From patchwork Tue Aug 25 00:26:36 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 11734579 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3AD39109B for ; Tue, 25 Aug 2020 00:31:02 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 114B42065F for ; Tue, 25 Aug 2020 00:31:02 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 114B42065F Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 42F53900019; Mon, 24 Aug 2020 20:30:43 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 39014900010; Mon, 24 Aug 2020 20:30:43 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 1E37C900019; Mon, 24 Aug 2020 20:30:43 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0174.hostedemail.com [216.40.44.174]) by kanga.kvack.org (Postfix) with ESMTP id F2D37900010 for ; Mon, 24 Aug 2020 20:30:42 -0400 (EDT) Received: from smtpin04.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay04.hostedemail.com (Postfix) with ESMTP id C0D191EE6 for ; Tue, 25 Aug 2020 00:30:42 +0000 (UTC) X-FDA: 77187210324.04.sea28_1e0f29427057 Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin04.hostedemail.com (Postfix) with ESMTP id 3E4E4800B504 for ; Tue, 25 Aug 2020 00:30:36 +0000 (UTC) X-Spam-Summary: 1,0,0,,d41d8cd98f00b204,yu-cheng.yu@intel.com,,RULES_HIT:30054:30055:30056:30064:30070,0,RBL:134.134.136.20:@intel.com:.lbl8.mailshell.net-62.50.0.100 64.95.201.95;04y8rfasr8akyrmkd6fys93be7f5dopzz3pfrkjeuo3gkunkxzwwwkhmjo8zosc.msocs6r4ess5k5oy9prdqh76jf944zs9iq8bapo77bai4buwp8xnj1fo9i189qq.s-lbl8.mailshell.net-223.238.255.100,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,MSF:not bulk,SPF:ft,MSBL:0,DNSBL:neutral,Custom_rules:0:0:0,LFtime:24,LUA_SUMMARY:none X-HE-Tag: sea28_1e0f29427057 X-Filterd-Recvd-Size: 4106 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by imf21.hostedemail.com (Postfix) with ESMTP for ; Tue, 25 Aug 2020 00:30:35 +0000 (UTC) IronPort-SDR: 35eVqyQjmvGd3FrFpH6ZT5CF9aS6Q6veWVnNwDqS0XeVS8wL6t4h+M7luqLw0bR3WZKui8TzT+ pzt9gignRY1w== X-IronPort-AV: E=McAfee;i="6000,8403,9723"; a="143794745" X-IronPort-AV: E=Sophos;i="5.76,350,1592895600"; d="scan'208";a="143794745" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Aug 2020 17:30:33 -0700 IronPort-SDR: l8S+XyV+DgtG/kfo6YnlQsapzXqJUuZ7pa5XjdDLqLaT6tRrTlHIWMt8wZ27Z0o1fWuRDt3VFq 8nW7rO4TwQcg== X-IronPort-AV: E=Sophos;i="5.76,350,1592895600"; d="scan'208";a="443429296" Received: from yyu32-desk.sc.intel.com ([143.183.136.146]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Aug 2020 17:30:33 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin , Weijiang Yang Cc: Yu-cheng Yu Subject: [PATCH v11 1/9] x86/cet/ibt: Add Kconfig option for user-mode Indirect Branch Tracking Date: Mon, 24 Aug 2020 17:26:36 -0700 Message-Id: <20200825002645.3658-2-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20200825002645.3658-1-yu-cheng.yu@intel.com> References: <20200825002645.3658-1-yu-cheng.yu@intel.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: 3E4E4800B504 X-Spamd-Result: default: False [0.00 / 100.00] X-Rspamd-Server: rspam04 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Introduce Kconfig option X86_INTEL_BRANCH_TRACKING_USER. Indirect Branch Tracking (IBT) provides protection against CALL-/JMP- oriented programming attacks. It is active when the kernel has this feature enabled, and the processor and the application support it. When this feature is enabled, legacy non-IBT applications continue to work, but without IBT protection. Signed-off-by: Yu-cheng Yu --- v10: - Change build-time CET check to config depends on. arch/x86/Kconfig | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 6b6dad011763..b047e0a8d1c2 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1963,6 +1963,22 @@ config X86_INTEL_SHADOW_STACK_USER If unsure, say y. +config X86_INTEL_BRANCH_TRACKING_USER + prompt "Intel Indirect Branch Tracking for user-mode" + def_bool n + depends on CPU_SUP_INTEL && X86_64 + depends on $(cc-option,-fcf-protection) + select X86_INTEL_CET + help + Indirect Branch Tracking (IBT) provides protection against + CALL-/JMP-oriented programming attacks. It is active when + the kernel has this feature enabled, and the processor and + the application support it. When this feature is enabled, + legacy non-IBT applications continue to work, but without + IBT protection. + + If unsure, say y + config EFI bool "EFI runtime service support" depends on ACPI From patchwork Tue Aug 25 00:26:37 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 11734563 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 22F07739 for ; Tue, 25 Aug 2020 00:30:40 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id E18C22065F for ; Tue, 25 Aug 2020 00:30:39 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org E18C22065F Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 2592790000F; Mon, 24 Aug 2020 20:30:37 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 1BB4490000D; Mon, 24 Aug 2020 20:30:37 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id F06B290000F; Mon, 24 Aug 2020 20:30:36 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0057.hostedemail.com [216.40.44.57]) by kanga.kvack.org (Postfix) with ESMTP id CD5FA90000D for ; Mon, 24 Aug 2020 20:30:36 -0400 (EDT) Received: from smtpin06.