From: Mark Brown <broonie@kernel.org>
To: Catalin Marinas <catalin.marinas@arm.com>, Will Deacon <will@kernel.org>
Cc: "Alexander Viro" <viro@zeniv.linux.org.uk>,
"Paul Elliott" <paul.elliott@arm.com>,
"Peter Zijlstra" <peterz@infradead.org>,
"Yu-cheng Yu" <yu-cheng.yu@intel.com>,
"Amit Kachhap" <amit.kachhap@arm.com>,
"Vincenzo Frascino" <vincenzo.frascino@arm.com>,
"Marc Zyngier" <maz@kernel.org>,
"Eugene Syromiatnikov" <esyr@redhat.com>,
"Szabolcs Nagy" <szabolcs.nagy@arm.com>,
"H . J . Lu " <hjl.tools@gmail.com>,
"Andrew Jones" <drjones@redhat.com>,
"Kees Cook" <keescook@chromium.org>,
"Arnd Bergmann" <arnd@arndb.de>, "Jann Horn" <jannh@google.com>,
"Richard Henderson" <richard.henderson@linaro.org>,
"Kristina Martšenko" <kristina.martsenko@arm.com>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Florian Weimer" <fweimer@redhat.com>,
"Sudakshina Das" <sudi.das@arm.com>
Subject: [PATCH v6 00/11] arm64: Branch Target Identification support
Date: Wed, 12 Feb 2020 19:28:55 +0000 [thread overview]
Message-ID: <20200212192906.53366-1-broonie@kernel.org> (raw)
This patch implements support for ARMv8.5-A Branch Target Identification
(BTI), which is a control flow integrity protection feature introduced
as part of the ARMv8.5-A extensions.
Changes:
v6:
- Rebase onto v5.6-rc1.
- Fix typos s/BYTPE/BTYPE/ in commit log for "arm64: BTI: Decode BYTPE
bits when printing PSTATE".
v5:
- Changed a bunch of -EIO to -ENOEXEC in the ELF parsing code.
- Move PSR_BTYPE defines to UAPI.
- Use compat_user_mode() rather than open coding.
- Fix a typo s/BYTPE/BTYPE/ in syscall.c
v4:
- Dropped patch fixing existing documentation as it has already been merged.
- Convert WARN_ON() to WARN_ON_ONCE() in "ELF: Add ELF program property
parsing support".
- Added display of guarded pages to ptdump.
- Updated for conversion of exception handling from assembler to C.
Notes:
* GCC 9 can compile backwards-compatible BTI-enabled code with
-mbranch-protection=bti or -mbranch-protection=standard.
* Binutils trunk supports the new ELF note, but this wasn't in a release
the last time I posted this series. (The situation _might_ have changed
in the meantime...)
Creation of a BTI-enabled binary requires _everything_ linked in to
be BTI-enabled. For now ld --force-bti can be used to override this,
but some things may break until the required C library support is in
place.
There is no straightforward way to mark a .s file as BTI-enabled:
scraping the output from gcc -S works as a quick hack for now.
readelf -n can be used to examing the program properties in an ELF
file.
* Runtime mmap() and mprotect() can be used to enable BTI on a
page-by-page basis using the new PROT_BTI, but the code in the
affected pages still needs to be written or compiled to contain the
appopriate BTI landing pads.
