From patchwork Tue Oct 1 22:58:52 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Brown X-Patchwork-Id: 13818913 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5F35BCF3189 for ; Tue, 1 Oct 2024 23:02:22 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E7774440155; Tue, 1 Oct 2024 19:02:21 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id E04F068002B; Tue, 1 Oct 2024 19:02:21 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C5303440155; Tue, 1 Oct 2024 19:02:21 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 9B4C668002B for ; Tue, 1 Oct 2024 19:02:21 -0400 (EDT) Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 530FBA02E8 for ; Tue, 1 Oct 2024 23:02:21 +0000 (UTC) X-FDA: 82626558882.08.708A4BE Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by imf13.hostedemail.com (Postfix) with ESMTP id 822662001B for ; Tue, 1 Oct 2024 23:02:19 +0000 (UTC) Authentication-Results: imf13.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=rJUOqUeC; dmarc=pass (policy=quarantine) header.from=kernel.org; spf=pass (imf13.hostedemail.com: domain of broonie@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=broonie@kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1727823598; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=iOYaUIdS+m3LOZFbHTHW1BU9wRlwmrEzO9wFPDsKuYI=; b=0SYmQ+qQcRtiyCWDgTF6jfZLuOAqtAqgujt6hXXjb5P7SODS8NfvvjkcltptSVyyVg8D0X v9GGyHfzlq8o7SxC4LTuWw1N6xkF98qUo1d12+X584qGKOxFWMAK8yDfVXSh/m/aGOQM4/ LY8VWeYgyKUn54y0yLCyOHK2QJk6kss= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1727823598; a=rsa-sha256; cv=none; b=lSnUPJ2R8AkCMrZ9ctKpRfwXrSdXoSiBPb1lSbEcBtD/CmOv1NnvGtgoDNl6dTYn7SEMWt 0yd0egnOglV479IXE3VdZvDm8dB4HA/NqFb6khgdS8PPX/SpoTn5UYgMq5naIiyVtCYm6G mJ2azyphRRnxd8MLr6niP1Q9jy+eH3I= ARC-Authentication-Results: i=1; imf13.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=rJUOqUeC; dmarc=pass (policy=quarantine) header.from=kernel.org; spf=pass (imf13.hostedemail.com: domain of broonie@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=broonie@kernel.org Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id B59D25C069A; Tue, 1 Oct 2024 23:02:14 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 2A8B8C4CED9; Tue, 1 Oct 2024 23:02:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1727823738; bh=vaxVaycm7ebuteD+83+ohSTITiaiPgd3wzWiS8vbKhY=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=rJUOqUeCp2KVjBBFXojZ/9SF6t/enxvGS6axJO57zNZy1jrB1lGqVlGRQCupS4fEC ohBq8aVleb5r7ZKGie5EI/2CJcaIhDRwb/r883erqa+zwMVLT9ucKZg7sPeYaKEllJ SJvjiMRWcPran3zzscDbr6RmpxmVIQflvNnfVfzjtkl3bMx6Q3VMYHtIvsAaF4Vv6N Dk0XWFy7M1ygsTK8ufANb1hagsfnWUP92/j9wVhjGsDcHiCoJToP7SQQRhJcbiZYqV NA/B+lI3wX5YMhr7mPMTD9VFEQPrfr/ia1nQWZLRLjWq6J7N7Cw5KQfHfoA+fvYTYL p7AZrwKzbL4LA== From: Mark Brown Date: Tue, 01 Oct 2024 23:58:52 +0100 Subject: [PATCH v13 13/40] arm64/mm: Allocate PIE slots for EL0 guarded control stack MIME-Version: 1.0 Message-Id: <20241001-arm64-gcs-v13-13-222b78d87eee@kernel.org> References: <20241001-arm64-gcs-v13-0-222b78d87eee@kernel.org> In-Reply-To: <20241001-arm64-gcs-v13-0-222b78d87eee@kernel.org> To: Catalin Marinas , Will Deacon , Jonathan Corbet , Andrew Morton , Marc Zyngier , Oliver Upton , James Morse , Suzuki K Poulose , Arnd Bergmann , Oleg Nesterov , Eric Biederman , Shuah Khan , "Rick P. Edgecombe" , Deepak Gupta , Ard Biesheuvel , Szabolcs Nagy , Kees Cook Cc: "H.J. Lu" , Paul Walmsley , Palmer Dabbelt , Albert Ou , Florian Weimer , Christian Brauner , Thiago Jung Bauermann , Ross Burton , David Spickett , Yury Khrustalev , Wilco Dijkstra , linux-arm-kernel@lists.infradead.org, linux-doc@vger.kernel.org, kvmarm@lists.linux.dev, linux-fsdevel@vger.kernel.org, linux-arch@vger.kernel.org, linux-mm@kvack.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, linux-riscv@lists.infradead.org, Mark Brown X-Mailer: b4 0.15-dev-99b12 X-Developer-Signature: v=1; a=openpgp-sha256; l=3090; i=broonie@kernel.org; h=from:subject:message-id; bh=vaxVaycm7ebuteD+83+ohSTITiaiPgd3wzWiS8vbKhY=; b=owEBbQGS/pANAwAKASTWi3JdVIfQAcsmYgBm/H7OFsx7rjfggosVPd6CTMLpKPa20DpvMtc4pKI/ zV30kZWJATMEAAEKAB0WIQSt5miqZ1cYtZ/in+ok1otyXVSH0AUCZvx+zgAKCRAk1otyXVSH0CG6CA CBp7hBCPEkMdZ/Nsef6Zwahuw5MDiInv9NS8uCA+9eVJb3v6hj99Gpjsxs0lJXz/2vwsFfecjDCu4+ BDPdelwOdutPr2FkIdL6d5B0pkTQZqFAl9r0SQf6CMC9HsteqnYHrP4f+SkVNxs+CKKMI7zlGa3y4r K0CCRmb+0VQ3NBkfhpU9qOS2rwuiS5D27GesuGwNzo62aWURmN/vqcrUWRaGFugEiicbaIX9fp0tud JdY6ias/O9Vbthbm8USjjYy1lLVkmZphsfLmtAuXoL2+9o0RaPhlGkPWXVWADwCIfOudmUVzgmPGGE MVqCzHKUuxHfesEWw2BTBuW17fC2gx X-Developer-Key: i=broonie@kernel.org; a=openpgp; fpr=3F2568AAC26998F9E813A1C5C3F436CA30F5D8EB X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: 822662001B X-Stat-Signature: x81sqyh4kjp6okmxq7nmxxr3qgj8u8s5 X-Rspam-User: X-HE-Tag: 1727823739-185462 X-HE-Meta: U2FsdGVkX1+ib5QZ3kTQnEuaHWdVhhNkKzisRmkYhx4lWaODVgJa1oZ54OXPf0J/BNA3AY7r+kjJCuZqymMn8NMSyv+/WQCd1OnivcvDOIETSBrd5LIRzyipZuCgbgpgAS8SWZ+RH8/UTfU/pfIXT3tTnyBx49zGnjDNWwmk3PKs6owKUIvQFmB1d5cY8yyan9iJLqxUc29Coelux7YU8xuZZZvl3lPbIVw682S7xaFTR8t1YF6Rmq1IV+OydLmcCyiYWRLFewzOF4HHU78hdPT6lFLYTK+FNr3ac8eze7T/eiEBzHRyzqTvlkCiNMG9mocpyrF7xXro7fHd1sYSzcqbxu6O27LsPoSeV0in5l5GyhyZIdFs9LyH71A0//WJ5/za5H+av9A3NwWhgve5P5/AtSwcR7Ow+X2/yg75HrYXNAcmeL0anWS9XxNkycTekgfBgkt3vAe+EyYP9kQCSaPaLdTBVJZdbANu3z24QCI/USIGQHA3EOIsBUm2ICRb9MClDsja/B7F2SIrOIiUNQ/OdZ9bZ4ni6G0GUAB3NMnbVQGCpQB5x9n16LyoO6GwzP60QKcQSKcpNUOiyKI0jPO5PQvvTq05DzWG2zIuqGKr+SLkaXQf8lDnhenSmNfh6/0m/2EFs5d4XkPlpD2+4g5zU13W3sz5ElMBFSNJwsvh8IJN9qWQFfy2VjsgmCuKI4VOFxMHXt1NrHISdtIuxZ2i+oZ5aywFiUn194qMV2+i99KdZ9ofws+RLOQUYqOP+IDyigJtgB+gNQD7pA/qrBYpZDS8d2OqosrjX08pqur55W8JrURUhE4LJ+q6rKPXOgQzBjATuBgmx51OQZApAH47PIS6Sl17V2RyRTaFEpZXNMRMPRKP8LWAzE7xdMw+mTcDGoJXGo7a66Ug8Js4YmSZFvLIkR4V8OfviwMVB56zbCNfuP+3JYDsS10PXD8UCCUgRZ8vp/uPF9z3Tws fSJrNP1q