@@ -8,6 +8,14 @@
#include <asm-generic/kpkeys.h>
+/*
+ * Equivalent to por_set_kpkeys_level(0, KPKEYS_LVL_DEFAULT), but can also be
+ * used in assembly.
+ */
+#define POR_EL1_INIT POR_ELx_PERM_PREP(KPKEYS_PKEY_DEFAULT, POE_RWX)
+
+#ifndef __ASSEMBLY__
+
static inline bool arch_kpkeys_enabled(void)
{
return system_supports_poe();
@@ -46,4 +54,6 @@ static __always_inline void arch_kpkeys_restore_pkey_reg(u64 pkey_reg)
#endif /* CONFIG_ARM64_POE */
+#endif /* __ASSEMBLY__ */
+
#endif /* __ASM_KPKEYS_H */
@@ -10,6 +10,8 @@
#define POR_EL0_INIT POR_ELx_PERM_PREP(0, POE_RWX)
+#ifndef __ASSEMBLY__
+
static inline bool por_elx_allows_read(u64 por, u8 pkey)
{
u8 perm = POR_ELx_PERM_GET(pkey, por);
@@ -38,4 +40,6 @@ static inline u64 por_elx_set_pkey_perms(u64 por, u8 pkey, u64 perms)
return (por & ~(POE_MASK << shift)) | (perms << shift);
}
+#endif /* __ASSEMBLY__ */
+
#endif /* _ASM_ARM64_POR_H */
@@ -166,6 +166,10 @@ struct pt_regs {
u64 orig_x0;
s32 syscallno;
u32 pmr;
+#ifdef CONFIG_ARM64_POE
+ u64 por_el1;
+ u64 __unused;
+#endif
u64 sdei_ttbr1;
struct frame_record_meta stackframe;
@@ -75,6 +75,9 @@ int main(void)
DEFINE(S_SYSCALLNO, offsetof(struct pt_regs, syscallno));
DEFINE(S_SDEI_TTBR1, offsetof(struct pt_regs, sdei_ttbr1));
DEFINE(S_PMR, offsetof(struct pt_regs, pmr));
+#ifdef CONFIG_ARM64_POE
+ DEFINE(S_POR_EL1, offsetof(struct pt_regs, por_el1));
+#endif
DEFINE(S_STACKFRAME, offsetof(struct pt_regs, stackframe));
DEFINE(S_STACKFRAME_TYPE, offsetof(struct pt_regs, stackframe.type));
DEFINE(PT_REGS_SIZE, sizeof(struct pt_regs));
@@ -20,6 +20,7 @@
#include <asm/errno.h>
#include <asm/esr.h>
#include <asm/irq.h>
+#include <asm/kpkeys.h>
#include <asm/memory.h>
#include <asm/mmu.h>
#include <asm/processor.h>
@@ -279,6 +280,19 @@ alternative_else_nop_endif
.else
add x21, sp, #PT_REGS_SIZE
get_current_task tsk
+#ifdef CONFIG_ARM64_POE
+alternative_if_not ARM64_HAS_S1POE
+ b 1f
+alternative_else_nop_endif
+ mrs_s x0, SYS_POR_EL1
+ str x0, [sp, #S_POR_EL1]
+ mov x1, #POR_EL1_INIT
+ cmp x0, x1
+ b.eq 1f
+ msr_s SYS_POR_EL1, x1
+ isb
+1:
+#endif /* CONFIG_ARM64_POE */
.endif /* \el == 0 */
mrs x22, elr_el1
mrs x23, spsr_el1
@@ -409,7 +423,15 @@ alternative_else_nop_endif
mte_set_user_gcr tsk, x0, x1
apply_ssbd 0, x0, x1
- .endif
+ .else
+#ifdef CONFIG_ARM64_POE
+alternative_if ARM64_HAS_S1POE
+ ldr x0, [sp, #S_POR_EL1]
+ msr_s SYS_POR_EL1, x0
+ /* No explicit ISB; we rely on ERET */
+alternative_else_nop_endif
+#endif /* CONFIG_ARM64_POE */
+ .endif /* \el == 0 */
msr elr_el1, x21 // set up the return data
msr spsr_el1, x22
POR_EL1 will be modified, through the kpkeys framework, in order to grant temporary RW access to certain keys. If an exception occurs in the middle of a "critical section" where POR_EL1 is set to a privileged value, it is preferable to reset it to its default value upon taking the exception to minimise the amount of code running at higher kpkeys level. This patch implements the reset of POR_EL1 on exception entry, storing the original value in a new pt_regs field and restoring on exception return. To avoid an expensive ISB, the register is only reset if the interrupted value isn't the default. No check is made on the return path as an ISB occurs anyway as part of ERET. Signed-off-by: Kevin Brodsky <kevin.brodsky@arm.com> --- arch/arm64/include/asm/kpkeys.h | 10 ++++++++++ arch/arm64/include/asm/por.h | 4 ++++ arch/arm64/include/asm/ptrace.h | 4 ++++ arch/arm64/kernel/asm-offsets.c | 3 +++ arch/arm64/kernel/entry.S | 24 +++++++++++++++++++++++- 5 files changed, 44 insertions(+), 1 deletion(-)