From: Yu-cheng Yu <yu-cheng.yu@intel.com>
To: x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>,
linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org,
linux-mm@kvack.org, linux-arch@vger.kernel.org,
linux-api@vger.kernel.org, Arnd Bergmann <arnd@arndb.de>,
Andy Lutomirski <luto@kernel.org>,
Balbir Singh <bsingharora@gmail.com>,
Borislav Petkov <bp@alien8.de>,
Cyrill Gorcunov <gorcunov@gmail.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
Eugene Syromiatnikov <esyr@redhat.com>,
Florian Weimer <fweimer@redhat.com>,
"H.J. Lu" <hjl.tools@gmail.com>, Jann Horn <jannh@google.com>,
Jonathan Corbet <corbet@lwn.net>,
Kees Cook <keescook@chromium.org>,
Mike Kravetz <mike.kravetz@oracle.com>,
Nadav Amit <nadav.amit@gmail.com>,
Oleg Nesterov <oleg@redhat.com>, Pavel Machek <pavel@ucw.cz>,
Peter Zijlstra <peterz@infradead.org>,
Randy Dunlap <rdunlap@infradead.org>,
"Ravi V. Shankar" <ravi.v.shankar@intel.com>,
Vedvyas Shanbhogue <vedvyas.shanbhogue@intel.com>,
Dave Martin <Dave.Martin@arm.com>,
Weijiang Yang <weijiang.yang@intel.com>
Cc: Yu-cheng Yu <yu-cheng.yu@intel.com>
Subject: [RFC PATCH 1/5] x86/cet/shstk: Modify ARCH_X86_CET_ALLOC_SHSTK for 32-bit address range
Date: Thu, 21 May 2020 14:17:16 -0700 [thread overview]
Message-ID: <20200521211720.20236-2-yu-cheng.yu@intel.com> (raw)
In-Reply-To: <20200521211720.20236-1-yu-cheng.yu@intel.com>
Sometimes a 64-bit task might need to have a shadow stack allocated from
within 32-bit address range. One example is selftests/x86/sigreturn.
Currently arch_prctl(ARCH_X86_CET_ALLOC_SHSTK) takes a input parameter for
the desired shadow stack size. Modify it and use bit[0] of the parameter
to indicate the desire to allocate from 32-bit address range.
Signed-off-by: Yu-cheng Yu <yu-cheng.yu@intel.com>
---
arch/x86/include/asm/cet.h | 2 +-
arch/x86/include/uapi/asm/prctl.h | 2 ++
arch/x86/kernel/cet.c | 19 ++++++++++++-------
arch/x86/kernel/cet_prctl.c | 6 +++++-
4 files changed, 20 insertions(+), 9 deletions(-)
diff --git a/arch/x86/include/asm/cet.h b/arch/x86/include/asm/cet.h
index f163c805a559..534b02785a39 100644
--- a/arch/x86/include/asm/cet.h
+++ b/arch/x86/include/asm/cet.h
@@ -22,7 +22,7 @@ struct cet_status {
int prctl_cet(int option, u64 arg2);
int cet_setup_shstk(void);
int cet_setup_thread_shstk(struct task_struct *p);
-int cet_alloc_shstk(unsigned long *arg);
+int cet_alloc_shstk(unsigned long *arg, int map_32bit);
void cet_disable_free_shstk(struct task_struct *p);
int cet_verify_rstor_token(bool ia32, unsigned long ssp, unsigned long *new_ssp);
void cet_restore_signal(struct sc_ext *sc);
diff --git a/arch/x86/include/uapi/asm/prctl.h b/arch/x86/include/uapi/asm/prctl.h
index d962f0ec9ccf..e254c6a21475 100644
--- a/arch/x86/include/uapi/asm/prctl.h
+++ b/arch/x86/include/uapi/asm/prctl.h
@@ -19,4 +19,6 @@
#define ARCH_X86_CET_LOCK 0x3003
#define ARCH_X86_CET_ALLOC_SHSTK 0x3004
+#define ARCH_X86_CET_ALLOC_SHSTK_32BIT 0x1UL
+
#endif /* _ASM_X86_PRCTL_H */
diff --git a/arch/x86/kernel/cet.c b/arch/x86/kernel/cet.c
index 92b8730c0b08..d6f93e1864b2 100644
--- a/arch/x86/kernel/cet.c
+++ b/arch/x86/kernel/cet.c
@@ -57,14 +57,19 @@ static unsigned long cet_get_shstk_addr(void)
return ssp;
}
-static unsigned long alloc_shstk(unsigned long size)
+static unsigned long alloc_shstk(unsigned long size, int map_32bit)
{
struct mm_struct *mm = current->mm;
unsigned long addr, populate;
+ unsigned long map_flags;
+
+ map_flags = MAP_ANONYMOUS | MAP_PRIVATE;
+ if (map_32bit)
+ map_flags |= MAP_32BIT;
down_write(&mm->mmap_sem);
- addr = do_mmap(NULL, 0, size, PROT_READ, MAP_ANONYMOUS | MAP_PRIVATE,
- VM_SHSTK, 0, &populate, NULL);
+ addr = do_mmap(NULL, 0, size, PROT_READ, map_flags, VM_SHSTK, 0,
+ &populate, NULL);
up_write(&mm->mmap_sem);
