeac592absm13899117plg.180.2024.04.03.16.42.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 03 Apr 2024 16:42:14 -0700 (PDT) From: Deepak Gupta To: paul.walmsley@sifive.com, rick.p.edgecombe@intel.com, broonie@kernel.org, Szabolcs.Nagy@arm.com, kito.cheng@sifive.com, keescook@chromium.org, ajones@ventanamicro.com, conor.dooley@microchip.com, cleger@rivosinc.com, atishp@atishpatra.org, alex@ghiti.fr, bjorn@rivosinc.com, alexghiti@rivosinc.com, samuel.holland@sifive.com, conor@kernel.org Cc: linux-doc@vger.kernel.org, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, devicetree@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-kselftest@vger.kernel.org, corbet@lwn.net, palmer@dabbelt.com, aou@eecs.berkeley.edu, robh+dt@kernel.org, krzysztof.kozlowski+dt@linaro.org, oleg@redhat.com, akpm@linux-foundation.org, arnd@arndb.de, ebiederm@xmission.com, Liam.Howlett@oracle.com, vbabka@suse.cz, lstoakes@gmail.com, shuah@kernel.org, brauner@kernel.org, debug@rivosinc.com, andy.chiu@sifive.com, jerry.shih@sifive.com, hankuan.chen@sifive.com, greentime.hu@sifive.com, evan@rivosinc.com, xiao.w.wang@intel.com, charlie@rivosinc.com, apatel@ventanamicro.com, mchitale@ventanamicro.com, dbarboza@ventanamicro.com, sameo@rivosinc.com, shikemeng@huaweicloud.com, willy@infradead.org, vincent.chen@sifive.com, guoren@kernel.org, samitolvanen@google.com, songshuaishuai@tinylab.org, gerg@kernel.org, heiko@sntech.de, bhe@redhat.com, jeeheng.sia@starfivetech.com, cyy@cyyself.name, maskray@google.com, ancientmodern4@gmail.com, mathis.salmen@matsal.de, cuiyunhui@bytedance.com, bgray@linux.ibm.com, mpe@ellerman.id.au, baruch@tkos.co.il, alx@kernel.org, david@redhat.com, catalin.marinas@arm.com, revest@chromium.org, josh@joshtriplett.org, shr@devkernel.io, deller@gmx.de, omosnace@redhat.com, ojeda@kernel.org, jhubbard@nvidia.com Subject: [PATCH v3 17/29] prctl: arch-agnostic prctl for indirect branch tracking Date: Wed, 3 Apr 2024 16:35:05 -0700 Message-ID: <20240403234054.2020347-18-debug@rivosinc.com> X-Mailer: git-send-email 2.43.2 In-Reply-To: <20240403234054.2020347-1-debug@rivosinc.com> References: <20240403234054.2020347-1-debug@rivosinc.com> MIME-Version: 1.0 X-Rspam-User: X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: 0B40B40003 X-Stat-Signature: orbqnuja6r7bd961ns36b9hpsihj1f5t X-HE-Tag: 1712187735-742986 X-HE-Meta: U2FsdGVkX1+/LcJB8/Jf3r/jkdNdDTMOuEfuI+Vs58VQ5TiPmX+jgVbLbfkH3LQ4u45YR2SOCnPQs03ZaErfyoha3heN8z1Pr4OrlJcbF78FzOpACJwEMra7qMhdD6OkQDpH2D+uah3L82j13BHrvN9FWMIIzqqpEFdwawV1NncKD76B1MBHLqoXvJljSqYV/kpM3tFSlEfIBltWIP4a5kzUei8O9zAQKp+wo97Jr4dhkOyF5kSu/vx30WZyp0mrxoqYhdooLUygXhIHyHPHXcqQpfbRH6t+DDL82M7Ca5m370qKIBxHGpwF1MQed6VTGzOfhSvZn1nvO3vlPoGE0WO9iVNvuZMyiaDQPQ2JaBOrJMOc7z0YPN6vmrlVbSgQfHi98N/1b8LTgaQC8WxQC36H/TELRSxX+XvsmbbeA9eGzm1RL0zP/mhivqBdbihXN0XGj+bSz6Lvn3LaIZaHaBYwx+BiwkOyJuSJ8V8bgivUpUC4YFzShpNr44nG+8kJfpQcU/OKc3rGfTByn0Qsxy01xzeSo0pcISCOTz0yT0teXnN7X+/1hQUdh/hOtBKU5BD3qOTasZffP+n2N9dCxJbRXe0NGMnUlx1jrwGARqmMFq9xPTLWf2SCWFQl67v7RgAKa060bmViHeDkqUd79AyrX5AimIKJvrPl6jyIIBdGlX8ukPHUqpoU2F7VkU7fJVeZsn1cR/C9J0v2TGLfJayk5IoZ4kpvo+JByA8LBIoi+OcXytGXp9pP0RI5S+TgIK+Ow+fj2Q+cgu835buPa+sy/xY6HCMGZiQ1mjYrABaC63/rmghhKJBoFBE1V4Ej2KoKwoFgcHyR/icmxl6kRCQ2s+dS17gDFOWciFH29gSnv+HwJ63lIVA1alkfZFboxKGKHVvI0aLf10YUe7eiY7yl0m7Ab5QmQ7Lu4t62AvaHD2EwL7I6hqw1MmKAjhDyaGRu+iOIzne9DHYSg0L PWPZZI5S CZAviaHxNU5+qvJExp8pN9GcNOceHDyCwH3NGTAp5zfl3yYa3Mhppq/K8UgtkZuDrP6Wgf8/3jzp3s7aK/xksbWQGM+oJieZ+k9nrlahnQ/7SuVCHBXmbMTwXWdLZrBrNmzRRAWp/NOPOLC7fcF4/ZvXvi254RCseepJbyXJOK7DJc5LfAZ304oj//2vK/OTGjStMNbYMiqcWmvP9FD7OvBABsFSiojbiPqFdHGJoCEVpLoPwWBRJa3bildC4sBFoVe6w0Fekpz1Qb1k01s0y5ZgXv9LxRsDjGMTl6B+4bboMYmoWyevQHe39gR+lul9OgX6l5ZsDXSqzHpNMiUnqatuCHf+wMF/cmt3qZVk5mPUo+OWx9X5TqSIWPvkKEFfyT7K2Gef51KaJyhG6iNbE9alBuYgabPZJnHe1Cggy3pxP+YJOb86HHEQ/ymklzZ+/Jdfuq3SdB2QoISP2cCCfMpYAeKNJIAN9/msJsPLfohX6Mtdi6azwTpCavqCNGrSpB8jqxWjCPrlMspE= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Three architectures (x86, aarch64, riscv) have support for indirect branch tracking feature in a very similar fashion. On a very