Dave Martin (10):
ELF: UAPI and Kconfig additions for ELF program properties
ELF: Add ELF program property parsing support
arm64: Basic Branch Target Identification support
elf: Allow arch to tweak initial mmap prot flags
arm64: elf: Enable BTI at exec based on ELF program properties
arm64: BTI: Decode BTYPE bits when printing PSTATE
arm64: unify native/compat instruction skipping
arm64: traps: Shuffle code to eliminate forward declarations
arm64: BTI: Reset BTYPE when skipping emulated instructions
KVM: arm64: BTI: Reset BTYPE when skipping emulated instructions
Mark Brown (1):
arm64: mm: Display guarded pages in ptdump
Documentation/arm64/cpu-feature-registers.rst | 2 +
Documentation/arm64/elf_hwcaps.rst | 5 +
arch/arm64/Kconfig | 25 +++
arch/arm64/include/asm/cpucaps.h | 3 +-
arch/arm64/include/asm/cpufeature.h | 6 +
arch/arm64/include/asm/elf.h | 50 ++++++
arch/arm64/include/asm/esr.h | 2 +-
arch/arm64/include/asm/exception.h | 1 +
arch/arm64/include/asm/hwcap.h | 1 +
arch/arm64/include/asm/kvm_emulate.h | 6 +-
arch/arm64/include/asm/mman.h | 37 +++++
arch/arm64/include/asm/pgtable-hwdef.h | 1 +
arch/arm64/include/asm/pgtable.h | 2 +-
arch/arm64/include/asm/ptrace.h | 1 +
arch/arm64/include/asm/sysreg.h | 4 +
arch/arm64/include/uapi/asm/hwcap.h | 1 +
arch/arm64/include/uapi/asm/mman.h | 9 ++
arch/arm64/include/uapi/asm/ptrace.h | 9 ++
arch/arm64/kernel/cpufeature.c | 33 ++++
arch/arm64/kernel/cpuinfo.c | 1 +
arch/arm64/kernel/entry-common.c | 11 ++
arch/arm64/kernel/process.c | 36 ++++-
arch/arm64/kernel/ptrace.c | 2 +-
arch/arm64/kernel/signal.c | 16 ++
arch/arm64/kernel/syscall.c | 18 +++
arch/arm64/kernel/traps.c | 127 +++++++--------
arch/arm64/mm/dump.c | 5 +
fs/Kconfig.binfmt | 6 +
fs/binfmt_elf.c | 145 +++++++++++++++++-
fs/compat_binfmt_elf.c | 4 +
include/linux/elf.h | 43 ++++++
include/linux/mm.h | 3 +
include/uapi/linux/elf.h | 11 ++
33 files changed, 551 insertions(+), 75 deletions(-)
create mode 100644 arch/arm64/include/asm/mman.h
create mode 100644 arch/arm64/include/uapi/asm/mman.h
--
2.20.1
WARNING: multiple messages have this Message-ID (diff)
From: Mark Brown <broonie@kernel.org>
To: Catalin Marinas <catalin.marinas@arm.com>, Will Deacon <will@kernel.org>
Cc: "Alexander Viro" <viro@zeniv.linux.org.uk>,
"Paul Elliott" <paul.elliott@arm.com>,
"Peter Zijlstra" <peterz@infradead.org>,
"Yu-cheng Yu" <yu-cheng.yu@intel.com>,
"Amit Kachhap" <amit.kachhap@arm.com>,
"Vincenzo Frascino" <vincenzo.frascino@arm.com>,
"Marc Zyngier" <maz@kernel.org>,
"Eugene Syromiatnikov" <esyr@redhat.com>,
"Szabolcs Nagy" <szabolcs.nagy@arm.com>,
"H . J . Lu " <hjl.tools@gmail.com>,
"Andrew Jones" <drjones@redhat.com>,
"Kees Cook" <keescook@chromium.org>,
"Arnd Bergmann" <arnd@arndb.de>, "Jann Horn" <jannh@google.com>,
"Richard Henderson" <richard.henderson@linaro.org>,
"Kristina Martšenko" <kristina.martsenko@arm.com>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Florian Weimer" <fweimer@redhat.com>,
"Sudakshina Das" <sudi.das@arm.com>,
linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org,
linux-fsdevel@vger.kernel.org, "Mark Brown" <broonie@kernel.org>
Subject: [PATCH v6 00/11] arm64: Branch Target Identification support
Date: Wed, 12 Feb 2020 19:28:55 +0000 [thread overview]
Message-ID: <20200212192906.53366-1-broonie@kernel.org> (raw)
Message-ID: <20200212192855.DdJPhjNr37TcdZ5v4p8kYGuj_TznzhcJKLVJmWBfaqY@z> (raw)
This patch implements support for ARMv8.5-A Branch Target Identification
(BTI), which is a control flow integrity protection feature introduced
as part of the ARMv8.5-A extensions.
