From patchwork Fri Jun 16 19:17:02 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: tip-bot2 for Thomas Gleixner X-Patchwork-Id: 109334 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:994d:0:b0:3d9:f83d:47d9 with SMTP id k13csp1568908vqr; Fri, 16 Jun 2023 12:31:26 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7EglTAMkAFTdb1PEMQo1H0YcZ+sXa/KTpNplOqz6drVSJtL8CFVyh+MV0ngNI6KUzlvY+m X-Received: by 2002:a17:902:9f90:b0:1a9:40d5:b0ae with SMTP id g16-20020a1709029f9000b001a940d5b0aemr2534214plq.12.1686943885948; Fri, 16 Jun 2023 12:31:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1686943885; cv=none; d=google.com; s=arc-20160816; b=vxt9J+KDgmRxucEz+nt138cfqxBJfHuq/WxdSH917dHv/1Z8M7W/+QXrJTBNSAkJI6 NWCOZACz0/NWI12kS8Z+yF6iy0mqQQGRPf/0mhSSBx4IBYr2+m5NozL4zQKoJxvYw69v MuBFzYzR6cuE6XzMYwy7eyh7X4djBkepmkhuGCK5Dn9D/TNqDKsajuHEocT/1QhyNoUJ PUY7pD8UJHWv7h4DvO2EYgbmmBOshUK5V1XwQzoNsWx+uybQiNkqJIbKUPhfs9M3H3cY qb8AVn5kI2N4SeKztgz1icWvuvwy99h+V4ikYN9IV9tEp9K1QFqN9DhU8Z91R+fKm32k aYyw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:robot-unsubscribe :robot-id:message-id:mime-version:cc:subject:to:reply-to:sender:from :dkim-signature:dkim-signature:date; bh=tYYsMHQPnLj+RcnsJ9zbquqDMxHbBWpPDi2+feo8dnI=; b=hFIWcYJvI1zzA4zHRqP/KCGAm+f4dq2XKT/BBCb9HQa2YtiZjgRVsP2Kn4ed8W+XGu 7CeawGvhGBaqByJh94mGAJyA2eXSevCHX91iR1yQ9akOtKiEpsHW0Fek6j21BRVvjlWm 2iAGPY3Fw02ot5YQoO0zN9hUUH1hDp+MAwUjWG18JwAkOMhTbWKR3mzw7ZtfYLvR7vZ6 jAio6jbEa3ZXVWnOkhfwJUaNO2I5sZpIpywrDQGaaiRbNO2rbhJxgYR+o5RK0B+rGeSW SZrLvNJBWCH0aFzIxanneSv1ODHi/zAKFxk4z27tefOYDpGkL51pKn9+xKEZrMCBNoKk qo1Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=Y8ZFjEx5; dkim=neutral (no key) header.i=@linutronix.de header.b=wHkA75oB; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u10-20020a170902e5ca00b001a8096ef2bfsi7880976plf.34.2023.06.16.12.31.10; Fri, 16 Jun 2023 12:31:25 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=Y8ZFjEx5; dkim=neutral (no key) header.i=@linutronix.de header.b=wHkA75oB; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346171AbjFPTTM (ORCPT + 99 others); Fri, 16 Jun 2023 15:19:12 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48116 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1346008AbjFPTRL (ORCPT ); Fri, 16 Jun 2023 15:17:11 -0400 Received: from galois.linutronix.de (Galois.linutronix.de [193.142.43.55]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 162613ABA; Fri, 16 Jun 2023 12:17:03 -0700 (PDT) Date: Fri, 16 Jun 2023 19:17:02 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1686943022; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=tYYsMHQPnLj+RcnsJ9zbquqDMxHbBWpPDi2+feo8dnI=; b=Y8ZFjEx5ODIBUq3st6vsxQe6Wis8RRBbJvtwa+q7fKBUz9ClzJWOH5GldBUVFySlPAgjeO ON06q/CrKyQF6RYlOMA4Y3xz1gXKwrci2DDNqoQg9XIZr40c7m5oW8C5Ki/tN/tL117sVr 7VZopR0bdUQ+PVsiCvVbW6jnVvF7IYml31f4CS3+yit8x2UdKl5QG5M0sPUL+RKNPJPoyD Q4KjPfxBYrjZbiJZtb/avUYdPTopfwaO+kzKFiy5d7cTwnUh96586KEs6rOLC4EhMEmMEt XV6vlp5NOKYB36QFf5aZ0wOQslGrg6Ui98aYwC1XJLL78VDZwUyPzzmdNg+ckA== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1686943022; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=tYYsMHQPnLj+RcnsJ9zbquqDMxHbBWpPDi2+feo8dnI=; b=wHkA75oBgpTbdsdMJsOuBBoiZTeH4PaCqKo2lqdOtMo4a3vDQy5aNRwKuLff7x7lJqoUOp TN97SQtzFiaIj7BA== From: "tip-bot2 for Yu-cheng Yu" Sender: tip-bot2@linutronix.de Reply-to: linux-kernel@vger.kernel.org To: linux-tip-commits@vger.kernel.org Subject: [tip: x86/shstk] mm: Introduce VM_SHADOW_STACK for shadow stack memory Cc: "Yu-cheng Yu" , Rick Edgecombe , Dave Hansen , "Borislav Petkov (AMD)" , Kees Cook , "Kirill A. Shutemov" , Mark Brown , "Mike Rapoport (IBM)" , David Hildenbrand , Pengfei Xu , John Allen , x86@kernel.org, linux-kernel@vger.kernel.org MIME-Version: 1.0 Message-ID: <168694302216.404.12911348456654033456.tip-bot2@tip-bot2> Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1768888872466057717?