Message ID | 20230731-arm64-gcs-v3-11-cddf9f980d98@kernel.org |
---|---|
State | New |
Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:918b:0:b0:3e4:2afc:c1 with SMTP id s11csp2041207vqg; Mon, 31 Jul 2023 07:11:10 -0700 (PDT) X-Google-Smtp-Source: APBJJlG7uujpcaEMBWvE/GhFAjs2JVTCw4f6SSZP8GwbSxgY2rIDKY1buf0Ys82wufKRI3mKwzpb X-Received: by 2002:a17:90a:6c04:b0:268:7dde:d90d with SMTP id x4-20020a17090a6c0400b002687dded90dmr8253677pjj.11.1690812670198; Mon, 31 Jul 2023 07:11:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690812670; cv=none; d=google.com; s=arc-20160816; b=LJZ+aLZ/Hru1caNVtsXM0pynAQwc7cdp19VaNvBsQ+p57uExdtfTofgVNUEiDr0WUc 8IRll3bFBqYTbz7sbTCTdZrHCxZn830jaujCtKuO6XR6LPtxeT43Z/aryvw61Zq5Od2u K0aT9MGS8/d5VCZvLELLvFmEvWaY345MzZctRxbt5qXbrATJNV0MXwX+DT0TRQUV0OVm 1CFN/iePiIjWPu/oATukOhMuoczaSyypDXoNDRpnk82edmCRZI03f0JUHNpnzIPsk2Uz 25OoViJMtB7hmR9/SXLaxaGXVLQxSrAhIe8M6fJIjOmL793ZkuA8Nm0NbVaoih3nDj91 f47A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:in-reply-to:references:message-id :content-transfer-encoding:mime-version:subject:date:from :dkim-signature; bh=RiRra371vnC/K7aW/lS3yxDUYWSr5hTseY8nLXePyV0=; fh=EdAFSmIgUzZTC6WCy4Jg1wBZ0/m6m2d/OjiRUJ3BsTI=; b=L6iWsclxhM4QuXYZKP7VSYlqo/MjpDD9DaEqIBGEwNDisZdrucYK1+X3oiKG326Flm uQrM48JQkj0jax+Sc5Cr9xIaXxgKZAAqRylORckj7xYf8SXH+vx6lRySz8pahGUE2G+w 9dIb3Y1dSIQlKrttUX3qlg4l3m+slOen8WjOS7qUT1iagtUrYRWT3clnTLnXu5XNzMJ2 AssyHT+ATEoqnvi0Q4VBqmCDW0tngibroxSho3kwiC0voPGmUaYQXT/dy+oYMTkmLZOi E5qLqAobODIjNunQa9efbRz3MmMTTkTJpP6P1ADlmKz6LUxMq8bXASPexqhCMem9DJ2a wh9g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="mSSSKzu/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id i14-20020a17090a2a0e00b0026764aac11bsi6036972pjd.29.2023.07.31.07.10.56; Mon, 31 Jul 2023 07:11:10 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="mSSSKzu/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232115AbjGaNxa (ORCPT <rfc822;dengxinlin2429@gmail.com> + 99 others); Mon, 31 Jul 2023 09:53:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43612 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231320AbjGaNw0 (ORCPT <rfc822;linux-kernel@vger.kernel.org>); Mon, 31 Jul 2023 09:52:26 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 68D87210A; Mon, 31 Jul 2023 06:51:59 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id D6EC861158; Mon, 31 Jul 2023 13:51:58 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 91AA8C433C8; Mon, 31 Jul 2023 13:51:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1690811518; bh=viG5anxcCcnETy6WTEqLj0O+gpdZleg7ylSYSUDSWcI=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=mSSSKzu/+QPBBakkr45wlX9iKeJxSV3cpcmQLgAc4ESbF/iG02+RnaTU3bQ5T4R1R Kw6LX+osxC9ep54R3iYjYNgQ+6DT6w7VDzmxi98o2AEGXQOppTzll2hpPv3eBxu/B2 rwMAkkj7K0zr+kT0apzE2k+Tue7Fgxe5UejX54nFqsn7yoFZPLCZJCkxh1wT6qRBxg