From patchwork Thu Aug 1 12:06:38 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Brown X-Patchwork-Id: 13750390 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 109F2C3DA4A for ; Thu, 1 Aug 2024 12:58:42 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9B8CA6B00A9; Thu, 1 Aug 2024 08:58:41 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 93F406B00AA; Thu, 1 Aug 2024 08:58:41 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 792F36B00AB; Thu, 1 Aug 2024 08:58:41 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 549A86B00A9 for ; Thu, 1 Aug 2024 08:58:41 -0400 (EDT) Received: from smtpin30.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 086161C40B8 for ; Thu, 1 Aug 2024 12:58:41 +0000 (UTC) X-FDA: 82403680842.30.EE5019B Received: from sin.source.kernel.org (sin.source.kernel.org [145.40.73.55]) by imf24.hostedemail.com (Postfix) with ESMTP id 9F03D18002E for ; Thu, 1 Aug 2024 12:58:38 +0000 (UTC) Authentication-Results: imf24.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=ROUBXnl4; spf=pass (imf24.hostedemail.com: domain of broonie@kernel.org designates 145.40.73.55 as permitted sender) smtp.mailfrom=broonie@kernel.org; dmarc=pass (policy=none) header.from=kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1722517062; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=N5xlaKfE1qe1MkU2t/MFh1LCl5bc+UWmzF2cua6bJB4=; b=iKWCS9GwpTiGnpc2Z5bi9vAzC4GwBdVXqJIMCsA6zmg4JLZgrwnMRLyLFiqkr35lidVtS9 w+RYvDmaQwkWGQ4+HCZc7b2WeKPusyRb1gr4UJoDOgnt7zGwqRZwM0aQvjgk3MD/Um+e8u My3IwdxvY83WfOqluXPAUB8FFMCyVy4= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1722517062; a=rsa-sha256; cv=none; b=rN0zBaTzoPITQK6iqcLVxI4/vN+TTZlg4F26AfSh01zjFY2oukmZLrL+CGUxdrkn8cLMZB gdsRgAklDgmjtD/JnM4WWTQVqXUdz4BzCR75Dr+8xpIVRciyjC9+ktHRAW+qkDhRDU6l7V HYcaIBXYsvAG5hAdHBds9fV7UL+7XZc= ARC-Authentication-Results: i=1; imf24.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=ROUBXnl4; spf=pass (imf24.hostedemail.com: domain of broonie@kernel.org designates 145.40.73.55 as permitted sender) smtp.mailfrom=broonie@kernel.org; dmarc=pass (policy=none) header.from=kernel.org Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by sin.source.kernel.org (Postfix) with ESMTP id 0044DCE19AC; Thu, 1 Aug 2024 12:58:36 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id BC1D4C4AF09; Thu, 1 Aug 2024 12:58:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1722517115; bh=WqKsS1qVwE6VKZ/8GkyAqMVM3MB00X49lYjibfc4BZQ=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=ROUBXnl4pCUlqrD8GJYnW6TX3c+9d0zCM9U4fas+nBWuRkaQxwqdCtUnMKn8bqn4f gW4iKyPY2BVlKprVB71QI7AD33rbq+ETEhOL6iuO5JvB9SMkUrkTStZWPD1i68dhyb xrmgb+ZCT6FWojsUOZj6gd351PNsYtllWfnQ9H6jTgRUnAAwhl+SU8CZABDSrCminc eZ03nbwXn+jgVyL3n3WwLazRMvDgaaXLZFfeEFi/Z8UW9cKpE+wlA67ra7OMyRFL4M bMo93Hh5OBkmjVzrucQT7Ty5gGxK4EoGVmfiKpacjYLdiBgBtAmHlK6Bgcyy0QWbfp u9RKn2clTauWg== From: Mark Brown Date: Thu, 01 Aug 2024 13:06:38 +0100 