From patchwork Thu Aug 1 12:06:52 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Brown X-Patchwork-Id: 13750405 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D061AC3DA4A for ; Thu, 1 Aug 2024 13:00:21 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 01C4D6B00BE; Thu, 1 Aug 2024 09:00:20 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id EE65F6B00BF; Thu, 1 Aug 2024 09:00:19 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D87376B00C0; Thu, 1 Aug 2024 09:00:19 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id B111A6B00BE for ; Thu, 1 Aug 2024 09:00:19 -0400 (EDT) Received: from smtpin30.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id C679DC0D7A for ; Thu, 1 Aug 2024 13:00:18 +0000 (UTC) X-FDA: 82403684916.30.5E2A433 Received: from sin.source.kernel.org (sin.source.kernel.org [145.40.73.55]) by imf18.hostedemail.com (Postfix) with ESMTP id C80211C0041 for ; Thu, 1 Aug 2024 13:00:15 +0000 (UTC) Authentication-Results: imf18.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=Dheqn+Er; spf=pass (imf18.hostedemail.com: domain of broonie@kernel.org designates 145.40.73.55 as permitted sender) smtp.mailfrom=broonie@kernel.org; dmarc=pass (policy=none) header.from=kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1722517188; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=V+n35PJ4/w7NXYgL0xegfC30fzD71ASm6FfCB9JQvUM=; b=cHT8WdhUwfjzRL5jtWtvJgERZ1w4AYzcrbYdCQ+KvStRrQMK4vr/4naOw0N0zjC5yLxtM4 83tKO/pKCdf4HqPqixF+Ozn0zzW2vnf2+4hFBS44S1mE8x5//Dg/HQ3aJ2LcUXcq6lMhrM i2WsjIee9YkljxkzrMylHt1XkJsm4Sg= ARC-Authentication-Results: i=1; imf18.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=Dheqn+Er; spf=pass (imf18.hostedemail.com: domain of broonie@kernel.org designates 145.40.73.55 as permitted sender) smtp.mailfrom=broonie@kernel.org; dmarc=pass (policy=none) header.from=kernel.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1722517188; a=rsa-sha256; cv=none; b=1VZfRGkRDxf2kR9zmEcj/zu1W3+9R6/j9YVYMf1+K/JPEECkc15bo2N33v6NqLlBaVWr9s HXDjp356utydkfIy9kyhIDCrdTti80+EY+A6LJSwR7/+kEbc8vAVBIKMU4P+Yua14gD4hq UuzhxZCTu/y8XAMqN3c/UtQYEis5lbI= Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by sin.source.kernel.org (Postfix) with ESMTP id E44D7CE1979; Thu, 1 Aug 2024 13:00:12 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 5FD54C4AF0B; Thu, 1 Aug 2024 13:00:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1722517212; bh=qLuXO3WTZsbuYPpzI7zPKGWHTzDvnQwqGL+bk49RD84=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=Dheqn+Er6K11xumhJm42mkUH/V7BIqmVa/iaUhbLT0jqde2poT1dilAKQaj5xsg0L