wdoK63KoGSo5kBnLWsJAnOBxxKxS7UmF+wY79mBh/GPrFVaCENDT4L5MC8AbRw+wNf MQMBzeYPtbwAUNwOXLFT1KOQnCTxZve755M5cURARwYJUkYgPsMg/IE/rbeDS9hkit 7twM1r/XoxEag== From: Mark Brown <broonie@kernel.org> Date: Mon, 31 Jul 2023 14:43:20 +0100 Subject: [PATCH v3 11/36] arm64/mm: Map pages for guarded control stack MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Message-Id: <20230731-arm64-gcs-v3-11-cddf9f980d98@kernel.org> References: <20230731-arm64-gcs-v3-0-cddf9f980d98@kernel.org> In-Reply-To: <20230731-arm64-gcs-v3-0-cddf9f980d98@kernel.org> To: Catalin Marinas <catalin.marinas@arm.com>, Will Deacon <will@kernel.org>, Jonathan Corbet <corbet@lwn.net>, Andrew Morton <akpm@linux-foundation.org>, Marc Zyngier <maz@kernel.org>, Oliver Upton <oliver.upton@linux.dev>, James Morse <james.morse@arm.com>, Suzuki K Poulose <suzuki.poulose@arm.com>, Arnd Bergmann <arnd@arndb.de>, Oleg Nesterov <oleg@redhat.com>, Eric Biederman <ebiederm@xmission.com>, Kees Cook <keescook@chromium.org>, Shuah Khan <shuah@kernel.org>, "Rick P. Edgecombe" <rick.p.edgecombe@intel.com>, Deepak Gupta <debug@rivosinc.com>, Ard Biesheuvel <ardb@kernel.org>, Szabolcs Nagy <Szabolcs.Nagy@arm.com> Cc: "H.J. Lu" <hjl.tools@gmail.com>, Paul Walmsley <paul.walmsley@sifive.com>, Palmer Dabbelt <palmer@dabbelt.com>, Albert Ou <aou@eecs.berkeley.edu>, linux-arm-kernel@lists.infradead.org, linux-doc@vger.kernel.org, kvmarm@lists.linux.dev, linux-fsdevel@vger.kernel.org, linux-arch@vger.kernel.org, linux-mm@kvack.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, linux-riscv@lists.infradead.org, Mark Brown <broonie@kernel.org> X-Mailer: b4 0.13-dev-099c9 X-Developer-Signature: v=1; a=openpgp-sha256; l=1225; i=broonie@kernel.org; h=from:subject:message-id; bh=viG5anxcCcnETy6WTEqLj0O+gpdZleg7ylSYSUDSWcI=; b=owEBbQGS/pANAwAKASTWi3JdVIfQAcsmYgBkx7wcNNzB4eHbwePmvMbzyb2eKoUsPKpySJhqxMYO VO/4ZKaJATMEAAEKAB0WIQSt5miqZ1cYtZ/in+ok1otyXVSH0AUCZMe8HAAKCRAk1otyXVSH0E3bB/ 9kkSCSHClFMS8SVmSHhi/kdEidEpwq32cAUbFcwXkdeJjv/CrJsT5T8aku4YfmN1sY57bMYWiOFJCR rFY9qUYZhNPKyVK111nZII+nZtmV4F3UkxDrfeEkNH6xkOECetiv67QQOmgxwuMd6Mql/p94935ORh jgjiwaG54dImasHCJz8MxPQKdfrNGJHycnUS11u+lW7Vy0+tdh6Q90ATBtt0mrn8zi11TrpPzLB6lQ zhmwTiknW/gyPJFn9WIj1tzw3E3areua+5W8q1LF2N58SVUiovl4RgsSDgWKBCRuV7TMOgnVg8piHU Q4ZHM9VIPmML5AZAJsLnLlvAfvCar1 X-Developer-Key: i=broonie@kernel.org; a=openpgp; fpr=3F2568AAC26998F9E813A1C5C3F436CA30F5D8EB X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: <linux-kernel.vger.kernel.org> X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772945586609348802 X-GMAIL-MSGID: 1772945586609348802 |
Series |
arm64/gcs: Provide support for GCS in userspace
|
|
Commit Message
Mark Brown
July 31, 2023, 1:43 p.m. UTC
Map pages flagged as being part of a GCS as such rather than using the
full set of generic VM flags.