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay02.hostedemail.com (Postfix) with ESMTP id 98B8F362B for ; Tue, 25 Aug 2020 00:30:36 +0000 (UTC) X-FDA: 77187210072.06.wound57_0c0807b27057 Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin06.hostedemail.com (Postfix) with ESMTP id 66EB91004E3F2 for ; Tue, 25 Aug 2020 00:30:36 +0000 (UTC) X-Spam-Summary: 1,0,0,,d41d8cd98f00b204,yu-cheng.yu@intel.com,,RULES_HIT:30051:30054:30056:30064:30070:30090,0,RBL:134.134.136.20:@intel.com:.lbl8.mailshell.net-64.95.201.95 62.50.0.100;04yriery1p8si8zz6af6a8hapdgigochnpebrg49tcccgqjab4ue1omsth7pzkr.gmch13a4hc4w81yxyg5a9mchhnhmuomngm9g84ecxxu7qowuoa5ngxho6jww53t.w-lbl8.mailshell.net-223.238.255.100,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,MSF:not bulk,SPF:ft,MSBL:0,DNSBL:neutral,Custom_rules:0:0:0,LFtime:23,LUA_SUMMARY:none X-HE-Tag: wound57_0c0807b27057 X-Filterd-Recvd-Size: 8013 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by imf49.hostedemail.com (Postfix) with ESMTP for ; Tue, 25 Aug 2020 00:30:35 +0000 (UTC) IronPort-SDR: YZKf5MjxX9QS1HELYAqTXlRHmwBLOiw/IZtQTx+1RUYyxNVeLEmS38OSmNdFBMTGw+c3uA/XOu rBK1HwJWIHdg== X-IronPort-AV: E=McAfee;i="6000,8403,9723"; a="143794748" X-IronPort-AV: E=Sophos;i="5.76,350,1592895600"; d="scan'208";a="143794748" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Aug 2020 17:30:34 -0700 IronPort-SDR: TFQsm/tu5aV7nP34bj6j/mtL2KBSX8IjvNHKQzQlR+2sGvwEBfTGcI7PRmB5ov5JqKt89kMuCX 8EZxamN/snUg== X-IronPort-AV: E=Sophos;i="5.76,350,1592895600"; d="scan'208";a="443429301" Received: from yyu32-desk.sc.intel.com ([143.183.136.146]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Aug 2020 17:30:33 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin , Weijiang Yang Cc: Yu-cheng Yu Subject: [PATCH v11 2/9] x86/cet/ibt: User-mode Indirect Branch Tracking support Date: Mon, 24 Aug 2020 17:26:37 -0700 Message-Id: <20200825002645.3658-3-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20200825002645.3658-1-yu-cheng.yu@intel.com> References: <20200825002645.3658-1-yu-cheng.yu@intel.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: 66EB91004E3F2 X-Spamd-Result: default: False [0.00 / 100.00] X-Rspamd-Server: rspam04 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Introduce user-mode Indirect Branch Tracking (IBT) support. Update setup routines to include IBT. Signed-off-by: Yu-cheng Yu --- v10: - Change no_cet_ibt to no_user_ibt. v9: - Change cpu_feature_enabled() to static_cpu_has(). v2: - Change noibt to no_cet_ibt. arch/x86/include/asm/cet.h | 3 ++ arch/x86/include/asm/disabled-features.h | 8 ++++- arch/x86/kernel/cet.c | 33 +++++++++++++++++++ arch/x86/kernel/cpu/common.c | 17 ++++++++++ .../arch/x86/include/asm/disabled-features.h | 8 ++++- 5 files changed, 67 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/cet.h b/arch/x86/include/asm/cet.h index f7eb197998ad..916ac2a0404c 100644 --- a/arch/x86/include/asm/cet.h +++ b/arch/x86/include/asm/cet.h @@ -15,6 +15,7 @@ struct cet_status { unsigned long shstk_base; unsigned long shstk_size; unsigned int locked:1; + unsigned int ibt_enabled:1; }; #ifdef CONFIG_X86_INTEL_CET @@ -26,6 +27,8 @@ void cet_disable_free_shstk(struct task_struct *p); int cet_verify_rstor_token(bool ia32, unsigned long ssp, unsigned long *new_ssp); void cet_restore_signal(struct sc_ext *sc); int cet_setup_signal(bool ia32, unsigned long rstor, struct sc_ext *sc); +int cet_setup_ibt(void); +void cet_disable_ibt(void); #else static inline int prctl_cet(int option, u64 arg2) { return -EINVAL; } static inline int cet_setup_thread_shstk(struct task_struct *p) { return 0; } diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h index a0e1b24cfa02..52c9c07cfacc 100644 --- a/arch/x86/include/asm/disabled-features.h +++ b/arch/x86/include/asm/disabled-features.h @@ -62,6 +62,12 @@ #define DISABLE_SHSTK (1<<(X86_FEATURE_SHSTK & 31)) #endif +#ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER +#define DISABLE_IBT 0 +#else +#define DISABLE_IBT (1<<(X86_FEATURE_IBT & 31)) +#endif + /* * Make sure to add features to the correct mask */ @@ -83,7 +89,7 @@ #define DISABLED_MASK15 0 #define DISABLED_MASK16 (DISABLE_PKU|DISABLE_OSPKE|DISABLE_LA57|DISABLE_UMIP|DISABLE_SHSTK) #define DISABLED_MASK17 0 -#define DISABLED_MASK18 0 +#define DISABLED_MASK18 (DISABLE_IBT) #define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 19) #endif /* _ASM_X86_DISABLED_FEATURES_H */ diff --git a/arch/x86/kernel/cet.c b/arch/x86/kernel/cet.c index 2bf1a6b6abb6..b1c122a5aef4 100644 --- a/arch/x86/kernel/cet.c +++ b/arch/x86/kernel/cet.c @@ -13,6 +13,8 @@ #include #include #include +#include +#include #include #include #include @@ -355,3 +357,34 @@ int cet_setup_signal(bool ia32, unsigned long rstor_addr, struct sc_ext *sc_ext) return 0; } + +int cet_setup_ibt(void) +{ + u64 msr_val; + + if (!static_cpu_has(X86_FEATURE_IBT)) + return -EOPNOTSUPP; + + start_update_msrs(); + rdmsrl(MSR_IA32_U_CET, msr_val); + msr_val |= (CET_ENDBR_EN | CET_NO_TRACK_EN); + wrmsrl(MSR_IA32_U_CET, msr_val); + end_update_msrs(); + current->thread.cet.ibt_enabled = 1; + return 0; +} + +void cet_disable_ibt(void) +{ + u64 msr_val; + + if (!static_cpu_has(X86_FEATURE_IBT)) + return; + + start_update_msrs(); + rdmsrl(MSR_IA32_U_CET, msr_val); + msr_val &= CET_SHSTK_EN; + wrmsrl(MSR_IA32_U_CET, msr_val); + end_update_msrs(); + current->thread.cet.ibt_enabled = 0; +} diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index 5f60ddaabc46..43666b1f50a2 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -536,6 +536,23 @@ static __init int setup_disable_shstk(char *s) __setup("no_user_shstk", setup_disable_shstk); #endif +#ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER +static __init int setup_disable_ibt(char *s) +{ + /* require an exact match without trailing characters */ + if (s[0] != '\0') + return 0; + + if (!boot_cpu_has(X86_FEATURE_IBT)) + return 1; + + setup_clear_cpu_cap(X86_FEATURE_IBT); + pr_info("x86: 'no_user_ibt' specified, disabling user Branch Tracking\n"); + return 1; +} +__setup("no_user_ibt", setup_disable_ibt); +#endif + /* * Some CPU features depend on higher CPUID levels, which may not always * be available due to CPUID level capping or broken virtualization diff --git a/tools/arch/x86/include/asm/disabled-features.h b/tools/arch/x86/include/asm/disabled-features.h index a0e1b24cfa02..52c9c07cfacc 100644 --- a/tools/arch/x86/include/asm/disabled-features.h +++ b/tools/arch/x86/include/asm/disabled-features.h @@ -62,6 +62,12 @@ #define DISABLE_SHSTK (1<<(X86_FEATURE_SHSTK & 31)) #endif +#ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER +#define DISABLE_IBT 0 +#else +#define DISABLE_IBT (1<<(X86_FEATURE_IBT & 31)) +#endif + /* * Make sure to add features to the correct mask */ @@ -83,7 +89,7 @@ #define DISABLED_MASK15 0 #define DISABLED_MASK16 (DISABLE_PKU|DISABLE_OSPKE|DISABLE_LA57|DISABLE_UMIP|DISABLE_SHSTK) #define DISABLED_MASK17 0 -#define DISABLED_MASK18 0 +#define DISABLED_MASK18 (DISABLE_IBT) #define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 19) #endif /* _ASM_X86_DISABLED_FEATURES_H */ From patchwork Tue Aug 25 00:26:38 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 11734569 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D0F46739 for ; Tue, 25 Aug 2020 00:30:47 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id A8C1D2065F for ; Tue, 25 Aug 2020 00:30:47 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org A8C1D2065F Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 389B3900011; Mon, 24 Aug 2020 20:30:38 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 2D485900010; Mon, 24 Aug 2020 20:30:38 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D861D900012; Mon, 24 Aug 2020 20:30:37 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0110.hostedemail.com [216.40.44.110]) by kanga.kvack.org (Postfix) with ESMTP id A9BD8900011 for ; Mon, 24 Aug 2020 20:30:37 -0400 (EDT) Received: from smtpin12.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay03.hostedemail.com (Postfix) with ESMTP id 706938248047 for ; Tue, 25 Aug 2020 00:30:37 +0000 (UTC) X-FDA: 77187210114.12.dock40_21060fa27057 Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin12.hostedemail.com (Postfix) with ESMTP id 3028A18013E16 for ; Tue, 25 Aug 2020 00:30:37 +0000 (UTC) X-Spam-Summary: 1,0,0,,d41d8cd98f00b204,yu-cheng.yu@intel.com,,RULES_HIT:30045:30046:30051:30054:30055:30056:30064,0,RBL:134.134.136.20:@intel.com:.lbl8.mailshell.net-62.50.0.100 64.95.201.95;04yfh4o5r1jyrr1hjqd75yb9hobeooc4wstfs5c8stfi8s6a1upebddhy96h35d.stbjzzuk1wi4icjyw35fuea1mxjzu6rhch8n8tiuppkj7jg9ra8rabrosyoo9tz.q-lbl8.mailshell.net-223.238.255.100,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,MSF:not bulk,SPF:ft,MSBL:0,DNSBL:neutral,Custom_rules:0:0:0,LFtime:23,LUA_SUMMARY:none X-HE-Tag: dock40_21060fa27057 X-Filterd-Recvd-Size: 5470 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by imf21.hostedemail.com (Postfix) with ESMTP for ; Tue, 25 Aug 2020 00:30:36 +0000 (UTC) IronPort-SDR: 3sPYQOUJ1iAF8qvPN6Dlzwk3+vzfOJBwEnqHgWEMJSai67h64a/SQH9TA1asWZ4kZcmREnLtSX zWOljT7Vd5aA== X-IronPort-AV: E=McAfee;i="6000,8403,9723"; a="143794751" X-IronPort-AV: E=Sophos;i="5.76,350,1592895600"; d="scan'208";a="143794751" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Aug 2020 17:30:35 -0700 IronPort-SDR: V4+8RAz4lr57YJf6ppaQdnCN2Y+4ePc8I0Bx49RHfkv6ZLb0zEP9kczEe8WNzqeCpfswk8DtAh lrHmlnLDKi3g== X-IronPort-AV: E=Sophos;i="5.76,350,1592895600"; d="scan'208";a="443429307" Received: from yyu32-desk.sc.intel.com ([143.183.136.146]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Aug 2020 17:30:34 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin , Weijiang Yang Cc: Yu-cheng Yu Subject: [PATCH v11 3/9] x86/cet/ibt: Handle signals for Indirect Branch Tracking Date: Mon, 24 Aug 2020 17:26:38 -0700 Message-Id: <20200825002645.3658-4-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20200825002645.3658-1-yu-cheng.yu@intel.com> References: <20200825002645.3658-1-yu-cheng.yu@intel.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: 3028A18013E16 X-Spamd-Result: default: False [0.00 / 100.00] X-Rspamd-Server: rspam04 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: An indirect CALL/JMP moves the indirect branch tracking (IBT) state machine to WAIT_ENDBR status until the instruction reaches an ENDBR opcode. If the CALL/JMP does not reach an ENDBR opcode, the processor raises a control- protection fault. WAIT_ENDBR status can be read from MSR_IA32_U_CET. WAIT_ENDBR is cleared for signal handling, and restored for sigreturn. IBT state machine is described in Intel SDM Vol. 1, Sec. 18.3. Signed-off-by: Yu-cheng Yu --- v9: - Fix missing WAIT_ENDBR in signal handling. arch/x86/kernel/cet.c | 27 +++++++++++++++++++++++++-- arch/x86/kernel/fpu/signal.c | 8 +++++--- 2 files changed, 30 insertions(+), 5 deletions(-) diff --git a/arch/x86/kernel/cet.c b/arch/x86/kernel/cet.c index b1c122a5aef4..f783229460b6 100644 --- a/arch/x86/kernel/cet.c +++ b/arch/x86/kernel/cet.c @@ -309,6 +309,13 @@ void cet_restore_signal(struct sc_ext *sc_ext) msr_val |= CET_SHSTK_EN; } + if (cet->ibt_enabled) { + msr_val |= (CET_ENDBR_EN | CET_NO_TRACK_EN); + + if (sc_ext->wait_endbr) + msr_val |= CET_WAIT_ENDBR; + } + if (test_thread_flag(TIF_NEED_FPU_LOAD)) cet_user_state->user_cet = msr_val; else @@ -349,9 +356,25 @@ int cet_setup_signal(bool ia32, unsigned long rstor_addr, struct sc_ext *sc_ext) sc_ext->ssp = new_ssp; } - if (ssp) { + if (ssp || cet->ibt_enabled) { + start_update_msrs(); - wrmsrl(MSR_IA32_PL3_SSP, ssp); + + if (ssp) + wrmsrl(MSR_IA32_PL3_SSP, ssp); + + if (cet->ibt_enabled) { + u64 r; + + rdmsrl(MSR_IA32_U_CET, r); + + if (r & CET_WAIT_ENDBR) { + sc_ext->wait_endbr = 1; + r &= ~CET_WAIT_ENDBR; + wrmsrl(MSR_IA32_U_CET, r); + } + } + end_update_msrs(); } diff --git a/arch/x86/kernel/fpu/signal.c b/arch/x86/kernel/fpu/signal.c index d02ea8c11128..a4d66fa69c1c 100644 --- a/arch/x86/kernel/fpu/signal.c +++ b/arch/x86/kernel/fpu/signal.c @@ -57,7 +57,8 @@ int save_cet_to_sigframe(int ia32, void __user *fp, unsigned long restorer) { int err = 0; - if (!current->thread.cet.shstk_size) + if (!current->thread.cet.shstk_size && + !current->thread.cet.ibt_enabled) return 