From patchwork Thu Jun 6 20:09:13 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10980421 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A2BD16C5 for ; Thu, 6 Jun 2019 20:17:36 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9243D28A6D for ; Thu, 6 Jun 2019 20:17:36 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8516128AA7; Thu, 6 Jun 2019 20:17:36 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0286428A6D for ; Thu, 6 Jun 2019 20:17:36 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id DEDF66B02C1; Thu, 6 Jun 2019 16:17:32 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id D75E96B02C3; Thu, 6 Jun 2019 16:17:32 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BF03A6B02C5; Thu, 6 Jun 2019 16:17:32 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pf1-f198.google.com (mail-pf1-f198.google.com [209.85.210.198]) by kanga.kvack.org (Postfix) with ESMTP id 8604B6B02C3 for ; Thu, 6 Jun 2019 16:17:32 -0400 (EDT) Received: by mail-pf1-f198.google.com with SMTP id r12so2615707pfl.2 for ; Thu, 06 Jun 2019 13:17:32 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references; bh=Jhf9gR8u8yuAfzOUIytJh5IAaaOTGX4VHhD1DAfLt28=; b=aBtjH0q7PmGOJQLE2u035mqVh0RDd3aWUUnpavFFM+72XjxbKRJXp/gZyZM1kNnJFK XNapASgMqPZoZ5cwqwmnmLTRtfE3HxthbE194njFzRbsse53MB7rd2xF36gG2ufX1+oS cUANN8QFa1M6+MSOsvgUN45TSKDy/pleF/f/nLXAeWUbbpadzbA0eakMmk1accN9ie25 MooCP8MqmtOWc0KVCva2Y1kvWY+etlc51LIXm4ZmByv78h+ODcB51TEx8kRacjNqyskH mugoqCd59fTUjGQtZjE9g2HAHVSsAscx0krt3VTmweNvQ96rspCQFt09lDiN7ExHSPSl GPcQ== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: APjAAAU3PFhx76Vw2qEgjL0Ry2Ihx1d9hHzNXObPk4A9cqUruERyFn8I aQwVDwJMUBXOMW9gNhvoa+OxHuphPWM4C2wwgfcVMF3EESDSvO1C0Z8gdWh9ATDanXZHQDilo8B m/WmnemgaAFkAWudPMlOn9VFWbfs/C9CTOu7IoaGRh7fMP5a+/F8FAZg/2dT99hE0Gw== X-Received: by 2002:a63:1d53:: with SMTP id d19mr332481pgm.152.1559852252078; Thu, 06 Jun 2019 13:17:32 -0700 (PDT) X-Google-Smtp-Source: APXvYqyfSMsQ89ydmrangJMK39dreHgbcyO/8b+51yRAsnmhxo4Cde8TBVnFkOOvnVurijiGoceO X-Received: by 2002:a63:1d53:: with SMTP id d19mr332433pgm.152.1559852251306; Thu, 06 Jun 2019 13:17:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559852251; cv=none; d=google.com; s=arc-20160816; b=Tz0nlrDAiFLk8evi4st+IAMjtDE55dZjuJ+sj1UcJ+sY44yrUpu1QJa0SZ5D+4LPFx mliPTuA2dvb8ZEmMQEMb7dSE6/Y91ejXAnPox5deulEu3U7H1KZrVfgZVrL30lJ1Vyfl qSQBkIhV+xFUhkm+RusyS4fy5mYPO7+oocmE8DIq3e8lkJ+t1IWQQetR37OqlqFY2MRu /5JeSsZBWg6+8a3PUytj1w9Epf4T9kUwzLYscRl28YiITtbypZuTJMFBIrBW5da/PcIx da2AFlKPFrgxwLQVG7ogZ2ftgiGO0M2iW7tCa0Oam3B9IgmE+CA7REF+LOU0m6jGYbRa PjpA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from; bh=Jhf9gR8u8yuAfzOUIytJh5IAaaOTGX4VHhD1DAfLt28=; b=H7bLoxfQyNiry2dt2Rwn+2hrtVwq5y6FvrWlL6tE6NAL0V923u0aZanKTP6AAlABfU UCmM7554zKciGlyIX4qjMzeuo/A1bryAI798hr+Kw1CRW5B40wUVyUsdbcUO8Lr0zOP/ /YNF2THqSF8FI1SlSgPlc9585JMPwvkKD7D5zBt6vieEcz2i/XQ4X40t50h6TaPQ2k3Q Sl1MS12AALUd1C7a046mTt/HkAsZFO+DiCEVgPmSWLyHCP6VXVh20wdFhIT/ZPCC4tkk gchotSkkKoEQY265EhKBNZb42GUUcu0Nkq8JYjkn5b2c+gP2u20lxwXdMW8SIuBNI76M G/ug== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga02.intel.com (mga02.intel.com. [134.134.136.20]) by mx.google.com with ESMTPS id t11si66755plr.23.2019.06.06.13.17.31 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Jun 2019 13:17:31 -0700 (PDT) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) client-ip=134.134.136.20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Jun 2019 13:17:30 -0700 X-ExtLoop1: 1 Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by fmsmga001.fm.intel.com with ESMTP; 06 Jun 2019 13:17:30 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin Cc: Yu-cheng Yu Subject: [PATCH v7 01/14] x86/cet/ibt: Add Kconfig option for user-mode Indirect Branch Tracking Date: Thu, 6 Jun 2019 13:09:13 -0700 Message-Id: <20190606200926.4029-2-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190606200926.4029-1-yu-cheng.yu@intel.com> References: <20190606200926.4029-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP The user-mode indirect branch tracking support is done mostly by GCC to insert ENDBR64/ENDBR32 instructions at branch targets. The kernel provides CPUID enumeration and feature setup. Signed-off-by: Yu-cheng Yu --- arch/x86/Kconfig | 16 ++++++++++++++++ arch/x86/Makefile | 7 +++++++ 2 files changed, 23 insertions(+) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index df8b57de75b2..47afe47c01eb 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1921,6 +1921,9 @@ config X86_INTEL_CET config ARCH_HAS_SHSTK def_bool n +config ARCH_HAS_AS_LIMIT + def_bool n + config X86_INTEL_SHADOW_STACK_USER prompt "Intel Shadow Stack for user-mode" def_bool n @@ -1941,6 +1944,19 @@ config X86_INTEL_SHADOW_STACK_USER If unsure, say y. +config X86_INTEL_BRANCH_TRACKING_USER + prompt "Intel Indirect Branch Tracking for user-mode" + def_bool n + depends on CPU_SUP_INTEL && X86_64 + select X86_INTEL_CET + select ARCH_HAS_AS_LIMIT + select ARCH_USE_GNU_PROPERTY + ---help--- + Indirect Branch Tracking provides hardware protection against return-/jmp- + oriented programming attacks. + + If unsure, say y + config EFI bool "EFI runtime service support" depends on ACPI diff --git a/arch/x86/Makefile b/arch/x86/Makefile index 0b2e9df48907..25372cc4a303 100644 --- a/arch/x86/Makefile +++ b/arch/x86/Makefile @@ -155,6 +155,13 @@ ifdef CONFIG_X86_INTEL_SHADOW_STACK_USER endif endif +# Check compiler ibt support +ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER + ifeq ($(call cc-option-yn, -fcf-protection=branch), n) + $(error CONFIG_X86_INTEL_BRANCH_TRACKING_USER not supported by compiler) + endif +endif + # # If the function graph tracer is used with mcount instead of fentry, # '-maccumulate-outgoing-args' is needed to prevent a GCC bug From patchwork Thu Jun 6 20:09:14 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10980435 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id CE8A51515 for ; Thu, 6 Jun 2019 20:17:54 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id BE35D28A6D for ; Thu, 6 Jun 2019 20:17:54 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id B14E028AA7; Thu, 6 Jun 2019 20:17:54 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 06A2E28A6D for ; Thu, 6 Jun 2019 20:17:54 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4C6166B02C7; Thu, 6 Jun 2019 16:17:35 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id E8B286B02D3; Thu, 6 Jun 2019 16:17:34 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 738996B02CD; Thu, 6 Jun 2019 16:17:34 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pg1-f200.google.com (mail-pg1-f200.google.com [209.85.215.200]) by kanga.kvack.org (Postfix) with ESMTP id B06916B02CC for ; Thu, 6 Jun 2019 16:17:33 -0400 (EDT) Received: by mail-pg1-f200.google.com with SMTP id a21so2301842pgh.11 for ; Thu, 06 Jun 2019 13:17:33 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references; bh=MxBdNcGORUI5xTFsMiTtn1+ZbH19PBwmXl2DD0uo2d4=; b=Kbtq/BLquKaamxMgpEPmZmd8j8Z4riyy9qX29Ps4TyNHZcBjsno/q1lbbGNfnPsGW6 lTYGr5pBZuzEWDv+qXNLx2I5buR+UQLRCzZQTncMz+SOiw9WMAqf4YHp0rb3AQJr0byC jEL2j7uPY8DQEmCGt97h+sAuEkQT2mZEY+X5+XeYTc++8J9ZEzF450VIL3D6+83j+ddU PMpr5jZfxY7BYZwdc6DMwDfP+Wj2tXHbbtFj0nuWGMgj7woKDM6l2O3iJqsMX5x3kdjj 5OskpzYvkw1XQH+s+bwrX/526/yhoyuUvfU4ib88XFAWzBpT3T74H9gm4Jaz/6XEHsTc sZeQ== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: APjAAAXDnpW5Q12Hkku7TsCu2F4uuOnWq5VDTWZh0fws1oCjVqUAv+pv ehekDKNtc4RgWn/lxTfxoHCZQP4K8F8PwvQndqpRvq0oEOvrAo5o4k6N4PcQ7fWVy6u/mpg3wXG ih9V+KkMTGqtMriuqYW2qrfjg+qWVeB8Njr0klLBKxSP4C35ygyW4S8NcortyF2aItQ== X-Received: by 2002:a17:902:d701:: with SMTP id w1mr46105473ply.12.1559852253367; Thu, 06 Jun 2019 13:17:33 -0700 (PDT) X-Google-Smtp-Source: APXvYqwZ6EcRX1NtgPIki70lGLzCVacnrICGr5magmCpGiDkxtvQLWlPcPVeSUOKpGzG34/cVJjl X-Received: by 2002:a17:902:d701:: with SMTP id w1mr46105368ply.12.1559852251634; Thu, 06 Jun 2019 13:17:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559852251; cv=none; d=google.com; s=arc-20160816; b=IhRrq2gTmTZGkEKeXE5gf0u5TrDcoucdxHOwfzHAhxsIyDxQe9C+MGbEZ9+YHsViYB 5Olq4oQ21+9Q2ap0GB66HJON/G4G57UcEE9/4Y3VxFHZh+PdV52rkwrG02kzrMtEO8ar hpz+EW+jLy+Y5aCXOtvucnjPPecNFLYMWYtbULROOKtO0hHJQGbji5q4xG/2dzZTVIHP dxZQlU4uzvm01EMyJhO1SYkzgF7fG/aPLZ7SRXSLzZZ8RwqMGxv8BcFrTR41umeT7d5U bgN4NyJi6WNAnIQe+FjmLkuIq2TpU1r6wSwoIqDKBA4tEZjJqqwXLY1fuUgR1exCmAyb h/Ng== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from; bh=MxBdNcGORUI5xTFsMiTtn1+ZbH19PBwmXl2DD0uo2d4=; b=yyvSJS8J68yD6A9Xdyx456EkLPpp8TvunDlMUOlPCCd4SU9mwnu5YKQHhXH7hHwg42 l5gOoy40KHb5TdRl2FJVSepSQEncPLnWV4zQOikI2DUBFzA7CO2yOO5eGDdKvBaqoiB5 BSQhtbCHk+WNtzwUgXkZwXVDjzOed+pjy9MIhvAZcMuGl31JUb1pi5OXGDcLqs6v0a6/ 9ZdkKRHakWkzQTfJwnHWYMt9NfOIIO6U6nqIZuzriRJh+TFlJkQKw5lGgwS4hVdE2MdS CUGDVkzmyqXt6Su9k7MFNqXJOasD27Of1A47kToR23r3KCREJY6VrYOYucorr4Ui3djk UYcQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga02.intel.com (mga02.intel.com. [134.134.136.20]) by mx.google.com with ESMTPS id t11si66755plr.23.2019.06.06.13.17.31 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Jun 2019 13:17:31 -0700 (PDT) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) client-ip=134.134.136.20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Jun 2019 13:17:30 -0700 X-ExtLoop1: 1 Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by fmsmga001.fm.intel.com with ESMTP; 06 Jun 2019 13:17:30 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin Cc: Yu-cheng Yu Subject: [PATCH v7 02/14] x86/cet/ibt: User-mode indirect branch tracking support Date: Thu, 6 Jun 2019 13:09:14 -0700 Message-Id: <20190606200926.4029-3-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190606200926.4029-1-yu-cheng.yu@intel.com> References: <20190606200926.4029-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Add user-mode indirect branch tracking enabling/disabling and supporting routines. Signed-off-by: H.J. Lu Signed-off-by: Yu-cheng Yu --- arch/x86/include/asm/cet.h | 7 ++++ arch/x86/include/asm/disabled-features.h | 8 ++++- arch/x86/kernel/cet.c | 36 +++++++++++++++++++ arch/x86/kernel/cpu/common.c | 17 +++++++++ .../arch/x86/include/asm/disabled-features.h | 8 ++++- 5 files changed, 74 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/cet.h b/arch/x86/include/asm/cet.h index 2df357dffd24..89330e4159a9 100644 --- a/arch/x86/include/asm/cet.h +++ b/arch/x86/include/asm/cet.h @@ -14,8 +14,11 @@ struct sc_ext; struct cet_status { unsigned long shstk_base; unsigned long shstk_size; + unsigned long ibt_bitmap_addr; + unsigned long ibt_bitmap_size; unsigned int locked:1; unsigned int shstk_enabled:1; + unsigned int ibt_enabled:1; }; #ifdef CONFIG_X86_INTEL_CET @@ -27,6 +30,8 @@ void cet_disable_shstk(void); void cet_disable_free_shstk(struct task_struct *p); int cet_restore_signal(bool ia32, struct sc_ext *sc); int cet_setup_signal(bool ia32, unsigned long rstor, struct sc_ext *sc); +int cet_setup_ibt(void); +void cet_disable_ibt(void); #else static inline int prctl_cet(int option, unsigned long arg2) { return -EINVAL; } static inline int cet_setup_shstk(void) { return -EINVAL; } @@ -37,6 +42,8 @@ static inline void cet_disable_free_shstk(struct task_struct *p) {} static inline int cet_restore_signal(bool ia32, struct sc_ext *sc) { return -EINVAL; } static inline int cet_setup_signal(bool ia32, unsigned long rstor, struct sc_ext *sc) { return -EINVAL; } +static inline int cet_setup_ibt(void) { return -EINVAL; } +static inline void cet_disable_ibt(void) {} #endif #define cpu_x86_cet_enabled() \ diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h index 06323ebed643..fc7d3d5a1bf4 100644 --- a/arch/x86/include/asm/disabled-features.h +++ b/arch/x86/include/asm/disabled-features.h @@ -68,6 +68,12 @@ #define DISABLE_SHSTK (1<<(X86_FEATURE_SHSTK & 31)) #endif +#ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER +#define DISABLE_IBT 0 +#else +#define DISABLE_IBT (1<<(X86_FEATURE_IBT & 31)) +#endif + /* * Make sure to add features to the correct mask */ @@ -89,7 +95,7 @@ #define DISABLED_MASK15 0 #define DISABLED_MASK16 (DISABLE_PKU|DISABLE_OSPKE|DISABLE_LA57|DISABLE_UMIP|DISABLE_SHSTK) #define DISABLED_MASK17 0 -#define DISABLED_MASK18 0 +#define DISABLED_MASK18 (DISABLE_IBT) #define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 19) #endif /* _ASM_X86_DISABLED_FEATURES_H */ diff --git a/arch/x86/kernel/cet.c b/arch/x86/kernel/cet.c index 0004333f8373..14ad25b8ff21 100644 --- a/arch/x86/kernel/cet.c +++ b/arch/x86/kernel/cet.c @@ -13,6 +13,8 @@ #include #include #include +#include +#include #include #include #include @@ -325,3 +327,37 @@ int cet_setup_signal(bool ia32, unsigned long rstor_addr, struct sc_ext *sc_ext) modify_fpu_regs_end(); return 0; } + +int cet_setup_ibt(void) +{ + u64 r; + + if (!cpu_feature_enabled(X86_FEATURE_IBT)) + return -EOPNOTSUPP; + + modify_fpu_regs_begin(); + rdmsrl(MSR_IA32_U_CET, r); + r |= (MSR_IA32_CET_ENDBR_EN | MSR_IA32_CET_NO_TRACK_EN); + wrmsrl(MSR_IA32_U_CET, r); + modify_fpu_regs_end(); + + current->thread.cet.ibt_enabled = 1; + return 0; +} + +void cet_disable_ibt(void) +{ + u64 r; + + if (!cpu_feature_enabled(X86_FEATURE_IBT)) + return; + + modify_fpu_regs_begin(); + rdmsrl(MSR_IA32_U_CET, r); + r &= ~(MSR_IA32_CET_ENDBR_EN | MSR_IA32_CET_LEG_IW_EN | + MSR_IA32_CET_NO_TRACK_EN | MSR_IA32_CET_BITMAP_MASK); + wrmsrl(MSR_IA32_U_CET, r); + modify_fpu_regs_end(); + + current->thread.cet.ibt_enabled = 0; +} diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index b0780fe8717e..7fa38e4a9e82 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -441,6 +441,23 @@ static __init int setup_disable_shstk(char *s) __setup("no_cet_shstk", setup_disable_shstk); #endif +#ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER +static __init int setup_disable_ibt(char *s) +{ + /* require an exact match without trailing characters */ + if (s[0] != '\0') + return 0; + + if (!boot_cpu_has(X86_FEATURE_IBT)) + return 1; + + setup_clear_cpu_cap(X86_FEATURE_IBT); + pr_info("x86: 'no_cet_ibt' specified, disabling Branch Tracking\n"); + return 1; +} +__setup("no_cet_ibt", setup_disable_ibt); +#endif + /* * Some CPU features depend on higher CPUID levels, which may not always * be available due to CPUID level capping or broken virtualization diff --git a/tools/arch/x86/include/asm/disabled-features.h b/tools/arch/x86/include/asm/disabled-features.h index 06323ebed643..fc7d3d5a1bf4 100644 --- a/tools/arch/x86/include/asm/disabled-features.h +++ b/tools/arch/x86/include/asm/disabled-features.h @@ -68,6 +68,12 @@ #define DISABLE_SHSTK (1<<(X86_FEATURE_SHSTK & 31)) #endif +#ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER +#define DISABLE_IBT 0 +#else +#define DISABLE_IBT (1<<(X86_FEATURE_IBT & 31)) +#endif + /* * Make sure to add features to the correct mask */ @@ -89,7 +95,7 @@ #define DISABLED_MASK15 0 #define DISABLED_MASK16 (DISABLE_PKU|DISABLE_OSPKE|DISABLE_LA57|DISABLE_UMIP|DISABLE_SHSTK) #define DISABLED_MASK17 0 -#define DISABLED_MASK18 0 +#define DISABLED_MASK18 (DISABLE_IBT) #define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 19) #endif /* _ASM_X86_DISABLED_FEATURES_H */ From patchwork Thu Jun 6 20:09:15 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10980423 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id EE50E1515 for ; Thu, 6 Jun 2019 20:17:38 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id DD1DD28A6D for ; Thu, 6 Jun 2019 20:17:38 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D020928AA7; Thu, 6 Jun 2019 20:17:38 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5A6B228A6D for ; Thu, 6 Jun 2019 20:17:38 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6EED66B02C3; Thu, 6 Jun 2019 16:17:33 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 5FE3B6B02C5; Thu, 6 Jun 2019 16:17:33 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4C53E6B02C7; Thu, 6 Jun 2019 16:17:33 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pg1-f199.google.com (mail-pg1-f199.google.com [209.85.215.199]) by kanga.kvack.org (Postfix) with ESMTP id EED706B02C5 for ; Thu, 6 Jun 2019 16:17:32 -0400 (EDT) Received: by mail-pg1-f199.google.com with SMTP id s195so2301394pgs.13 for ; Thu, 06 Jun 2019 13:17:32 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references; bh=JTPqqzl61LcXZknOh3vX8Y4ZIjcvIm2PCMu/cmAquKI=; b=JObXQSnJQEXJ+LCkkmT4zLxxVXf28Dcgpe7PkwzM2xLV3iFf8dgNBBfEMZKylAN7zr V4wSdo0qSmWSyhFR+/owvv7bi+UuSqK5vySdcVWqBrW7fRkppY440Zec+Y4zi9YoZb+J GeOkIkfpltc03dNtzFDonueAFxwLeajOuR6/grHL/6woFfdiNophKIuocmFSWKYe5Gr1 cq92Ctjej88Zsgm8sOLayHEUShvx+JOpYFDqm4nFcJEvEoK1ITJOBcL1oxP8RyiCtV6F pBF84R0pNrsQb4Rd6iCB2EfvAz4JLxCfhHgQKodh1LvbbyYXHi8SvciOOmMepcf9da9/ zD/A== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: APjAAAWb39LIzTAmyFCz9Co6PNRaC6MP7TE1zuL9/E0d3N1MMhuI7H7c UeRWii7CAoLGOPXYr2zFifrE98DdPEQqoCItipUPz3TSE8XibfcArBh3MBSb12rtmDxpte+GsPL LS9h9RmQ0cecayqDnv79q8GuQ9A44YTMKkVrSdtBgH1o3l6mB5tjBtJ+nBlX3fCejVw== X-Received: by 2002:a17:90a:8985:: with SMTP id v5mr1627207pjn.136.1559852252631; Thu, 06 Jun 2019 13:17:32 -0700 (PDT) X-Google-Smtp-Source: APXvYqxk3jRXGFd/l+4rH06hT5Ff+WCpWQp0y19bdpDqSPc6tQ3O1G9Id06WKiAvlp5RExu5MmXz X-Received: by 2002:a17:90a:8985:: with SMTP id v5mr1627167pjn.136.1559852251844; Thu, 06 Jun 2019 13:17:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559852251; cv=none; d=google.com; s=arc-20160816; b=vaS7vOPSz2p4LeA8QoO6n2eXbtPH38MTn/hzO7DN57AFxQNUOEyEIMgytOvkXiQLj0 1fMd8mhS3X/g7s82+HABL++r9Fo+IkTdEVQixyjy04+t8VW+qhWdtP7AiPpsTJiX9hjJ LC2HCQLfh2ARGeVqZWoxqg5QSaGAoG3dDzMSk236ie1R5Lj7nhcLFvInbe3XlD+UxFTg tQY0zz+6gN0HGQVo3evxLjtF9XqKzQN/Df4jvAPlzik/Z/3ISnuYGK6BKWe9MdoCUgl2 HICekpPPG66M1eQxBRrUQXJ84zTqjrVjQB4oQbtt2I91YGxbD4QGMPO082tqFSgmZbmA sGVg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from; bh=JTPqqzl61LcXZknOh3vX8Y4ZIjcvIm2PCMu/cmAquKI=; b=z0Mg4DmwTu9HRLDaaAR489cHZ6TumfiG4WEHKd8fmMl7Y+X4vXIQ3W39nsZJNGOxln kwk4Md+JCbiqK3ZqNTLbvSTeKU9SDszhoz/bj/rAOEz7X5C5sLAme8ZTCKNzAfbrEMRQ 0uxVpQNLSDI+YGirVdAK3f3v3RRQOE0Rj/z66x62+quPByA9jCVQCvVGMqlF6+R+d/Nr J1ETQRKrjFQ10uqQ1Zvd/pQ9Gbwk70ukphcyduckpgFA6lpP0yZZYZhH7yLpkExtKxsY MhXk0EXz/6YQIbZzd13ArlWmHdJyYFGKq3/FxStQ2ckVIfwgJuUVvPXB39mS9GJdeeFB kQPA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga02.intel.com (mga02.intel.com. [134.134.136.20]) by mx.google.com with ESMTPS id t11si66755plr.23.2019.06.06.13.17.31 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Jun 2019 13:17:31 -0700 (PDT) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) client-ip=134.134.136.20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Jun 2019 13:17:31 -0700 X-ExtLoop1: 1 Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by fmsmga001.fm.intel.com with ESMTP; 06 Jun 2019 13:17:30 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin Cc: Yu-cheng Yu Subject: [PATCH v7 03/14] x86/cet/ibt: Add IBT legacy code bitmap setup function Date: Thu, 6 Jun 2019 13:09:15 -0700 Message-Id: <20190606200926.4029-4-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190606200926.4029-1-yu-cheng.yu@intel.com> References: <20190606200926.4029-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Indirect Branch Tracking (IBT) provides an optional legacy code bitmap that allows execution of legacy, non-IBT compatible library by an IBT-enabled application. When set, each bit in the bitmap indicates one page of legacy code. The bitmap is allocated and setup from the application. Signed-off-by: Yu-cheng Yu --- arch/x86/include/asm/cet.h | 1 + arch/x86/kernel/cet.c | 26 ++++++++++++++++++++++++++ 2 files changed, 27 insertions(+) diff --git a/arch/x86/include/asm/cet.h b/arch/x86/include/asm/cet.h index 89330e4159a9..9e613a6598c9 100644 --- a/arch/x86/include/asm/cet.h +++ b/arch/x86/include/asm/cet.h @@ -31,6 +31,7 @@ void cet_disable_free_shstk(struct task_struct *p); int cet_restore_signal(bool ia32, struct sc_ext *sc); int cet_setup_signal(bool ia32, unsigned long rstor, struct sc_ext *sc); int cet_setup_ibt(void); +int cet_setup_ibt_bitmap(unsigned long bitmap, unsigned long size); void cet_disable_ibt(void); #else static inline int prctl_cet(int option, unsigned long arg2) { return -EINVAL; } diff --git a/arch/x86/kernel/cet.c b/arch/x86/kernel/cet.c index 14ad25b8ff21..e0ef996d3148 100644 --- a/arch/x86/kernel/cet.c +++ b/arch/x86/kernel/cet.c @@ -22,6 +22,7 @@ #include #include #include +#include #include static int set_shstk_ptr(unsigned long addr) @@ -361,3 +362,28 @@ void cet_disable_ibt(void) current->thread.cet.ibt_enabled = 0; } + +int cet_setup_ibt_bitmap(unsigned long bitmap, unsigned long size) +{ + u64 r; + + if (!current->thread.cet.ibt_enabled) + return -EINVAL; + + if (!PAGE_ALIGNED(bitmap) || (size > TASK_SIZE_MAX)) + return -EINVAL; + + current->thread.cet.ibt_bitmap_addr = bitmap; + current->thread.cet.ibt_bitmap_size = size; + + /* + * Turn on IBT legacy bitmap. + */ + modify_fpu_regs_begin(); + rdmsrl(MSR_IA32_U_CET, r); + r |= (MSR_IA32_CET_LEG_IW_EN | bitmap); + wrmsrl(MSR_IA32_U_CET, r); + modify_fpu_regs_end(); + + return 0; +} From patchwork Thu Jun 6 20:09:16 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10980431 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 954B41515 for ; Thu, 6 Jun 2019 20:17:48 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8596828A6D for ; Thu, 6 Jun 2019 20:17:48 