This is done using a conditional rather than extending the size of
protection_map since that would make for a very sparse array.
Signed-off-by: Mark Brown <broonie@kernel.org>
---
arch/arm64/mm/mmap.c | 17 ++++++++++++++++-
1 file changed, 16 insertions(+), 1 deletion(-)
Comments
On Mon, Jul 31, 2023 at 02:43:20PM +0100, Mark Brown wrote: > Map pages flagged as being part of a GCS as such rather than using the > full set of generic VM flags. > > This is done using a conditional rather than extending the size of > protection_map since that would make for a very sparse array. > > Signed-off-by: Mark Brown <broonie@kernel.org> > --- > arch/arm64/mm/mmap.c | 17 ++++++++++++++++- > 1 file changed, 16 insertions(+), 1 deletion(-) > > diff --git a/arch/arm64/mm/mmap.c b/arch/arm64/mm/mmap.c > index 8f5b7ce857ed..e2ca770920ed 100644 > --- a/arch/arm64/mm/mmap.c > +++ b/arch/arm64/mm/mmap.c > @@ -79,8 +79,23 @@ arch_initcall(adjust_protection_map); > > pgprot_t vm_get_page_prot(unsigned long vm_flags) > { > - pteval_t prot = pgprot_val(protection_map[vm_flags & > + pteval_t prot; > + > + /* > + * If this is a GCS then only interpret VM_WRITE. > + * > + * TODO: Just make protection_map[] bigger? Nothing seems > + * ideal here. > + */ I think extending protection_map and updating adjust_protection_map() is cleaner and probably faster. > + if (system_supports_gcs() && (vm_flags & VM_SHADOW_STACK)) { > + if (vm_flags & VM_WRITE) > + prot = _PAGE_GCS; > + else > + prot = _PAGE_GCS_RO; > + } else { > + prot = pgprot_val(protection_map[vm_flags & > (VM_READ|VM_WRITE|VM_EXEC|VM_SHARED)]); > + } > > if (vm_flags & VM_ARM64_BTI) > prot |= PTE_GP; > > -- > 2.30.2 > >
On Tue, Aug 01, 2023 at 08:02:31PM +0300, Mike Rapoport wrote: > On Mon, Jul 31, 2023 at 02:43:20PM +0100, Mark Brown wrote: > > { > > - pteval_t prot = pgprot_val(protection_map[vm_flags & > > + pteval_t prot; > > + > > + /* > > + * If this is a GCS then only interpret VM_WRITE. > > + * > > + * TODO: Just make protection_map[] bigger? Nothing seems > > + * ideal here. > > + */ > I think extending protection_map and updating adjust_protection_map() is > cleaner and probably faster. That was my initial thought but then I immediately started second guessing myself about review comments. Hopefully Will or Catalin will weigh in.
diff --git a/arch/arm64/mm/mmap.c b/arch/arm64/mm/mmap.c index 8f5b7ce857ed..e2ca770920ed 100644 --- a/arch/arm64/mm/mmap.c +++ b/arch/arm64/mm/mmap.c @@ -79,8 +79,23 @@ arch_initcall(adjust_protection_map); pgprot_t vm_get_page_prot(unsigned long vm_flags) { - pteval_t prot = pgprot_val(protection_map[vm_flags & + pteval_t prot; + + /* + * If this is a GCS then only interpret VM_WRITE. + * + * TODO: Just make protection_map[] bigger? Nothing seems + * ideal here. + */ + if (system_supports_gcs() && (vm_flags & VM_SHADOW_STACK)) { + if (vm_flags & VM_WRITE) + prot = _PAGE_GCS; + else + prot = _PAGE_GCS_RO; + } else { + prot = pgprot_val(protection_map[vm_flags & (VM_READ|VM_WRITE|VM_EXEC|VM_SHARED)]); + } if (vm_flags & VM_ARM64_BTI) prot |= PTE_GP;