From patchwork Fri Oct 11 00:32:03 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Deepak Gupta X-Patchwork-Id: 13831615 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 33518D24462 for ; Fri, 11 Oct 2024 00:32:26 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A8E3E6B0082; Thu, 10 Oct 2024 20:32:25 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id A3F3D6B0083; Thu, 10 Oct 2024 20:32:25 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8B74B6B0088; Thu, 10 Oct 2024 20:32:25 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 67C6B6B0082 for ; Thu, 10 Oct 2024 20:32:25 -0400 (EDT) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id BB15EA0325 for ; Fri, 11 Oct 2024 00:32:17 +0000 (UTC) X-FDA: 82659445008.19.F931EB4 Received: from mail-pf1-f182.google.com (mail-pf1-f182.google.com [209.85.210.182]) by imf27.hostedemail.com (Postfix) with ESMTP id 4407D40012 for ; Fri, 11 Oct 2024 00:32:21 +0000 (UTC) Authentication-Results: imf27.hostedemail.com; dkim=pass header.d=rivosinc-com.20230601.gappssmtp.com header.s=20230601 header.b=ymUf1K42; dmarc=none; spf=pass (imf27.hostedemail.com: domain of debug@rivosinc.com designates 209.85.210.182 as permitted sender) smtp.mailfrom=debug@rivosinc.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1728606630; a=rsa-sha256; cv=none; b=0qu4ANKgGJAL3NQ8ujsjdMMbtuFemhkX+J7DlE5UQULbUtPECaD/Iwx3Grwr1yDJZSPalX bG/TC239dCcBI/xdAGG1GH9eAc+RR9SYAWKI5qlXwarS/oNzYpPWn80sNNSSZh0T1Xtvhp //6ywse89/E518e0ov9HHauj8RB698c= ARC-Authentication-Results: i=1; imf27.hostedemail.com; dkim=pass header.d=rivosinc-com.20230601.gappssmtp.com header.s=20230601 header.b=ymUf1K42; dmarc=none; spf=pass (imf27.hostedemail.com: domain of debug@rivosinc.com designates 209.85.210.182 as permitted sender) smtp.mailfrom=debug@rivosinc.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1728606630; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=pcb1JUl7nxyzCR2L+K51gN2ROJJ8XrFInAPZeivTlr8=; b=YcWMYYjb8v5I7fPB9MQRUNAqr7PHuJPdW8km272Ol3IJdAL/cTWeDsJXR3mgZDn/0EFxZ/ Fb7MA9g5Uj6AdaEeSRXtYhYDU6sdNJVo8TkOtxyQ/fm11XJknOpbKIB7+v89IVIkRSKF7o qS0xYN6YK8Xt/bsLVqxZZPN4XJdYbQg= Received: by mail-pf1-f182.google.com with SMTP id d2e1a72fcca58-71dea49e808so1367711b3a.1 for ; Thu, 10 Oct 2024 17:32:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1728606742; x=1729211542; darn=kvack.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=pcb1JUl7nxyzCR2L+K51gN2ROJJ8XrFInAPZeivTlr8=; b=ymUf1K424mQI++Z4ykIzajsKqHjPPimiPi1ss5CRgSTgFbTLUjloF+VCCYPrZVweaa 9s0jeoiDOs8lSwOh3U9Uj+wCZsGscwNGZE/Lz8ldciwU3DAGtwycMJXAQzaQDhws4D/D TcS6fFF/OmTdn/kGtlAheP2mqplIlch21UcklgjH8BctvD+LDo4LLGzfYROFnh1Wx6b3 jawYjHJ4sgYRQC9pE8x/Ff+wGgTZNL2vtotm60VzwgdaSn+NJD9ZcAEp7XfU8F2Im3uE iwbBllgYtdVVVZ4qutQAO0aqlDU3szPRGs+2sFsSw16DoLeNbkSXhWPhuiitoOVvXSB6 DyAg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728606742; x=1729211542; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=pcb1JUl7nxyzCR2L+K51gN2ROJJ8XrFInAPZeivTlr8=; b=eaE8tOhC9gM1SiKuVBj52IkwAbBNmRI/dJtzFLEGZyNtO2zbSn1NB41lWorxPmaStA