high level, indirect branch tracking is a CPU feature where CPU tracks branches which uses memory operand to perform control transfer in program. As part of this tracking on indirect branches, CPU goes in a state where it expects a landing pad instr on target and if not found then CPU raises some fault (architecture dependent) x86 landing pad instr - `ENDBRANCH` aarch64 landing pad instr - `BTI` riscv landing instr - `lpad` Given that three major arches have support for indirect branch tracking, This patch makes `prctl` for indirect branch tracking arch agnostic. To allow userspace to enable this feature for itself, following prtcls are defined: - PR_GET_INDIR_BR_LP_STATUS: Gets current configured status for indirect branch tracking. - PR_SET_INDIR_BR_LP_STATUS: Sets a configuration for indirect branch tracking. Following status options are allowed - PR_INDIR_BR_LP_ENABLE: Enables indirect branch tracking on user thread. - PR_INDIR_BR_LP_DISABLE; Disables indirect branch tracking on user thread. - PR_LOCK_INDIR_BR_LP_STATUS: Locks configured status for indirect branch tracking for user thread. Signed-off-by: Deepak Gupta --- include/uapi/linux/prctl.h | 27 +++++++++++++++++++++++++++ kernel/sys.c | 30 ++++++++++++++++++++++++++++++ 2 files changed, 57 insertions(+) diff --git a/include/uapi/linux/prctl.h b/include/uapi/linux/prctl.h index 3c66ed8f46d8..b7a8212a068e 100644 --- a/include/uapi/linux/prctl.h +++ b/include/uapi/linux/prctl.h @@ -328,4 +328,31 @@ struct prctl_mm_map { */ #define PR_LOCK_SHADOW_STACK_STATUS 73 +/* + * Get the current indirect branch tracking configuration for the current + * thread, this will be the value configured via PR_SET_INDIR_BR_LP_STATUS. + */ +#define PR_GET_INDIR_BR_LP_STATUS 74 + +/* + * Set the indirect branch tracking configuration. PR_INDIR_BR_LP_ENABLE will + * enable cpu feature for user thread, to track all indirect branches and ensure + * they land on arch defined landing pad instruction. + * x86 - If enabled, an indirect branch must land on `ENDBRANCH` instruction. + * arch64 - If enabled, an indirect branch must land on `BTI` instruction. + * riscv - If enabled, an indirect branch must land on `lpad` instruction. + * PR_INDIR_BR_LP_DISABLE will disable feature for user thread and indirect + * branches will no more be tracked by cpu to land on arch defined landing pad + * instruction. + */ +#define PR_SET_INDIR_BR_LP_STATUS 75 +# define PR_INDIR_BR_LP_ENABLE (1UL << 0) + +/* + * Prevent further changes to the specified indirect branch tracking + * configuration. All bits may be locked via this call, including + * undefined bits. + */ +#define PR_LOCK_INDIR_BR_LP_STATUS 76 + #endif /* _LINUX_PRCTL_H */ diff --git a/kernel/sys.c b/kernel/sys.c index 242e9f147791..c770060c3f06 100644 --- a/kernel/sys.c +++ b/kernel/sys.c @@ -2330,6 +2330,21 @@ int __weak arch_lock_shadow_stack_status(struct task_struct *t, unsigned long st return -EINVAL; } +int __weak arch_get_indir_br_lp_status(struct task_struct *t, unsigned long __user *status) +{ + return -EINVAL; +} + +int __weak arch_set_indir_br_lp_status(struct task_struct *t, unsigned long __user *status) +{ + return -EINVAL; +} + +int __weak arch_lock_indir_br_lp_status(struct task_struct *t, unsigned long __user *status) +{ + return -EINVAL; +} + #define PR_IO_FLUSHER (PF_MEMALLOC_NOIO | PF_LOCAL_THROTTLE) #ifdef CONFIG_ANON_VMA_NAME @@ -2787,6 +2802,21 @@ SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3, return -EINVAL; error = arch_lock_shadow_stack_status(me, arg2); break; + case PR_GET_INDIR_BR_LP_STATUS: + if (arg3 || arg4 || arg5) + return -EINVAL; + error = arch_get_indir_br_lp_status(me, (unsigned long __user *) arg2); + break; + case PR_SET_INDIR_BR_LP_STATUS: + if (arg3 || arg4 || arg5) + return -EINVAL; + error = arch_set_indir_br_lp_status(me, (unsigned long __user *) arg2); + break; + case PR_LOCK_INDIR_BR_LP_STATUS: + if (arg3 || arg4 || arg5) + return -EINVAL; + error = arch_lock_indir_br_lp_status(me, (unsigned long __user *) arg2); + break; default: error = -EINVAL; break;