0; if (fp) { @@ -89,7 +90,8 @@ static int get_cet_from_sigframe(int ia32, void __user *fp, struct sc_ext *ext) memset(ext, 0, sizeof(*ext)); - if (!current->thread.cet.shstk_size) + if (!current->thread.cet.shstk_size && + !current->thread.cet.ibt_enabled) return 0; if (fp) { @@ -577,7 +579,7 @@ static unsigned long fpu__alloc_sigcontext_ext(unsigned long sp) * sigcontext_ext is at: fpu + fpu_user_xstate_size + * FP_XSTATE_MAGIC2_SIZE, then aligned to 8. */ - if (cet->shstk_size) + if (cet->shstk_size || cet->ibt_enabled) sp -= (sizeof(struct sc_ext) + 8); return sp; From patchwork Tue Aug 25 00:26:39 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 11734567 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 48BB9109B for ; Tue, 25 Aug 2020 00:30:45 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 1F18E2065F for ; Tue, 25 Aug 2020 00:30:45 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 1F18E2065F Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 0F2B190000D; Mon, 24 Aug 2020 20:30:38 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 03C56900011; Mon, 24 Aug 2020 20:30:37 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C1ADD90000D; Mon, 24 Aug 2020 20:30:37 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0107.hostedemail.com [216.40.44.107]) by kanga.kvack.org (Postfix) with ESMTP id A602C900010 for ; Mon, 24 Aug 2020 20:30:37 -0400 (EDT) Received: from smtpin03.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay05.hostedemail.com (Postfix) with ESMTP id 6BFF1181AEF1F for ; Tue, 25 Aug 2020 00:30:37 +0000 (UTC) X-FDA: 77187210114.03.snail55_050fe5927057 Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin03.hostedemail.com (Postfix) with ESMTP id 3CFBD28A4E8 for ; Tue, 25 Aug 2020 00:30:37 +0000 (UTC) X-Spam-Summary: 1,0,0,,d41d8cd98f00b204,yu-cheng.yu@intel.com,,RULES_HIT:30045:30054:30056:30064:30070,0,RBL:134.134.136.20:@intel.com:.lbl8.mailshell.net-62.50.0.100 64.95.201.95;04ygpp4e3w6su5kdf59ge3s8zs4tpocuj6onsj4etaodpjm86x3zm6n8u8zn1uh.s4kit41u8koxmroayuow685473qrnc4db7quxdtnsbydts1mpiso4z6y1ihjim8.w-lbl8.mailshell.net-223.238.255.100,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,MSF:not bulk,SPF:ft,MSBL:0,DNSBL:neutral,Custom_rules:0:0:0,LFtime:24,LUA_SUMMARY:none X-HE-Tag: snail55_050fe5927057 X-Filterd-Recvd-Size: 3940 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by imf27.hostedemail.com (Postfix) with ESMTP for ; Tue, 25 Aug 2020 00:30:36 +0000 (UTC) IronPort-SDR: 6m8XJ4JfUVBEtQcEKp0h9VgPknY6fuTphf30kdDsvuLBOHJaBIchvH+HDGqR20Hos6a4DWbgJx MzA2ZwFJdkaA== X-IronPort-AV: E=McAfee;i="6000,8403,9723"; a="143794753" X-IronPort-AV: E=Sophos;i="5.76,350,1592895600"; d="scan'208";a="143794753" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Aug 2020 17:30:35 -0700 IronPort-SDR: EGKN8o+mtfUJhweX7e6D9P4+AGQ8EmhSBD0hf/vqqKtFCv6xXHw0qBj/+CF28xLNEHbB6spIYc nixR9RRRRfmw== X-IronPort-AV: E=Sophos;i="5.76,350,1592895600"; d="scan'208";a="443429314" Received: from yyu32-desk.sc.intel.com ([143.183.136.146]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Aug 2020 17:30:35 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin , Weijiang Yang Cc: Yu-cheng Yu Subject: [PATCH v11 4/9] x86/cet/ibt: ELF header parsing for Indirect Branch Tracking Date: Mon, 24 Aug 2020 17:26:39 -0700 Message-Id: <20200825002645.3658-5-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20200825002645.3658-1-yu-cheng.yu@intel.com> References: <20200825002645.3658-1-yu-cheng.yu@intel.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: 3CFBD28A4E8 X-Spamd-Result: default: False [0.00 / 100.00] X-Rspamd-Server: rspam05 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Update arch_setup_elf_property() for Indirect Branch Tracking. Signed-off-by: Yu-cheng Yu --- v9: - Change cpu_feature_enabled() to static_cpu_has(). arch/x86/Kconfig | 2 ++ arch/x86/kernel/process_64.c | 8 ++++++++ 2 files changed, 10 insertions(+) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index b047e0a8d1c2..5bd6d6a10047 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1969,6 +1969,8 @@ config X86_INTEL_BRANCH_TRACKING_USER depends on CPU_SUP_INTEL && X86_64 depends on $(cc-option,-fcf-protection) select X86_INTEL_CET + select ARCH_USE_GNU_PROPERTY + select ARCH_BINFMT_ELF_STATE help Indirect Branch Tracking (IBT) provides protection against CALL-/JMP-oriented programming attacks. It is active when diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c index fd4644865a3b..c084e1a37d11 100644 --- a/arch/x86/kernel/process_64.c +++ b/arch/x86/kernel/process_64.c @@ -866,6 +866,14 @@ int arch_setup_elf_property(struct arch_elf_state *state) r = cet_setup_shstk(); } + if (r < 0) + return r; + + if (static_cpu_has(X86_FEATURE_IBT)) { + if (state->gnu_property & GNU_PROPERTY_X86_FEATURE_1_IBT) + r = cet_setup_ibt(); + } + return r; } #endif From patchwork Tue Aug 25 00:26:40 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 11734565 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A9A62109B for ; Tue, 25 Aug 2020 00:30:42 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 778D32065F for ; Tue, 25 Aug 2020 00:30:42 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 778D32065F Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id D8883900015; Mon, 24 Aug 2020 20:30:37 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id CBA3B900010; Mon, 24 Aug 2020 20:30:37 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id AE27D900012; Mon, 24 Aug 2020 20:30:37 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0250.hostedemail.com [216.40.44.250]) by kanga.kvack.org (Postfix) with ESMTP id 8D0C790000D for ; Mon, 24 Aug 2020 20:30:37 -0400 (EDT) Received: from smtpin06.