if (populate)
@@ -147,14 +152,14 @@ static int create_rstor_token(bool ia32, unsigned long ssp,
return 0;
}
-int cet_alloc_shstk(unsigned long *arg)
+int cet_alloc_shstk(unsigned long *arg, int map_32bit)
{
unsigned long len = *arg;
unsigned long addr;
unsigned long token;
unsigned long ssp;
- addr = alloc_shstk(round_up(len, PAGE_SIZE));
+ addr = alloc_shstk(round_up(len, PAGE_SIZE), map_32bit);
if (IS_ERR((void *)addr))
return PTR_ERR((void *)addr);
@@ -185,7 +190,7 @@ int cet_setup_shstk(void)
return -EOPNOTSUPP;
size = round_up(min(rlimit(RLIMIT_STACK), 1UL << 32), PAGE_SIZE);
- addr = alloc_shstk(size);
+ addr = alloc_shstk(size, 0);
if (IS_ERR((void *)addr))
return PTR_ERR((void *)addr);
@@ -226,7 +231,7 @@ int cet_setup_thread_shstk(struct task_struct *tsk)
if (in_compat_syscall())
size /= 4;
size = round_up(size, PAGE_SIZE);
- addr = alloc_shstk(size);
+ addr = alloc_shstk(size, 0);
if (IS_ERR((void *)addr)) {
cet->shstk_base = 0;
diff --git a/arch/x86/kernel/cet_prctl.c b/arch/x86/kernel/cet_prctl.c
index a8e68fefd524..364ed2420202 100644
--- a/arch/x86/kernel/cet_prctl.c
+++ b/arch/x86/kernel/cet_prctl.c
@@ -35,12 +35,16 @@ static int handle_alloc_shstk(u64 arg2)
unsigned long arg;
unsigned long addr = 0;
unsigned long size = 0;
+ int map_32bit;
if (get_user(arg, (unsigned long __user *)arg2))
return -EFAULT;
+ map_32bit = (arg & ARCH_X86_CET_ALLOC_SHSTK_32BIT) ? 1 : 0;
+ arg &= ~(ARCH_X86_CET_ALLOC_SHSTK_32BIT);
+
size = arg;
- err = cet_alloc_shstk(&arg);
+ err = cet_alloc_shstk(&arg, map_32bit);
if (err)
return err;
--
2.21.0
WARNING: multiple messages have this Message-ID (diff)
From: Yu-cheng Yu <yu-cheng.yu-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
To: x86-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org,
"H. Peter Anvin" <hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org>,
Thomas Gleixner <tglx-hfZtesqFncYOwBW4kG4KsQ@public.gmane.org>,
Ingo Molnar <mingo-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-doc-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-mm-Bw31MaZKKs3YtjvyW6yDsg@public.gmane.org,
linux-arch-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
Arnd Bergmann <arnd-r2nGTMty4D4@public.gmane.org>,
Andy Lutomirski <luto-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>,
Balbir Singh
<bsingharora-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>,
Borislav Petkov <bp-Gina5bIWoIWzQB+pC5nmwQ@public.gmane.org>,
Cyrill Gorcunov
<gorcunov-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>,
Dave Hansen <dave.hansen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>,
Eugene Syromiatnikov
<esyr-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
Florian Weimer <fweimer-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
"H.J. Lu" <hjl.tools-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>,
Jann Horn <jannh-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>,
Jonathan Corbet <corbet-T1hC0tSOHrs@public.gmane.org>,
Kees Cook <keescook-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>,
Mike Kravetz
<mike.kravetz-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org>,
Nadav Amit <nadav.amit-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
Cc: Yu-cheng Yu <yu-cheng.yu-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
Subject: [RFC PATCH 1/5] x86/cet/shstk: Modify ARCH_X86_CET_ALLOC_SHSTK for 32-bit address range
Date: Thu, 21 May 2020 14:17:16 -0700 [thread overview]
Message-ID: <20200521211720.20236-2-yu-cheng.yu@intel.com> (raw)
In-Reply-To: <20200521211720.20236-1-yu-cheng.yu-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
Sometimes a 64-bit task might need to have a shadow stack allocated from
within 32-bit address range. One example is selftests/x86/sigreturn.