= X-GMAIL-MSGID: =?utf-8?q?1768888872466057717?= The following commit has been merged into the x86/shstk branch of tip: Commit-ID: 73fd9387a772fa69b3a92646e8dc82d46762a7e8 Gitweb: https://git.kernel.org/tip/73fd9387a772fa69b3a92646e8dc82d46762a7e8 Author: Yu-cheng Yu AuthorDate: Mon, 12 Jun 2023 17:10:40 -07:00 Committer: Dave Hansen CommitterDate: Thu, 15 Jun 2023 16:31:33 -07:00 mm: Introduce VM_SHADOW_STACK for shadow stack memory New hardware extensions implement support for shadow stack memory, such as x86 Control-flow Enforcement Technology (CET). Add a new VM flag to identify these areas, for example, to be used to properly indicate shadow stack PTEs to the hardware. Shadow stack VMA creation will be tightly controlled and limited to anonymous memory to make the implementation simpler and since that is all that is required. The solution will rely on pte_mkwrite() to create the shadow stack PTEs, so it will not be required for vm_get_page_prot() to learn how to create shadow stack memory. For this reason document that VM_SHADOW_STACK should not be mixed with VM_SHARED. Co-developed-by: Rick Edgecombe Signed-off-by: Yu-cheng Yu Signed-off-by: Rick Edgecombe Signed-off-by: Dave Hansen Reviewed-by: Borislav Petkov (AMD) Reviewed-by: Kees Cook Reviewed-by: Kirill A. Shutemov Reviewed-by: Mark Brown Acked-by: Mike Rapoport (IBM) Acked-by: David Hildenbrand Tested-by: Mark Brown Tested-by: Pengfei Xu Tested-by: John Allen Tested-by: Kees Cook Link: https://lore.kernel.org/all/20230613001108.3040476-15-rick.p.edgecombe%40intel.com --- Documentation/filesystems/proc.rst | 1 + fs/proc/task_mmu.c | 3 +++ include/linux/mm.h | 8 ++++++++ 3 files changed, 12 insertions(+) diff --git a/Documentation/filesystems/proc.rst b/Documentation/filesystems/proc.rst index 7897a7d..6ccb570 100644 --- a/Documentation/filesystems/proc.rst +++ b/Documentation/filesystems/proc.rst @@ -566,6 +566,7 @@ encoded manner. The codes are the following: mt arm64 MTE allocation tags are enabled um userfaultfd missing tracking uw userfaultfd wr-protect tracking + ss shadow stack page == ======================================= Note that there is no guarantee that every flag and associated mnemonic will diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c index 420510f..38b19a7 100644 --- a/fs/proc/task_mmu.c +++ b/fs/proc/task_mmu.c @@ -711,6 +711,9 @@ static void show_smap_vma_flags(struct seq_file *m, struct vm_area_struct *vma) #ifdef CONFIG_HAVE_ARCH_USERFAULTFD_MINOR [ilog2(VM_UFFD_MINOR)] = "ui", #endif /* CONFIG_HAVE_ARCH_USERFAULTFD_MINOR */ +#ifdef CONFIG_X86_USER_SHADOW_STACK + [ilog2(VM_SHADOW_STACK)] = "ss", +#endif }; size_t i; diff --git a/include/linux/mm.h b/include/linux/mm.h index 6f52c1e..fb17cbd 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -319,11 +319,13 @@ extern unsigned int kobjsize(const void *objp); #define VM_HIGH_ARCH_BIT_2 34 /* bit only usable on 64-bit architectures */ #define VM_HIGH_ARCH_BIT_3 35 /* bit only usable on 64-bit architectures */ #define VM_HIGH_ARCH_BIT_4 36 /* bit only usable on 64-bit architectures */ +#define VM_HIGH_ARCH_BIT_5 37 /* bit only usable on 64-bit architectures */ #define VM_HIGH_ARCH_0 BIT(VM_HIGH_ARCH_BIT_0) #define VM_HIGH_ARCH_1 BIT(VM_HIGH_ARCH_BIT_1) #define VM_HIGH_ARCH_2 BIT(VM_HIGH_ARCH_BIT_2) #define VM_HIGH_ARCH_3 BIT(VM_HIGH_ARCH_BIT_3) #define VM_HIGH_ARCH_4 BIT(VM_HIGH_ARCH_BIT_4) +#define VM_HIGH_ARCH_5 BIT(VM_HIGH_ARCH_BIT_5) #endif /* CONFIG_ARCH_USES_HIGH_VMA_FLAGS */ #ifdef CONFIG_ARCH_HAS_PKEYS @@ -339,6 +341,12 @@ extern unsigned int kobjsize(const void *objp); #endif #endif /* CONFIG_ARCH_HAS_PKEYS */ +#ifdef CONFIG_X86_USER_SHADOW_STACK +# define VM_SHADOW_STACK VM_HIGH_ARCH_5 /* Should not be set with VM_SHARED */ +#else +# define VM_SHADOW_STACK VM_NONE +#endif + #if defined(CONFIG_X86) # define VM_PAT VM_ARCH_1 /* PAT reserves whole VMA at once (x86) */ #elif defined(CONFIG_PPC)