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay02.hostedemail.com (Postfix) with ESMTP id 624DE362B for ; Tue, 25 Aug 2020 00:30:37 +0000 (UTC) X-FDA: 77187210114.06.heat89_0d0960327057 Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin06.hostedemail.com (Postfix) with ESMTP id 347261004E3F2 for ; Tue, 25 Aug 2020 00:30:37 +0000 (UTC) X-Spam-Summary: 1,0,0,,d41d8cd98f00b204,yu-cheng.yu@intel.com,,RULES_HIT:30051:30054:30056:30064:30070,0,RBL:134.134.136.20:@intel.com:.lbl8.mailshell.net-64.95.201.95 62.50.0.100;04ygoqh1wbz5akh45ey8p3nwatrkwop7n8pjykukmz3wk6pbys8zxtszp5jejrr.iuauiki8kz3o3b8cjuohgocycqyoctqreqnk8ag1jom3rmeyicwhru9ss17pp1k.n-lbl8.mailshell.net-223.238.255.100,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,MSF:not bulk,SPF:ft,MSBL:0,DNSBL:neutral,Custom_rules:0:0:0,LFtime:24,LUA_SUMMARY:none X-HE-Tag: heat89_0d0960327057 X-Filterd-Recvd-Size: 4014 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by imf49.hostedemail.com (Postfix) with ESMTP for ; Tue, 25 Aug 2020 00:30:36 +0000 (UTC) IronPort-SDR: Mn4cyxlgUfj8xYhGzaUdjTqqbiKS1bcmoLJEEmlc3KmnQYcgkmE29HTQ/pbuXbRdPvWmUb5OzH kiDRrABd3ZNw== X-IronPort-AV: E=McAfee;i="6000,8403,9723"; a="143794756" X-IronPort-AV: E=Sophos;i="5.76,350,1592895600"; d="scan'208";a="143794756" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Aug 2020 17:30:36 -0700 IronPort-SDR: 7R5NO8Y00591d02foMcLeXqtfwQA4+ex9md6DKlWZ250Mzuqy7PmZmnlR7AZGcTijUSG8HZw5R GhbhSH3JxPwg== X-IronPort-AV: E=Sophos;i="5.76,350,1592895600"; d="scan'208";a="443429321" Received: from yyu32-desk.sc.intel.com ([143.183.136.146]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Aug 2020 17:30:35 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin , Weijiang Yang Cc: Yu-cheng Yu Subject: [PATCH v11 5/9] x86/cet/ibt: Update arch_prctl functions for Indirect Branch Tracking Date: Mon, 24 Aug 2020 17:26:40 -0700 Message-Id: <20200825002645.3658-6-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20200825002645.3658-1-yu-cheng.yu@intel.com> References: <20200825002645.3658-1-yu-cheng.yu@intel.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: 347261004E3F2 X-Spamd-Result: default: False [0.00 / 100.00] X-Rspamd-Server: rspam01 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: "H.J. Lu" Update ARCH_X86_CET_STATUS and ARCH_X86_CET_DISABLE for Indirect Branch Tracking. Signed-off-by: H.J. Lu Signed-off-by: Yu-cheng Yu --- arch/x86/kernel/cet_prctl.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/cet_prctl.c b/arch/x86/kernel/cet_prctl.c index cc49eef08ab0..2cd089e1542c 100644 --- a/arch/x86/kernel/cet_prctl.c +++ b/arch/x86/kernel/cet_prctl.c @@ -22,6 +22,9 @@ static int copy_status_to_user(struct cet_status *cet, u64 arg2) buf[2] = (u64)cet->shstk_size; } + if (cet->ibt_enabled) + buf[0] |= GNU_PROPERTY_X86_FEATURE_1_IBT; + return copy_to_user((u64 __user *)arg2, buf, sizeof(buf)); } @@ -72,7 +75,8 @@ int prctl_cet(int option, u64 arg2) if (option == ARCH_X86_CET_STATUS) return copy_status_to_user(cet, arg2); - if (!static_cpu_has(X86_FEATURE_SHSTK)) + if (!static_cpu_has(X86_FEATURE_SHSTK) && + !static_cpu_has(X86_FEATURE_IBT)) return -EOPNOTSUPP; switch (option) { @@ -83,6 +87,8 @@ int prctl_cet(int option, u64 arg2) return -EINVAL; if (arg2 & GNU_PROPERTY_X86_FEATURE_1_SHSTK) cet_disable_free_shstk(current); + if (arg2 & GNU_PROPERTY_X86_FEATURE_1_IBT) + cet_disable_ibt(); return 0; case ARCH_X86_CET_LOCK: From patchwork Tue Aug 25 00:26:41 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 11734571 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 915E4109B for ; Tue, 25 Aug 2020 00:30:50 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 68DE3221E2 for ; Tue, 25 Aug 2020 00:30:50 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 68DE3221E2 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id BF7F0900012; Mon, 24 Aug 2020 20:30:38 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id B5ABA900010; Mon, 24 Aug 2020 20:30:38 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9D150900012; Mon, 24 Aug 2020 20:30:38 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0224.hostedemail.com [216.40.44.224]) by kanga.kvack.org (Postfix) with ESMTP id 7CD37900010 for ; Mon, 24 Aug 2020 20:30:38 -0400 (EDT) Received: from smtpin23.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay01.hostedemail.com (Postfix) with ESMTP id 3E9F1180AD815 for ; Tue, 25 Aug 2020 00:30:38 +0000 (UTC) X-FDA: 77187210156.23.hate88_2510de427057 Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin23.hostedemail.com (Postfix) with ESMTP id 0BFD237604 for ; Tue, 25 Aug 2020 00:30:38 +0000 (UTC) X-Spam-Summary: 1,0,0,,d41d8cd98f00b204,yu-cheng.yu@intel.com,,RULES_HIT:30045:30051:30054:30056:30064,0,RBL:134.134.136.20:@intel.com:.lbl8.mailshell.net-62.50.0.100 64.95.201.95;04y88hfksn9mazuhxkgag97uka6b6op556ajqd4a4t6ponx3cqqxu3btirsiw1z.jjeo4gqtute7h66qomffa516s7mnfwp3pcda89i69bcfby3oa6e6fhyo1z39mew.r-lbl8.mailshell.net-223.238.255.100,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,MSF:not bulk,SPF:ft,MSBL:0,DNSBL:neutral,Custom_rules:0:0:0,LFtime:23,LUA_SUMMARY:none X-HE-Tag: hate88_2510de427057 X-Filterd-Recvd-Size: 7550 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by imf21.hostedemail.com (Postfix) with ESMTP for ; Tue, 25 Aug 2020 00:30:37 +0000 (UTC) IronPort-SDR: rNkWxLZXYgyv2YiDDU7gg2lTFWVRavDCnRjnT7Qgq/0v1bq36arg2wqVAPbf+LpKs/TsuPcvpv s0zLpRq4gq6w== X-IronPort-AV: E=McAfee;i="6000,8403,9723"; a="143794758" X-IronPort-AV: E=Sophos;i="5.76,350,1592895600"; d="scan'208";a="143794758" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Aug 2020 17:30:36 -0700 IronPort-SDR: sag8XSvzJd3jS7rbio7FMhabhFQ4iyYHrusWVG806CizD/87vdJCkYCrboG5zqXv07i8o0mNfU SVNQCLxxXIKQ== X-IronPort-AV: E=Sophos;i="5.76,350,1592895600"; d="scan'208";a="443429324" Received: from yyu32-desk.sc.intel.com ([143.183.136.146]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Aug 2020 17:30:36 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin , Weijiang Yang Cc: Yu-cheng Yu Subject: [PATCH v11 6/9] x86/cet: Add PTRACE interface for CET Date: Mon, 24 Aug 2020 17:26:41 -0700 Message-Id: <20200825002645.3658-7-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20200825002645.3658-1-yu-cheng.yu@intel.com> References: <20200825002645.3658-1-yu-cheng.yu@intel.