Changes:
v6:
- Rebase onto v5.6-rc1.
- Fix typos s/BYTPE/BTYPE/ in commit log for "arm64: BTI: Decode BYTPE
bits when printing PSTATE".
v5:
- Changed a bunch of -EIO to -ENOEXEC in the ELF parsing code.
- Move PSR_BTYPE defines to UAPI.
- Use compat_user_mode() rather than open coding.
- Fix a typo s/BYTPE/BTYPE/ in syscall.c
v4:
- Dropped patch fixing existing documentation as it has already been merged.
- Convert WARN_ON() to WARN_ON_ONCE() in "ELF: Add ELF program property
parsing support".
- Added display of guarded pages to ptdump.
- Updated for conversion of exception handling from assembler to C.
Notes:
* GCC 9 can compile backwards-compatible BTI-enabled code with
-mbranch-protection=bti or -mbranch-protection=standard.
* Binutils trunk supports the new ELF note, but this wasn't in a release
the last time I posted this series. (The situation _might_ have changed
in the meantime...)
Creation of a BTI-enabled binary requires _everything_ linked in to
be BTI-enabled. For now ld --force-bti can be used to override this,
but some things may break until the required C library support is in
place.
There is no straightforward way to mark a .s file as BTI-enabled:
scraping the output from gcc -S works as a quick hack for now.
readelf -n can be used to examing the program properties in an ELF
file.
* Runtime mmap() and mprotect() can be used to enable BTI on a
page-by-page basis using the new PROT_BTI, but the code in the
affected pages still needs to be written or compiled to contain the
appopriate BTI landing pads.
Dave Martin (10):
ELF: UAPI and Kconfig additions for ELF program properties
ELF: Add ELF program property parsing support
arm64: Basic Branch Target Identification support
elf: Allow arch to tweak initial mmap prot flags
arm64: elf: Enable BTI at exec based on ELF program properties
arm64: BTI: Decode BTYPE bits when printing PSTATE
arm64: unify native/compat instruction skipping
arm64: traps: Shuffle code to eliminate forward declarations
arm64: BTI: Reset BTYPE when skipping emulated instructions
KVM: arm64: BTI: Reset BTYPE when skipping emulated instructions
Mark Brown (1):
arm64: mm: Display guarded pages in ptdump
Documentation/arm64/cpu-feature-registers.rst | 2 +
Documentation/arm64/elf_hwcaps.rst | 5 +
arch/arm64/Kconfig | 25 +++
arch/arm64/include/asm/cpucaps.h | 3 +-
arch/arm64/include/asm/cpufeature.h | 6 +
arch/arm64/include/asm/elf.h | 50 ++++++
arch/arm64/include/asm/esr.h | 2 +-
arch/arm64/include/asm/exception.h | 1 +
arch/arm64/include/asm/hwcap.h | 1 +
arch/arm64/include/asm/kvm_emulate.h | 6 +-
arch/arm64/include/asm/mman.h | 37 +++++
arch/arm64/include/asm/pgtable-hwdef.h | 1 +
arch/arm64/include/asm/pgtable.h | 2 +-
arch/arm64/include/asm/ptrace.h | 1 +
arch/arm64/include/asm/sysreg.h | 4 +
arch/arm64/include/uapi/asm/hwcap.h | 1 +
arch/arm64/include/uapi/asm/mman.h | 9 ++
arch/arm64/include/uapi/asm/ptrace.h | 9 ++
arch/arm64/kernel/cpufeature.c | 33 ++++
arch/arm64/kernel/cpuinfo.c | 1 +
arch/arm64/kernel/entry-common.c | 11 ++
arch/arm64/kernel/process.c | 36 ++++-
arch/arm64/kernel/ptrace.c | 2 +-
