From patchwork Sun Mar 19 00:15:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Edgecombe, Rick P" X-Patchwork-Id: 71682 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:604a:0:0:0:0:0 with SMTP id j10csp531260wrt; Sat, 18 Mar 2023 18:31:52 -0700 (PDT) X-Google-Smtp-Source: AK7set/CNLawLexUSuQhzxfeO4ef2SdqnZbcuqYT2+x0+Ki03/sFDINoK/2mpLQW5xUSM2h32/HL X-Received: by 2002:a17:90b:4c85:b0:237:b64c:6bb3 with SMTP id my5-20020a17090b4c8500b00237b64c6bb3mr14223072pjb.11.1679189511847; Sat, 18 Mar 2023 18:31:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1679189511; cv=none; d=google.com; s=arc-20160816; b=JHDprzM/NdWnkjn+FCYt2CGvNeAdJosZv2WvyAUfYVi7OKoUGgvI8a0dKnv2qKobFS lNtiQlS0is5arkl2FdIfvshTPkV9K0bOInf8NATU4yJPsGls5qEK/zMCWLaM0q+yQglm 22IUWDMJbRmnT3Amuj51d0Y/bxtW4AHvdkU6yJY82Iz1tUn2ToR0dC0wCbvARqPcS40Z yEUE9RIwt1ysJJ0egE2ZFobM7DeOYj06XFfSUh+ldZicAcWDufoQqJGyi4P2GBPJoOS8 rL3VV8wo0yC1EOGf0fxi0mzHUHneJDn/veIL2fBmEXd3VROTwx3361YrDDI4CLrn5LN6 N6yA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:references:in-reply-to:message-id:date:subject :cc:to:from:dkim-signature; bh=NjfnKDB6b0HKeEX/PKHPZraQnlxUrPOXKdybnz7FfaU=; b=ZSMgaMY5rA6KfXD6jUlYoppHHWVKYgLNWqVbvei6ips9naIH8AXwKvzTjLRXPu6sTz rzBbpVrFCKEYbx/0niZhSIatRWn/+H+y6MQ79MaP6WlXbsmQn1IV3K1FB3HcmaZzJfBb JqC4KD6bIOJrXgrS9irqYwSRms+avbWyvi4ePSvVvNghZhR5iVjBX1CBiXucRHxmTHcm 1+ser4NvOQ43cMHeVHOmxvlcMzLxmqymg3cvnWSx9A73c9bjgLNqQrM8tJ00lyyvJPoi pq4hQ6fAuJDclEWqDQ3sVMemd1Da+Y93i6U1dMX5nHcyOqzlT37GBgYYjuio82iKt3m0 /+SQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=W0+umJOk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id fs3-20020a17090af28300b0023d53736026si6386775pjb.125.2023.03.18.18.31.39; Sat, 18 Mar 2023 18:31:51 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=W0+umJOk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230380AbjCSAXJ (ORCPT + 99 others); Sat, 18 Mar 2023 20:23:09 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45840 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230305AbjCSAWc (ORCPT ); Sat, 18 Mar 2023 20:22:32 -0400 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7FFB129E1F; Sat, 18 Mar 2023 17:20:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1679185217; x=1710721217; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=SZKEydO4/dqCRXo76Ax/xNMIP87QKuRYX84LlmCxycM=; b=W0+umJOkovW1kwBVkA3izhrfi/atcAsG43NBfyO4iSuWoYYa4D1TPV+y 0dchiP3KysTylwTDfqcq934Rcz6o3kwkCb0C4jr1pghW/KGMBmlh7OLvZ XGQuY1KE7Uvn+ZXO2YMQ9Ff8cRMX4WpxacOjxqaLNEItOxRYsTVr1kQo8 TTc9vEJbTa/3qtwFC4CPqVzjJIfyxdacwfxjKY6awCuZpmlJk5EQ5ituk V8I5JShJIO8n4S1PJzaFJSTBzuvZpBk0JsY3GkvG8LAcbzov76WsUbDpQ HcnZffIcX4xh+gJOVW1RQy8LvolPAfUpc5d7hToQ+iMUGwTzd7gUMcq4r g==; X-IronPort-AV: E=McAfee;i="6600,9927,10653"; a="338491512" X-IronPort-AV: E=Sophos;i="5.98,272,1673942400"; d="scan'208";a="338491512" Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 18 Mar 2023 17:16:53 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10653"; a="749672980" X-IronPort-AV: E=Sophos;i="5.98,272,1673942400"; d="scan'208";a="749672980" Received: from bmahatwo-mobl1.gar.corp.intel.com (HELO rpedgeco-desk.amr.corp.intel.com) ([10.135.34.5]) by fmsmga004-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 18 Mar 2023 17:16:51 -0700 From: Rick Edgecombe To: x86@kernel.org, "H . Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H . J . Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , Weijiang Yang , "Kirill A . Shutemov" , John Allen , kcc@google.com, eranian@google.com, rppt@kernel.org, jamorris@linux.microsoft.com, dethoma@microsoft.com, akpm@linux-foundation.org, Andrew.Cooper3@citrix.com, christina.schimpe@intel.com, david@redhat.com, debug@rivosinc.com, szabolcs.nagy@arm.com Cc: rick.p.edgecombe@intel.com Subject: [PATCH v8 35/40] x86: Expose thread features in /proc/$PID/status Date: Sat, 18 Mar 2023 17:15:30 -0700 Message-Id: <20230319001535.23210-36-rick.p.edgecombe@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230319001535.23210-1-rick.p.edgecombe@intel.com> References: <20230319001535.23210-1-rick.p.edgecombe@intel.com> X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1760757821872496287?= X-GMAIL-MSGID: =?utf-8?q?1760757821872496287?= Applications and loaders can have logic to decide whether to enable shadow stack. They usually don't report whether shadow stack has been enabled or not, so there is no way to verify whether an application actually is protected by shadow stack. Add two lines in /proc/$PID/status to report enabled and locked features. Since, this involves referring to arch specific defines in asm/prctl.h, implement an arch breakout to emit the feature lines. [Switched to CET, added to commit log] Co-developed-by: Kirill A. Shutemov Signed-off-by: Kirill A. Shutemov Signed-off-by: Rick Edgecombe Reviewed-by: Kees Cook Acked-by: Mike Rapoport (IBM) Tested-by: Pengfei Xu Tested-by: John Allen Tested-by: Kees Cook --- v4: - Remove "CET" references v3: - Move to /proc/pid/status (Kees) v2: - New patch --- arch/x86/kernel/cpu/proc.c | 23 +++++++++++++++++++++++ fs/proc/array.c | 6 ++++++ include/linux/proc_fs.h | 2 ++ 3 files changed, 31 insertions(+) diff --git a/arch/x86/kernel/cpu/proc.c b/arch/x86/kernel/cpu/proc.c index 099b6f0d96bd..31c0e68f6227 100644 --- a/arch/x86/kernel/cpu/proc.c +++ b/arch/x86/kernel/cpu/proc.c @@ -4,6 +4,8 @@ #include #include #include +#include +#include #include "cpu.h" @@ -175,3 +177,24 @@ const struct seq_operations cpuinfo_op = { .stop = c_stop, .show = show_cpuinfo, }; + +#ifdef CONFIG_X86_USER_SHADOW_STACK +static void dump_x86_features(struct seq_file *m, unsigned long features) +{ + if (features & ARCH_SHSTK_SHSTK) + seq_puts(m, "shstk "); + if (features & ARCH_SHSTK_WRSS) + seq_puts(m, "wrss "); +} + +void arch_proc_pid_thread_features(struct seq_file *m, struct task_struct *task) +{ + seq_puts(m, "x86_Thread_features:\t"); + dump_x86_features(m, task->thread.features); + seq_putc(m, '\n'); + + seq_puts(m, "x86_Thread_features_locked:\t"); + dump_x86_features(m, task->thread.features_locked); + seq_putc(m, '\n'); +} +#endif /* CONFIG_X86_USER_SHADOW_STACK */ diff --git a/fs/proc/array.c b/fs/proc/array.c index 9b0315d34c58..3e1a33dcd0d0 100644 --- a/fs/proc/array.c +++ b/fs/proc/array.c @@ -423,6 +423,11 @@ static inline void task_thp_status(struct seq_file *m, struct mm_struct *mm) seq_printf(m, "THP_enabled:\t%d\n", thp_enabled); } +__weak void arch_proc_pid_thread_features(struct seq_file *m, + struct task_struct *task) +{ +} + int proc_pid_status(struct seq_file *m, struct pid_namespace *ns, struct pid *pid, struct task_struct *task) { @@ -446,6 +451,7 @@ int proc_pid_status(struct seq_file *m, struct pid_namespace *ns, task_cpus_allowed(m, task); cpuset_task_status_allowed(m, task); task_context_switch_counts(m, task); + arch_proc_pid_thread_features(m, task); return 0; } diff --git a/include/linux/proc_fs.h b/include/linux/proc_fs.h index 0260f5ea98fe..80ff8e533cbd 100644 --- a/include/linux/proc_fs.h +++ b/include/linux/proc_fs.h @@ -158,6 +158,8 @@ int proc_pid_arch_status(struct seq_file *m, struct pid_namespace *ns, struct pid *pid, struct task_struct *task); #endif /* CONFIG_PROC_PID_ARCH_STATUS */ +void arch_proc_pid_thread_features(struct seq_file *m, struct task_struct *task); + #else /* CONFIG_PROC_FS */ static inline void proc_root_init(void)