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: 0BFD237604 X-Spamd-Result: default: False [0.00 / 100.00] X-Rspamd-Server: rspam05 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Add REGSET_CET64/REGSET_CET32 to get/set CET MSRs: IA32_U_CET (user-mode CET settings) and IA32_PL3_SSP (user-mode Shadow Stack) Signed-off-by: Yu-cheng Yu --- arch/x86/include/asm/fpu/regset.h | 7 ++--- arch/x86/kernel/fpu/regset.c | 44 +++++++++++++++++++++++++++++++ arch/x86/kernel/ptrace.c | 16 +++++++++++ include/uapi/linux/elf.h | 1 + 4 files changed, 65 insertions(+), 3 deletions(-) diff --git a/arch/x86/include/asm/fpu/regset.h b/arch/x86/include/asm/fpu/regset.h index 4f928d6a367b..8622184d87f5 100644 --- a/arch/x86/include/asm/fpu/regset.h +++ b/arch/x86/include/asm/fpu/regset.h @@ -7,11 +7,12 @@ #include -extern user_regset_active_fn regset_fpregs_active, regset_xregset_fpregs_active; +extern user_regset_active_fn regset_fpregs_active, regset_xregset_fpregs_active, + cetregs_active; extern user_regset_get2_fn fpregs_get, xfpregs_get, fpregs_soft_get, - xstateregs_get; + xstateregs_get, cetregs_get; extern user_regset_set_fn fpregs_set, xfpregs_set, fpregs_soft_set, - xstateregs_set; + xstateregs_set, cetregs_set; /* * xstateregs_active == regset_fpregs_active. Please refer to the comment diff --git a/arch/x86/kernel/fpu/regset.c b/arch/x86/kernel/fpu/regset.c index c413756ba89f..8860d57eed35 100644 --- a/arch/x86/kernel/fpu/regset.c +++ b/arch/x86/kernel/fpu/regset.c @@ -149,6 +149,50 @@ int xstateregs_set(struct task_struct *target, const struct user_regset *regset, return ret; } +int cetregs_active(struct task_struct *target, const struct user_regset *regset) +{ +#ifdef CONFIG_X86_INTEL_CET + if (target->thread.cet.shstk_size || target->thread.cet.ibt_enabled) + return regset->n; +#endif + return 0; +} + +int cetregs_get(struct task_struct *target, const struct user_regset *regset, + struct membuf to) +{ + struct fpu *fpu = &target->thread.fpu; + struct cet_user_state *cetregs; + + if (!boot_cpu_has(X86_FEATURE_SHSTK)) + return -ENODEV; + + fpu__prepare_read(fpu); + cetregs = get_xsave_addr(&fpu->state.xsave, XFEATURE_CET_USER); + if (!cetregs) + return -EFAULT; + + return membuf_write(&to, cetregs, sizeof(struct cet_user_state)); +} + +int cetregs_set(struct task_struct *target, const struct user_regset *regset, + unsigned int pos, unsigned int count, + const void *kbuf, const void __user *ubuf) +{ + struct fpu *fpu = &target->thread.fpu; + struct cet_user_state *cetregs; + + if (!boot_cpu_has(X86_FEATURE_SHSTK)) + return -ENODEV; + + fpu__prepare_write(fpu); + cetregs = get_xsave_addr(&fpu->state.xsave, XFEATURE_CET_USER); + if (!cetregs) + return -EFAULT; + + return user_regset_copyin(&pos, &count, &kbuf, &ubuf, cetregs, 0, -1); +} + #if defined CONFIG_X86_32 || defined CONFIG_IA32_EMULATION /* diff --git a/arch/x86/kernel/ptrace.c b/arch/x86/kernel/ptrace.c index 5679aa3fdcb8..ea54317f087e 100644 --- a/arch/x86/kernel/ptrace.c +++ b/arch/x86/kernel/ptrace.c @@ -52,7 +52,9 @@ enum x86_regset { REGSET_IOPERM64 = REGSET_XFP, REGSET_XSTATE, REGSET_TLS, + REGSET_CET64 = REGSET_TLS, REGSET_IOPERM32, + REGSET_CET32, }; struct pt_regs_offset { @@ -1229,6 +1231,13 @@ static struct user_regset x86_64_regsets[] __ro_after_init = { .size = sizeof(long), .align = sizeof(long), .active = ioperm_active, .regset_get = ioperm_get }, + [REGSET_CET64] = { + .core_note_type = NT_X86_CET, + .n = sizeof(struct cet_user_state) / sizeof(u64), + .size = sizeof(u64), .align = sizeof(u64), + .active = cetregs_active, .regset_get = cetregs_get, + .set = cetregs_set + }, }; static const struct user_regset_view user_x86_64_view = { @@ -1284,6 +1293,13 @@ static struct user_regset x86_32_regsets[] __ro_after_init = { .size = sizeof(u32), .align = sizeof(u32), .active = ioperm_active, .regset_get = ioperm_get }, + [REGSET_CET32] = { + .core_note_type = NT_X86_CET, + .n = sizeof(struct cet_user_state) / sizeof(u64), + .size = sizeof(u64), .align = sizeof(u64), + .active = cetregs_active, .regset_get = cetregs_get, + .set = cetregs_set + }, }; static const struct user_regset_view user_x86_32_view = { diff --git a/include/uapi/linux/elf.h b/include/uapi/linux/elf.h index ca5875f384f6..d2a895369bcc 100644 --- a/include/uapi/linux/elf.h +++ b/include/uapi/linux/elf.h @@ -402,6 +402,7 @@ typedef struct elf64_shdr { #define NT_386_TLS 0x200 /* i386 TLS slots (struct user_desc) */ #define NT_386_IOPERM 0x201 /* x86 io permission bitmap (1=deny) */ #define NT_X86_XSTATE 0x202 /* x86 extended state using xsave */ +#define NT_X86_CET 0x203 /* x86 cet state */ #define NT_S390_HIGH_GPRS 0x300 /* s390 upper register halves */ #define NT_S390_TIMER 0x301 /* s390 timer register */ #define NT_S390_TODCMP 0x302 /* s390 TOD clock comparator register */ From patchwork Tue Aug 25 00:26:42 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 11734575 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 73693739 for ; Tue, 25 Aug 2020 00:30:56 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 427612065F for ; Tue, 25 Aug 2020 00:30:56 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 427612065F Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id CB904900016; Mon, 24 Aug 2020 20:30:39 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id C444B900010; Mon, 24 Aug 2020 20:30:39 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A6CC8900018; Mon, 24 Aug 2020 20:30:39 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0084.hostedemail.com [216.40.44.84]) by kanga.kvack.org (Postfix) with ESMTP id 79A3D900016 for ; Mon, 24 Aug 2020 20:30:39 -0400 (EDT) Received: from smtpin06.