arch/arm64/kernel/signal.c | 16 ++
arch/arm64/kernel/syscall.c | 18 +++
arch/arm64/kernel/traps.c | 127 +++++++--------
arch/arm64/mm/dump.c | 5 +
fs/Kconfig.binfmt | 6 +
fs/binfmt_elf.c | 145 +++++++++++++++++-
fs/compat_binfmt_elf.c | 4 +
include/linux/elf.h | 43 ++++++
include/linux/mm.h | 3 +
include/uapi/linux/elf.h | 11 ++
33 files changed, 551 insertions(+), 75 deletions(-)
create mode 100644 arch/arm64/include/asm/mman.h
create mode 100644 arch/arm64/include/uapi/asm/mman.h
--
2.20.1
WARNING: multiple messages have this Message-ID (diff)
From: Mark Brown <broonie@kernel.org>
To: Catalin Marinas <catalin.marinas@arm.com>, Will Deacon <will@kernel.org>
Cc: "Paul Elliott" <paul.elliott@arm.com>,
"Peter Zijlstra" <peterz@infradead.org>,
"Andrew Jones" <drjones@redhat.com>,
"Amit Kachhap" <amit.kachhap@arm.com>,
"Vincenzo Frascino" <vincenzo.frascino@arm.com>,
linux-arch@vger.kernel.org, "Marc Zyngier" <maz@kernel.org>,
"Eugene Syromiatnikov" <esyr@redhat.com>,
"Szabolcs Nagy" <szabolcs.nagy@arm.com>,
"H . J . Lu " <hjl.tools@gmail.com>,
"Yu-cheng Yu" <yu-cheng.yu@intel.com>,
"Kees Cook" <keescook@chromium.org>,
"Arnd Bergmann" <arnd@arndb.de>, "Jann Horn" <jannh@google.com>,
"Richard Henderson" <richard.henderson@linaro.org>,
"Kristina Martšenko" <kristina.martsenko@arm.com>,
"Mark Brown" <broonie@kernel.org>,
"Alexander Viro" <viro@zeniv.linux.org.uk>,
"Thomas Gleixner" <tglx@linutronix.de>,
linux-arm-kernel@lists.infradead.org,
"Florian Weimer" <fweimer@redhat.com>,
linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
"Sudakshina Das" <sudi.das@arm.com>
Subject: [PATCH v6 00/11] arm64: Branch Target Identification support
Date: Wed, 12 Feb 2020 19:28:55 +0000 [thread overview]
Message-ID: <20200212192906.53366-1-broonie@kernel.org> (raw)
This patch implements support for ARMv8.5-A Branch Target Identification
(BTI), which is a control flow integrity protection feature introduced
as part of the ARMv8.5-A extensions.
Changes:
v6:
- Rebase onto v5.6-rc1.
- Fix typos s/BYTPE/BTYPE/ in commit log for "arm64: BTI: Decode BYTPE
bits when printing PSTATE".
v5:
- Changed a bunch of -EIO to -ENOEXEC in the ELF parsing code.
- Move PSR_BTYPE defines to UAPI.
- Use compat_user_mode() rather than open coding.
- Fix a typo s/BYTPE/BTYPE/ in syscall.c
v4:
- Dropped patch fixing existing documentation as it has already been merged.
- Convert WARN_ON() to WARN_ON_ONCE() in "ELF: Add ELF program property
parsing support".
- Added display of guarded pages to ptdump.
- Updated for conversion of exception handling from assembler to C.
Notes:
* GCC 9 can compile backwards-compatible BTI-enabled code with
-mbranch-protection=bti or -mbranch-protection=standard.
* Binutils trunk supports the new ELF note, but this wasn't in a release
the last time I posted this series. (The situation _might_ have changed
in the meantime...)
Creation of a BTI-enabled binary requires _everything_ linked in to
be BTI-enabled. For now ld --force-bti can be used to override this,
but some things may break until the required C library support is in
place.