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 7635B28AA7; Thu, 6 Jun 2019 20:17:48 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 171FF28A6D for ; Thu, 6 Jun 2019 20:17:48 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id C19396B02CA; Thu, 6 Jun 2019 16:17:34 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 674616B02D2; Thu, 6 Jun 2019 16:17:34 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id F27416B02CE; Thu, 6 Jun 2019 16:17:33 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pl1-f200.google.com (mail-pl1-f200.google.com [209.85.214.200]) by kanga.kvack.org (Postfix) with ESMTP id 9CA7B6B02CA for ; Thu, 6 Jun 2019 16:17:33 -0400 (EDT) Received: by mail-pl1-f200.google.com with SMTP id w14so2174722plp.4 for ; Thu, 06 Jun 2019 13:17:33 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references; bh=3VJ0WWv3LaOzz+xD3ap/pxIbfCqqdWTv36ugzPj6SpU=; b=QHSwOFGCGwD9E1Z2bA+brKaItilAWCpftoR7ov8dUmS7KE/E9u914SlkQoKYzZe3wk jLhEo4R9Htoa1mTQQAuu/DVh5uvLtGyYVU1lXYe3CodQusbT0FvsXIuM9n9NnAtZVuvE 76whPqjexaqHfQjHLskt1zeFKppLmYltHc0k2JZvj3hYA3xTZmUjy7l/t1PiNoWZFWX4 IjykjyMKOtlxP4bpLR8lwFyv5tdLfys1msgjauVDO6oewQxVE6ptHFQ0kkIrV6SggD2A tIzUHxpjcCSY4bcSEfzG/yyB1c+t6BZx80R1WUiizKvDJkKhbcB/xyms1w/1INKnl4om 9L8A== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: APjAAAWgtlL0sj/MLItQLTAGIRbh/lrTrtHkp8wHKrYvOBS/HOUAF/UQ wf+yeSHXWLALZGumY4D1wfy4909re5kQydeafacgoARZowxjqf6CKovBVX1wGjcqqbkHQwrVxhd K1fErJakIUq/L/aO/op7+UCgJrehabLLs5XP5iXw9kte0C91O3Wt7Rgf38fOIVbvxvw== X-Received: by 2002:a17:90a:8e86:: with SMTP id f6mr1648130pjo.66.1559852253327; Thu, 06 Jun 2019 13:17:33 -0700 (PDT) X-Google-Smtp-Source: APXvYqwSBvy2Nca85GdVDT+tucIrI3z8+6kRBIo8NtXwEqsQ9WbtbS2AredsYHVZ8i+X2Dp9FKHA X-Received: by 2002:a17:90a:8e86:: with SMTP id f6mr1648031pjo.66.1559852252067; Thu, 06 Jun 2019 13:17:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559852252; cv=none; d=google.com; s=arc-20160816; b=jiN/tNNBrwpR1buBtLYB8LR6KYq/dIcvIVfoYyMWPlqwG9giLRUygU2z8JRCsAJAS3 XB7EAX/+xpGqqGQ+c2L5zRh1Fv8MmjuAAuEdQbEFD6cLIayv4oreEDy6ydxpnLVjToV4 OFrIsgFbw+XyunzyRLZwyS+Jhud/IzBtPK56POK3n+jVBxk3dgntjAV0phTk6nD40WGX fePFKRKWpbQhK3zHtxkTazM1LseZGnUcEoWbudu4h3JHSGhDOQBSvc5D2ZCv+lhm+6sK IuQkQilO96grrVzhP1Dgn7VoCAU3I57BdULhqPVEBX5lUO6jmVnQoIEexUCSw/Hwhwza Uv8A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from; bh=3VJ0WWv3LaOzz+xD3ap/pxIbfCqqdWTv36ugzPj6SpU=; b=kHtzGVkCOSrhGSUD+FZCc/yWyARaFg+I2pozP3ycoE4ckObnT3qZGn94dhnacM7/Nm 4h5Nxq/eJ+ci0a+h3amBVOhm0qT1etzuRKX5iFwMHPsS4dgQsndXSJF1a2D8hGL8BWNw PGcU9iWhtsKT1+yGmHIUkUX4ZrNptvHlioDnkBf+PyBEKnCEWhtl0F5wqgCmOmknf2Qe fxih67aV8+dANuXraqHMtWIMveC90yD6OaGUPL3covdvOZzixfW7h6gmZZAEnKPOM86N Oy06nypH/X+z0e2WkGIafaMZEbuhQbr/WN20lTxV3QizofwmUF2IRYnsGxp3jC6poc8U pW/Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga02.intel.com (mga02.intel.com. [134.134.136.20]) by mx.google.com with ESMTPS id t11si66755plr.23.2019.06.06.13.17.31 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Jun 2019 13:17:32 -0700 (PDT) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) client-ip=134.134.136.20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Jun 2019 13:17:31 -0700 X-ExtLoop1: 1 Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by fmsmga001.fm.intel.com with ESMTP; 06 Jun 2019 13:17:30 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin Cc: Yu-cheng Yu Subject: [PATCH v7 04/14] x86/cet/ibt: Handle signals for IBT Date: Thu, 6 Jun 2019 13:09:16 -0700 Message-Id: <20190606200926.4029-5-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190606200926.4029-1-yu-cheng.yu@intel.com> References: <20190606200926.4029-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Setup/Restore Indirect Branch Tracking for signals. Signed-off-by: Yu-cheng Yu --- arch/x86/kernel/cet.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/arch/x86/kernel/cet.c b/arch/x86/kernel/cet.c index e0ef996d3148..e1ab7e722637 100644 --- a/arch/x86/kernel/cet.c +++ b/arch/x86/kernel/cet.c @@ -282,6 +282,15 @@ int cet_restore_signal(bool ia32, struct sc_ext *sc_ext) msr_ia32_u_cet |= MSR_IA32_CET_SHSTK_EN; } + if (current->thread.cet.ibt_enabled) { + if (current->thread.cet.ibt_bitmap_addr != 0) + msr_ia32_u_cet |= (current->thread.cet.ibt_bitmap_addr | + MSR_IA32_CET_LEG_IW_EN); + + msr_ia32_u_cet |= (MSR_IA32_CET_ENDBR_EN | + MSR_IA32_CET_NO_TRACK_EN); + } + wrmsrl(MSR_IA32_PL3_SSP, new_ssp); wrmsrl(MSR_IA32_U_CET, msr_ia32_u_cet); return 0; @@ -322,6 +331,15 @@ int cet_setup_signal(bool ia32, unsigned long rstor_addr, struct sc_ext *sc_ext) sc_ext->ssp = new_ssp; } + if (current->thread.cet.ibt_enabled) { + if (current->thread.cet.ibt_bitmap_addr != 0) + msr_ia32_u_cet |= (current->thread.cet.ibt_bitmap_addr | + MSR_IA32_CET_LEG_IW_EN); + + msr_ia32_u_cet |= (MSR_IA32_CET_ENDBR_EN | + MSR_IA32_CET_NO_TRACK_EN); + } + modify_fpu_regs_begin(); wrmsrl(MSR_IA32_PL3_SSP, ssp); wrmsrl(MSR_IA32_U_CET, msr_ia32_u_cet); From patchwork Thu Jun 6 20:09:17 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10980425 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 364D41515 for ; Thu, 6 Jun 2019 20:17:41 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2717A28AA2 for ; Thu, 6 Jun 2019 20:17:41 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 1982C28AA7; Thu, 6 Jun 2019 20:17:41 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 972B128A6D for ; Thu, 6 Jun 2019 20:17:40 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id DA4C36B02CF; Thu, 6 Jun 2019 16:17:33 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id D03F76B02CD; Thu, 6 Jun 2019 16:17:33 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BA1EE6B02CE; Thu, 6 Jun 2019 16:17:33 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pf1-f198.google.com (mail-pf1-f198.google.com [209.85.210.198]) by kanga.kvack.org (Postfix) with ESMTP id 7EB606B02C7 for ; Thu, 6 Jun 2019 16:17:33 -0400 (EDT) Received: by mail-pf1-f198.google.com with SMTP id j21so2068510pff.12 for ; Thu, 06 Jun 2019 13:17:33 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references; bh=yK5r0u+SDfqgRVohMfxwhJpS11WNf7HKHOdyvywJNCw=; b=K+Asb0TEjmToubXtSVKQ9pZWhyh3+l8hfNsikQ3CFOmkoPeNgoxT1IG5SmWNmPwYRP dUGIVsV5fJcRwt+h8Bw/owfBfrmkBix94EOLj9MLUit6lJc4UvppIzS2znOJMcRE+xmf UNZ5/JSUsKqP8zE1XQcYv3ynbhxMNZGZVGc+BztEPtRl5CY5UA/8bunh/rLtm5UCjD29 47uEYN++fFfD+lwEa9uaSEvDyKHZpzZemtIB1BHGrbkBVMkH+VKV7MtN0Inv4k9KFgCf iJZoO+eYAXyAA+QMacaDrJ77NSfxk0waSDGNLdobAA69LPAv33fhshFrA9qRwhOlc2EJ MezQ== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: APjAAAVn2Qta51kq2j6oTJzpE5D4eFsaUt9ZljVbwXOF6hBCoz2G+yvO JY+OaUYWPuEJNzIuGjgyv86dtKe6Ehi0vM62h9v/bMo5rvLNYE7araVrZuPluo/TGJAHsoZAXqm p1a7UlXH2jbcSVsuHoqRNTz4/LploDE3Xw7lvNRMD7CjxvlXAhx+OO5HIKYKSOB/rmA== X-Received: by 2002:aa7:8049:: with SMTP id y9mr870038pfm.195.1559852253202; Thu, 06 Jun 2019 13:17:33 -0700 (PDT) X-Google-Smtp-Source: APXvYqwN58vCvdTwN3f/43A2KDd3g6PcS5o9Yxy2BwfGbcBpwRcOiips3o3tu38LhzYbnroKajVc X-Received: by 2002:aa7:8049:: with SMTP id y9mr869958pfm.195.1559852252106; Thu, 06 Jun 2019 13:17:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559852252; cv=none; d=google.com; s=arc-20160816; b=OaF+ZLn0eOLlFwgJWxznsVhcBIwLRthJ/SklFlt1cTnUADWSiL0L8JzrF6zXxiOHU7 eRf9VtAG7LnoEN2DfoceUWLq2E88a3VtWHqBzol4sI62noYFgrmSqUnBCcN1WFR4bN5X 8V6pF+nYFZdih0qvTjhRehkxzNAkBsIHH1Rgy1NuknPpVB347HajV1o4MIHTju4p94WT 4npZwst9L3YB9zAFB8E/IEfOIWosZzvHSbxYvk8psiMpW84ymERs/dQ+7sVSVZyJ8/vl LsyXKnFux7uEvYAqqeoDF9/9J4kfCgQfWf6lwAp6TQHfle9FAlMyyqGLFqIpMXUr/InZ SrFA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from; bh=yK5r0u+SDfqgRVohMfxwhJpS11WNf7HKHOdyvywJNCw=; b=LeBTsQwY+G2Lwtywzp6thz+VQ++2iaof8OUM3AGAs05autWO62sZBmmgDfRezbku58 i22WzJVb1QVDBxZtU7WtsySBXKRvzuzMKS1XtgsDVP0TzqHenmMZ+iN1WMaCW0yz8zzq UtWaJ/l4Rv6zO1NR70UOn1vOzRfCoJKLAujD1JOAUuF+SxyIuyNqO7+fgTEXRw5O9RJf Q9+aTWJJannTlAyHNLha45T1xKU1ougX+Z/YdCUPMsXLkuVc95KeNBUHp9D/yR0PLcsu 03yTBucySFifff00/1eo5ZfzNS108EFcrsxiNLhsv/A9unqHo5pvo6sFUbC9ySSbxZ1n Mtlg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga02.intel.com (mga02.intel.com. [134.134.136.20]) by mx.google.com with ESMTPS id e29si45752pgb.428.2019.06.06.13.17.31 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Jun 2019 13:17:32 -0700 (PDT) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) client-ip=134.134.136.20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Jun 2019 13:17:31 -0700 X-ExtLoop1: 1 Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by fmsmga001.fm.intel.com with ESMTP; 06 Jun 2019 13:17:31 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin Cc: Yu-cheng Yu Subject: [PATCH v7 05/14] mm/mmap: Add IBT bitmap size to address space limit check Date: Thu, 6 Jun 2019 13:09:17 -0700 Message-Id: <20190606200926.4029-6-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190606200926.4029-1-yu-cheng.yu@intel.com> References: <20190606200926.4029-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP The indirect branch tracking legacy bitmap takes a large address space. This causes may_expand_vm() failure on the address limit check. For a IBT-enabled task, add the bitmap size to the address limit. Signed-off-by: Yu-cheng Yu --- arch/x86/include/asm/mmu_context.h | 10 ++++++++++ mm/mmap.c | 19 ++++++++++++++++++- 2 files changed, 28 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/mmu_context.h b/arch/x86/include/asm/mmu_context.h index a9a768529540..2499f6490428 100644 --- a/arch/x86/include/asm/mmu_context.h +++ b/arch/x86/include/asm/mmu_context.h @@ -360,6 +360,16 @@ static inline unsigned long __get_current_cr3_fast(void) return cr3; } +#ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER +static inline unsigned long arch_as_limit(void) +{ + if (current->thread.cet.ibt_enabled) + return current->thread.cet.ibt_bitmap_size; + else + return 0; +} +#endif + typedef struct { struct mm_struct *mm; } temp_mm_state_t; diff --git a/mm/mmap.c b/mm/mmap.c index 3b643ace2c49..a0d6fb559518 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -3283,13 +3283,30 @@ struct vm_area_struct *copy_vma(struct vm_area_struct **vmap, return NULL; } +#ifndef CONFIG_ARCH_HAS_AS_LIMIT +static inline unsigned long arch_as_limit(void) +{ + return 0; +} +#endif + /* * Return true if the calling process may expand its vm space by the passed * number of pages */ bool may_expand_vm(struct mm_struct *mm, vm_flags_t flags, unsigned long npages) { - if (mm->total_vm + npages > rlimit(RLIMIT_AS) >> PAGE_SHIFT) + unsigned long as_limit = rlimit(RLIMIT_AS); + unsigned long as_limit_plus = as_limit + arch_as_limit(); + + /* as_limit_plus overflowed */ + if (as_limit_plus < as_limit) + as_limit_plus = RLIM_INFINITY; + + if (as_limit_plus > as_limit) + as_limit = as_limit_plus; + + if (mm->total_vm + npages > as_limit >> PAGE_SHIFT) return false; if (is_data_mapping(flags) && From patchwork Thu Jun 6 20:09:18 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10980427 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 6E1CB6C5 for ; Thu, 6 Jun 2019 20:17:43 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5CC6128AA2 for ; Thu, 6 Jun 2019 20:17:43 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 503AA28AA8; Thu, 6 Jun 2019 20:17:43 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id EEF9128AA2 for ; Thu, 6 Jun 2019 20:17:42 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4699C6B02CB; Thu, 6 Jun 2019 16:17:34 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 3B67D6B02D1; Thu, 6 Jun 2019 16:17:34 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id DA2C76B02C7; Thu, 6 Jun 2019 16:17:33 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pg1-f199.google.com (mail-pg1-f199.google.com [209.85.215.199]) by kanga.kvack.org (Postfix) with ESMTP id 982476B02C9 for ; Thu, 6 Jun 2019 16:17:33 -0400 (EDT) Received: by mail-pg1-f199.google.com with SMTP id f8so2314304pgp.9 for ; Thu, 06 Jun 2019 13:17:33 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references; bh=4kJRqRgXrial8LUJDTZmTD0cX51XairXteK5iqWUgFw=; b=NzUTX88SYz0SYsGffgzze0+uiaISqnEnNFWJ/aXFwQKBoBDQDcr9KGqXEoi3VdgmhU vMhZSUyhBAQPebUpNqPIx66hCSbWLcOCRM6UtHo4MaxUPWze5SJmdDvke9TUdOKR0DdX G7PupuaVfIHSKLjlqnqC4HIwx5z2BzDUtma9Ps5iQ8IrMA5WXaBM7X+pegLY9Eybou7S CyXDnUBtlHtIQmwyLcIJ97GVHhLsOZEekj6R5tCdRuyt88uWR4gtKurFzOqIRps5LHSw Uzvb9gh0/eX0rfMTgil0una6HdJN9wIxGs0SANAdqA/YAzqHMphaIEiHVx1NfBk0eAjv mm9g== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: APjAAAX+ru/f4QierASwQ32n/0hqPgHeAnVs178QDZgP3OlLuVTlq0ON T3miYrG1ET0YS1FwDCjMNpKXNG34V9qjrRfuQtGlFrTKqiWgsm/xC4i8HhZ5wObR6sZtDwsUPJi AV6bOLb0YrHtmXxJnoW/7raVeSgbKkuec6rCUEUfuZi1V8UzFRpesswyB4cUSAjnwcA== X-Received: by 2002:a17:90a:62c6:: with SMTP id k6mr1624968pjs.7.1559852253303; Thu, 06 Jun 2019 13:17:33 -0700 (PDT) X-Google-Smtp-Source: APXvYqxTnr083k7lH49BavJ2/Ee7QuOWUyN9y13Azj6o8BJoE1qSMfcUAF9Vlo0w2fCB3UQ4lN00 X-Received: by 2002:a17:90a:62c6:: with SMTP id k6mr1624914pjs.7.1559852252342; Thu, 06 Jun 2019 13:17:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559852252; cv=none; d=google.com; s=arc-20160816; b=vPT1tpTj3Wl2xg9j57APKfjjcLgm1RFNxfQBtpf93Z1O2ym2+8LaGvKBWd9qtQg/JW 4B6gagrR8JqgVWjLbsUmw1vpYHuq7PdGga3iN3e6z3AUnSO+AdSHrIjzgHMvecbGuR50 Xy0VqeX1GRAUAqoHwbO5mQpFygJg+Ac6Bv9dZHxicVxJ/bAQbeOuS62bTuF4AeAIZX8Q 1Ir4F1rVuMzdsMqYxZJUvSDN/6twqCnByX0DCA6xhAVypswOJ6nXdWJrgFPz3BNHXp/E htCuih6efXgWTcChHWe68M1JCi9hD81QYIv7pLdB+kFivtuV1GfHXyiO1r/8mPdWj8h6 BAog== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from; bh=4kJRqRgXrial8LUJDTZmTD0cX51XairXteK5iqWUgFw=; b=GMDE+2tiuYcNkyaxKZMKeR8X0dIdwTTC+/asVxdn0K5wOslw+mqxKJHa1TEuMH0Fcc nRgMFfBmLMnLMc+d6buViT4o8M7p2MUj/qIH+MfjCbFjnHTJTrD4eIXOVMM6FHU785lo +LGfqdaJfYGZq1EVZV9/4JrknfosVAvhgebP+1qrl5SZBUIGdvNk/A5tg96e1b8rSg/S fHtovC3Y/WWiffwolcOhxs5eNmGbmW3hj6LcAPo+nCwCoyq75SNe8EK0/FIXyioJyPKJ hjM5euk3RKMT+GMMZJ1VVjQRNVVXkhmdwn/0Rc4/un+xvUK3eUsmILeCTrdX+zJCJgxN nMsA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga02.intel.com (mga02.intel.com. [134.134.136.20]) by mx.google.com with ESMTPS id t11si66755plr.23.2019.06.06.13.17.32 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Jun 2019 13:17:32 -0700 (PDT) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) client-ip=134.134.136.20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Jun 2019 13:17:31 -0700 X-ExtLoop1: 1 Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by fmsmga001.fm.intel.com with ESMTP; 06 Jun 2019 13:17:31 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin Cc: Yu-cheng Yu Subject: [PATCH v7 06/14] x86/cet/ibt: ELF header parsing for IBT Date: Thu, 6 Jun 2019 13:09:18 -0700 Message-Id: <20190606200926.4029-7-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190606200926.4029-1-yu-cheng.yu@intel.com> References: <20190606200926.4029-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Look in .note.gnu.property of an ELF file and check if Indirect Branch Tracking needs to be enabled for the task. Signed-off-by: Yu-cheng Yu --- arch/x86/kernel/process_64.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c index 5fa0d9ab18f1..16dae646f633 100644 --- a/arch/x86/kernel/process_64.c +++ b/arch/x86/kernel/process_64.c @@ -856,6 +856,12 @@ int arch_setup_property(void *ehdr, void *phdr, struct file *f, bool inter) if (r < 0) return r; } + + if (cpu_feature_enabled(X86_FEATURE_IBT)) { + if (property & GNU_PROPERTY_X86_FEATURE_1_IBT) + r = cet_setup_ibt(); + } + return r; } #endif From patchwork Thu Jun 6 20:09:19 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10980439 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id BEAFB6C5 for ; Thu, 6 Jun 2019 20:18:00 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id AED2C28A6D for ; Thu, 6 Jun 2019 20:18:00 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id A249828AA7; Thu, 6 Jun 2019 20:18:00 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2A51528A6D for ; Thu, 6 Jun 2019 20:18:00 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id BA4056B02D0; Thu, 6 Jun 2019 16:17:35 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 69F5B6B02D4; Thu, 6 Jun 2019 16:17:35 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E19A06B02D5; Thu, 6 Jun 2019 16:17:34 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pl1-f200.google.com (mail-pl1-f200.google.com [209.85.214.200]) by kanga.kvack.org (Postfix) with ESMTP id 5C34D6B02CE for ; Thu, 6 Jun 2019 16:17:34 -0400 (EDT) Received: by mail-pl1-f200.google.com with SMTP id d2so2148394pla.18 for ; Thu, 06 Jun 2019 13:17:34 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references; bh=1pN9qEhFf50g9hJLFmQdzbSjuiGnrmTKcgtVo7is/wk=; b=oHCIz3XHDiE455+z3xYGCamWETS036tJfCEH+t2OgNT8THNzyPI+qelJpmySINuxrR d6bVnE4k6YKWVF9CcmBfXCzESKJq9/g2ockd7c3684FCJadbKyujBY/7qBc4CbSI7bXj vWwLmbdMrSWZyFPP8uxqdqIhloBRphCT/3Nu0JyWlfRpKXDyiPpRSBRhn55MF8Zmt1BM /vOKlffKNcJCKRrOCwJeh7WHIIapSbwzzY2b57RJ+3ErC9sgt4bDXL7THbJk3yrc3MSu h8FbsUH+X7UVSn6DqTyepBPgaEt/MGZb+WfXfKXdlDhgwyz1aKMLsu2MRek5VQT1K1w5 Es5Q== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: APjAAAWkYGdpOC2URfIqYZdGQuxDt05wL6FTfoY9z0kws0XOCyl3U5XM LuEliODXnGc4uYOXl08WiZie8MyqNi6KS6zLL8NBifvzVkK1EzjGdxlCXOP9m2Yyvz1/lO35dOD Us915IYUfkA97TrjVECdZgpxZfV6dU+IriFzYdq9vMve+fI79ayFHIxa17j7uVOCKUg== X-Received: by 2002:a17:90a:2e89:: with SMTP id r9mr1625819pjd.117.1559852254052; Thu, 06 Jun 2019 13:17:34 -0700 (PDT) X-Google-Smtp-Source: APXvYqyYKxSM2IuCF99xWZICAbejvJqkybNa1pNjITR1szS16yNCcS4UioT1Xa7N8dw4VuKs3Ngg X-Received: by 2002:a17:90a:2e89:: with SMTP id r9mr1625696pjd.117.1559852252308; Thu, 06 Jun 2019 13:17:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559852252; cv=none; d=google.com; s=arc-20160816; b=MqTgHT4WOrJ9KMZubXCxl0cSjRcX3JgcmTlGxY4GglGxJkBzXHZBtTbynP7Z/h4sgV xZhn+vi51/Vu+NjOx+oaQVGXlEq7MfLuIDlKvlYKb05wrJIhqz3fVtbXObJ0w4O9oi4f 7z6QOp1PL0H8dSxASoWYuUEkmfeNtA9qrjolUd9BiISxVLhpZrXf9BvH3Z1H1wSQFr1n UMgM/6GPrsHpgnWZIDUyM1Q9onTTKvshsYoB/ks/OevOwLSV1nVTlb6jOn2Bd9jaziD5 lj/+0TzbyfTEFDgUdBQC5Y3Q/C07TO/3vwh44QvgrsbdgnB5z8NHdEfo4/dZN68039tX MYmg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from; bh=1pN9qEhFf50g9hJLFmQdzbSjuiGnrmTKcgtVo7is/wk=; b=GtPjReetS/fB+UCtKC7+suTTJ0PpiL907oHT4m5Xlt3vmMb/OW/FCkQfVXFP86lFjC 49xgNZYzy2BUx79CQD3gVvbBz7V3dnOf23/2fGl2umwc7uAHF/z9R7mXA0Y+EPvz2RIU s65YcsGCBdN45gaEZxrvUn359/Kf7kabRlDVf/u85ykXo3LCiOmLPiFOLVLXkFpvFcq/ 6AR1b4sgJgW3DQGQUaj+bkppctgZhb40HV3y2DNB6hGOKwXWeRovb+o2MIWOR1SvBJMn RlsUS0lvYpYsNUc6IZ08m9PKSKDZmT8cW4E9reqgW7zAYbv/hAVUqcvcL7514Diphzo0 ihlw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga02.intel.com (mga02.intel.com. [134.134.136.20]) by mx.google.com with ESMTPS id e29si45752pgb.428.2019.06.06.13.17.32 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Jun 2019 13:17:32 -0700 (PDT) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) client-ip=134.134.136.20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Jun 2019 13:17:31 -0700 X-ExtLoop1: 1 Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by fmsmga001.fm.intel.com with ESMTP; 06 Jun 2019 13:17:31 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin Cc: Yu-cheng Yu Subject: [PATCH v7 07/14] x86/cet/ibt: Add arch_prctl functions for IBT Date: Thu, 6 Jun 2019 13:09:19 -0700 Message-Id: <20190606200926.4029-8-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190606200926.4029-1-yu-cheng.yu@intel.com> References: <20190606200926.4029-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Update ARCH_X86_CET_STATUS and ARCH_X86_CET_DISABLE to include Indirect Branch Tracking features. Introduce: arch_prctl(ARCH_X86_CET_SET_LEGACY_BITMAP, unsigned long *addr) Enable the Indirect Branch Tracking legacy code bitmap. The parameter 'addr' is a pointer to a user buffer that has: *addr = IBT bitmap base address *(addr + 1) = IBT bitmap size Signed-off-by: H.J. Lu Signed-off-by: Yu-cheng Yu --- arch/x86/include/uapi/asm/prctl.h | 2 ++ arch/x86/kernel/cet_prctl.c | 21 +++++++++++++++++++++ 2 files changed, 23 insertions(+) diff --git a/arch/x86/include/uapi/asm/prctl.h b/arch/x86/include/uapi/asm/prctl.h index d962f0ec9ccf..5eb9aeb5c662 100644 --- a/arch/x86/include/uapi/asm/prctl.h +++ b/arch/x86/include/uapi/asm/prctl.h @@ -18,5 +18,7 @@ #define ARCH_X86_CET_DISABLE 0x3002 #define ARCH_X86_CET_LOCK 0x3003 #define ARCH_X86_CET_ALLOC_SHSTK 0x3004 +#define ARCH_X86_CET_GET_LEGACY_BITMAP 0x3005 /* deprecated */ +#define ARCH_X86_CET_SET_LEGACY_BITMAP 0x3006 #endif /* _ASM_X86_PRCTL_H */ diff --git a/arch/x86/kernel/cet_prctl.c b/arch/x86/kernel/cet_prctl.c index 9c9d4262b07e..b7f37bbc0dd3 100644 --- a/arch/x86/kernel/cet_prctl.c +++ b/arch/x86/kernel/cet_prctl.c @@ -20,6 +20,8 @@ static int handle_get_status(unsigned long arg2) if (current->thread.cet.shstk_enabled) features |= GNU_PROPERTY_X86_FEATURE_1_SHSTK; + if (current->thread.cet.ibt_enabled) + features |= GNU_PROPERTY_X86_FEATURE_1_IBT; shstk_base = current->thread.cet.shstk_base; shstk_size = current->thread.cet.shstk_size; @@ -55,6 +57,17 @@ static int handle_alloc_shstk(unsigned long arg2) return 0; } +static int handle_bitmap(unsigned long arg2) +{ + unsigned long addr, size; + + if (get_user(addr, (unsigned long __user *)arg2) || + get_user(size, (unsigned long __user *)arg2 + 1)) + return -EFAULT; + + return cet_setup_ibt_bitmap(addr, size); +} + int prctl_cet(int option, unsigned long arg2) { if (!cpu_x86_cet_enabled()) @@ -69,6 +82,8 @@ int prctl_cet(int option, unsigned long arg2) return -EPERM; if (arg2 & GNU_PROPERTY_X86_FEATURE_1_SHSTK) cet_disable_free_shstk(current); + if (arg2 & GNU_PROPERTY_X86_FEATURE_1_IBT) + cet_disable_ibt(); return 0; @@ -79,6 +94,12 @@ int prctl_cet(int option, unsigned long arg2) case ARCH_X86_CET_ALLOC_SHSTK: return handle_alloc_shstk(arg2); + /* + * Allocate legacy bitmap and return address & size to user. + */ + case ARCH_X86_CET_SET_LEGACY_BITMAP: + return handle_bitmap(arg2); + default: return -EINVAL; } From patchwork Thu Jun 6 20:09:20 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10980433 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 6138E6C5 for ; Thu, 6 Jun 2019 20:17:51 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4F9C628A6D for ; Thu, 6 Jun 2019 20:17:51 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 4332328AA7; Thu, 6 Jun 2019 20:17:51 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id BE4EC28A6D for ; Thu, 6 Jun 2019 20:17:50 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 15FB76B02CD; Thu, 6 Jun 2019 16:17:35 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id A6C496B02D6; Thu, 6 Jun 2019 16:17:34 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 566D96B02D0; Thu, 6 Jun 2019 16:17:34 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pf1-f197.google.com (mail-pf1-f197.google.com [209.85.210.197]) by kanga.kvack.org (Postfix) with ESMTP id A6AED6B02C5 for ; Thu, 6 Jun 2019 16:17:33 -0400 (EDT) Received: by mail-pf1-f197.google.com with SMTP id i123so2597498pfb.19 for ; Thu, 06 Jun 2019 13:17:33 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references; bh=TK8EDeMGPZ2hWiuLL/i5vI4+eG5g0kdJ6UAxh9hkMGQ=; b=fPcayrFKn9ilDvfNeUG3pgS0SvZ+zf/drik+HJclOpLBiPyjdv8gafWT8UwgHtLJLd 0b3DAfvBLhq1SE4Rg4oFmNZOAs2DnMcRVjEVpyt7LEFU0I6arpZ4TKYM59CAxSJtKZz5 TAzdbAVlKbK1BaZUtYPz5vA2+93KtLaDmh7SaI1F2U6Nwsd/+WluY0aEm+IEkVCH9ZJv JHLZIJz8v4CBmWZAM+jFD+eWBIIkTMG9K6EKImHis1IpBj7SnJJfH1/egqx6ZZ/1I05G +SCdDNosXVW4VCnF5k2tbiGV9o+mbKTcJJaYr6hQqXjew0D2VES+0UNMti6iciSZNua+ C4oA== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: APjAAAUFo/V1kQUDC7IPVGQCzmsGBzqx8D/NkIth0YwraWq37JlV7ZEt 7sSAJNMPPSmilMQ8WsBeyhBxue+cyj69qmxeAP6vg5q01Srnm4DeRSFA776QVQ3a34xEkMkLLP5 QB8YzmiIUI20tyxo+3ZVPB/cRIkI45mKZ5G4ko+57XcvPsr1zDvRdPXozsTXB2q3luQ== X-Received: by 2002:a63:2c4a:: with SMTP id s71mr296271pgs.343.1559852253343; Thu, 06 Jun 2019 13:17:33 -0700 (PDT) X-Google-Smtp-Source: APXvYqylCfveFYF6amyTwtcx3cyEc0B/iAothMTFZ36A2gOSEibeFL5XkUkOYTtBL4wE6sDdENhZ X-Received: by 2002:a63:2c4a:: with SMTP id s71mr296214pgs.343.1559852252585; Thu, 06 Jun 2019 13:17:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559852252; cv=none; d=google.com; s=arc-20160816; b=bN5mJL2yn0XWd2CE7hcOpEA5LGtX/xa8fWkn+L6si3C7IgywXqPpvz5TLrvI2hFBiH 7jZiHxPsyZX8e0JeIby2cN/8KqDtXD9oDTIROaFcJ7C6hE4+cdLGRp7sziNwmd+enVux CCcZHr/8X7NjKN287T4aurP94txZSwMVuUrduXcy4UJGAjA3oj9b6Fm7MS7ux7lRWwR6 PozmfxStf8RbWbFwZ0ZbWL0WoshH7/qEcl2wqNu8oyLBot1pXIYWuHM6NTvdLrR8Edoc PTleYL2POlJyFMoEZVdGj5P2atH8SnGElvqSQ/J7L5GKFFV2HYGPzcWTKRqMklxZr5T/ OyrQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from; bh=TK8EDeMGPZ2hWiuLL/i5vI4+eG5g0kdJ6UAxh9hkMGQ=; b=1GXY4Rd1mGJsumCMhjv89t1/4+VwXixPvecYoYgH08rBRo0sSwYpxZnWGQ4dTcIvqC +rggQ1lEbIujfdtqWWVW2Vuc5IuBpQqDioISif1GOf7oOLWppmcVg1uhdOzbYxANgD5j UDPfLmbat+Yzb0XwJxk8JgqFTgypbFoTJ+871N0JjJjcDJmJBniK/I/T8XiK5DzpvkZj GPdqQ/16pMyGDt41L46IjOSV3/UVekEwVPoYQSZ1rldnvP1wzD6lrULcW9WtLOdQng+b /0i65O/I8oSAh64ewYeT+X52PRDE0Lk2z9NNJc/6B9bvJvlhLfgbOqNTWuHWDOy8O+rq sKnw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga02.intel.com (mga02.intel.com. [134.134.136.20]) by mx.google.com with ESMTPS id e29si45752pgb.428.2019.06.06.13.17.32 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Jun 2019 13:17:32 -0700 (PDT) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) client-ip=134.134.136.20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Jun 2019 13:17:32 -0700 X-ExtLoop1: 1 Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by fmsmga001.fm.intel.com with ESMTP; 06 Jun 2019 13:17:31 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin Cc: Yu-cheng Yu Subject: [PATCH v7 08/14] x86/cet/ibt: Add ENDBR to op-code-map Date: Thu, 6 Jun 2019 13:09:20 -0700 Message-Id: <20190606200926.4029-9-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190606200926.4029-1-yu-cheng.yu@intel.com> References: <20190606200926.4029-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Add control transfer terminating instructions: ENDBR64/ENDBR32: Mark a valid 64/32-bit control transfer endpoint. Signed-off-by: Yu-cheng Yu --- arch/x86/lib/x86-opcode-map.txt | 13 +++++++++++-- tools/objtool/arch/x86/lib/x86-opcode-map.txt | 13 +++++++++++-- 2 files changed, 22 insertions(+), 4 deletions(-) diff --git a/arch/x86/lib/x86-opcode-map.txt b/arch/x86/lib/x86-opcode-map.txt index c5e825d44766..fbc53481bc59 100644 --- a/arch/x86/lib/x86-opcode-map.txt +++ b/arch/x86/lib/x86-opcode-map.txt @@ -620,7 +620,16 @@ ea: SAVEPREVSSP (f3) # Skip 0xeb-0xff EndTable -Table: 3-byte opcode 2 (0x0f 0x38) +Table: 3-byte opcode 2 (0x0f 0x1e) +Referrer: +AVXcode: +# Skip 0x00-0xf9 +fa: ENDBR64 (f3) +fb: ENDBR32 (f3) +#skip 0xfc-0xff +EndTable + +Table: 3-byte opcode 3 (0x0f 0x38) Referrer: 3-byte escape 1 AVXcode: 2 # 0x0f 0x38 0x00-0x0f @@ -804,7 +813,7 @@ f6: ADCX Gy,Ey (66) | ADOX Gy,Ey (F3) | MULX By,Gy,rDX,Ey (F2),(v) | WRSS Pq,Qq f7: BEXTR Gy,Ey,By (v) | SHLX Gy,Ey,By (66),(v) | SARX Gy,Ey,By (F3),(v) | SHRX Gy,Ey,By (F2),(v) EndTable -Table: 3-byte opcode 3 (0x0f 0x3a) +Table: 3-byte opcode 4 (0x0f 0x3a) Referrer: 3-byte escape 2 AVXcode: 3 # 0x0f 0x3a 0x00-0xff diff --git a/tools/objtool/arch/x86/lib/x86-opcode-map.txt b/tools/objtool/arch/x86/lib/x86-opcode-map.txt index c5e825d44766..fbc53481bc59 100644 --- a/tools/objtool/arch/x86/lib/x86-opcode-map.txt +++ b/tools/objtool/arch/x86/lib/x86-opcode-map.txt @@ -620,7 +620,16 @@ ea: SAVEPREVSSP (f3) # Skip 0xeb-0xff EndTable -Table: 3-byte opcode 2 (0x0f 0x38) +Table: 3-byte opcode 2 (0x0f 0x1e) +Referrer: +AVXcode: +# Skip 0x00-0xf9 +fa: ENDBR64 (f3) +fb: ENDBR32 (f3) +#skip 0xfc-0xff +EndTable + +Table: 3-byte opcode 3 (0x0f 0x38) Referrer: 3-byte escape 1 AVXcode: 2 # 0x0f 0x38 0x00-0x0f @@ -804,7 +813,7 @@ f6: ADCX Gy,Ey (66) | ADOX Gy,Ey (F3) | MULX By,Gy,rDX,Ey (F2),(v) | WRSS Pq,Qq f7: BEXTR Gy,Ey,By (v) | SHLX Gy,Ey,By (66),(v) | SARX Gy,Ey,By (F3),(v) | SHRX Gy,Ey,By (F2),(v) EndTable -Table: 3-byte opcode 3 (0x0f 0x3a) +Table: 3-byte opcode 4 (0x0f 0x3a) Referrer: 3-byte escape 2 AVXcode: 3 # 0x0f 0x3a 0x00-0xff From patchwork Thu Jun 6 20:09:21 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10980437 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id EAAD51515 for ; Thu, 6 Jun 2019 20:17:57 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D81B228A6D for ; Thu, 6 Jun 2019 20:17:57 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id CA6E528AA7; Thu, 6 Jun 2019 20:17:57 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4FFA528A6D for ; Thu, 6 Jun 2019 20:17:57 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 7FCD66B02CC; Thu, 6 Jun 2019 16:17:35 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 42BCA6B02D2; Thu, 6 Jun 2019 16:17:35 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id AE0556B02CC; Thu, 6 Jun 2019 16:17:34 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pl1-f198.google.com (mail-pl1-f198.google.com [209.85.214.198]) by kanga.kvack.org (Postfix) with ESMTP id 2F03D6B02CA for ; Thu, 6 Jun 2019 16:17:34 -0400 (EDT) Received: by mail-pl1-f198.google.com with SMTP id s12so2178861plr.5 for ; Thu, 06 Jun 2019 13:17:34 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to :subject:date:message-id:in-reply-to:references; bh=Hx9fQCfaehHECdP3yUizJoBr9I2sEjxAxWtfgK/yKTI=; b=STPXUahj12rqDzCZEoXhDAllgnMezT95+9RtTgT2xb+EhTQ2lr2f/4An38RVSNT+FH 2UDb9CwmQVgsbGkul76FJ48IfWukSEc3hWX5UjKhoHlIbR27+zV88ts5Ayu9QqMMQs+X LOzSuuiC2Cjf14zlufo+CgILtTHT7PXXytjlavPOFhF9vRiB3uyfx5ezj5lsH83iZSDq gAqEtjTeO25nHoJqZWRwS6xOwT8/WW6mqdujJpmNlMnLfXKR8g6JBwtEYN6Aq/LBrm0y R0zl/GfAFVFCh/WSupZAmF90+dIC9w8moYWAeG4HmzthhldQ/WnU4dGXa1IHhaSQw+po IhhA== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: APjAAAU2/e+DNEqcPYjTM/+jU5VBVnJINR3xYw+3pyGBNJEDqU55uvRX BDJnsIUS3l0eAuc2kOfGmVHrz6xp0w5/Rfaf5+unDbefeo2wOi56FMaE6cy8Dg53ogbEemYpKGk URPu1hjUWj859JgJWdovdk3u1rgXp1xigFCirYg/vgAcW5GMDuVF9OcJyLa/s1p6zQw== X-Received: by 2002:a17:902:7003:: with SMTP id y3mr52080652plk.70.1559852253858; Thu, 06 Jun 2019 13:17:33 -0700 (PDT) X-Google-Smtp-Source: APXvYqx8v11zYNr78rPRmoIaelqPmiM6j1XCexI3tWll0ujRDQOvmh2V5U4uqAU29z0Eziw8yDJu X-Received: by 2002:a17:902:7003:: with SMTP id y3mr52080571plk.70.1559852252590; Thu, 06 Jun 2019 13:17:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559852252; cv=none; d=google.com; s=arc-20160816; b=xsfriLt7oXl8uY0lyMFAm1xPpeedsBgOxit19mHRVecPxOUjlaJpY6SDZK+C8J7ONr lIrWzTeIfw9HLEPOUJCVM/YsbBd95EGMur3GI16P/yvIRXGEcnoEzW2CyKUafN1/3W73 GWcFR9lAvWMurryesbrFLQ1QSZwZgFHGuh9fnMjB5u8JJx7N0wse/6807x52JFPl148N VvmGkK29LLAxMKeaUk0XaMiaDwQC2lP7ifrwtnOoWSlSqwhj/joCMP96fQ82rks/IQ4j vaLnaE87/GN1NGI42T5nssOX74PE3i6znAh1B5c3D0N8GyEhJoyAGdwuuMpgsbu62csr OZjw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:to:from; bh=Hx9fQCfaehHECdP3yUizJoBr9I2sEjxAxWtfgK/yKTI=; b=yvwYHlECx4wTP+sgjiI0UYHStY8gzEb8nADy9dxi8KihmtMNGAG2nPPFdSSW2jTSEl aABMjLODVOGbpIoaZRPIipMKU8NIbB2l4JZh95RToPvuApa0jJ3T15X5McKTLpLjcTCc jn4C68Xm8SohiBdz05RHxM6vbIqjPew8I8eXhfIUamALG3JCybCvNZTUqZ3LOWzkg5uM fvLhblt32gHW+CePcBeeTMZUMqaaO8CeqQc1QXO82ickYia5VQK5vuklfQJdxVCyhtUA X7nHqzkeIkP3S0Fo2FmCNaUihQd8zJXJY28FW8zFfxx4hWZdneCzZXOsLsI/EG+emkIr Yn/A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga02.intel.com (mga02.intel.com. [134.134.136.20]) by mx.google.com with ESMTPS id t11si66755plr.23.2019.06.06.13.17.32 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Jun 2019 13:17:32 -0700 (PDT) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) client-ip=134.134.136.20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Jun 2019 13:17:32 -0700 X-ExtLoop1: 1 Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by fmsmga001.fm.intel.com with ESMTP; 06 Jun 2019 13:17:31 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin Subject: [PATCH v7 09/14] x86/vdso: Insert endbr32/endbr64 to vDSO Date: Thu, 6 Jun 2019 13:09:21 -0700 Message-Id: <20190606200926.4029-10-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190606200926.4029-1-yu-cheng.yu@intel.com> References: <20190606200926.4029-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: "H.J. Lu" When Intel indirect