Currently arch_prctl(ARCH_X86_CET_ALLOC_SHSTK) takes a input parameter for
the desired shadow stack size. Modify it and use bit[0] of the parameter
to indicate the desire to allocate from 32-bit address range.
Signed-off-by: Yu-cheng Yu <yu-cheng.yu-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
---
arch/x86/include/asm/cet.h | 2 +-
arch/x86/include/uapi/asm/prctl.h | 2 ++
arch/x86/kernel/cet.c | 19 ++++++++++++-------
arch/x86/kernel/cet_prctl.c | 6 +++++-
4 files changed, 20 insertions(+), 9 deletions(-)
diff --git a/arch/x86/include/asm/cet.h b/arch/x86/include/asm/cet.h
index f163c805a559..534b02785a39 100644
--- a/arch/x86/include/asm/cet.h
+++ b/arch/x86/include/asm/cet.h
@@ -22,7 +22,7 @@ struct cet_status {
int prctl_cet(int option, u64 arg2);
int cet_setup_shstk(void);
int cet_setup_thread_shstk(struct task_struct *p);
-int cet_alloc_shstk(unsigned long *arg);
+int cet_alloc_shstk(unsigned long *arg, int map_32bit);
void cet_disable_free_shstk(struct task_struct *p);
int cet_verify_rstor_token(bool ia32, unsigned long ssp, unsigned long *new_ssp);
void cet_restore_signal(struct sc_ext *sc);
diff --git a/arch/x86/include/uapi/asm/prctl.h b/arch/x86/include/uapi/asm/prctl.h
index d962f0ec9ccf..e254c6a21475 100644
--- a/arch/x86/include/uapi/asm/prctl.h
+++ b/arch/x86/include/uapi/asm/prctl.h
@@ -19,4 +19,6 @@
#define ARCH_X86_CET_LOCK 0x3003
#define ARCH_X86_CET_ALLOC_SHSTK 0x3004
+#define ARCH_X86_CET_ALLOC_SHSTK_32BIT 0x1UL
+
#endif /* _ASM_X86_PRCTL_H */
diff --git a/arch/x86/kernel/cet.c b/arch/x86/kernel/cet.c
index 92b8730c0b08..d6f93e1864b2 100644
--- a/arch/x86/kernel/cet.c
+++ b/arch/x86/kernel/cet.c
@@ -57,14 +57,19 @@ static unsigned long cet_get_shstk_addr(void)
return ssp;
}
-static unsigned long alloc_shstk(unsigned long size)
+static unsigned long alloc_shstk(unsigned long size, int map_32bit)
{
struct mm_struct *mm = current->mm;
unsigned long addr, populate;
+ unsigned long map_flags;
+
+ map_flags = MAP_ANONYMOUS | MAP_PRIVATE;
+ if (map_32bit)
+ map_flags |= MAP_32BIT;
down_write(&mm->mmap_sem);
- addr = do_mmap(NULL, 0, size, PROT_READ, MAP_ANONYMOUS | MAP_PRIVATE,
- VM_SHSTK, 0, &populate, NULL);
+ addr = do_mmap(NULL, 0, size, PROT_READ, map_flags, VM_SHSTK, 0,
+ &populate, NULL);
up_write(&mm->mmap_sem);
if (populate)
@@ -147,14 +152,14 @@ static int create_rstor_token(bool ia32, unsigned long ssp,
return 0;
}
-int cet_alloc_shstk(unsigned long *arg)
+int cet_alloc_shstk(unsigned long *arg, int map_32bit)
{
unsigned long len = *arg;
unsigned long addr;
unsigned long token;
unsigned long ssp;
- addr = alloc_shstk(round_up(len, PAGE_SIZE));
+ addr = alloc_shstk(round_up(len, PAGE_SIZE), map_32bit);
if (IS_ERR((void *)addr))
return PTR_ERR((void *)addr);
@@ -185,7 +190,7 @@ int cet_setup_shstk(void)
return -EOPNOTSUPP;
size = round_up(min(rlimit(RLIMIT_STACK), 1UL << 32), PAGE_SIZE);
- addr = alloc_shstk(size);
+ addr = alloc_shstk(size, 0);
if (IS_ERR((void *)addr))
return PTR_ERR((void *)addr);
@@ -226,7 +231,7 @@ int cet_setup_thread_shstk(struct task_struct *tsk)
if (in_compat_syscall())
size /= 4;
size = round_up(size, PAGE_SIZE);
- addr = alloc_shstk(size);
+ addr = alloc_shstk(size, 0);
if (IS_ERR((void *)addr)) {
cet->shstk_base = 0;