Nrn4+LHpADPSYlmcJLbnA84Is0eiAL1G5PW762YZktvbzad0n8HwBHJAd9mPVLxJH1Jn cC5ZZrB3iMj8Pqjj/jJPqbaCdLbSgJRGxMMz48w3rPYqiEzfQqyWAHyUQp3FMV4jKots CB+HAS2JFRryOkJ/ACH5h2CIC6+1rL6cAXdh/kwwHhc3nbT64nrVnzE5rZ5OCEACDXw4 toMUxaZHB6g971rKtwyDMc389FG8jUpG19r0WpGU+s2eTGvXizelWRcC6AqkSs6CvqHf IJcg== X-Forwarded-Encrypted: i=1; AJvYcCVh9V+Fd35UXugTqwZgbPGcjwH/D6d7VnLvadQF8lZvxXBo7jOO+QghxIx6F52xVrZqOyQioA6ohw==@kvack.org X-Gm-Message-State: AOJu0YwD/OunEPWrfLfLLKXAwnF6Yfyw7ZRTJtjXkIgd9oEUvrgkVju2 W8ocyTnYQfmr8OGIWstSdjMxwcvqDdwEmP76eH3IhwCrF9X7stmxajC83R349Hw= X-Google-Smtp-Source: AGHT+IFSf80aIAMN4Fscyo/d2B9xB9WQkYt/Q471M36cO+ATFH/XCXiTEEuhz953CSaf5qR503Upaw== X-Received: by 2002:a05:6a00:14ce:b0:71e:cd0:cc99 with SMTP id d2e1a72fcca58-71e37e2d6admr1520196b3a.4.1728606741623; Thu, 10 Oct 2024 17:32:21 -0700 (PDT) Received: from debug.ba.rivosinc.com ([64.71.180.162]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-7ea4496b1afsm1545600a12.94.2024.10.10.17.32.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 10 Oct 2024 17:32:21 -0700 (PDT) From: Deepak Gupta Date: Thu, 10 Oct 2024 17:32:03 -0700 Subject: [PATCH RFC/RFT 1/3] mm: Introduce ARCH_HAS_USER_SHADOW_STACK MIME-Version: 1.0 Message-Id: <20241010-shstk_converge-v1-1-631beca676e7@rivosinc.com> References: <20241010-shstk_converge-v1-0-631beca676e7@rivosinc.com> In-Reply-To: <20241010-shstk_converge-v1-0-631beca676e7@rivosinc.com> To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes , Arnd Bergmann Cc: linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, Rick Edgecombe , Mark Brown , Deepak Gupta , David Hildenbrand , Carlos Bilbao X-Mailer: b4 0.14.0 X-Rspamd-Server: rspam12 X-Rspamd-Queue-Id: 4407D40012 X-Stat-Signature: gta6po6iqdr6impzxf5sako4b4xrn3kc X-Rspam-User: X-HE-Tag: 1728606741-112274 X-HE-Meta: U2FsdGVkX19GpdKfmmYPz0XzjjpOTpG0LnFC1UMyiMLY5+KHauequ+sc2dD8YuydWKvQ+caILXU0E1xLbqh23CAp5WQurlEJTPWgqhPskfN7llnRv2Km/MeEar6P73gwgdcpAq5BH+Ui9+AnNVnCdoDhHqtwUdEEvQ+8HQr+l4TOznARRYS47cMINH14gKr7e502YOrccsinTNhMKPugw0dnVVrBefJLzdTWUPsqRUaLMjNO52I22TPJK49KTOjLrRRieDuO3tB2oIBY6ghIeJWk/Y3ckx21A/HU22hCyvqO8Q9Oz8tds5OqPgowEHMj5knSFvBLJICBMucO5XiM8Yt9Iwpk/6zTt+KFGUFtc/Xr/UULnk4kG1dtnpPjm5tR+0AFNUb09V+U3vFV9hM1vWhJsiBRpMdISnNQEkv7XQUpHIwEJCMgJlAgPNXTvw4crnrvkmFApOw9H6HkW/mx4HeOxnDDWlCBWWLXfackZNnfgz2HpEm6QmVNFLb7rJ53GCdqm4Rl1/adQ71yX3ZMWCsjqeg5h5q8tVNh8pAi1lh1K/muVNiNyzp7/pjqFahCCZ+bKiKheT+98ozQX77ULDmKvVka2GOkeF5Xa3U6a/CWUEBdBoZp6wTzA+JQSB33buf4MfiXV2Qrk2P4MphKjMkbz7drS4vbgn+gR83d/qM8A4Ey27+I4gL1nGT68r69WyzXWCf+plNsJ7O7gNqp7NRGShhaM6G48QV9Htvl/uFflY77CxkwHGwRh4xB1wUY8miJKINrGWyT+oVLjY75fGrmcWzXvvlXt4nLYtj5GwXFYPSjEu1F2iYjWYObaTh63oRGILhbY/KV8Jyw89uyQ7sacTXc+gpK4kkMQPamf6hmyleOzFV9zu9kWmij5BW5hqjnqZxcsmtCMg7kKnbT7VbFMFBwT+YEaEWWHQuVLYyWYASMnbLjpdLkFGm8NReVbFaoKZYs5d2iKJvOpNP 09+Eh5wL