branch tracking is enabled, functions in vDSO which may be called indirectly must have endbr32 or endbr64 as the first instruction. Compiler must support -fcf-protection=branch so that it can be used to compile vDSO. Signed-off-by: H.J. Lu Acked-by: Andy Lutomirski --- arch/x86/entry/vdso/Makefile | 12 +++++++++++- arch/x86/entry/vdso/vdso-layout.lds.S | 1 + 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/arch/x86/entry/vdso/Makefile b/arch/x86/entry/vdso/Makefile index 42fe42e82baf..718fc17b0d67 100644 --- a/arch/x86/entry/vdso/Makefile +++ b/arch/x86/entry/vdso/Makefile @@ -108,13 +108,17 @@ vobjx32s := $(foreach F,$(vobjx32s-y),$(obj)/$F) # Convert 64bit object file to x32 for x32 vDSO. quiet_cmd_x32 = X32 $@ - cmd_x32 = $(OBJCOPY) -O elf32-x86-64 $< $@ + cmd_x32 = $(OBJCOPY) -R .note.gnu.property -O elf32-x86-64 $< $@ $(obj)/%-x32.o: $(obj)/%.o FORCE $(call if_changed,x32) targets += vdsox32.lds $(vobjx32s-y) +ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER + $(obj)/vclock_gettime.o $(obj)/vgetcpu.o $(obj)/vdso32/vclock_gettime.o: KBUILD_CFLAGS += -fcf-protection=branch +endif + $(obj)/%.so: OBJCOPYFLAGS := -S $(obj)/%.so: $(obj)/%.so.dbg FORCE $(call if_changed,objcopy) @@ -173,6 +177,12 @@ quiet_cmd_vdso = VDSO $@ VDSO_LDFLAGS = -shared $(call ld-option, --hash-style=both) \ $(call ld-option, --build-id) $(call ld-option, --eh-frame-hdr) \ -Bsymbolic +ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER + VDSO_LDFLAGS += $(call ldoption, -z$(comma)ibt) +endif +ifdef CONFIG_X86_INTEL_SHADOW_STACK_USER + VDSO_LDFLAGS += $(call ldoption, -z$(comma)shstk) +endif GCOV_PROFILE := n # diff --git a/arch/x86/entry/vdso/vdso-layout.lds.S b/arch/x86/entry/vdso/vdso-layout.lds.S index 93c6dc7812d0..3fea2ce318bc 100644 --- a/arch/x86/entry/vdso/vdso-layout.lds.S +++ b/arch/x86/entry/vdso/vdso-layout.lds.S @@ -52,6 +52,7 @@ SECTIONS *(.gnu.linkonce.b.*) } :text + .note.gnu.property : { *(.note.gnu.property) } :text :note .note : { *(.note.*) } :text :note .eh_frame_hdr : { *(.eh_frame_hdr) } :text :eh_frame_hdr From patchwork Thu Jun 6 20:09:22 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10980429 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id DC7071515 for ; Thu, 6 Jun 2019 20:17:45 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CAABD28AA7 for ; Thu, 6 Jun 2019 20:17:45 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id BE65A28AAA; Thu, 6 Jun 2019 20:17:45 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6A2B828AA7 for ; Thu, 6 Jun 2019 20:17:45 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 879066B02C5; Thu, 6 Jun 2019 16:17:34 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 7D21F6B02D3; Thu, 6 Jun 2019 16:17:34 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 45CEF6B02C7; Thu, 6 Jun 2019 16:17:34 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pf1-f197.google.com (mail-pf1-f197.google.com [209.85.210.197]) by kanga.kvack.org (Postfix) with ESMTP id A74E36B02CB for ; Thu, 6 Jun 2019 16:17:33 -0400 (EDT) Received: by mail-pf1-f197.google.com with SMTP id y5so2588557pfb.20 for ; Thu, 06 Jun 2019 13:17:33 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to :subject:date:message-id:in-reply-to:references; bh=YoQ681ZYTFjY/zFx9PzM0qShZAunOVr0m8G9KhtOrxQ=; b=TcZXIDWPAWd+8T78WkdwmNc3Mye9pheiJ75Ze6LYBjfgO48L1vl1QBvvFDL5AFXrHJ 1kpWsSA1Vo/cmMYd10+YcPDXvw/s+UGnSX4gfMATsovOhxx6+LAWHA2kTYx0gkfbp4oZ 8m2xuR46nMcdzARpUB91oldMJQKOZjCxZT2mCqiS+IZ46iFUaURV5GdS1N3CckRJDd8x 07T1AwGkmssZRyL6TrLge9psDy5Yj84oRgdJPDvlrfyGtEAN7zpatDxzY0sAFXgi437d Xb4+MBY0NU+Gqc0xivbBUcN45VrUZmu3FfO2NayMMOsorprVSdYaEsEDTN7i9SHn9jR1 QueQ== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: APjAAAWxsVZDYrpokhvHLSExqwmm4K+5rmzBCf3MlmfDfi4H1SM1sL5B JTKUbhNEIyzMOZbisVyPIMWMWR5YPP3toQxx8mUAoCEwz+uyGPN59mGNVMqkp2yDccjM8blgCZV BLtt/zJvuwYJ42cuP+X9jvjvDZAoE53bsU7aBKtUnv73XWdI5P8X7xadMVmiB8UVmHQ== X-Received: by 2002:a63:1b1e:: with SMTP id b30mr322738pgb.180.1559852253372; Thu, 06 Jun 2019 13:17:33 -0700 (PDT) X-Google-Smtp-Source: APXvYqzeLrUmCAZzsc0GucJ3gnpLvrSmpiBpZFbJ9YumiuK8WWGzuWJhiOPNGnf7rmFYRoiPzrvz X-Received: by 2002:a63:1b1e:: with SMTP id b30mr322708pgb.180.1559852252825; Thu, 06 Jun 2019 13:17:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559852252; cv=none; d=google.com; s=arc-20160816; b=Nia3Ugy+4YQLuLHsUYycjb0ktU0xMjJdLhHfDD/k+kcI5ZxxzAnSLEKHRVsMFqFiHn pIReH9HDhlsyaFTNkwgzU4JzPySmpPJRH9HQIMxty77XgXaEZMIP78++D6ToEiQ4aHEW xBLFukj9Hw1jGH+W5MPzBVYnkSagkK8osHlzLijsacKg73levK+mBfWQ88OfdhoO3caY U28larMHI7P9tvO5RNsXMbPodH8fj6McoZ7ksXu7ubgiet7PBUHME7ptkMwQgQ/AQLFq AobQuyoUWfxii4LkIiyusmwhm508ZVraJWOfJUTDeW3bV/5YbuZErJ/jlZT2bDI+BUpR Vj6Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:to:from; bh=YoQ681ZYTFjY/zFx9PzM0qShZAunOVr0m8G9KhtOrxQ=; b=sItiUf939d6hoMigABqgfI4w6xADL3yhmdffQ6u9xihSkWetz5OgcvkgWFM1N0CqHn +mPV2x/zlcPXjZzDisrIQCiI4sRYNzFDyw7eYa9SkAAeW8HsZI78gqOu8CG6T+gSowWj 3xNUc0ryC8EI4tJw7bgsyrTt8iIr9EoXAd9dBftm5LXnFWtGBjdGNs2rVnnp98fkumZ8 zqHusfqmHWDx91ZWlVYPixe4pZFwC+82xZF5dLKAwJjy5xiQzsSJMaWZ0P3HAC9nzus1 ALtX9Y6tnGnaub+Whbd9evng1EJhRli+ZhufCARvqSFZ2999Yxc1KwKMIkEvduU4ZCGg S7Rg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga02.intel.com (mga02.intel.com. [134.134.136.20]) by mx.google.com with ESMTPS id e29si45752pgb.428.2019.06.06.13.17.32 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Jun 2019 13:17:32 -0700 (PDT) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) client-ip=134.134.136.20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Jun 2019 13:17:32 -0700 X-ExtLoop1: 1 Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by fmsmga001.fm.intel.com with ESMTP; 06 Jun 2019 13:17:32 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin Subject: [PATCH v7 10/14] x86/vdso/32: Add ENDBR32 to __kernel_vsyscall entry point Date: Thu, 6 Jun 2019 13:09:22 -0700 Message-Id: <20190606200926.4029-11-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190606200926.4029-1-yu-cheng.yu@intel.com> References: <20190606200926.4029-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: "H.J. Lu" Add ENDBR32 to __kernel_vsyscall entry point. Signed-off-by: H.J. Lu Acked-by: Andy Lutomirski --- arch/x86/entry/vdso/vdso32/system_call.S | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/entry/vdso/vdso32/system_call.S b/arch/x86/entry/vdso/vdso32/system_call.S index 263d7433dea8..2fc8141fff4e 100644 --- a/arch/x86/entry/vdso/vdso32/system_call.S +++ b/arch/x86/entry/vdso/vdso32/system_call.S @@ -14,6 +14,9 @@ ALIGN __kernel_vsyscall: CFI_STARTPROC +#ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER + endbr32 +#endif /* * Reshuffle regs so that all of any of the entry instructions * will preserve enough state. From patchwork Thu Jun 6 20:09:23 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10980443 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id F20EB1515 for ; Thu, 6 Jun 2019 20:18:06 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E21DE28A6D for ; Thu, 6 Jun 2019 20:18:06 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D5AB628AA7; Thu, 6 Jun 2019 20:18:06 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 71DA628A6D for ; Thu, 6 Jun 2019 20:18:06 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 2E81B6B02D3; Thu, 6 Jun 2019 16:17:36 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id D7B0B6B02DB; Thu, 6 Jun 2019 16:17:35 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3BCB06B02CE; Thu, 6 Jun 2019 16:17:35 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pg1-f199.google.com (mail-pg1-f199.google.com [209.85.215.199]) by kanga.kvack.org (Postfix) with ESMTP id 7094D6B02D4 for ; Thu, 6 Jun 2019 16:17:34 -0400 (EDT) Received: by mail-pg1-f199.google.com with SMTP id 14so2295838pgo.14 for ; Thu, 06 Jun 2019 13:17:34 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to :subject:date:message-id:in-reply-to:references; bh=7GnSNHKy6rHzD6GKuLujsef/M80H1Rf5lfqmK/S0wEQ=; b=Swc2J7jVzA80AUt4kLi5PNeTxbE2NgB4LAxCpx1tgbYGZhjyEit6BlszB9d3FFsJHA UaEodFYkJqiT8phT6venULve4HX64CK1gowAGpntFmA3oaBeN0z9I1XcQ9CX0yHkJxuJ ULoZCb/7tN0xJLOEVGgNuSmT0zactfld56Fdrhm4sHau5K91D2bCw6L9F1cl6LT4SfKY gUKbC0bz5Jx5PW+d6mFoq+5ZHw+VPbYlzzbK+bFasEJ1gCWT+pEEG+h+LZ1vPEfL9FyU UWCe23y8alVGp57FRpQiLFXUrHMMBn7w+bBTXTpBIUHlFSsfAungy0+PmsPs8Ixe0fil HvyQ== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.126 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: APjAAAVYQy6DDga9INZm5/rgAvSQXpWii+dotZdN8cG8+YXZ8qyPO7F9 RiSoyTAwaIYszugmwAWBZ6DUpvvuYj8GNQi+HASg1XTZ3/3O5TTLPFWJxqvxXF8ewaLAugWiAdS fmsJSF3Nu5iYivQD3PmMERgkdLv2EQnGeikGmR52OdrGlsEyl8DK8TlBSyd+4U4mDeQ== X-Received: by 2002:a17:902:ba82:: with SMTP id k2mr43333762pls.323.1559852254129; Thu, 06 Jun 2019 13:17:34 -0700 (PDT) X-Google-Smtp-Source: APXvYqwQS3qd97pO8QZkZeqhEUX/JFUK6bqZI3SIrPHmOpj0yaXVzifFPTDfUODufkKgMG5sqWh5 X-Received: by 2002:a17:902:ba82:: with SMTP id k2mr43333694pls.323.1559852253042; Thu, 06 Jun 2019 13:17:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559852253; cv=none; d=google.com; s=arc-20160816; b=sj+0WQAK/zjc8MFFC2HEDKdGw5aVJXeI6nTHP9L/zRkgEGDurCR0NyRtBVbulQxk1i C4xfyqq5UMnefI9mfLF6g68OdLObWdljNUeUAQtKUACpkDIv5fvXF1EIm0XZ7x6CyaM3 qvsWEC9u8UfRxPxsspV4Hj8Kh3ujHJl7gXNKwPcC76/+dBF/rxoxQLNpOdxi20xqhhCu gfPgyEb6nztAQjXA5JCwWiE0Zv6KFek+W9cPyDMpn7QvE8q6b3DRERWYmvhqpsiqU0Kb N4lupWxaDoy047fqlU/q9We1qgF7clYN31z5r3MPIlVUNrdxK81o4yDuiYYrB230UL8E CfHA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:to:from; bh=7GnSNHKy6rHzD6GKuLujsef/M80H1Rf5lfqmK/S0wEQ=; b=CaeeGqoDgn7QI31RpKptB6cFiWmnm46+Hpj16KAAZy/pWwhP/GbSAVK4XkCnLSSbct 2OlUo1pLJxILPSXyxE9aAeD/XOjONwqEm8HhT34Lr/ZcducpiTBO3nYUcKtzKK4v5x+l hsc/hBB3SxkuLKeVweQ4SU2b9C8pS7Ca7kdflcFsmUR+aMkM7KCHYVwFjn94yzJhAhnQ /xFIWqHUP4MXRl3HeVFZlxGi0KdhR6+WRTCNBsVAOsK+rf4mbx8aEdf7D6r/Zv/0L30j 9Nvvgsspf2n1PJyvWfQQ6ncBd9SE5W4Eg4jUzKHlLiNMXoFw4SCSDmUfjgIo6t77h/In Y46w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.126 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga18.intel.com (mga18.intel.com. [134.134.136.126]) by mx.google.com with ESMTPS id a3si59797plc.132.2019.06.06.13.17.32 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Jun 2019 13:17:33 -0700 (PDT) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.126 as permitted sender) client-ip=134.134.136.126; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.126 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga106.