From: Ard Biesheuvel <ardb@kernel.org>
To: linux-arm-kernel@lists.infradead.org
Cc: Mark Rutland <mark.rutland@arm.com>,
Florian Fainelli <f.fainelli@gmail.com>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Tony Lindgren <tony@atomide.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Russell King <rmk+kernel@armlinux.org.uk>,
"David A . Long" <dave.long@linaro.org>,
Marc Zyngier <maz@kernel.org>, Will Deacon <will@kernel.org>,
Ard Biesheuvel <ardb@kernel.org>
Subject: [PATCH for-stable-v4.4 32/53] ARM: spectre-v1: fix syscall entry
Date: Tue, 5 Nov 2019 21:58:25 +0100 [thread overview]
Message-ID: <20191105205846.1394-33-ardb@kernel.org> (raw)
In-Reply-To: <20191105205846.1394-1-ardb@kernel.org>
From: Russell King <rmk+kernel@armlinux.org.uk>
Commit 10573ae547c85b2c61417ff1a106cffbfceada35 upstream.
Prevent speculation at the syscall table decoding by clamping the index
used to zero on invalid system call numbers, and using the csdb
speculative barrier.
Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Acked-by: Mark Rutland <mark.rutland@arm.com>
Boot-tested-by: Tony Lindgren <tony@atomide.com>
Reviewed-by: Tony Lindgren <tony@atomide.com>
Signed-off-by: David A. Long <dave.long@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
arch/arm/kernel/entry-common.S | 18 ++++++--------
| 25 ++++++++++++++++++++
2 files changed, 32 insertions(+), 11 deletions(-)
diff --git a/arch/arm/kernel/entry-common.S b/arch/arm/kernel/entry-common.S
index 30a7228eaceb..e969b18d9ff9 100644
--- a/arch/arm/kernel/entry-common.S
+++ b/arch/arm/kernel/entry-common.S
@@ -223,9 +223,7 @@ local_restart:
tst r10, #_TIF_SYSCALL_WORK @ are we tracing syscalls?
bne __sys_trace
- cmp scno, #NR_syscalls @ check upper syscall limit
- badr lr, ret_fast_syscall @ return address
- ldrcc pc, [tbl, scno, lsl #2] @ call sys_* routine
+ invoke_syscall tbl, scno, r10, ret_fast_syscall
add r1, sp, #S_OFF
2: cmp scno, #(__ARM_NR_BASE - __NR_SYSCALL_BASE)
@@ -258,14 +256,8 @@ __sys_trace:
mov r1, scno
add r0, sp, #S_OFF
bl syscall_trace_enter
-
- badr lr, __sys_trace_return @ return address
- mov scno, r0 @ syscall number (possibly new)
- add r1, sp, #S_R0 + S_OFF @ pointer to regs
- cmp scno, #NR_syscalls @ check upper syscall limit
- ldmccia r1, {r0 - r6} @ have to reload r0 - r6
- stmccia sp, {r4, r5} @ and update the stack args
- ldrcc pc, [tbl, scno, lsl #2] @ call sys_* routine
+ mov scno, r0
+ invoke_syscall tbl, scno, r10, __sys_trace_return, reload=1
cmp scno, #-1 @ skip the syscall?
bne 2b
add sp, sp, #S_OFF @ restore stack
@@ -317,6 +309,10 @@ sys_syscall:
bic scno, r0, #__NR_OABI_SYSCALL_BASE
cmp scno, #__NR_syscall - __NR_SYSCALL_BASE
cmpne scno, #NR_syscalls @ check range
+#ifdef CONFIG_CPU_SPECTRE
+ movhs scno, #0
+ csdb
+#endif
stmloia sp, {r5, r6} @ shuffle args
movlo r0, r1
movlo r1, r2
--git a/arch/arm/kernel/entry-header.S b/arch/arm/kernel/entry-header.S
index 6d243e830516..86dfee487e24 100644
--- a/arch/arm/kernel/entry-header.S
+++ b/arch/arm/kernel/entry-header.S
@@ -373,6 +373,31 @@
#endif
.endm
+ .macro invoke_syscall, table, nr, tmp, ret, reload=0
+#ifdef CONFIG_CPU_SPECTRE
+ mov \tmp, \nr
+ cmp \tmp, #NR_syscalls @ check upper syscall limit
+ movcs \tmp, #0
+ csdb
+ badr lr, \ret @ return address
+ .if \reload
+ add r1, sp, #S_R0 + S_OFF @ pointer to regs
+ ldmccia r1, {r0 - r6} @ reload r0-r6
+ stmccia sp, {r4, r5} @ update stack arguments
+ .endif
+ ldrcc pc, [\table, \tmp, lsl #2] @ call sys_* routine
+#else
+ cmp \nr, #NR_syscalls @ check upper syscall limit
+ badr lr, \ret @ return address
+ .if \reload
+ add r1, sp, #S_R0 + S_OFF @ pointer to regs
+ ldmccia r1, {r0 - r6} @ reload r0-r6
+ stmccia sp, {r4, r5} @ update stack arguments
+ .endif
+ ldrcc pc, [\table, \nr, lsl #2] @ call sys_* routine
+#endif
+ .endm
+
/*
* These are the registers used in the syscall handler, and allow us to
* have in theory up to 7 arguments to a function - r0 to r6.