VxQ9SJxd8/RFbjKJCOu8oJEW6BDmvRl03413uvYRs6uhCAOTy35x9VXCZaUW57+FsX 2BAHe3+KUigfMELUPUutEhIP/pwh624TysFBtYrvIbT6f93BkH9t2TsQRDyOeuYDp/ sMpeuwLzAaL9/W4qDNApw/jL5BFjT9ylRbgT1mL1pFK7owhWk/N3jZGn5CNZflGE2E xa8Fc93BAcyOuQD5jfu3Kwq1s1V9p6ugiaBtkk7Uz2ZTgT4Pd9IjYWA4O2k+05IDpz M/k9jblxqgkNQ== From: Mark Brown Date: Thu, 01 Aug 2024 13:06:52 +0100 Subject: [PATCH v10 25/40] arm64/ptrace: Expose GCS via ptrace and core files MIME-Version: 1.0 Message-Id: <20240801-arm64-gcs-v10-25-699e2bd2190b@kernel.org> References: <20240801-arm64-gcs-v10-0-699e2bd2190b@kernel.org> In-Reply-To: <20240801-arm64-gcs-v10-0-699e2bd2190b@kernel.org> To: Catalin Marinas , Will Deacon , Jonathan Corbet , Andrew Morton , Marc Zyngier , Oliver Upton , James Morse , Suzuki K Poulose , Arnd Bergmann , Oleg Nesterov , Eric Biederman , Shuah Khan , "Rick P. Edgecombe" , Deepak Gupta , Ard Biesheuvel , Szabolcs Nagy , Kees Cook Cc: "H.J. Lu" , Paul Walmsley , Palmer Dabbelt , Albert Ou , Florian Weimer , Christian Brauner , Thiago Jung Bauermann , Ross Burton , linux-arm-kernel@lists.infradead.org, linux-doc@vger.kernel.org, kvmarm@lists.linux.dev, linux-fsdevel@vger.kernel.org, linux-arch@vger.kernel.org, linux-mm@kvack.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, linux-riscv@lists.infradead.org, Mark Brown X-Mailer: b4 0.15-dev-37811 X-Developer-Signature: v=1; a=openpgp-sha256; l=4329; i=broonie@kernel.org; h=from:subject:message-id; bh=qLuXO3WTZsbuYPpzI7zPKGWHTzDvnQwqGL+bk49RD84=; b=owEBbQGS/pANAwAKASTWi3JdVIfQAcsmYgBmq4YZdr9yBWnPgAW1Nv82TOSwbwqggX1VEHC21A4j hNX0TrGJATMEAAEKAB0WIQSt5miqZ1cYtZ/in+ok1otyXVSH0AUCZquGGQAKCRAk1otyXVSH0AikB/ 9sWpL54fumavcASUqLReoawLgEeBl9wJ+bMblvLr0+Roh6ZW9WRvzXzjwjYy3z90LD+QiF+pOWYYKn rMuKsJ6z2XqtvIIPNTg4P5ZpRdaZz5ovIAmWMklsYJUqYTG6DeVZJxKfevQKp1fcEjU9iK0mmr8dzm bs356DGI6A3Wy9ao30yyJ4Rt0qxmbvfBxBXQj5COujItl8o3sX32OVLk+C0gEHJf4Xn3lb3HQ8vugL vUh7A991IJ9nrzKKl2NNDXS+QDQe8r+9touJ4jmUprC2B04ZC9udRJ9bYqTIUOCNUR/5Uc1DjAHDAy TO3LJWVaDm0aS/6SPugD5WXUGJvot7 X-Developer-Key: i=broonie@kernel.org; a=openpgp; fpr=3F2568AAC26998F9E813A1C5C3F436CA30F5D8EB X-Rspamd-Server: rspam03 X-Rspam-User: X-Rspamd-Queue-Id: C80211C0041 X-Stat-Signature: 4sz74t3mc1y6gomsrdh5fqbj8hfn1fim X-HE-Tag: 1722517215-967508 X-HE-Meta: U2FsdGVkX1/iEgvR8sZ9zyZ09nlkhJBAIrLoT8KS/vZEM+feTTY5jNj0Apaw3Au3NMHAX/EqaGTybrrBJJL8Vi3eMUHzVP4qyJ2t3rqeDByCUMz88YhgY8zS8PLxAXGkdbWN3mjy2P1AsVO4vMlKWNJI7f1fnI89qLz8b1Hjb5Ygp5ZHs4DChhXO2YL2+1rNKUx//EewyZhq8uaVr7HUyxrT/V1fRd0+Npg2EopLsAFq8N6s+aqAjHcxMmdLj4XId2F0NvjXLpF+jvFUpmpuhWbSRdoZDfaef/MU1yJneTTCABHLArCs3nykUaHI/M2CGCu5ja0XL8i0OZuE/KCaGVc2elNp5+fZhPBVu7qq10VFneyS9kOrzi1FTHvN4UB9dxfeA5rJlsw/6m7G6EZ1pPes6wB5JM6pGrkkIIHcLw7qeDB8pDsghzOl5WpJoqXBwrBSWQyhOhUmQ3x6mc9Lwats1Ow6scLF8AN9OhE3ZsiruJjP8fa62ubIaQOkxXQgFzDnKw9qN8TK2wIZhvgfmRnj5WsDtRSq8cS8o/oo/nYyEumOklMTcNLLIJjVgYnc7luIAfTdQTiBKxF9M552Ri/OWJQCxDLilk0Svt2Rgz7fUeXtrBR8ToxC5SBeTLqocGZ/c+bOD4eKjY6+trJw4eUWbKmS/UZh44jD8MS+lVmVRZvIJqCXJcuVOst/bOctyjh8cnR0LZNPvyAnPAXKofqRT3FDNDmdcXW+ofyVi4J7YQiqsAl59KcCQYyG3/dYmsNicirXxVqdhhAbENogH8dNqMAFk/ayu8uRkSMq3CrKybr73KifUrl6lT6ut/bAEIxq9kxntzhatONSHsfe6g2jLmU2PsTYKdAIKNWykBjKs8SEARWsxckgTakm2yXRD8U//gEHfqVEKv+Qg7shmia+b8oYbAnrxOZ5zk9bsGmDICSxUfCqHzLs1fkTmQBLPp5R8FeXXQ7ESRdPyIj e1anl3DP 6f6wRVbB5Rq3Cy7U4/+KxycL+nmETCsIjBSGktWCEI6zrv6bg5AZeo4Qe9cCuMTA0Ct42OxEcb4cF10PZBMDBOHMyWksVgRhYwBg/ZOzCJq9Y9PE39XZJTzoma0px6SrA392T8dsdKG3bGGJMkwDjOAfrA0cXYztScjXofHq9T5/6E43SbhIKNOg3mDKIPtCgyFjp5bJNxwOUJwM/iDwJ79w98+9ag8X5acXmcgQpJplXXlb0XPQdHc96THLSJb8uqaGe8CbivZGjb5RbdJYVEXZaAhQ9jTg/3YyHDADu+jysfqAbrspHYnQUdxgB+Jv+ZjwiNjPhZwx6LGQ0id3MZF2tlXHimmDmfrpTzkf39dkyxwYPxa0Sz0n/WyXKg3wwluey X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Provide a new register type NT_ARM_GCS reporting the current GCS mode and pointer for EL0. Due to the interactions with allocation and deallocation of Guarded Control Stacks we do not permit any changes to the GCS mode via ptrace, only GCSPR_EL0 may be changed. Reviewed-by: Thiago Jung Bauermann Signed-off-by: Mark Brown --- arch/arm64/include/uapi/asm/ptrace.h | 8 +++++ arch/arm64/kernel/ptrace.c | 59 ++++++++++++++++++++++++++++++++++++ include/uapi/linux/elf.h | 1 + 3 files changed, 68 insertions(+) diff --git a/arch/arm64/include/uapi/asm/ptrace.h b/arch/arm64/include/uapi/asm/ptrace.h index 7fa2f7036aa7..0f39ba4f3efd 100644 --- a/arch/arm64/include/uapi/asm/ptrace.h +++ b/arch/arm64/include/uapi/asm/ptrace.h @@ -324,6 +324,14 @@ struct user_za_header { #define ZA_PT_SIZE(vq) \ (ZA_PT_ZA_OFFSET + ZA_PT_ZA_SIZE(vq)) +/* GCS state (NT_ARM_GCS) */ + +struct user_gcs { + __u64 features_enabled; + __u64 features_locked; + __u64 gcspr_el0; +}; + #endif /* __ASSEMBLY__ */ #endif /* _UAPI__ASM_PTRACE_H */ diff --git a/arch/arm64/kernel/ptrace.c b/arch/arm64/kernel/ptrace.c index 0d022599eb61..9db0b669fee3 100644 --- a/arch/arm64/kernel/ptrace.c +++ b/arch/arm64/kernel/ptrace.c @@ -34,6 +34,7 @@ #include #include #include +#include #include #include #include @@ -1440,6 +1441,51 @@ static int tagged_addr_ctrl_set(struct task_struct *target, const struct } #endif +#ifdef CONFIG_ARM64_GCS +static int gcs_get(struct task_struct *target, + const struct user_regset *regset, + struct membuf to) +{ + struct user_gcs user_gcs; + + if (target == current) + gcs_preserve_current_state(); + + user_gcs.features_enabled = target->thread.gcs_el0_mode; + user_gcs.features_locked = target->thread.gcs_el0_locked; + user_gcs.gcspr_el0 = target->thread.gcspr_el0; + + return membuf_write(&to, &user_gcs, sizeof(user_gcs)); +} + +static int gcs_set(struct task_struct *target, const struct + user_regset *regset, unsigned int pos, + unsigned int count, const void *kbuf, const + void __user *ubuf) +{ + int ret; + struct user_gcs user_gcs; + + ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &user_gcs, 0, -1); + if (ret) + return ret; + + if (user_gcs.features_enabled & ~PR_SHADOW_STACK_SUPPORTED_STATUS_MASK) + return -EINVAL; + + /* Do not allow enable via ptrace */ + if ((user_gcs.features_enabled & PR_SHADOW_STACK_ENABLE) && + !(target->thread.gcs_el0_mode & PR_SHADOW_STACK_ENABLE)) + return -EBUSY; + + target->thread.gcs_el0_mode = user_gcs.features_enabled; + target->thread.gcs_el0_locked = user_gcs.features_locked; + target->thread.gcspr_el0 = user_gcs.gcspr_el0; + + return 0; +} +#endif + enum aarch64_regset { REGSET_GPR, REGSET_FPR, @@ -1469,6 +1515,9 @@ enum aarch64_regset { #ifdef CONFIG_ARM64_TAGGED_ADDR_ABI REGSET_TAGGED_ADDR_CTRL, #endif +#ifdef CONFIG_ARM64_GCS + REGSET_GCS, +#endif }; static const struct user_regset aarch64_regsets[] = { @@ -1628,6 +1677,16 @@ static const struct user_regset aarch64_regsets[] = { .set = tagged_addr_ctrl_set, }, #endif +#ifdef CONFIG_ARM64_GCS + [REGSET_GCS] = { + .core_note_type = NT_ARM_GCS, + .n = sizeof(struct user_gcs) / sizeof(u64), + .size = sizeof(u64), + .align = sizeof(u64), + .regset_get = gcs_get, + .set = gcs_set, + }, +#endif }; static const struct user_regset_view user_aarch64_view = { diff --git a/include/uapi/linux/elf.h b/include/uapi/linux/elf.h index b54b313bcf07..77d4910bbb9d 100644 --- a/include/uapi/linux/elf.h +++ b/include/uapi/linux/elf.h @@ -441,6 +441,7 @@ typedef struct elf64_shdr { #define NT_ARM_ZA 0x40c /* ARM SME ZA registers */ #define NT_ARM_ZT 0x40d /* ARM SME ZT registers */ #define NT_ARM_FPMR 0x40e /* ARM floating point mode register */ +#define NT_ARM_GCS 0x40f /* ARM GCS state */ #define NT_ARC_V2 0x600 /* ARCv2 accumulator/extra registers */ #define NT_VMCOREDD 0x700 /* Vmcore Device Dump Note */ #define NT_MIPS_DSP 0x800 /* MIPS DSP ASE registers */