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Jun 2019 13:17:32 -0700 X-ExtLoop1: 1 Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by fmsmga001.fm.intel.com with ESMTP; 06 Jun 2019 13:17:32 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin Subject: [PATCH v7 11/14] x86/vsyscall/64: Add ENDBR64 to vsyscall entry points Date: Thu, 6 Jun 2019 13:09:23 -0700 Message-Id: <20190606200926.4029-12-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190606200926.4029-1-yu-cheng.yu@intel.com> References: <20190606200926.4029-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: "H.J. Lu" Add ENDBR64 to vsyscall entry points. Signed-off-by: H.J. Lu Acked-by: Andy Lutomirski --- arch/x86/entry/vsyscall/vsyscall_emu_64.S | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/arch/x86/entry/vsyscall/vsyscall_emu_64.S b/arch/x86/entry/vsyscall/vsyscall_emu_64.S index 2e203f3a25a7..040696333457 100644 --- a/arch/x86/entry/vsyscall/vsyscall_emu_64.S +++ b/arch/x86/entry/vsyscall/vsyscall_emu_64.S @@ -17,16 +17,25 @@ __PAGE_ALIGNED_DATA .type __vsyscall_page, @object __vsyscall_page: +#ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER + endbr64 +#endif mov $__NR_gettimeofday, %rax syscall ret .balign 1024, 0xcc +#ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER + endbr64 +#endif mov $__NR_time, %rax syscall ret .balign 1024, 0xcc +#ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER + endbr64 +#endif mov $__NR_getcpu, %rax syscall ret From patchwork Thu Jun 6 20:09:24 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10980441 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id B4F141515 for ; Thu, 6 Jun 2019 20:18:03 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A460128A6D for ; Thu, 6 Jun 2019 20:18:03 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 981BC28AA7; Thu, 6 Jun 2019 20:18:03 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 32DB228A6D for ; Thu, 6 Jun 2019 20:18:03 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id ED74C6B02CE; Thu, 6 Jun 2019 16:17:35 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id A93446B02D3; Thu, 6 Jun 2019 16:17:35 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 20BB66B02D0; Thu, 6 Jun 2019 16:17:35 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pf1-f197.google.com (mail-pf1-f197.google.com [209.85.210.197]) by kanga.kvack.org (Postfix) with ESMTP id 9C9E36B02C7 for ; Thu, 6 Jun 2019 16:17:34 -0400 (EDT) Received: by mail-pf1-f197.google.com with SMTP id 5so2605586pff.11 for ; Thu, 06 Jun 2019 13:17:34 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references; bh=4ZtYRpnqNhDo6MmNFKhTgiJMhZHkWCIMCZl+C3rG6/A=; b=POLpfxrZofcrSNutoJwuKb9XW662Vpm4IiwuXt60zW1DiZjijyrdIWH86LqaChc4n5 EUdaVRCbTe7Tg1P9hCh0d/2KZ/2369XkP5mGWeXdEDR3+L07HHG6vhnixxpaxorRiWQW Sl3XJ+lBgalryHeOmYUsW9JgmOduYa3tBsHrXuKZw/WywYfRiyCQni4AJ26Nl/sMrxJb pq/U7dkWaTL3Bk7DbWOnWETuepPK5UtCOBd8CGjMBoOoW4Bj5Rg6gRKcD0w7QsfDb2Un wmI/4FDbgMJ1jk+e7yXhgbibtGC1/IKynwm0C02lNRqve4XKMZcrXDcnjr9qByz+tE5X T6rg== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: APjAAAWf6xIhiSu4R8qsTNCwhY3Pjvj/FcjZrEqU8dbx1zxTbfR7qM8D YHxT4tPGMO51FmyMFAIQaVElChhDJepx7A8FUg08/RrqhYlLR15gZf8G7pNYAMwW8ch0Jv+OlUs 9XcvM607MyoLdLTo94hUKZ6Do5adw3fUyUFaQDFarkDJIaM9ijrNeHIyML13vCuCcNw== X-Received: by 2002:a17:90a:2430:: with SMTP id h45mr1749540pje.14.1559852254285; Thu, 06 Jun 2019 13:17:34 -0700 (PDT) X-Google-Smtp-Source: APXvYqzSyK9qrNM4mbWLjeJSeKQ8ZwgW9CWtsbeQZsw/hj+DgEZVcQgtAKW727pHvkrNDmzuh91l X-Received: by 2002:a17:90a:2430:: with SMTP id h45mr1749464pje.14.1559852253262; Thu, 06 Jun 2019 13:17:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559852253; cv=none; d=google.com; s=arc-20160816; b=fmja2xFjELa3kSq4NtoY4gUGaOzYEDx6SQUB7v92ZcG3z9FgaVCM3f/lTaLgyfT8bp fw5Q/OP1Nc72F1yMaZn4szg/M1O69wAUQPc/aTw6LCiv2zYXbdqmQ/nubGdpAZWeJti7 zQvHE2H3FqjQIMi9UvHhxnedJfIM/aDprCPEmvB4TnRMqVmTrJ01fulERxWDqBPFcI94 sbY9kpBvgQInswjSnT/vAsrXuP2J4X4V2cveK3IuFt1Q72tVWPfXN+E0QRmWZLLYjVoO KQ1c6BhwKTvaGI5GkHXASGZweitO6JQoKnUPmT+FPzOvUN6bOhpRyeGkZyiiJx+lCCKH jZSg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from; bh=4ZtYRpnqNhDo6MmNFKhTgiJMhZHkWCIMCZl+C3rG6/A=; b=0Eztzi2JylmWsDKz1QA0lMs0EqPRgZMx5jiM3DfpAm0A2NbK1X5l/sh5gJSKbG7JKd IzmfcTdSaVTJFNAzChJRj45tHjkAv+NEDImmBR6vF/izkX/5bpuBS7CQW3AZtAZpSHCL 6U7vyHQDx+SKw48USCpCMX0C+8gyG9GPBisGtVkGz4FktxDFQMfk8DaoDtHjsQsNptFs BvCTnfuzOUddbHogUuQlH/FK4mAzBnrKSPJ+z3u1NMOzwVNRqB6rsa67Ez3sJvKyMCQT qyh+utinXtXB4EJb0Iigqt1ZEqr4e8UhRe7F96YCuj1EUbQ+NRg6zIRCP6E2fAP20VWt KeoQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga02.intel.com (mga02.intel.com. [134.134.136.20]) by mx.google.com with ESMTPS id j18si33385pgm.561.2019.06.06.13.17.33 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Jun 2019 13:17:33 -0700 (PDT) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) client-ip=134.134.136.20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 134.134.136.20 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Jun 2019 13:17:32 -0700 X-ExtLoop1: 1 Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by fmsmga001.fm.intel.com with ESMTP; 06 Jun 2019 13:17:32 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin Cc: Yu-cheng Yu Subject: [PATCH v7 12/14] x86/vsyscall/64: Fixup shadow stack and branch tracking for vsyscall Date: Thu, 6 Jun 2019 13:09:24 -0700 Message-Id: <20190606200926.4029-13-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190606200926.4029-1-yu-cheng.yu@intel.com> References: <20190606200926.4029-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP When emulating a RET, also unwind the task's shadow stack and cancel the current branch tracking status. Signed-off-by: Yu-cheng Yu --- arch/x86/entry/vsyscall/vsyscall_64.c | 28 +++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/arch/x86/entry/vsyscall/vsyscall_64.c b/arch/x86/entry/vsyscall/vsyscall_64.c index d9d81ad7a400..6869ef9d1e8b 100644 --- a/arch/x86/entry/vsyscall/vsyscall_64.c +++ b/arch/x86/entry/vsyscall/vsyscall_64.c @@ -38,6 +38,8 @@ #include #include #include +#include +#include #define CREATE_TRACE_POINTS #include "vsyscall_trace.h" @@ -92,6 +94,30 @@ static int addr_to_vsyscall_nr(unsigned long addr) return nr; } +void fixup_shstk(void) +{ +#ifdef CONFIG_X86_INTEL_SHADOW_STACK_USER + u64 r; + + if (current->thread.cet.shstk_enabled) { + rdmsrl(MSR_IA32_PL3_SSP, r); + wrmsrl(MSR_IA32_PL3_SSP, r + 8); + } +#endif +} + +void fixup_ibt(void) +{ +#ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER + u64 r; + + if (current->thread.cet.ibt_enabled) { + rdmsrl(MSR_IA32_U_CET, r); + wrmsrl(MSR_IA32_U_CET, r & ~MSR_IA32_CET_WAIT_ENDBR); + } +#endif +} + static bool write_ok_or_segv(unsigned long ptr, size_t size) { /* @@ -265,6 +291,8 @@ bool emulate_vsyscall(struct pt_regs *regs, unsigned long address) /* Emulate a ret instruction. */ regs->ip = caller; regs->sp += 8; + fixup_shstk(); + fixup_ibt(); return true; sigsegv: From patchwork Thu Jun 6 20:09:25 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10980445 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4C3A36C5 for ; Thu, 6 Jun 2019 20:18:10 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3B64528AA2 for ; Thu, 6 Jun 2019 20:18:10 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2F2E928A6D; Thu, 6 Jun 2019 20:18:10 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 903E228A6D for ; Thu, 6 Jun 2019 20:18:09 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 693AB6B02DB; Thu, 6 Jun 2019 16:17:36 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 0849C6B02D5; Thu, 6 Jun 2019 16:17:36 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A48D36B02DC; Thu, 6 Jun 2019 16:17:35 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pg1-f200.google.com (mail-pg1-f200.google.com [209.85.215.200]) by kanga.kvack.org (Postfix) with ESMTP id 446EB6B02DB for ; Thu, 6 Jun 2019 16:17:35 -0400 (EDT) Received: by mail-pg1-f200.google.com with SMTP id e69so2314464pgc.7 for ; Thu, 06 Jun 2019 13:17:35 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references; bh=5sD/VtOBJS3fd61Qzp6JVoTL0uRDWIHB9WqS2y24rXE=; b=C/lXQMputiarYgn2bRPMbL7uX+FJTIqtvCiP1xKgdD+EDZkI4aC6qQHBZWCevr3x3O BbP336cV1GLcyFrQj+MjvuAOiXzA/KRKBBeX3uJfy2HxUbBbTwDTi/J36IXdMq5SBl7P 7UVM6hMuLfHWpX9aS8e2GZ96XqZcqoklGkXAStLcHvYO8PUiJaU/4ajWjRrCPwIbDnL9 /X0qw4wIegYmRMWChE0MptQwQHSO3mgOb0o01sjqsFAfbLmFaeOwtln3owYACOSksiyJ ZK52h2NYGsu0AIKz/O6vWzC/Y71mlzg9cS91KYaMVWUJLQC4pFiOaNVHXfAdnhlB6ijP nzcw== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.43 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: APjAAAWZcNjegnPBzj0SWvPxON/1UdsaiboYaEinvAexFIimrWCzs9VK arwmvL5ZgDVbYLTWQjcPD3a7xrBpEgRSo36grIK3hPiZ1eSF5opeyeCxPAhPxMe5HzYCrhW5qWT 6MjenGzcHhKsUCEF4C8++Zd2du2nWWlqxnhzy5O8Y52Y+C3Y8nQBxCR8LYUDSR3Hjog== X-Received: by 2002:a17:90a:5d09:: with SMTP id s9mr1615564pji.120.1559852254917; Thu, 06 Jun 2019 13:17:34 -0700 (PDT) X-Google-Smtp-Source: APXvYqwg+oJwtNI3sE8wx4ntVhiRfSe0QRUp+pKKzEzm5918TFvhVInycce3dyK540J0u/iNAwKn X-Received: by 2002:a17:90a:5d09:: with SMTP id s9mr1615473pji.120.1559852253613; Thu, 06 Jun 2019 13:17:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559852253; cv=none; d=google.com; s=arc-20160816; b=0LPphXBUBtqQIfmTi+HKznfYDFYLR3S8El5xtc61qXdWN+wjwYnr9118y5mygO0heU +Cu5+AFWBetF/pTOkejroIjwXygIuNXbgSQT/1balr+2jvXg2uVibB/rS8IUJYAkqRVU PuI+IYb4srqeT/1TGRAlzUK+fd3s1+2X9Lc505iWXN7pDbZPEPV3z4ENJGNREzRtXHX/ 8Xc+riJityF3Q6XKsEx/dSxZfNNMpZa354u1W0q4UHP7tDUyt3e9k+jz7J/LzLzSPoZl Ur2nZRNKFzpk74GgZ75Yu+HgALYTSwe1qj/rb4dVYpfVYqDzia/CZC7t5uxNhv+9mG8C LHwg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from; bh=5sD/VtOBJS3fd61Qzp6JVoTL0uRDWIHB9WqS2y24rXE=; b=xVx7LvW1we1RiVBebE+EoNiaocxbG96xsghAG0HIrx2LwYTbP0+e7bY4vqI+056c17 DV9LsrXIRaliPxr/osf8PhCzoaSZCek0lkwEchhI7chEzL5XJ/aVAYAIju4L14EnPfTg QMHnxvo4/kE4OfdbnlWnd8Z0FelUQufCxh2qFCC9wgk25MY4SWPm2TA63OGU1Lm+4fVH BClqz1AgV7pdJ5CA5pYxxyxXKXDSTJVlDh6/FAmTiiDBsZkU6T/z2xtAmoyLIzD/QbMn /TqirNtzwLsURMsUAucdhEOZmggLOhXHLC9sJcM55sypN0ssvkBfOpreGhEnDV+QdwL5 lvQw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.43 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga05.intel.com (mga05.intel.com. [192.55.52.43]) by mx.google.com with ESMTPS id p21si39566plq.328.2019.06.06.13.17.33 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Jun 2019 13:17:33 -0700 (PDT) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.43 as permitted sender) client-ip=192.55.52.43; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.43 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Jun 2019 13:17:32 -0700 X-ExtLoop1: 1 Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by fmsmga001.fm.intel.com with ESMTP; 06 Jun 2019 13:17:32 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin Cc: Yu-cheng Yu Subject: [PATCH v7 13/14] x86/cet: Add PTRACE interface for CET Date: Thu, 6 Jun 2019 13:09:25 -0700 Message-Id: <20190606200926.4029-14-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190606200926.4029-1-yu-cheng.yu@intel.com> References: <20190606200926.4029-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Add REGSET_CET64/REGSET_CET32 to get/set CET MSRs: IA32_U_CET (user-mode CET settings) and IA32_PL3_SSP (user-mode shadow stack) Signed-off-by: Yu-cheng Yu --- arch/x86/include/asm/fpu/regset.h | 7 +++--- arch/x86/kernel/fpu/regset.c | 41 +++++++++++++++++++++++++++++++ arch/x86/kernel/ptrace.c | 16 ++++++++++++ include/uapi/linux/elf.h | 1 + 4 files changed, 62 insertions(+), 3 deletions(-) diff --git a/arch/x86/include/asm/fpu/regset.h b/arch/x86/include/asm/fpu/regset.h index d5bdffb9d27f..edad0d889084 100644 --- a/arch/x86/include/asm/fpu/regset.h +++ b/arch/x86/include/asm/fpu/regset.h @@ -7,11 +7,12 @@ #include -extern user_regset_active_fn regset_fpregs_active, regset_xregset_fpregs_active; +extern user_regset_active_fn regset_fpregs_active, regset_xregset_fpregs_active, + cetregs_active; extern user_regset_get_fn fpregs_get, xfpregs_get, fpregs_soft_get, - xstateregs_get; + xstateregs_get, cetregs_get; extern user_regset_set_fn fpregs_set, xfpregs_set, fpregs_soft_set, - xstateregs_set; + xstateregs_set, cetregs_set; /* * xstateregs_active == regset_fpregs_active. Please refer to the comment diff --git a/arch/x86/kernel/fpu/regset.c b/arch/x86/kernel/fpu/regset.c index d652b939ccfb..2937ec9d9215 100644 --- a/arch/x86/kernel/fpu/regset.c +++ b/arch/x86/kernel/fpu/regset.c @@ -156,6 +156,47 @@ int xstateregs_set(struct task_struct *target, const struct user_regset *regset, return ret; } +int cetregs_active(struct task_struct *target, const struct user_regset *regset) +{ +#ifdef CONFIG_X86_INTEL_CET + if (target->thread.cet.shstk_enabled || target->thread.cet.ibt_enabled) + return regset->n; +#endif + return 0; +} + +int cetregs_get(struct task_struct *target, const struct user_regset *regset, + unsigned int pos, unsigned int count, + void *kbuf, void __user *ubuf) +{ + struct fpu *fpu = &target->thread.fpu; + struct cet_user_state *cetregs; + + if (!boot_cpu_has(X86_FEATURE_SHSTK)) + return -ENODEV; + + cetregs = get_xsave_addr(&fpu->state.xsave, XFEATURE_CET_USER); + + fpu__prepare_read(fpu); + return user_regset_copyout(&pos, &count, &kbuf, &ubuf, cetregs, 0, -1); +} + +int cetregs_set(struct task_struct *target, const struct user_regset *regset, + unsigned int pos, unsigned int count, + const void *kbuf, const void __user *ubuf) +{ + struct fpu *fpu = &target->thread.fpu; + struct cet_user_state *cetregs; + + if (!boot_cpu_has(X86_FEATURE_SHSTK)) + return -ENODEV; + + cetregs = get_xsave_addr(&fpu->state.xsave, XFEATURE_CET_USER); + + fpu__prepare_write(fpu); + return user_regset_copyin(&pos, &count, &kbuf, &ubuf, cetregs, 0, -1); +} + #if defined CONFIG_X86_32 || defined CONFIG_IA32_EMULATION /* diff --git a/arch/x86/kernel/ptrace.c b/arch/x86/kernel/ptrace.c index a166c960bc9e..db902ed9b353 100644 --- a/arch/x86/kernel/ptrace.c +++ b/arch/x86/kernel/ptrace.c @@ -51,7 +51,9 @@ enum x86_regset { REGSET_IOPERM64 = REGSET_XFP, REGSET_XSTATE, REGSET_TLS, + REGSET_CET64 = REGSET_TLS, REGSET_IOPERM32, + REGSET_CET32, }; struct pt_regs_offset { @@ -1268,6 +1270,13 @@ static struct user_regset x86_64_regsets[] __ro_after_init = { .size = sizeof(long), .align = sizeof(long), .active = ioperm_active, .get = ioperm_get }, + [REGSET_CET64] = { + .core_note_type = NT_X86_CET, + .n = sizeof(struct cet_user_state) / sizeof(u64), + .size = sizeof(u64), .align = sizeof(u64), + .active = cetregs_active, .get = cetregs_get, + .set = cetregs_set + }, }; static const struct user_regset_view user_x86_64_view = { @@ -1323,6 +1332,13 @@ static struct user_regset x86_32_regsets[] __ro_after_init = { .size = sizeof(u32), .align = sizeof(u32), .active = ioperm_active, .get = ioperm_get }, + [REGSET_CET32] = { + .core_note_type = NT_X86_CET, + .n = sizeof(struct cet_user_state) / sizeof(u64), + .size = sizeof(u64), .align = sizeof(u64), + .active = cetregs_active, .get = cetregs_get, + .set = cetregs_set + }, }; static const struct user_regset_view user_x86_32_view = { diff --git a/include/uapi/linux/elf.h b/include/uapi/linux/elf.h index 316177ce9e76..4f320d96d538 100644 --- a/include/uapi/linux/elf.h +++ b/include/uapi/linux/elf.h @@ -401,6 +401,7 @@ typedef struct elf64_shdr { #define NT_386_TLS 0x200 /* i386 TLS slots (struct user_desc) */ #define NT_386_IOPERM 0x201 /* x86 io permission bitmap (1=deny) */ #define NT_X86_XSTATE 0x202 /* x86 extended state using xsave */ +#define NT_X86_CET 0x203 /* x86 cet state */ #define NT_S390_HIGH_GPRS 0x300 /* s390 upper register halves */ #define NT_S390_TIMER 0x301 /* s390 timer register */ #define NT_S390_TODCMP 0x302 /* s390 TOD clock comparator register */ From patchwork Thu Jun 6 20:09:26 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10980447 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 81DDB1515 for ; Thu, 6 Jun 2019 20:18:13 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6F59628AA2 for ; Thu, 6 Jun 2019 20:18:13 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 62DA928A6D; Thu, 6 Jun 2019 20:18:13 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D197028A6D for ; Thu, 6 Jun 2019 20:18:12 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 978036B02D5; Thu, 6 Jun 2019 16:17:36 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 1BB9A6B02D4; Thu, 6 Jun 2019 16:17:36 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id DED2B6B02D2; Thu, 6 Jun 2019 16:17:35 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pg1-f199.google.com (mail-pg1-f199.google.com [209.85.215.199]) by kanga.kvack.org (Postfix) with ESMTP id 42DBC6B02DA for ; Thu, 6 Jun 2019 16:17:35 -0400 (EDT) Received: by mail-pg1-f199.google.com with SMTP id k23so2308469pgh.10 for ; Thu, 06 Jun 2019 13:17:35 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to :subject:date:message-id:in-reply-to:references; bh=ac1NjIrOfI9u6KZaE2BsaLSoNPaau6R6WCIYehau9Jc=; b=ivBStedFqW/3WMLGGroYMB4VQfkEYTID7SFHLKQOLZGoSikcU79CINbM4bV+PZYlFx YDOG8cV9CUNk9RF49jP6K20iMahM1AthHr+dOLfJ3DxI5EXDth0dwrN2odJsyZz6hCt3 MJwrpLcj3IRzDA2mI6aI/HFhQJ33iR+fMORCPstUV+47yFeDGnpHj93h2dYrA3mGyNZ2 EI6J1ft8Ba8P+ZzvWmjY/HhTo6S2iHb/hmUaJW273md5CxqrFolxmTiLTO9UFKELp6aI l5hn9NwHlK1ZIM+xxY/DWjmeg0bXztSawTgePMZPJmQXHFtfRh78ow1V6/tGhaFeEi44 xhPw== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.43 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: APjAAAUMFOtZX+7XPWrJxNv1uHZuPAiOnUYZq/MXib2xgf6FO3CbVkCZ k3J480oa/7q5512SBQ7rdSigswpQquacRm1AH/+lVoGGVQJ7GvyuiPu2HsOVNKvi0nHnECGM5lb T3j5YIZe7dqybEVf8Z/nknTOlMYs83VJQuYR56RQJymT40R6PrOpGlBjcGeGZJZVDyg== X-Received: by 2002:a17:90a:d58d:: with SMTP id v13mr1668852pju.1.1559852254943; Thu, 06 Jun 2019 13:17:34 -0700 (PDT) X-Google-Smtp-Source: APXvYqxojzvmT20K+xD8d3MCdjN+pHZigxBCBFeQEeajkgU2YDB8w0aOKZlOUDrn45+KPOqyge26 X-Received: by 2002:a17:90a:d58d:: with SMTP id v13mr1668771pju.1.1559852253930; Thu, 06 Jun 2019 13:17:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559852253; cv=none; d=google.com; s=arc-20160816; b=pXLQTgwJVflTGLlLIOsR/2u1dV0hfn+l+08mljKw5uggf9SfdmUP3CC3CPyknbE+lA BZd4xJnytVkilRLekQV9hg60hhRAaFqY49WgS5SNI26I2+aVnJhW8zNN0NKfxG2eWK2n jLJAWHZ7ZAijfBYkzHjeRUJSOsJMXIu3Dvp9NMaZreHJZOe7pGKBI2UvB3H8ER0DR3Ii rH8341nbtvsrjP+3LLi564naDlfyKz1LUdQsUgmcKqC2r9cpOdXE81iHqoLc5P0QsNSX jMCx+C8afBTPN9xhNXGqzisA3rsy9pMdmDcjRbQbhUpSm13rDLJt/nJDGnyoTIcbvZsj jtxg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:to:from; bh=ac1NjIrOfI9u6KZaE2BsaLSoNPaau6R6WCIYehau9Jc=; b=JgXl+FjwYwtaWbPXnf4z2ZAQn5saCO2kCvdETsoYbXO0bn6fiFYUh5lbKCaYVnmgDv 4UxwVZI5m4nYdW8bOnA0WcJ83rxemAvt57YAI8hBbqpGr5mknmqJ8c4/DkKAhIti+Z18 X3UVR5jF7ryJkv2//JiyywVg+jneVVRwNe8avZWzqCVCawqf8b4ISDjdVLoy9khLVw3d 3j0dbo4dEC5pgaEZ53bZ9oP/GmmCaig0a9M+2bQ5T/iYh9hmjhbE8YiLEY4zteYSE4Rx UO9AksxpJZP2qfxtSmaCMzNourN01kbWxaJHrRcUwohqgs9N67A/6DNsH+XU8P2SAS9W uxUg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.43 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga05.intel.com (mga05.intel.com. [192.55.52.43]) by mx.google.com with ESMTPS id p21si39566plq.328.2019.06.06.13.17.33 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Jun 2019 13:17:33 -0700 (PDT) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.43 as permitted sender) client-ip=192.55.52.43; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.43 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Jun 2019 13:17:33 -0700 X-ExtLoop1: 1 Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by fmsmga001.fm.intel.com with ESMTP; 06 Jun 2019 13:17:33 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin Subject: [PATCH v7 14/14] x86: Discard .note.gnu.property sections Date: Thu, 6 Jun 2019 13:09:26 -0700 Message-Id: <20190606200926.4029-15-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190606200926.4029-1-yu-cheng.yu@intel.com> References: <20190606200926.4029-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: "H.J. Lu" With the command-line option, -mx86-used-note=yes, the x86 assembler in binutils 2.32 and above generates a program property note in a note section, .note.gnu.property, to encode used x86 ISAs and features. To exclude .note.gnu.property sections from NOTE segment in x86 kernel linker script: PHDRS { text PT_LOAD FLAGS(5); data PT_LOAD FLAGS(6); percpu PT_LOAD FLAGS(6); init PT_LOAD FLAGS(7); note PT_NOTE FLAGS(0); } SECTIONS { ... .notes : AT(ADDR(.notes) - 0xffffffff80000000) { __start_notes = .; KEEP(*(.not e.*)) __stop_notes = .; } :text :note ... } this patch discards .note.gnu.property sections in kernel linker script by adding /DISCARD/ : { *(.note.gnu.property) } before .notes sections. Since .exit.text and .exit.data sections are discarded at runtime, it undefines EXIT_TEXT and EXIT_DATA to exclude .exit.text and .exit.data sections from default discarded sections. Signed-off-by: H.J. Lu --- arch/x86/kernel/vmlinux.lds.S | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S index 0850b5149345..d2594b482c09 100644 --- a/arch/x86/kernel/vmlinux.lds.S +++ b/arch/x86/kernel/vmlinux.lds.S @@ -146,6 +146,10 @@ SECTIONS /* End of text section */ _etext = .; + /* .note.gnu.property sections should be discarded */ + /DISCARD/ : { + *(.note.gnu.property) + } NOTES :text :note EXCEPTION_TABLE(16) :text = 0x9090 @@ -382,7 +386,12 @@ SECTIONS STABS_DEBUG DWARF_DEBUG - /* Sections to be discarded */ + /* Sections to be discarded. EXIT_TEXT and EXIT_DATA discard at runtime. + * not link time. */ +#undef EXIT_TEXT +#define EXIT_TEXT +#undef EXIT_DATA +#define EXIT_DATA DISCARDS /DISCARD/ : { *(.eh_frame)