diff --git a/arch/x86/kernel/cet_prctl.c b/arch/x86/kernel/cet_prctl.c
index a8e68fefd524..364ed2420202 100644
--- a/arch/x86/kernel/cet_prctl.c
+++ b/arch/x86/kernel/cet_prctl.c
@@ -35,12 +35,16 @@ static int handle_alloc_shstk(u64 arg2)
unsigned long arg;
unsigned long addr = 0;
unsigned long size = 0;
+ int map_32bit;
if (get_user(arg, (unsigned long __user *)arg2))
return -EFAULT;
+ map_32bit = (arg & ARCH_X86_CET_ALLOC_SHSTK_32BIT) ? 1 : 0;
+ arg &= ~(ARCH_X86_CET_ALLOC_SHSTK_32BIT);
+
size = arg;
- err = cet_alloc_shstk(&arg);
+ err = cet_alloc_shstk(&arg, map_32bit);
if (err)
return err;
--
2.21.0
next prev parent reply other threads:[~2020-05-21 21:17 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-21 21:17 [RFC PATCH 0/5] Update selftests/x86 for CET Yu-cheng Yu
2020-05-21 21:17 ` Yu-cheng Yu
2020-05-21 21:17 ` Yu-cheng Yu [this message]
2020-05-21 21:17 ` [RFC PATCH 1/5] x86/cet/shstk: Modify ARCH_X86_CET_ALLOC_SHSTK for 32-bit address range Yu-cheng Yu
2020-05-21 22:43 ` Kees Cook
2020-05-21 22:43 ` Kees Cook
2020-05-21 21:17 ` [RFC PATCH 2/5] selftest/x86: Enable CET for selftests/x86 Yu-cheng Yu
2020-05-21 21:17 ` Yu-cheng Yu
2020-05-21 22:44 ` Kees Cook
2020-05-21 22:44 ` Kees Cook
2020-05-21 22:58 ` Yu-cheng Yu
2020-05-21 22:58 ` Yu-cheng Yu
2020-05-21 21:17 ` [RFC PATCH 3/5] selftest/x86: Fix sigreturn_64 test Yu-cheng Yu
2020-05-21 21:17 ` Yu-cheng Yu
2020-05-21 22:47 ` Kees Cook
2020-05-21 22:47 ` Kees Cook
2020-05-21 22:48 ` Kees Cook
2020-05-21 22:48 ` Kees Cook
2020-05-21 21:17 ` [RFC PATCH 4/5] selftest/x86: Fix sysret_rip with ENDBR Yu-cheng Yu
2020-05-21 21:17 ` Yu-cheng Yu
2020-05-21 21:34 ` Thomas Gleixner
2020-05-21 21:34 ` Thomas Gleixner
2020-05-21 21:34 ` Thomas Gleixner
2020-05-21 22:59 ` Yu-cheng Yu
2020-05-21 22:59 ` Yu-cheng Yu
2020-05-21 21:17 ` [RFC PATCH 5/5] selftest/x86: Add CET quick test Yu-cheng Yu
2020-05-21 21:17 ` Yu-cheng Yu
2020-05-21 23:02 ` Kees Cook
2020-05-21 23:02 ` Kees Cook
2020-05-21 23:23 ` Yu-cheng Yu
2020-05-21 23:23 ` Yu-cheng Yu
2020-05-22 9:28 ` Peter Zijlstra
2020-05-22 9:28 ` Peter Zijlstra
2020-05-22 15:10 ` Yu-cheng Yu
2020-05-22 15:10 ` Yu-cheng Yu
2020-05-22 17:22 ` Kees Cook
2020-05-22 17:22 ` Kees Cook
2020-05-22 17:27 ` Peter Zijlstra
2020-05-22 17:27 ` Peter Zijlstra
2020-05-22 17:36 ` Kees Cook
2020-05-22 17:36 ` Kees Cook
2020-05-22 18:07 ` Yu-cheng Yu
2020-05-22 18:07 ` Yu-cheng Yu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200521211720.20236-2-yu-cheng.yu@intel.com \
--to=yu-cheng.yu@intel.com \
--cc=Dave.Martin@arm.com \
--cc=arnd@arndb.de \
--cc=bp@alien8.de \
--cc=bsingharora@gmail.com \
--cc=corbet@lwn.net \
--cc=dave.hansen@linux.intel.com \
--cc=esyr@redhat.com \
--cc=fweimer@redhat.com \
--cc=gorcunov@gmail.com \
--cc=hjl.tools@gmail.com \
--cc=hpa@zytor.com \
--cc=jannh@google.com \
--cc=keescook@chromium.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=mike.kravetz@oracle.com \
--cc=mingo@redhat.com \
--cc=nadav.amit@gmail.com \
--cc=oleg@redhat.com \
--cc=pavel@ucw.cz \
--cc=peterz@infradead.org \
--cc=ravi.v.shankar@intel.com \
--cc=rdunlap@infradead.org \
--cc=tglx@linutronix.de \
--cc=vedvyas.shanbhogue@intel.com \
--cc=weijiang.yang@intel.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.