wzSVyQvrldD/D9T8jZqptMst9vfy6WDz0oXe7b+ORaRfg0UaxSyhg4R0jZaSs44TR1DYoj/Icgzd7HL0V+v1KLOOyFrfPjZn1lulqz3Jax+6w29fnRK7lr+/7QN14llBtQpAFA9ZKBTC1VBJGimtN3shgu6SAEP7LoPjV4fpKD62tkiqUCmrGbSi4+A4XVzIeeSmG4uhfOxcIlx+aqaK77uCfQOJ/254WHiDYuZ+DzXkh08//xqAFB5bAAFNpczcRjeXuRN28I8FDkkh9VV+4dZdhSeg+ZfdC1A27CQghYmy1if8V3flkm8JYNvVBY9WSbB7IpDn8WNvvkNRp4bplKrJv+QDYAP89pbeZe6PV2l23g6LSW+tEmJTmHuieg73X3+FwlN0gijGnILXqlJ8RGYxWDoG/cvnhR+4Hs28jyybM0/8hs0QuJSw/Zg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Pages used for guarded control stacks need to be described to the hardware using the Permission Indirection Extension, GCS is not supported without PIE. In order to support copy on write for guarded stacks we allocate two values, one for active GCSs and one for GCS pages marked as read only prior to copy. Since the actual effect is defined using PIE the specific bit pattern used does not matter to the hardware but we choose two values which differ only in PTE_WRITE in order to help share code with non-PIE cases. Reviewed-by: Thiago Jung Bauermann Reviewed-by: Catalin Marinas Signed-off-by: Mark Brown --- arch/arm64/include/asm/pgtable-prot.h | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/arch/arm64/include/asm/pgtable-prot.h b/arch/arm64/include/asm/pgtable-prot.h index 2a11d0c10760..4e4bcd676f4c 100644 --- a/arch/arm64/include/asm/pgtable-prot.h +++ b/arch/arm64/include/asm/pgtable-prot.h @@ -144,15 +144,23 @@ static inline bool __pure lpa2_is_enabled(void) /* 6: PTE_PXN | PTE_WRITE */ /* 7: PAGE_SHARED_EXEC PTE_PXN | PTE_WRITE | PTE_USER */ /* 8: PAGE_KERNEL_ROX PTE_UXN */ -/* 9: PTE_UXN | PTE_USER */ +/* 9: PAGE_GCS_RO PTE_UXN | PTE_USER */ /* a: PAGE_KERNEL_EXEC PTE_UXN | PTE_WRITE */ -/* b: PTE_UXN | PTE_WRITE | PTE_USER */ +/* b: PAGE_GCS PTE_UXN | PTE_WRITE | PTE_USER */ /* c: PAGE_KERNEL_RO PTE_UXN | PTE_PXN */ /* d: PAGE_READONLY PTE_UXN | PTE_PXN | PTE_USER */ /* e: PAGE_KERNEL PTE_UXN | PTE_PXN | PTE_WRITE */ /* f: PAGE_SHARED PTE_UXN | PTE_PXN | PTE_WRITE | PTE_USER */ +#define _PAGE_GCS (_PAGE_DEFAULT | PTE_NG | PTE_UXN | PTE_WRITE | PTE_USER) +#define _PAGE_GCS_RO (_PAGE_DEFAULT | PTE_NG | PTE_UXN | PTE_USER) + +#define PAGE_GCS __pgprot(_PAGE_GCS) +#define PAGE_GCS_RO __pgprot(_PAGE_GCS_RO) + #define PIE_E0 ( \ + PIRx_ELx_PERM(pte_pi_index(_PAGE_GCS), PIE_GCS) | \ + PIRx_ELx_PERM(pte_pi_index(_PAGE_GCS_RO), PIE_R) | \ PIRx_ELx_PERM(pte_pi_index(_PAGE_EXECONLY), PIE_X_O) | \ PIRx_ELx_PERM(pte_pi_index(_PAGE_READONLY_EXEC), PIE_RX_O) | \ PIRx_ELx_PERM(pte_pi_index(_PAGE_SHARED_EXEC), PIE_RWX_O) | \ @@ -160,6 +168,8 @@ static inline bool __pure lpa2_is_enabled(void) PIRx_ELx_PERM(pte_pi_index(_PAGE_SHARED), PIE_RW_O)) #define PIE_E1 ( \ + PIRx_ELx_PERM(pte_pi_index(_PAGE_GCS), PIE_NONE_O) | \ + PIRx_ELx_PERM(pte_pi_index(_PAGE_GCS_RO), PIE_NONE_O) | \ PIRx_ELx_PERM(pte_pi_index(_PAGE_EXECONLY), PIE_NONE_O) | \ PIRx_ELx_PERM(pte_pi_index(_PAGE_READONLY_EXEC), PIE_R) | \ PIRx_ELx_PERM(pte_pi_index(_PAGE_SHARED_EXEC), PIE_RW) | \