From patchwork Wed Aug 28 23:27:43 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Mark Brown <broonie@kernel.org>
X-Patchwork-Id: 13782189
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id B0BF2C71150
	for <linux-mm@archiver.kernel.org>; Wed, 28 Aug 2024 23:31:56 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 47F0E6B00C3; Wed, 28 Aug 2024 19:31:56 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 42E756B00C4; Wed, 28 Aug 2024 19:31:56 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 2F5FD6B00C5; Wed, 28 Aug 2024 19:31:56 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com
 [216.40.44.11])
	by kanga.kvack.org (Postfix) with ESMTP id 1020F6B00C3
	for <linux-mm@kvack.org>; Wed, 28 Aug 2024 19:31:56 -0400 (EDT)
Received: from smtpin12.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay07.hostedemail.com (Postfix) with ESMTP id C718916013E
	for <linux-mm@kvack.org>; Wed, 28 Aug 2024 23:31:55 +0000 (UTC)
X-FDA: 82503254190.12.0C64DBA
Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75])
	by imf16.hostedemail.com (Postfix) with ESMTP id D350718000E
	for <linux-mm@kvack.org>; Wed, 28 Aug 2024 23:31:53 +0000 (UTC)
Authentication-Results: imf16.hostedemail.com;
	dkim=pass header.d=kernel.org header.s=k20201202 header.b=cmxwoYiP;
	spf=pass (imf16.hostedemail.com: domain of broonie@kernel.org designates
 145.40.68.75 as permitted sender) smtp.mailfrom=broonie@kernel.org;
	dmarc=pass (policy=quarantine) header.from=kernel.org
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=hostedemail.com;
	s=arc-20220608; t=1724887825;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=3Tra5knfzCmZfSHvN2+MeAaZE6X3clgI7jN+/jgVLsA=;
	b=2+L40ekukaoBAGnei3DhdpPdrt4n8toLaFviP9vj+LDjC2q/gQx/lZm15xm7Xf+ir52tKg
	rYspUcbgMT5Ec2btVM+mVOAQKYsLEPv/wMCsWgMJr0qr6O8fw5sdaX6VheSXIW/IYDkluX
	Y9jPj+CAezf0XRYYtuwCAVQ/aerTUbw=
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1724887825; a=rsa-sha256;
	cv=none;
	b=HKfTY/EWChhPDoLyPs8552NhuyZ/9hHNgLnNlUgm8XYNd/reI+7YWjHZPNxGAUQt86EYJR
	jkXgtp3bWzVlkILSfnpwQ4oCUMWABu+ukvi3BoP8WeN3Yyj1qfa8FhRf9MrIxTLh/YBXO4
	6JutpzKQqL3FOgibPNcwsevbUDPCcZo=
ARC-Authentication-Results: i=1;
	imf16.hostedemail.com;
	dkim=pass header.d=kernel.org header.s=k20201202 header.b=cmxwoYiP;
	spf=pass (imf16.hostedemail.com: domain of broonie@kernel.org designates
 145.40.68.75 as permitted sender) smtp.mailfrom=broonie@kernel.org;
	dmarc=pass (policy=quarantine) header.from=kernel.org
Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58])
	by ams.source.kernel.org (Postfix) with ESMTP id AC3EBAE3F62;
	Wed, 28 Aug 2024 23:31:46 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 1FA6CC4CEC2;
	Wed, 28 Aug 2024 23:31:43 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1724887911;
	bh=beFDrtDyIwMIQ+9ZnRJrXKiqbsyL6F5ZUs+tNbRY4bo=;
	h=From:Date:Subject:References:In-Reply-To:To:Cc:From;
	b=cmxwoYiPlqAu3PpbAe4bGKFan0D35T9aFz1uyLOo8UJeOq5mAHsWPTyVNiP5qq+QF
