From patchwork Fri Aug 27 03:07:48 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Collingbourne X-Patchwork-Id: 12461119 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-17.5 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_ADSP_CUSTOM_MED,DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A7E7FC432BE for ; Fri, 27 Aug 2021 03:10:15 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 7360D60F5C for ; Fri, 27 Aug 2021 03:10:15 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 7360D60F5C Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:Mime-Version: Message-Id:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Owner; bh=fuYllRXGhBERLX+lLlk1AAUjN6U0zd0ZnihLVarzGFY=; b=iyi 67kU1T5/64YuJt0nOLT0lJ46iqyzdfsiE20r4p9hEwj+j0rLjVC79rJbWxsOcN4z97UpQ5SNDMf6C rxyk1QAlSZi1N3K/xeeX37MY/ttmnXo/yH7K7mG98f6iGSURw8O0GTeMrVnAdpWYwUqJVHEmW9wgo JebrqQKfbEsVeRv6L/a7GwjoBU5pUBijsHWyjNKkUZjkfOuwYUWn8Z/iUMToA/990vSVsa1Cm8hKr /AdVuYfCtpaDXewKjlDeCT4cAOwNjbm8obqwbvQqfjtgyTJJQGgsEwQ4u3oADdKlsU6EiF2fWjVmL ARlH60g+dFYi8yiuHLs3TBLF43YlQgQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1mJSDt-00BOVr-J5; Fri, 27 Aug 2021 03:08:05 +0000 Received: from mail-qk1-x74a.google.com ([2607:f8b0:4864:20::74a]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1mJSDp-00BOVR-Je for linux-arm-kernel@lists.infradead.org; Fri, 27 Aug 2021 03:08:03 +0000 Received: by mail-qk1-x74a.google.com with SMTP id 62-20020a3706410000b02903d2cdd9acf0so4767750qkg.21 for ; Thu, 26 Aug 2021 20:08:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:message-id:mime-version:subject:from:to:cc; bh=XcF5LuIIPrJ55ezqySwLpJr7El1dX5US44mECTZXlZ4=; b=rEsTFbXoLkd+7wcvsv3J/eg8G2QjOoYszM/ISUeaEQ+vcQ6nsqy5aB5y7WYIjpbj/e a7N49azGRPGyWmwn57DaoeTSdcVMJtCYOUn0UM4qGJKYBrzTeFBLy56fJ7vCTN9F0B76 pEZroDqD4LlXUV0YD4r45VtrLrW+MSuA3zt4K7dhBP6Q7jTVVz7k/1AY3mgNRuKQigfP /n5U7F/z25HyHNsbW4CBYLBGkinbLomTIRNJoA0U0m4CUP/lYfrDxUpqJBOZPE4XGwL4 ypSQbxqxW8J2+NPNmP3wmDRRmdweim21FTP/l5vMpYlHtCj1P0a793wqCVHj/NVV50m3 UrNw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:message-id:mime-version:subject:from:to:cc; bh=XcF5LuIIPrJ55ezqySwLpJr7El1dX5US44mECTZXlZ4=; b=cklFV6rugyITkHgYE9WE3wIbJt3JcOFVLzoIIYxWG5Txv18pKJKhvWB+xEYVNa8PuT oZxlkDKz8bUurA7X/FqWGQdzN+cUt8r1axtFQm5njytS369LHEr1/ddE0iQaKDn+ih0a Iv3ZGT62yRg8GLqtey9kYtXPRqaRfFQPINBiLEwfq2D86wkXH2AqjeNwGIHy/ZDe49GD guX6VU+rTaPzcPIq+3pMq4BZgFo3zGPx1hmYeHeNxdAEFuQYjLjLj39ix5Dg90YN1hjj TuQByG04ba9FHyaz+MSRm+T95lfOFiAt7qqd9ln979dIBgzPH1Sg0eK/ECt6vbV6/FeO ypRA== X-Gm-Message-State: AOAM531uFtIfT/Zoqug7sRRG1pMK3VAZieFfoGWsxw1Xhcz+c53l6i8e PKL98d4U2tkKG66zocM33wfeWcw= X-Google-Smtp-Source: ABdhPJydV5TLy5EuBuOZtDtnxCLDc+3Z1AL4c9VC7GcuA/ZAFskyDtTaDAuRDrb3npKFAvpMYzk48v4= X-Received: from pcc-desktop.svl.corp.google.com ([2620:15c:2ce:200:beb:3e71:94d0:cf9]) (user=pcc job=sendgmr) by 2002:a05:6214:1809:: with SMTP id o9mr7719212qvw.58.1630033678537; Thu, 26 Aug 2021 20:07:58 -0700 (PDT) Date: Thu, 26 Aug 2021 20:07:48 -0700 Message-Id: <20210827030748.587710-1-pcc@google.com> Mime-Version: 1.0 X-Mailer: git-send-email 2.33.0.259.gc128427fd7-goog Subject: [PATCH] arm64: kasan: mte: move GCR_EL1 switch to task switch when KASAN disabled From: Peter Collingbourne To: Catalin Marinas , Vincenzo Frascino , Will Deacon , Andrey Konovalov Cc: Peter Collingbourne , Evgenii Stepanov , linux-arm-kernel@lists.infradead.org X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210826_200801_710087_9444C096 X-CRM114-Status: GOOD ( 17.73 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org It is not necessary to write to GCR_EL1 on every kernel entry and exit when HW tag-based KASAN is disabled because the kernel will not execute any IRG instructions in that mode. Since accessing GCR_EL1 can