From patchwork Sat Feb 3 12:25:51 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Brown X-Patchwork-Id: 196275 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:9bc1:b0:106:209c:c626 with SMTP id op1csp995173dyc; Sat, 3 Feb 2024 04:40:01 -0800 (PST) X-Google-Smtp-Source: AGHT+IFjUOI24LJ2TQRRVmZq8EZhxSYShayly+CZBz8S8clJWWZu4dyCwerqVcVdIPdjWMBPJo6g X-Received: by 2002:a05:6870:1686:b0:214:e52c:ae30 with SMTP id j6-20020a056870168600b00214e52cae30mr2830561oae.54.1706964001520; Sat, 03 Feb 2024 04:40:01 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706964001; cv=pass; d=google.com; s=arc-20160816; b=fpzr+YIu966+4Dj4voo3W5kmIIUSO0OQdNeYT4BNqxOPHWowXGkxX9JBDQ1GCBxPnr hoCS6idv0i5TRjGGLEK1PPIDq75D2g1U9MW5lVOboxjV87XWS4cv4zwBSPpI1uoq1we3 /+rFrZlLRXNDg34lEvdAfcQdkaZ9xPcG68NQ5a8QlZaQeK6e1usZibkmAfyuMGvT4280 8Uayai/A4uVk8edqD/tt8nIV4rmx4ugU8LD26pB3YbJdsNojSTDqw1evJs2KlhHXl4t7 LQxtkFdDWLQaYbipvl5igzDMxanau5Ieh0sV3rRt7Qxcqruki1h+ltqWo31l4K47tJR2 nZLw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:list-unsubscribe:list-subscribe:list-id:precedence :subject:date:from:dkim-signature; bh=fH3BVW9H6W4BAYCgCayyTdwDQmbksoIMny64AwR46Ds=; fh=Xrh3ftE5Y83+rr15Lyls1NQPtFlNGLOAJl/SLjiwjao=; b=hRBC3uR0Q3HhEwVD80gDT7VTKHbBtibjeraEvhFsusDuyD+HOZDMhGXeg0Ry0bQYm0 k3EPvn7PizkyYe1fdnW1Taqq/h5cFNNH8H1LOyEaoihhz6Erl5UiqeKuPKdjq+Eb6Ksb MAEJMoSvHyITmxGhWbRm9bGXSYMjyAqzDwlPXamJRHZAkO2/lpeVmdrzEnbk1Pw1/4CZ UFqZ1kwxZW0j9TxzhycM63AJCstFb8xMqGSEeX4UCmygxerfXyxWG2ty9OCJQ8lFr7XY wzwDhBeppz42K3FGclEmJ7dF3IAYmQxrLzEyfI3nTymVv6YINh0xEcBPLczZbskfY4jo iagw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=OVUxytKF; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-51067-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-51067-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org X-Forwarded-Encrypted: i=1; AJvYcCV4BBpunL4S7xhT3tJPX9WRytMH6bO6CV3ZvlPnRIpz3eN2mRDDUX3v5FA+pIgVDgA8e3xvhzt69+bZ3wZ+shs+lCoK2g== Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id v64-20020a632f43000000b005ce3cd4ed95si3172614pgv.94.2024.02.03.04.40.01 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 03 Feb 2024 04:40:01 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-51067-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=OVUxytKF; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-51067-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-51067-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 41DF42859BE for ; Sat, 3 Feb 2024 12:40:01 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 68A1577621; Sat, 3 Feb 2024 12:32:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="OVUxytKF" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 33FEE74E38; Sat, 3 Feb 2024 12:32:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706963550; cv=none; b=V3mIp7NTr7n3rwc1+Y+sOmpxKXKXZtv+k7CNZIJDntb5J683bVznZ1H4I6TAFDOTlsLbD25rII3M976su2NYInj9ONoevIbsuRBoWIJYAwaDGj4cRp3/MOUG6wFgHo3gV+abJeGst8gf4gr/Zn/6rgGbX1+RMv/xh9r61yB3q3w= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706963550; c=relaxed/simple; bh=rveKNfu2hCQMG8B9aw4oT/fCpDlPhKgEsrOfPzfCWL8=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=Sc0bjR7cRk/xaT4SrYVP/QOALnqc7oHMWTEuiEQfu6hJcD+UjvKldt/84NuLebbzeXy+qFpBahvVCKw0/xI/Fo9Vvrz5zbVNGsctbtG1aWzOa5XcFAVYqF++W7CvoE8XVUA+Wj5hjHeoSBz0QNw+uZOUbpj+gOoKbnvEjBniutY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=OVUxytKF; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id