There is no straightforward way to mark a .s file as BTI-enabled:
scraping the output from gcc -S works as a quick hack for now.
readelf -n can be used to examing the program properties in an ELF
file.
* Runtime mmap() and mprotect() can be used to enable BTI on a
page-by-page basis using the new PROT_BTI, but the code in the
affected pages still needs to be written or compiled to contain the
appopriate BTI landing pads.
Dave Martin (10):
ELF: UAPI and Kconfig additions for ELF program properties
ELF: Add ELF program property parsing support
arm64: Basic Branch Target Identification support
elf: Allow arch to tweak initial mmap prot flags
arm64: elf: Enable BTI at exec based on ELF program properties
arm64: BTI: Decode BTYPE bits when printing PSTATE
arm64: unify native/compat instruction skipping
arm64: traps: Shuffle code to eliminate forward declarations
arm64: BTI: Reset BTYPE when skipping emulated instructions
KVM: arm64: BTI: Reset BTYPE when skipping emulated instructions
Mark Brown (1):
arm64: mm: Display guarded pages in ptdump
Documentation/arm64/cpu-feature-registers.rst | 2 +
Documentation/arm64/elf_hwcaps.rst | 5 +
arch/arm64/Kconfig | 25 +++
arch/arm64/include/asm/cpucaps.h | 3 +-
arch/arm64/include/asm/cpufeature.h | 6 +
arch/arm64/include/asm/elf.h | 50 ++++++
arch/arm64/include/asm/esr.h | 2 +-
arch/arm64/include/asm/exception.h | 1 +
arch/arm64/include/asm/hwcap.h | 1 +
arch/arm64/include/asm/kvm_emulate.h | 6 +-
arch/arm64/include/asm/mman.h | 37 +++++
arch/arm64/include/asm/pgtable-hwdef.h | 1 +
arch/arm64/include/asm/pgtable.h | 2 +-
arch/arm64/include/asm/ptrace.h | 1 +
arch/arm64/include/asm/sysreg.h | 4 +
arch/arm64/include/uapi/asm/hwcap.h | 1 +
arch/arm64/include/uapi/asm/mman.h | 9 ++
arch/arm64/include/uapi/asm/ptrace.h | 9 ++
arch/arm64/kernel/cpufeature.c | 33 ++++
arch/arm64/kernel/cpuinfo.c | 1 +
arch/arm64/kernel/entry-common.c | 11 ++
arch/arm64/kernel/process.c | 36 ++++-
arch/arm64/kernel/ptrace.c | 2 +-
arch/arm64/kernel/signal.c | 16 ++
arch/arm64/kernel/syscall.c | 18 +++
arch/arm64/kernel/traps.c | 127 +++++++--------
arch/arm64/mm/dump.c | 5 +
fs/Kconfig.binfmt | 6 +
fs/binfmt_elf.c | 145 +++++++++++++++++-
fs/compat_binfmt_elf.c | 4 +
include/linux/elf.h | 43 ++++++
include/linux/mm.h | 3 +
include/uapi/linux/elf.h | 11 ++
33 files changed, 551 insertions(+), 75 deletions(-)
create mode 100644 arch/arm64/include/asm/mman.h
create mode 100644 arch/arm64/include/uapi/asm/mman.h
--
2.20.1
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next reply other threads:[~2020-02-12 19:29 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-12 19:28 Mark Brown [this message]
2020-02-12 19:28 ` [PATCH v6 00/11] arm64: Branch Target Identification support Mark Brown
2020-02-12 19:28 ` Mark Brown
2020-02-12 19:28 ` [PATCH v6 01/11] ELF: UAPI and Kconfig additions for ELF program properties Mark Brown