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay02.hostedemail.com (Postfix) with ESMTP id 4D229362B for ; Tue, 25 Aug 2020 00:30:39 +0000 (UTC) X-FDA: 77187210198.06.wish04_010731927057 Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin06.hostedemail.com (Postfix) with ESMTP id 069B91004E3F0 for ; Tue, 25 Aug 2020 00:30:38 +0000 (UTC) X-Spam-Summary: 1,0,0,,d41d8cd98f00b204,yu-cheng.yu@intel.com,,RULES_HIT:30045:30054:30056:30064,0,RBL:134.134.136.20:@intel.com:.lbl8.mailshell.net-62.50.0.100 64.95.201.95;04yg1qhzt9k51ngizn4k3ruwezrwjop74687jprzbxgqh6nrydsuifgjs1uethu.y91wnw5bpatopyb41418xnzh8x9n5cffcei48gw9tz1qm6jo3whe3x89wbrjqht.n-lbl8.mailshell.net-223.238.255.100,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,MSF:not bulk,SPF:ft,MSBL:0,DNSBL:neutral,Custom_rules:0:0:0,LFtime:24,LUA_SUMMARY:none X-HE-Tag: wish04_010731927057 X-Filterd-Recvd-Size: 3430 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by imf26.hostedemail.com (Postfix) with ESMTP for ; Tue, 25 Aug 2020 00:30:38 +0000 (UTC) IronPort-SDR: EU9RgT1yrNX3/c5Ucp8isXvb2z7Bvtxay+ykuDG/q0JIrX4iOzgSKhattItY8coVH8OyDB0wC0 W/e3KsPwMMwQ== X-IronPort-AV: E=McAfee;i="6000,8403,9723"; a="143794761" X-IronPort-AV: E=Sophos;i="5.76,350,1592895600"; d="scan'208";a="143794761" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Aug 2020 17:30:37 -0700 IronPort-SDR: wh7Suymihw1wSYVbZJBKpl9o/wmOnOeXhZ1K8M/H+4znuZ/pgAXfw+FoXDL77NlUH2NWj143wt v0FHQnqFMhIw== X-IronPort-AV: E=Sophos;i="5.76,350,1592895600"; d="scan'208";a="443429331" Received: from yyu32-desk.sc.intel.com ([143.183.136.146]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Aug 2020 17:30:36 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin , Weijiang Yang Cc: Yu-cheng Yu Subject: [PATCH v11 7/9] x86/vdso/32: Add ENDBR32 to __kernel_vsyscall entry point Date: Mon, 24 Aug 2020 17:26:42 -0700 Message-Id: <20200825002645.3658-8-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20200825002645.3658-1-yu-cheng.yu@intel.com> References: <20200825002645.3658-1-yu-cheng.yu@intel.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: 069B91004E3F0 X-Spamd-Result: default: False [0.00 / 100.00] X-Rspamd-Server: rspam04 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: "H.J. Lu" Add ENDBR32 to __kernel_vsyscall entry point. Signed-off-by: H.J. Lu Signed-off-by: Yu-cheng Yu Acked-by: Andy Lutomirski --- arch/x86/entry/vdso/vdso32/system_call.S | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/entry/vdso/vdso32/system_call.S b/arch/x86/entry/vdso/vdso32/system_call.S index de1fff7188aa..5cf74ebd4746 100644 --- a/arch/x86/entry/vdso/vdso32/system_call.S +++ b/arch/x86/entry/vdso/vdso32/system_call.S @@ -14,6 +14,9 @@ ALIGN __kernel_vsyscall: CFI_STARTPROC +#ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER + endbr32 +#endif /* * Reshuffle regs so that all of any of the entry instructions * will preserve enough state. From patchwork Tue Aug 25 00:26:43 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 11734573 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 7E5F214F6 for ; Tue, 25 Aug 2020 00:30:53 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 4B9322065F for ; Tue, 25 Aug 2020 00:30:53 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 4B9322065F Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 7FEF5900017; Mon, 24 Aug 2020 20:30:39 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 76222900010; Mon, 24 Aug 2020 20:30:39 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6276B900016; Mon, 24 Aug 2020 20:30:39 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0132.hostedemail.com [216.40.44.132]) by kanga.kvack.org (Postfix) with ESMTP id 4A701900010 for ; Mon, 24 Aug 2020 20:30:39 -0400 (EDT) Received: from smtpin28.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay01.hostedemail.com (Postfix) with ESMTP id 17821180AD815 for ; Tue, 25 Aug 2020 00:30:39 +0000 (UTC) X-FDA: 77187210198.28.aunt62_2608d7827057 Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin28.hostedemail.com (Postfix) with ESMTP id D7E086D62 for ; Tue, 25 Aug 2020 00:30:38 +0000 (UTC) X-Spam-Summary: 1,0,0,,d41d8cd98f00b204,yu-cheng.yu@intel.com,,RULES_HIT:30054:30056:30064:30090,0,RBL:134.134.136.20:@intel.com:.lbl8.mailshell.net-62.50.0.100 64.95.201.95;04yfrakqqq9fjrghyu4shon5r63goop4aaxzzao1xsm4g7t57d8onyea1xs851t.kjo9byxsx8uyn5s77wt6dqe1dqmx7455s7g9efx6xn1f5iheqrnxzxeuuksrnxb.1-lbl8.mailshell.net-223.238.255.100,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,MSF:not bulk,SPF:ft,MSBL:0,DNSBL:none,Custom_rules:0:0:0,LFtime:23,LUA_SUMMARY:none X-HE-Tag: aunt62_2608d7827057 X-Filterd-Recvd-Size: 3687 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by imf21.hostedemail.com (Postfix) with ESMTP for ; Tue, 25 Aug 2020 00:30:38 +0000 (UTC) IronPort-SDR: MU8vUAYKtPqmkTzCrXd2vowVAVjt1msieQmXPOA7zdE6qtL1iAK/R1oHFE/mbTMWK/bF5E4dIb yrQYJGrVZ+8A== X-IronPort-AV: E=McAfee;i="6000,8403,9723"; a="143794766" X-IronPort-AV: E=Sophos;i="5.76,350,1592895600"; d="scan'208";a="143794766" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Aug 2020 17:30:37 -0700 IronPort-SDR: CZm3evfZq44Iuma7t7gzSLCDG2cHQ7o1phBaZEox/ofJXa60prL8D8E403ktCzTNSEgX7s4fhO Zc0d8Ug5grWQ== X-IronPort-AV: E=Sophos;i="5.76,350,1592895600"; d="scan'208";a="443429337" Received: from yyu32-desk.sc.intel.com ([143.183.136.146]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Aug 2020 17:30:37 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin , Weijiang Yang Cc: Yu-cheng Yu Subject: [PATCH v11 8/9] x86/vdso: Insert endbr32/endbr64 to vDSO Date: Mon, 24 Aug 2020 17:26:43 -0700 Message-Id: <20200825002645.3658-9-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20200825002645.3658-1-yu-cheng.yu@intel.com> References: <20200825002645.3658-1-yu-cheng.yu@intel.