	 1bJmwFkWzxk1xeCmgEZjTmbPypjyB2wMPlh4/9IEsgqdGpkxmvUz3PCfJH9PueVAL6
	 MKQBMKGgFzhwPuS8beYHyGbOiwMhjcRUsKrtqTZHRGCrVw+kmWWj1h9HXwUb6w3RWV
	 FYKB2GvPgAUY/CCdj7QhVw+qDbhnzLjrekLZU+8Q32/0IagdbBbZuMFRTV3mEFcGaP
	 m66+DiHgGeY1Hu80y6yk2xG+bH397ive8mzSUVwJSrPZmFjr4FhDO1y9KjCrF9iyRT
	 i9cYNNLgL2fWw==
From: Mark Brown <broonie@kernel.org>
Date: Thu, 29 Aug 2024 00:27:43 +0100
Subject: [PATCH v12 27/39] arm64: Add Kconfig for Guarded Control Stack
 (GCS)
MIME-Version: 1.0
Message-Id: <20240829-arm64-gcs-v12-27-42fec947436a@kernel.org>
References: <20240829-arm64-gcs-v12-0-42fec947436a@kernel.org>
In-Reply-To: <20240829-arm64-gcs-v12-0-42fec947436a@kernel.org>
To: Catalin Marinas <catalin.marinas@arm.com>,
 Will Deacon <will@kernel.org>, Jonathan Corbet <corbet@lwn.net>,
 Andrew Morton <akpm@linux-foundation.org>, Marc Zyngier <maz@kernel.org>,
 Oliver Upton <oliver.upton@linux.dev>, James Morse <james.morse@arm.com>,
 Suzuki K Poulose <suzuki.poulose@arm.com>, Arnd Bergmann <arnd@arndb.de>,
 Oleg Nesterov <oleg@redhat.com>, Eric Biederman <ebiederm@xmission.com>,
 Shuah Khan <shuah@kernel.org>,
 "Rick P. Edgecombe" <rick.p.edgecombe@intel.com>,
 Deepak Gupta <debug@rivosinc.com>, Ard Biesheuvel <ardb@kernel.org>,
 Szabolcs Nagy <Szabolcs.Nagy@arm.com>, Kees Cook <kees@kernel.org>
Cc: "H.J. Lu" <hjl.tools@gmail.com>,
 Paul Walmsley <paul.walmsley@sifive.com>,
 Palmer Dabbelt <palmer@dabbelt.com>, Albert Ou <aou@eecs.berkeley.edu>,
 Florian Weimer <fweimer@redhat.com>, Christian Brauner <brauner@kernel.org>,
 Thiago Jung Bauermann <thiago.bauermann@linaro.org>,
 Ross Burton <ross.burton@arm.com>,
 Yury Khrustalev <yury.khrustalev@arm.com>,
 Wilco Dijkstra <wilco.dijkstra@arm.com>,
 linux-arm-kernel@lists.infradead.org, linux-doc@vger.kernel.org,
 kvmarm@lists.linux.dev, linux-fsdevel@vger.kernel.org,
 linux-arch@vger.kernel.org, linux-mm@kvack.org,
 linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org,
 linux-riscv@lists.infradead.org, Mark Brown <broonie@kernel.org>
X-Mailer: b4 0.15-dev-37811
X-Developer-Signature: v=1; a=openpgp-sha256; l=1518; i=broonie@kernel.org;
 h=from:subject:message-id; bh=beFDrtDyIwMIQ+9ZnRJrXKiqbsyL6F5ZUs+tNbRY4bo=;
 b=owEBbQGS/pANAwAKASTWi3JdVIfQAcsmYgBmz7KNVB+3I+jq6y04asLcwgZ/MwTq5s+oa0mg+YNh
 Yfgu4RqJATMEAAEKAB0WIQSt5miqZ1cYtZ/in+ok1otyXVSH0AUCZs+yjQAKCRAk1otyXVSH0BPHB/
 90dYgJUIMJYlO9HaX+ruyrHyhuRC2pGtl9VBK2lNdeGXJ6Hvqi4owpgy/8/6e5omy6rq70EJZcWYul
 POQSUjKOHIw23YuSNSZgnq/G5o/jHmK1bUc5Vbn/iSGWK+Qdd/pAYigxHAfQZv40m5SgkAm+/vKLRP
 Cn4pGEJ7bm1AL0CKRoMgGxW7lo4EIWCdJDkr6hLUENHRWN15nlW1jpIfgtrYVfTm+AN7qx8NuUyjwp
 MoSbOf9pQqmotQKVb8unNR3EsDxcpUueJxVZgR9sSM8h2vGjIfeXq6D2SF/qtFM9p7KvJAd/F9OMXD
 x31o4oXplu9qcRnov3va3/52q6tZ/o
X-Developer-Key: i=broonie@kernel.org; a=openpgp;
 fpr=3F2568AAC26998F9E813A1C5C3F436CA30F5D8EB
X-Stat-Signature: jc55yq89fiio8jz6uxxr5tajxwnm8h4d
X-Rspamd-Queue-Id: D350718000E
X-Rspam-User: 
X-Rspamd-Server: rspam08