CB039C43390; Sat, 3 Feb 2024 12:32:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1706963550; bh=rveKNfu2hCQMG8B9aw4oT/fCpDlPhKgEsrOfPzfCWL8=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=OVUxytKF4cbOXupmS/ihwQNM4dZsOOLDAvJhjCLwCmxiFkSrviJf0QLWifWrWvSeT 5GiqDNlpoCOTk6sp83OU7yOuRv1Y/t3SvCvusmQF0aVQRN+eMFcZnfuQUacGRoMeI2 nO0nKPgYXapl9CDjYIEOgo+AiAp85cSaD6zEKpowjwuxybvVTiana2ffA4ljddX4gU BNW87m/nl2j2MKUtvMH9Bf3mcXrm8pb6O4C5zyqQpBBPxYGd4vOTa3R7BAnbpBxw8K szbAAq6S56depNeBR/NzyG3/Fi2LbmwcXYvc2iN3RSBjv74sdwKBVJKP2SfNb2Tr+3 aESzWRQDBWyAg== From: Mark Brown Date: Sat, 03 Feb 2024 12:25:51 +0000 Subject: [PATCH v8 25/38] arm64/ptrace: Expose GCS via ptrace and core files Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20240203-arm64-gcs-v8-25-c9fec77673ef@kernel.org> References: <20240203-arm64-gcs-v8-0-c9fec77673ef@kernel.org> In-Reply-To: <20240203-arm64-gcs-v8-0-c9fec77673ef@kernel.org> To: Catalin Marinas , Will Deacon , Jonathan Corbet , Andrew Morton , Marc Zyngier , Oliver Upton , James Morse , Suzuki K Poulose , Arnd Bergmann , Oleg Nesterov , Eric Biederman , Kees Cook , Shuah Khan , "Rick P. Edgecombe" , Deepak Gupta , Ard Biesheuvel , Szabolcs Nagy Cc: "H.J. Lu" , Paul Walmsley , Palmer Dabbelt , Albert Ou , Florian Weimer , Christian Brauner , Thiago Jung Bauermann , linux-arm-kernel@lists.infradead.org, linux-doc@vger.kernel.org, kvmarm@lists.linux.dev, linux-fsdevel@vger.kernel.org, linux-arch@vger.kernel.org, linux-mm@kvack.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, linux-riscv@lists.infradead.org, Mark Brown X-Mailer: b4 0.13-dev-a684c X-Developer-Signature: v=1; a=openpgp-sha256; l=4258; i=broonie@kernel.org; h=from:subject:message-id; bh=rveKNfu2hCQMG8B9aw4oT/fCpDlPhKgEsrOfPzfCWL8=; b=owEBbQGS/pANAwAKASTWi3JdVIfQAcsmYgBlvjDk7EpAnHZap7zSw+wJSg+tMt+cn06om44qNnGU QjiFAzuJATMEAAEKAB0WIQSt5miqZ1cYtZ/in+ok1otyXVSH0AUCZb4w5AAKCRAk1otyXVSH0IXFB/ 4uczWs8MrgliAEFN68CZRQmFNTKr9rUx0pm8uCNqx/GFBP3N5jkdlltYG89cHTkoVkm5wgk/AGBOpB FLdzgkPBIusbVPEXJopEoC3MfvgtdIPKXWxLBL7fPdFraYUmiPydFX0dg/kEr7Qemu7Xa/IzmTRZ0v gfGDW0QTRWh7kzjR2I9QekcE3p36FvPwTVvBahT6pTmSE4acpvVHyZTB2hCxg+wFSfUlGMQ711e6iG Sz4qoPGyIU/2/lE3fVvtkK1Q+OZB15GxxQQDKxiFpicj7Losb7hCbTByyl4TTb/G73iiuo+0srQ0KO 73A8X+VrHNE4litPcQ+w4wWhPyGYWX X-Developer-Key: i=broonie@kernel.org; a=openpgp; fpr=3F2568AAC26998F9E813A1C5C3F436CA30F5D8EB X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1789881484819593549 X-GMAIL-MSGID: 1789881484819593549 Provide a new register type NT_ARM_GCS reporting the current GCS mode and pointer for EL0. Due to the interactions with allocation and deallocation of Guarded Control Stacks we do not permit any changes to the GCS mode via ptrace, only GCSPR_EL0 may be changed. Signed-off-by: Mark Brown --- arch/arm64/include/uapi/asm/ptrace.h | 8 +++++ arch/arm64/kernel/ptrace.c | 59 ++++++++++++++++++++++++++++++++++++ include/uapi/linux/elf.h | 1 + 3 files changed, 68 insertions(+) diff --git a/arch/arm64/include/uapi/asm/ptrace.h b/arch/arm64/include/uapi/asm/ptrace.h index 7fa2f7036aa7..0f39ba4f3efd 100644 --- a/arch/arm64/include/uapi/asm/ptrace.h +++ b/arch/arm64/include/uapi/asm/ptrace.h @@ -324,6 +324,14 @@ struct user_za_header { #define ZA_PT_SIZE(vq) \ (ZA_PT_ZA_OFFSET + ZA_PT_ZA_SIZE(vq)) +/* GCS state (NT_ARM_GCS) */ + +struct user_gcs { + __u64 features_enabled; + __u64 features_locked; + __u64 gcspr_el0; +}; + #endif /* __ASSEMBLY__ */ #endif /* _UAPI__ASM_PTRACE_H */ diff --git a/arch/arm64/kernel/ptrace.c b/arch/arm64/kernel/ptrace.c index dc6cf0e37194..c8dd489cfca8 100644 --- a/arch/arm64/kernel/ptrace.c +++ b/arch/arm64/kernel/ptrace.c @@ -34,6 +34,7 @@ #include #include #include +#include #include #include #include @@ -1411,6 +1412,51 @@ static int tagged_addr_ctrl_set(struct task_struct *target, const struct } #endif +#ifdef CONFIG_ARM64_GCS +static int gcs_get(struct task_struct *target, + const struct user_regset *regset, + struct membuf to) +{ + struct user_gcs user_gcs; + + if (target == current) + gcs_preserve_current_state(); + + user_gcs.features_enabled = target->thread.gcs_el0_mode; + user_gcs.features_locked = target->thread.gcs_el0_locked; + user_gcs.gcspr_el0 = target->thread.gcspr_el0; + + return membuf_write(&to, &user_gcs, sizeof(user_gcs)); +} + +static int gcs_set(struct task_struct *target, const struct + user_regset *regset, unsigned int pos, + unsigned int count, const void *kbuf, const + void __user *ubuf) +{ + int ret; + struct user_gcs user_gcs; + + ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &user_gcs, 0, -1); + if (ret) + return ret; + + if (user_gcs.features_enabled & ~PR_SHADOW_STACK_SUPPORTED_STATUS_MASK) + return -EINVAL; + + /* Do not allow enable via ptrace */ + if ((user_gcs.features_enabled & PR_SHADOW_STACK_ENABLE) && + !(target->thread.gcs_el0_mode & PR_SHADOW_STACK_ENABLE)) + return -EBUSY; + + target->thread.gcs_el0_mode = user_gcs.features_enabled; + target->thread.gcs_el0_locked = user_gcs.features_locked; + target->thread.gcspr_el0 = user_gcs.gcspr_el0; + + return 0; +} +#endif + enum aarch64_regset { REGSET_GPR, REGSET_FPR, @@ -1439,6 +1485,9 @@ enum aarch64_regset { #ifdef CONFIG_ARM64_TAGGED_ADDR_ABI REGSET_TAGGED_ADDR_CTRL, #endif +#ifdef CONFIG_ARM64_GCS + REGSET_GCS, +#endif }; static const struct user_regset aarch64_regsets[] = { @@ -1589,6 +1638,16 @@ static const struct user_regset aarch64_regsets[] = { .set = tagged_addr_ctrl_set, }, #endif +#ifdef CONFIG_ARM64_GCS + [REGSET_GCS] = { + .core_note_type = NT_ARM_GCS, + .n = sizeof(struct user_gcs) / sizeof(u64), + .size = sizeof(u64), + .align = sizeof(u64), + .regset_get = gcs_get, + .set = gcs_set, + }, +#endif }; static const struct user_regset_view user_aarch64_view = { diff --git a/include/uapi/linux/elf.h b/include/uapi/linux/elf.h index 9417309b7230..436dfc359f61 100644 --- a/include/uapi/linux/elf.h +++ b/include/uapi/linux/elf.h @@ -440,6 +440,7 @@ typedef struct elf64_shdr { #define NT_ARM_SSVE 0x40b /* ARM Streaming SVE registers */ #define NT_ARM_ZA 0x40c /* ARM SME ZA registers */ #define NT_ARM_ZT 0x40d /* ARM SME ZT registers */ +#define NT_ARM_GCS 0x40e /* ARM GCS state */ #define NT_ARC_V2 0x600 /* ARCv2 accumulator/extra registers */ #define NT_VMCOREDD 0x700 /* Vmcore Device Dump Note */ #define NT_MIPS_DSP 0x800 /* MIPS DSP ASE registers */