Subject: [PATCH v10 11/40] arm64/mm: Allocate PIE slots for EL0 guarded control stack MIME-Version: 1.0 Message-Id: <20240801-arm64-gcs-v10-11-699e2bd2190b@kernel.org> References: <20240801-arm64-gcs-v10-0-699e2bd2190b@kernel.org> In-Reply-To: <20240801-arm64-gcs-v10-0-699e2bd2190b@kernel.org> To: Catalin Marinas , Will Deacon , Jonathan Corbet , Andrew Morton , Marc Zyngier , Oliver Upton , James Morse , Suzuki K Poulose , Arnd Bergmann , Oleg Nesterov , Eric Biederman , Shuah Khan , "Rick P. Edgecombe" , Deepak Gupta , Ard Biesheuvel , Szabolcs Nagy , Kees Cook Cc: "H.J. Lu" , Paul Walmsley , Palmer Dabbelt , Albert Ou , Florian Weimer , Christian Brauner , Thiago Jung Bauermann , Ross Burton , linux-arm-kernel@lists.infradead.org, linux-doc@vger.kernel.org, kvmarm@lists.linux.dev, linux-fsdevel@vger.kernel.org, linux-arch@vger.kernel.org, linux-mm@kvack.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, linux-riscv@lists.infradead.org, Mark Brown X-Mailer: b4 0.15-dev-37811 X-Developer-Signature: v=1; a=openpgp-sha256; l=3028; i=broonie@kernel.org; h=from:subject:message-id; bh=WqKsS1qVwE6VKZ/8GkyAqMVM3MB00X49lYjibfc4BZQ=; b=owEBbQGS/pANAwAKASTWi3JdVIfQAcsmYgBmq4YOlw9nLbDAyfViEdCcT1ji+c6735KeAWlvvJky itB7ZKSJATMEAAEKAB0WIQSt5miqZ1cYtZ/in+ok1otyXVSH0AUCZquGDgAKCRAk1otyXVSH0CDDB/ wI9T7bi6abhO/KUuxju+FabJ0MVht7CEjsBZwh9yuAMi4yLWNjlkcbPoiYxYxf+m4npTmnb92xs5+y HoCgsimyU+aKqsGKW8nKV97vp2l+XL0bVtlo0io9mbDGWnuR9SRwRjpCeYlvr2rNG5hKdKGNjO59Lg T+ofnDExR1esJIq07OYzfpCyYICWbVuwh6WapUICDZQ8TKk8wBmDpNXHSVaxX6TE8vCRIdzNk2NT+0 6G8IURvioQ2LXI6/BS7qAZHW7jrdkFCvuEBC6VwbGn1Y/ODhX142tes7v+8niLXK5tqhALMDxjY8CF 0rPaynHjFv2HxlL8DoQmbg6pdswtZW X-Developer-Key: i=broonie@kernel.org; a=openpgp; fpr=3F2568AAC26998F9E813A1C5C3F436CA30F5D8EB X-Stat-Signature: sedqsofzk461cprymzrx447t6ymquktj X-Rspamd-Queue-Id: 9F03D18002E X-Rspam-User: X-Rspamd-Server: rspam08 X-HE-Tag: 1722517118-639269 X-HE-Meta: U2FsdGVkX1/lbFG7mytJVZpcRGmhrAMSpRpwFzrR/f1rSd6Vv2bt70hWr16GzM6AmM0nXBl+0+C6FBeDDox7/YmYtI7Pe5WDvlDfMUGW2K3qTFcWLeIbxTqqeBa2Bs1KOWHIQith6U6Gs8PcegiAGfox0SaqtxdSu8fMDv65aaYl12V8yWsmF2jE3zObern86t8fTGIMPg/Xbn/C3aM6x8i0Pd2W2VRqjzlQQdOZqBslh5uSUR962vqFAL/M1RqE35JPes9TQUBRbT0EFSSXlA69uEYVN42pqymHTf0LIMIMX1Io5iKuAD6Z+mCGE3L0q/PdUGdhEasggLatpnIr3Hlu9bplGXzAktxgKQ1K1pEmjektvntdRjlAgbTEf/jXzMxJCCZ/tQ1gzWgD3RYfK7TJiDU6rAXEoSjphXmpw+GidZ4z1+Rts/0TpvIbgAP72kDpfUkuH732AyRbsKhNAaSTqA+eNnanthWP+/aEwzYI6FEsJg4LAokqLuANcCvLSByq8n0OsmWq7NS6hvI5qol1ru73+bm/wxsAyub+eFGTU1KzNF1nMaovmYH7GuKi4Oqk3srqfu/UMksF0vfxnVHk4Ot0cKcsyx8cz577olmfyBNDr6MhTo2uyT/prITrVCsmZ6ZfW1jU8/Fiq9IJxYT3da4bx+H2DQ432Mzp9tF7j1kxK0EXiU92O7tw2xPS7UAi70qEKYaXe/u4Ng8omi/pzRnnNqSrnqKG8ZkroC9KQzge0V+Cm9INlqsrlYZkLdwifS5uIBzE+RXd66D2nvJwp+qgkBTtsznLUewQ/OtYN7EzMUAAQLrAH/NtnUBbquiyjgBQRJtirunWyvbVRroAbSMrIHHljPoGzyUVN+5i5eN/0ga6uVbJN9V5GfOQDumqN9FMW9gujcrh+V9NZu74KHdrnS/qML9hPyvmYHuuq4JXQV9eCdjLaE21zLNy36hEM1ksP+qseNuiLFo /cq1xN8H