X-HE-Tag: 1724887913-503738
X-HE-Meta: 
 U2FsdGVkX19HPxmqdNW8QPOkZ923SRklYxO1tllu7emSkyd37PVN9yP/Mi3DHNqYykTZzRIuOAEN5aj3sFa39YLY4Hn/3hlUqkLdh+dAaR3C7QOYnLI1ClYy8TSG0fa4MQ4Bl4N7FTEc6RPUq8kKpvt91wfov8GTBwoEJ70crjUmba+yy2JMbooXMge9VYIGgTuIUmHRANClF+W6SO9LK/KdStyfpyo1lM+ZTjUV8yDtfhTlOMXRx3FgZysXUFrNXj5FJ9qTFzOqg7xM/QZrqm0QB0CVfAWL6DGZZnkKdo5OduIBwOyiMz7h3xFSejE7HoC1HPCg1Cog3IDk6iiAo7+2cYKbenEijS8fatb86GCYLm47yGrhOUSKaH7VVwoXgIGEDseDIHN8KfcyHSU1Yq71VPDPKZO/pgIkYlGqBKLFMUxtXJOf9NRG8uSGVrhB+w0RRYy2FwLcL2pCrqhe1vGFProLoi8OpbbEjTHbas6fx6dwsEs+9OQxpPEw1dgNPggQ+RJ83LNl2nyhgwfrf8RivBjQCs4bUG+5+kxtX+yXip437B5E+nuIiwT27pV7yvfXCF/MjEVvLmq9LPBKowKdQXIkJ3hMDfnzZiDeCfEpQhwejf6V4SPr5pi/3Uk3EIHwuTgqTUw3eqA443UkdXmZrYNs2hP7Z9zfpXKG/tuwOzHsR5Kl/0EcAY89IMjHYJ8E8qVit1AOAXxa3zgk9n4ggmwaW+ru3Fk0Ec/wV5NBDuxmIZ0ImRqa1iU39ZORioawLrx/JJquYyxLQFUCdR2Ex7BjBxYQU+y56sLpWNpOFKrF8ZPCRHKreA+mgCFidLbhp0TFr9e+3Aj6HVnCF7csyPrb08f4ntI7wlseFPTuptU7h5zxDoxAPlav+51IlRGNx8dWCfu0heEpR40FPwOe/4fBVbpuTNytJhXH4I2x8CZ+SVxloQSQHZGXVpO9rar36DxoVTwJmAmMjbz
 H+ONJgmo
 rHcdul1fkXMDFkPmKuWMJY6Gg9TLJGHUB9lhXZ5TsEe3QTwYxNE4KSYUcR61kbO9XoX6SsFOtkr/081UavWw5TeVu+j5t5ilWKuo2gYxQ7Oum5WdIwTxEFokdSw1TYEO2ujmyWxykYTLHAvXQNg8UGPFoDGq05/AnzD4P7AXYOfhZvonBL++3r97CdkDGcTqt6Fp9v4uIRn5+b+kMVzst2m8+zp0+Lck2y3tBU7rAPWa8xiNy/6iuh27Td4oNnz+1s2H3bVs1WbdhnqrmImQodJZays7K2MShdh0YLxOCJ4xGGYSCQi2nXoxRkSI9EQKvgGECz4eSyJQW1kNrYaTHhx/p+IZOn4TgjdCsU9X7tjaiIAUobEszHfyMiBN0rJxf/wKDZDLoFMzkuh/IMCr0V0Ywi+4n8/kf+Macn1gF8A/1cT1mKooFq+ijg5yafM0l3AsMblvEzIgliGm8pX060qkfPg==
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>

Provide a Kconfig option allowing the user to select if GCS support is
built into the kernel.

Reviewed-by: Thiago Jung Bauermann <thiago.bauermann@linaro.org>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Mark Brown <broonie@kernel.org>
---
 arch/arm64/Kconfig | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index a2f8ff354ca6..3fa682151c8f 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -2137,6 +2137,27 @@ config ARM64_EPAN
 	  if the cpu does not implement the feature.
 endmenu # "ARMv8.7 architectural features"
 
+menu "v9.4 architectural features"
+
+config ARM64_GCS
+	bool "Enable support for Guarded Control Stack (GCS)"
+	default y
+	select ARCH_HAS_USER_SHADOW_STACK
+	select ARCH_USES_HIGH_VMA_FLAGS
+	depends on !UPROBES
+	help
+	  Guarded Control Stack (GCS) provides support for a separate
+	  stack with restricted access which contains only return
+	  addresses.  This can be used to harden against some attacks
+	  by comparing return address used by the program with what is
+	  stored in the GCS, and may also be used to efficiently obtain
+	  the call stack for applications such as profiling.
+
+	  The feature is detected at runtime, and will remain disabled
+	  if the system does not implement the feature.
+
+endmenu # "v9.4 architectural features"
+
 config ARM64_SVE
 	bool "ARM Scalable Vector Extension support"
 	default y