2020-02-12 19:28 ` Mark Brown
2020-02-12 19:28 ` Mark Brown
2020-02-26 5:49 ` Kees Cook
2020-02-26 5:49 ` Kees Cook
2020-02-26 5:49 ` Kees Cook
2020-02-26 11:20 ` Mark Brown
2020-02-26 11:20 ` Mark Brown
2020-02-26 11:20 ` Mark Brown
2020-02-12 19:28 ` [PATCH v6 02/11] ELF: Add ELF program property parsing support Mark Brown
2020-02-12 19:28 ` Mark Brown
2020-02-12 19:28 ` Mark Brown
2020-02-12 19:28 ` [PATCH v6 03/11] arm64: Basic Branch Target Identification support Mark Brown
2020-02-12 19:28 ` Mark Brown
2020-02-12 19:28 ` Mark Brown
2020-02-12 19:28 ` [PATCH v6 04/11] elf: Allow arch to tweak initial mmap prot flags Mark Brown
2020-02-12 19:28 ` Mark Brown
2020-02-12 19:28 ` Mark Brown
2020-02-12 19:29 ` [PATCH v6 05/11] arm64: elf: Enable BTI at exec based on ELF program properties Mark Brown
2020-02-12 19:29 ` Mark Brown
2020-02-12 19:29 ` Mark Brown
2020-02-25 13:28 ` Amit Kachhap
2020-02-25 13:28 ` Amit Kachhap
2020-02-25 13:28 ` Amit Kachhap
2020-02-25 17:27 ` Mark Brown
2020-02-25 17:27 ` Mark Brown
2020-02-25 17:27 ` Mark Brown
2020-02-26 5:47 ` Kees Cook
2020-02-26 5:47 ` Kees Cook
2020-02-26 5:47 ` Kees Cook
2020-02-12 19:29 ` [PATCH v6 06/11] arm64: BTI: Decode BTYPE bits when printing PSTATE Mark Brown
2020-02-12 19:29 ` Mark Brown
2020-02-12 19:29 ` Mark Brown
2020-02-12 19:29 ` [PATCH v6 07/11] arm64: unify native/compat instruction skipping Mark Brown
2020-02-12 19:29 ` Mark Brown
2020-02-12 19:29 ` Mark Brown
2020-02-12 19:29 ` [PATCH v6 08/11] arm64: traps: Shuffle code to eliminate forward declarations Mark Brown
2020-02-12 19:29 ` Mark Brown
2020-02-12 19:29 ` Mark Brown
2020-02-12 19:29 ` [PATCH v6 09/11] arm64: BTI: Reset BTYPE when skipping emulated instructions Mark Brown
2020-02-12 19:29 ` Mark Brown
2020-02-12 19:29 ` Mark Brown
2020-02-12 19:29 ` [PATCH v6 10/11] KVM: " Mark Brown
2020-02-12 19:29 ` Mark Brown
2020-02-12 19:29 ` Mark Brown
2020-02-15 11:56 ` Marc Zyngier
2020-02-15 11:56 ` Marc Zyngier
2020-02-15 11:56 ` Marc Zyngier
2020-02-12 19:29 ` [PATCH v6 11/11] arm64: mm: Display guarded pages in ptdump Mark Brown
2020-02-12 19:29 ` Mark Brown
2020-02-12 19:29 ` Mark Brown
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200212192906.53366-1-broonie@kernel.org \
--to=broonie@kernel.org \
--cc=amit.kachhap@arm.com \
--cc=arnd@arndb.de \
--cc=catalin.marinas@arm.com \
--cc=drjones@redhat.com \
--cc=esyr@redhat.com \
--cc=fweimer@redhat.com \
--cc=hjl.tools@gmail.com \
--cc=jannh@google.com \
--cc=keescook@chromium.org \
--cc=kristina.martsenko@arm.com \
--cc=maz@kernel.org \
--cc=paul.elliott@arm.com \
--cc=peterz@infradead.org \
--cc=richard.henderson@linaro.org \
--cc=sudi.das@arm.com \
--cc=szabolcs.nagy@arm.com \
--cc=tglx@linutronix.de \
--cc=vincenzo.frascino@arm.com \
--cc=viro@zeniv.linux.org.uk \
--cc=will@kernel.org \
--cc=yu-cheng.yu@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.