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: D7E086D62 X-Spamd-Result: default: False [0.00 / 100.00] X-Rspamd-Server: rspam05 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: "H.J. Lu" When Indirect Branch Tracking (IBT) is enabled, vDSO functions may be called indirectly, and must have ENDBR32 or ENDBR64 as the first instruction. The compiler must support -fcf-protection=branch so that it can be used to compile vDSO. Signed-off-by: H.J. Lu Signed-off-by: Yu-cheng Yu Acked-by: Andy Lutomirski --- arch/x86/entry/vdso/Makefile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/x86/entry/vdso/Makefile b/arch/x86/entry/vdso/Makefile index 215376d975a2..82f8e25e139f 100644 --- a/arch/x86/entry/vdso/Makefile +++ b/arch/x86/entry/vdso/Makefile @@ -130,6 +130,10 @@ $(obj)/%-x32.o: $(obj)/%.o FORCE targets += vdsox32.lds $(vobjx32s-y) +ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER + $(obj)/vclock_gettime.o $(obj)/vgetcpu.o $(obj)/vdso32/vclock_gettime.o: KBUILD_CFLAGS += -fcf-protection=branch +endif + $(obj)/%.so: OBJCOPYFLAGS := -S $(obj)/%.so: $(obj)/%.so.dbg FORCE $(call if_changed,objcopy) From patchwork Tue Aug 25 00:26:44 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 11734577 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 6CE6F739 for ; Tue, 25 Aug 2020 00:30:59 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 3902D22CA0 for ; Tue, 25 Aug 2020 00:30:59 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 3902D22CA0 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 78ADD900018; Mon, 24 Aug 2020 20:30:40 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 71365900010; Mon, 24 Aug 2020 20:30:40 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 600EC900018; Mon, 24 Aug 2020 20:30:40 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0019.hostedemail.com [216.40.44.19]) by kanga.kvack.org (Postfix) with ESMTP id 49C58900010 for ; Mon, 24 Aug 2020 20:30:40 -0400 (EDT) Received: from smtpin25.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay04.hostedemail.com (Postfix) with ESMTP id 198991EE6 for ; Tue, 25 Aug 2020 00:30:40 +0000 (UTC) X-FDA: 77187210240.25.price96_2a184cd27057 Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin25.hostedemail.com (Postfix) with ESMTP id D84F11804E3A0 for ; Tue, 25 Aug 2020 00:30:39 +0000 (UTC) X-Spam-Summary: 1,0,0,,d41d8cd98f00b204,yu-cheng.yu@intel.com,,RULES_HIT:30012:30051:30054:30055:30056:30064,0,RBL:134.134.136.20:@intel.com:.lbl8.mailshell.net-64.95.201.95 62.50.0.100;04yfr9pbpa8osh4wcdx5euib5j5nnoc5fhg4n6cd6oeo5z3wzcxxbu9gxfxpxyr.duds8ee4dxih9qcu5r8naaohawgo7gihp55xo1n3xj1mdsh7x36cbckz45q88a9.1-lbl8.mailshell.net-223.238.255.100,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,MSF:not bulk,SPF:ft,MSBL:0,DNSBL:neutral,Custom_rules:0:1:0,LFtime:23,LUA_SUMMARY:none X-HE-Tag: price96_2a184cd27057 X-Filterd-Recvd-Size: 4356 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by imf21.hostedemail.com (Postfix) with ESMTP for ; Tue, 25 Aug 2020 00:30:39 +0000 (UTC) IronPort-SDR: BpHzW562IOnG7Q/Kz56xWVIfROjOAqMA6RDVVOSj5OQX+JomMh7Yff6gix0k2121WyV7uAG36x mx3yKJ4m2CHQ== X-IronPort-AV: E=McAfee;i="6000,8403,9723"; a="143794768" X-IronPort-AV: E=Sophos;i="5.76,350,1592895600"; d="scan'208";a="143794768" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Aug 2020 17:30:38 -0700 IronPort-SDR: lYjt4wcfMve2UloFv1ZVhYpn9TLEcoQGsrogMIRpRCyCUOWZ2cXw36gxsL2insLMn2J+uDtF9n 2Af6Rj+f0Ywg== X-IronPort-AV: E=Sophos;i="5.76,350,1592895600"; d="scan'208";a="443429341" Received: from yyu32-desk.sc.intel.com ([143.183.136.146]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Aug 2020 17:30:37 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin , Weijiang Yang Cc: Yu-cheng Yu Subject: [PATCH v11 9/9] x86: Disallow vsyscall emulation when CET is enabled Date: Mon, 24 Aug 2020 17:26:44 -0700 Message-Id: <20200825002645.3658-10-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20200825002645.3658-1-yu-cheng.yu@intel.com> References: <20200825002645.3658-1-yu-cheng.yu@intel.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: D84F11804E3A0 X-Spamd-Result: default: False [0.00 / 100.00] X-Rspamd-Server: rspam03 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: "H.J. Lu" Emulation of the legacy vsyscall page is required by some programs built before 2013. Newer programs after 2013 don't use it. Disallow vsyscall emulation when Control-flow Enforcement (CET) is enabled to enhance security. Signed-off-by: H.J. Lu Signed-off-by: Yu-cheng Yu --- arch/x86/Kconfig | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 5bd6d6a10047..bbc68ecfae2b 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1210,7 +1210,7 @@ config X86_ESPFIX64 config X86_VSYSCALL_EMULATION bool "Enable vsyscall emulation" if EXPERT default y - depends on X86_64 + depends on X86_64 && !X86_INTEL_CET help This enables emulation of the legacy vsyscall page. Disabling it is roughly equivalent to booting with vsyscall=none, except @@ -1225,6 +1225,8 @@ config X86_VSYSCALL_EMULATION Disabling this option saves about 7K of kernel size and possibly 4K of additional runtime pagetable memory. + This option is disabled when Intel CET is enabled. + config X86_IOPL_IOPERM bool "IOPERM and IOPL Emulation" default y @@ -2361,7 +2363,7 @@ config COMPAT_VDSO choice prompt "vsyscall table for legacy applications" - depends on X86_64 + depends on X86_64 && !X86_INTEL_CET default LEGACY_VSYSCALL_XONLY help Legacy user code that does not know how to find the vDSO expects @@ -2378,6 +2380,8 @@ choice If unsure, select "Emulate execution only". + This option is not enabled when Intel CET is enabled. + config LEGACY_VSYSCALL_EMULATE bool "Full emulation" help