MYPpoRSCOR3XgqnnwTrCpCs7uVrur1Mi/yRxygjVh72CQ7s1q36PDQMQt/jQw0hA1SkankoDKqxVJ/9Uc8IHHt6KhQkpmlDomiAFngjJodf3bQ4/InhJCC9ZLSga0/SIfCndB8c5ugMUS5fLA3t1hyHiUPSymuQCLFj9A91/WhGRIQjh55WFIBse+GAgd4/XhST5QOz60xhf6FXLgefpFN0a0C/o6MLvvtu1fxD5a6tSvnGd+rk++qfICbsTLRigeYnPYQJRXSBoLrNFUBY9RbMqFefgWjf4qOLiCD9yNL9tSaY2nmY9sPNTC7GCwpbtuYleJBjJ/MzHLNPkkoIIDvzQE9SoYl5L6EJnmYqHq0hIFcT9ckF1jZf9ybRuq5iIcA9gR1u+VK35X4BFVJ8lN0WuSGbLE+f/bK1aIcThPdhfQxaYxc5w6XdQNSyBy21GR6ZfbPQ2SI8Wbo+xQjU1P243+wcAlor/8pWTYxxm7uECS4KLmuRy4ZZmKfyYSvPuL3O102DZD0AatTO6pfCDXHeR1W/yA5isPvgbeAHs32ZsDIWjaNCaELyjatiVRqR+SS/6j1bdU4ov9cXTmLPue0SiVIbTSl/5b3GJnugVBqbH26b29pGFHxuNlCQrqvalSTdLIloQRhoQ4eCqrkdRCCNHMcRt7bXAXIpXO+hM9k+kUiLBBebUGiinhd/OXn7Pt1ye1LZOumGAnFlMJ5TRw8u33oA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Mark Brown Since multiple architectures have support for shadow stacks and we need to select support for this feature in several places in the generic code provide a generic config option that the architectures can select. Suggested-by: David Hildenbrand Acked-by: David Hildenbrand Signed-off-by: Mark Brown Reviewed-by: Rick Edgecombe Reviewed-by: Deepak Gupta Reviewed-by: Carlos Bilbao --- arch/x86/Kconfig | 1 + fs/proc/task_mmu.c | 2 +- include/linux/mm.h | 2 +- mm/Kconfig | 6 ++++++ 4 files changed, 9 insertions(+), 2 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 2852fcd82cbd..8ccae77d40f7 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1954,6 +1954,7 @@ config X86_USER_SHADOW_STACK depends on AS_WRUSS depends on X86_64 select ARCH_USES_HIGH_VMA_FLAGS + select ARCH_HAS_USER_SHADOW_STACK select X86_CET help Shadow stack protection is a hardware feature that detects function diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c index 72f14fd59c2d..23f875e78eae 100644 --- a/fs/proc/task_mmu.c +++ b/fs/proc/task_mmu.c @@ -971,7 +971,7 @@ static void show_smap_vma_flags(struct seq_file *m, struct vm_area_struct *vma) #ifdef CONFIG_HAVE_ARCH_USERFAULTFD_MINOR [ilog2(VM_UFFD_MINOR)] = "ui", #endif /* CONFIG_HAVE_ARCH_USERFAULTFD_MINOR */ -#ifdef CONFIG_X86_USER_SHADOW_STACK +#ifdef CONFIG_ARCH_HAS_USER_SHADOW_STACK [ilog2(VM_SHADOW_STACK)] = "ss", #endif #if defined(CONFIG_64BIT) || defined(CONFIG_PPC32) diff --git a/include/linux/mm.h b/include/linux/mm.h index ecf63d2b0582..57533b9cae95 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -354,7 +354,7 @@ extern unsigned int kobjsize(const void *objp); #endif #endif /* CONFIG_ARCH_HAS_PKEYS */ -#ifdef CONFIG_X86_USER_SHADOW_STACK +#ifdef CONFIG_ARCH_HAS_USER_SHADOW_STACK /* * VM_SHADOW_STACK should not be set with VM_SHARED because of lack of * support core mm. diff --git a/mm/Kconfig b/mm/Kconfig index 4c9f5ea13271..4b2a1ef9a161 100644 --- a/mm/Kconfig +++ b/mm/Kconfig @@ -1296,6 +1296,12 @@ config NUMA_EMU into virtual nodes when booted with "numa=fake=N", where N is the number of nodes. This is only useful for debugging. +config ARCH_HAS_USER_SHADOW_STACK + bool + help + The architecture has hardware support for userspace shadow call + stacks (eg, x86 CET, arm64 GCS or RISC-V Zicfiss). + source "mm/damon/Kconfig" endmenu