NsKXLysleB4+tb1+toG8a2fHA+vrN4Z6uvLrb3EqNukERbgl4FZALd2lyRVM9wgQnzeJN9KN66IABHVEhNoHZjLsFvjIWhMShfgHVPbGlAtsr6N5zrl+u7g2NU/qZEnOB/xKlIxY7tElR0rQUQbfrzQtJop2u1V7+SxbcDPN/AtHwaC3dGkv7SPMDywYZRwhHK7LIT7BAqtmqCIH+yrlP2hx/wOt77mfvaVGKorHxmblSqhSBhdFGpleRkHJRe9F28jXdUNN3B2L3z0b2/kIobToGcy7x4v3YHsJGe55C7dDk2hixPSrhgXIEeJ/kGfVjrcUf+vowxCyGOf+KqgJ6Dws88huJn39R+7E+lk9706/qvh7iDeKFj34POpHij/qVPv+b X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Pages used for guarded control stacks need to be described to the hardware using the Permission Indirection Extension, GCS is not supported without PIE. In order to support copy on write for guarded stacks we allocate two values, one for active GCSs and one for GCS pages marked as read only prior to copy. Since the actual effect is defined using PIE the specific bit pattern used does not matter to the hardware but we choose two values which differ only in PTE_WRITE in order to help share code with non-PIE cases. Reviewed-by: Thiago Jung Bauermann Signed-off-by: Mark Brown Reviewed-by: Catalin Marinas --- arch/arm64/include/asm/pgtable-prot.h | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/arch/arm64/include/asm/pgtable-prot.h b/arch/arm64/include/asm/pgtable-prot.h index b11cfb9fdd37..545d54c88520 100644 --- a/arch/arm64/include/asm/pgtable-prot.h +++ b/arch/arm64/include/asm/pgtable-prot.h @@ -144,15 +144,23 @@ static inline bool __pure lpa2_is_enabled(void) /* 6: PTE_PXN | PTE_WRITE */ /* 7: PAGE_SHARED_EXEC PTE_PXN | PTE_WRITE | PTE_USER */ /* 8: PAGE_KERNEL_ROX PTE_UXN */ -/* 9: PTE_UXN | PTE_USER */ +/* 9: PAGE_GCS_RO PTE_UXN | PTE_USER */ /* a: PAGE_KERNEL_EXEC PTE_UXN | PTE_WRITE */ -/* b: PTE_UXN | PTE_WRITE | PTE_USER */ +/* b: PAGE_GCS PTE_UXN | PTE_WRITE | PTE_USER */ /* c: PAGE_KERNEL_RO PTE_UXN | PTE_PXN */ /* d: PAGE_READONLY PTE_UXN | PTE_PXN | PTE_USER */ /* e: PAGE_KERNEL PTE_UXN | PTE_PXN | PTE_WRITE */ /* f: PAGE_SHARED PTE_UXN | PTE_PXN | PTE_WRITE | PTE_USER */ +#define _PAGE_GCS (_PAGE_DEFAULT | PTE_NG | PTE_UXN | PTE_WRITE | PTE_USER) +#define _PAGE_GCS_RO (_PAGE_DEFAULT | PTE_NG | PTE_UXN | PTE_USER) + +#define PAGE_GCS __pgprot(_PAGE_GCS) +#define PAGE_GCS_RO __pgprot(_PAGE_GCS_RO) + #define PIE_E0 ( \ + PIRx_ELx_PERM(pte_pi_index(_PAGE_GCS), PIE_GCS) | \ + PIRx_ELx_PERM(pte_pi_index(_PAGE_GCS_RO), PIE_R) | \ PIRx_ELx_PERM(pte_pi_index(_PAGE_EXECONLY), PIE_X_O) | \ PIRx_ELx_PERM(pte_pi_index(_PAGE_READONLY_EXEC), PIE_RX) | \ PIRx_ELx_PERM(pte_pi_index(_PAGE_SHARED_EXEC), PIE_RWX) | \ @@ -160,6 +168,8 @@ static inline bool __pure lpa2_is_enabled(void) PIRx_ELx_PERM(pte_pi_index(_PAGE_SHARED), PIE_RW)) #define PIE_E1 ( \ + PIRx_ELx_PERM(pte_pi_index(_PAGE_GCS), PIE_NONE_O) | \ + PIRx_ELx_PERM(pte_pi_index(_PAGE_GCS_RO), PIE_NONE_O) | \ PIRx_ELx_PERM(pte_pi_index(_PAGE_EXECONLY), PIE_NONE_O) | \ PIRx_ELx_PERM(pte_pi_index(_PAGE_READONLY_EXEC), PIE_R) | \ PIRx_ELx_PERM(pte_pi_index(_PAGE_SHARED_EXEC), PIE_RW) | \