be expensive on some microarchitectures, avoid doing so by moving the access to task switch when HW tag-based KASAN is disabled. Signed-off-by: Peter Collingbourne Acked-by: Andrey Konovalov --- arch/arm64/kernel/entry.S | 10 +++++----- arch/arm64/kernel/mte.c | 24 +++++++++++++++++++++--- include/linux/kasan.h | 9 +++++++-- 3 files changed, 33 insertions(+), 10 deletions(-) diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S index 923ee2ac85fd..e12ed892cde8 100644 --- a/arch/arm64/kernel/entry.S +++ b/arch/arm64/kernel/entry.S @@ -178,9 +178,9 @@ alternative_else_nop_endif .macro mte_set_kernel_gcr, tmp, tmp2 #ifdef CONFIG_KASAN_HW_TAGS -alternative_if_not ARM64_MTE +alternative_cb kasan_hw_tags_enable b 1f -alternative_else_nop_endif +alternative_cb_end mov \tmp, KERNEL_GCR_EL1 msr_s SYS_GCR_EL1, \tmp 1: @@ -188,10 +188,10 @@ alternative_else_nop_endif .endm .macro mte_set_user_gcr, tsk, tmp, tmp2 -#ifdef CONFIG_ARM64_MTE -alternative_if_not ARM64_MTE +#ifdef CONFIG_KASAN_HW_TAGS +alternative_cb kasan_hw_tags_enable b 1f -alternative_else_nop_endif +alternative_cb_end ldr \tmp, [\tsk, #THREAD_MTE_CTRL] mte_set_gcr \tmp, \tmp2 diff --git a/arch/arm64/kernel/mte.c b/arch/arm64/kernel/mte.c index 9d314a3bad3b..0e8edb5d5861 100644 --- a/arch/arm64/kernel/mte.c +++ b/arch/arm64/kernel/mte.c @@ -162,7 +162,7 @@ void mte_check_tfsr_el1(void) } #endif -static void mte_update_sctlr_user(struct task_struct *task) +static void mte_update_sctlr_user_and_gcr_excl(struct task_struct *task) { /* * This must be called with preemption disabled and can only be called @@ -182,6 +182,24 @@ static void mte_update_sctlr_user(struct task_struct *task) else if (resolved_mte_tcf & MTE_CTRL_TCF_SYNC) sctlr |= SCTLR_EL1_TCF0_SYNC; task->thread.sctlr_user = sctlr; + + /* + * SYS_GCR_EL1 will be set to current->thread.mte_ctrl value by + * mte_set_user_gcr() in kernel_exit, but only if KASAN is enabled. + */ + if (!kasan_hw_tags_enabled()) + write_sysreg_s(((mte_ctrl >> MTE_CTRL_GCR_USER_EXCL_SHIFT) & + SYS_GCR_EL1_EXCL_MASK) | SYS_GCR_EL1_RRND, + SYS_GCR_EL1); +} + +void __init kasan_hw_tags_enable(struct alt_instr *alt, __le32 *origptr, + __le32 *updptr, int nr_inst) +{ + BUG_ON(nr_inst != 1); /* Branch -> NOP */ + + if (kasan_hw_tags_enabled()) + *updptr = cpu_to_le32(aarch64_insn_gen_nop()); } void mte_thread_init_user(void) @@ -199,7 +217,7 @@ void mte_thread_init_user(void) void mte_thread_switch(struct task_struct *next) { - mte_update_sctlr_user(next); + mte_update_sctlr_user_and_gcr_excl(next); /* * Check if an async tag exception occurred at EL1. @@ -244,7 +262,7 @@ long set_mte_ctrl(struct task_struct *task, unsigned long arg) task->thread.mte_ctrl = mte_ctrl; if (task == current) { preempt_disable(); - mte_update_sctlr_user(task); + mte_update_sctlr_user_and_gcr_excl(task); update_sctlr_el1(task->thread.sctlr_user); preempt_enable(); } diff --git a/include/linux/kasan.h b/include/linux/kasan.h index dd874a1ee862..de5f5913374d 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -89,7 +89,7 @@ static __always_inline bool kasan_enabled(void) return static_branch_likely(&kasan_flag_enabled); } -static inline bool kasan_has_integrated_init(void) +static inline bool kasan_hw_tags_enabled(void) { return kasan_enabled(); } @@ -104,7 +104,7 @@ static inline bool kasan_enabled(void) return IS_ENABLED(CONFIG_KASAN); } -static inline bool kasan_has_integrated_init(void) +static inline bool kasan_hw_tags_enabled(void) { return false; } @@ -125,6 +125,11 @@ static __always_inline void kasan_free_pages(struct page *page, #endif /* CONFIG_KASAN_HW_TAGS */ +static inline bool kasan_has_integrated_init(void) +{ + return kasan_hw_tags_enabled(); +} + #ifdef CONFIG_KASAN struct kasan_cache {