--
2.17.1
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2019-11-05 21:08 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-05 20:57 [PATCH for-stable-v4.4 00/53] ARM: spectre v1/v2 mitigations Ard Biesheuvel
2019-11-05 20:57 ` [PATCH for-stable-v4.4 01/53] ARM: 8051/1: put_user: fix possible data corruption in put_user Ard Biesheuvel
2019-11-05 20:57 ` [PATCH for-stable-v4.4 02/53] ARM: 8478/2: arm/arm64: add arm-smccc Ard Biesheuvel
2019-11-05 20:57 ` [PATCH for-stable-v4.4 03/53] ARM: 8479/2: add implementation for arm-smccc Ard Biesheuvel
2019-11-05 20:57 ` [PATCH for-stable-v4.4 04/53] ARM: 8480/2: arm64: " Ard Biesheuvel
2019-11-05 20:57 ` [PATCH for-stable-v4.4 05/53] ARM: 8481/2: drivers: psci: replace psci firmware calls Ard Biesheuvel
2019-11-05 20:57 ` [PATCH for-stable-v4.4 06/53] ARM: uaccess: remove put_user() code duplication Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 07/53] ARM: Move system register accessors to asm/cp15.h Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 08/53] arm: kernel: Add SMC structure parameter Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 09/53] firmware: qcom: scm: Fix interrupted SCM calls Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 10/53] ARM: smccc: Update HVC comment to describe new quirk parameter Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 11/53] arm/arm64: KVM: Advertise SMCCC v1.1 Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 12/53] arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 13/53] firmware/psci: Expose PSCI conduit Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 14/53] firmware/psci: Expose SMCCC version through psci_ops Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 15/53] arm/arm64: smccc: Make function identifiers an unsigned quantity Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 16/53] arm/arm64: smccc: Implement SMCCC v1.1 inline primitive Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 17/53] arm/arm64: smccc: Add SMCCC-specific return codes Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 18/53] arm/arm64: smccc-1.1: Make return values unsigned long Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 19/53] arm/arm64: smccc-1.1: Handle function result as parameters Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 20/53] ARM: add more CPU part numbers for Cortex and Brahma B15 CPUs Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 21/53] ARM: bugs: prepare processor bug infrastructure Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 22/53] ARM: bugs: hook processor bug checking into SMP and suspend paths Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 23/53] ARM: bugs: add support for per-processor bug checking Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 24/53] ARM: spectre: add Kconfig symbol for CPUs vulnerable to Spectre Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 25/53] ARM: spectre-v2: harden branch predictor on context switches Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 26/53] ARM: spectre-v2: add Cortex A8 and A15 validation of the IBE bit Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 27/53] ARM: spectre-v2: harden user aborts in kernel space Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 28/53] ARM: spectre-v2: add firmware based hardening Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 29/53] ARM: spectre-v2: warn about incorrect context switching functions Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 30/53] ARM: spectre-v1: add speculation barrier (csdb) macros Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 31/53] ARM: spectre-v1: add array_index_mask_nospec() implementation Ard Biesheuvel
2019-11-05 20:58 ` Ard Biesheuvel [this message]
2019-11-05 20:58 ` [PATCH for-stable-v4.4 33/53] ARM: signal: copy registers using __copy_from_user() Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 34/53] ARM: vfp: use __copy_from_user() when restoring VFP state Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 35/53] ARM: oabi-compat: copy semops using __copy_from_user() Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 36/53] ARM: use __inttype() in get_user() Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 37/53] ARM: spectre-v1: use get_user() for __get_user() Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 38/53] ARM: spectre-v1: mitigate user accesses Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 39/53] ARM: 8789/1: signal: copy registers using __copy_to_user() Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 40/53] ARM: 8791/1: vfp: use __copy_to_user() when saving VFP state Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 41/53] ARM: 8792/1: oabi-compat: copy oabi events using __copy_to_user() Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 42/53] ARM: 8793/1: signal: replace __put_user_error with __put_user Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 43/53] ARM: 8794/1: uaccess: Prevent speculative use of the current addr_limit Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 44/53] ARM: 8795/1: spectre-v1.1: use put_user() for __put_user() Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 45/53] ARM: 8796/1: spectre-v1, v1.1: provide helpers for address sanitization Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 46/53] ARM: 8810/1: vfp: Fix wrong assignement to ufp_exc Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 47/53] ARM: make lookup_processor_type() non-__init Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 48/53] ARM: split out processor lookup Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 49/53] ARM: clean up per-processor check_bugs method call Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 50/53] ARM: add PROC_VTABLE and PROC_TABLE macros Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 51/53] ARM: spectre-v2: per-CPU vtables to work around big.Little systems Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 52/53] ARM: ensure that processor vtables is not lost after boot Ard Biesheuvel
2019-11-05 20:58 ` [PATCH for-stable-v4.4 53/53] ARM: fix the cockup in the previous patch Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191105205846.1394-33-ardb@kernel.org \
--to=ardb@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=dave.long@linaro.org \
--cc=f.fainelli@gmail.com \
--cc=gregkh@linuxfoundation.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=mark.rutland@arm.com \
--cc=maz@kernel.org \
--cc=rmk+kernel@armlinux.org.uk \
--cc=tony@atomide.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.