From: Mark Rutland <mark.rutland@arm.com>
To: linux-arm-kernel@lists.infradead.org
Cc: linux-arch@vger.kernel.org, arnd@arndb.de, jiong.wang@arm.com,
marc.zyngier@arm.com, catalin.marinas@arm.com,
will.deacon@arm.com, linux-kernel@vger.kernel.org,
kvmarm@lists.cs.columbia.edu
Subject: [RFC 5/9] arm64: Don't trap host pointer auth use to EL2
Date: Mon, 3 Apr 2017 16:19:21 +0100 [thread overview]
Message-ID: <1491232765-32501-6-git-send-email-mark.rutland@arm.com> (raw)
In-Reply-To: <1491232765-32501-1-git-send-email-mark.rutland@arm.com>
To allow EL0 (and/or EL1) to use pointer authentication functionality,
we must ensure that pointer authentication instructions and accesses to
pointer authentication keys are not trapped to EL2 (where we will not be
able to handle them).
This patch ensures that HCR_EL2 is configured appropriately when the
kernel is booted at EL2. For non-VHE kernels we set HCR_EL2.{API,APK},
ensuring that EL1 can access keys and permit EL0 use of instructions.
For VHE kernels, EL2 access is controlled by EL3, and we need not set
anything.
This does not enable support for KVM guests, since KVM manages HCR_EL2
itself.
Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Christoffer Dall <christoffer.dall@linaro.org>
Cc: Marc Zyngier <marc.zyngier@arm.com>
Cc: Will Deacon <will.deacon@arm.com>
Cc: kvmarm@lists.cs.columbia.edu
---
arch/arm64/include/asm/kvm_arm.h | 2 ++
arch/arm64/kernel/head.S | 19 +++++++++++++++++--
2 files changed, 19 insertions(+), 2 deletions(-)
diff --git a/arch/arm64/include/asm/kvm_arm.h b/arch/arm64/include/asm/kvm_arm.h
index 6e99978..d8a1271 100644
--- a/arch/arm64/include/asm/kvm_arm.h
+++ b/arch/arm64/include/asm/kvm_arm.h
@@ -23,6 +23,8 @@
#include <asm/types.h>
/* Hyp Configuration Register (HCR) bits */
+#define HCR_API (UL(1) << 41)
+#define HCR_APK (UL(1) << 40)
#define HCR_E2H (UL(1) << 34)
#define HCR_ID (UL(1) << 33)
#define HCR_CD (UL(1) << 32)
diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S
index 0b13748..9f3f49f 100644
--- a/arch/arm64/kernel/head.S
+++ b/arch/arm64/kernel/head.S
@@ -562,10 +562,25 @@ CPU_LE( bic x0, x0, #(1 << 25) ) // Clear the EE bit for EL2
/* Hyp configuration. */
mov x0, #HCR_RW // 64-bit EL1
- cbz x2, set_hcr
+ cbz x2, 1f
orr x0, x0, #HCR_TGE // Enable Host Extensions
orr x0, x0, #HCR_E2H
-set_hcr:
+1:
+#ifdef CONFIG_ARM64_POINTER_AUTHENTICATION
+ /*
+ * Disable pointer authentication traps to EL2. The HCR_EL2.{APK,API}
+ * bits exist iff at least one authentication mechanism is implemented.
+ */
+ mrs x1, id_aa64isar1_el1
+ mov_q x3, ((0xf << ID_AA64ISAR1_GPI_SHIFT) | \
+ (0xf << ID_AA64ISAR1_GPA_SHIFT) | \
+ (0xf << ID_AA64ISAR1_API_SHIFT) | \
+ (0xf << ID_AA64ISAR1_APA_SHIFT))
+ and x1, x1, x3
+ cbz x1, 1f
+ orr x0, x0, #(HCR_APK | HCR_API)
+1:
+#endif
msr hcr_el2, x0
isb
--
1.9.1
WARNING: multiple messages have this Message-ID (diff)
From: Mark Rutland <mark.rutland@arm.com>
To: linux-arm-kernel@lists.infradead.org
Cc: linux-kernel@vger.kernel.org, arnd@arndb.de,
catalin.marinas@arm.com, christoffer.dall@linaro.org,
jiong.wang@arm.com, kvmarm@lists.cs.columbia.edu,
linux-arch@vger.kernel.org, marc.zyngier@arm.com,
mark.rutland@arm.com, suzuki.poulose@arm.com,
will.deacon@arm.com
Subject: [RFC 5/9] arm64: Don't trap host pointer auth use to EL2
Date: Mon, 3 Apr 2017 16:19:21 +0100 [thread overview]
Message-ID: <1491232765-32501-6-git-send-email-mark.rutland@arm.com> (raw)
Message-ID: <20170403151921.myh9CHNPewjt6qn5YKDe81rnMlAOm1Zb2_OfbtgLGpU@z> (raw)
In-Reply-To: <1491232765-32501-1-git-send-email-mark.rutland@arm.com>
To allow EL0 (and/or EL1) to use pointer authentication functionality,
we must ensure that pointer authentication instructions and accesses to
pointer authentication keys are not trapped to EL2 (where we will not be
able to handle them).
This patch ensures that HCR_EL2 is configured appropriately when the
kernel is booted at EL2. For non-VHE kernels we set HCR_EL2.{API,APK},
ensuring that EL1 can access keys and permit EL0 use of instructions.
For VHE kernels, EL2 access is controlled by EL3, and we need not set
anything.
This does not enable support for KVM guests, since KVM manages HCR_EL2
itself.
Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Christoffer Dall <christoffer.dall@linaro.org>
Cc: Marc Zyngier <marc.zyngier@arm.com>
Cc: Will Deacon <will.deacon@arm.com>
Cc: kvmarm@lists.cs.columbia.edu
---
arch/arm64/include/asm/kvm_arm.h | 2 ++
arch/arm64/kernel/head.S | 19 +++++++++++++++++--
2 files changed, 19 insertions(+), 2 deletions(-)
diff --git a/arch/arm64/include/asm/kvm_arm.h b/arch/arm64/include/asm/kvm_arm.h
index 6e99978..d8a1271 100644
--- a/arch/arm64/include/asm/kvm_arm.h
+++ b/arch/arm64/include/asm/kvm_arm.h
@@ -23,6 +23,8 @@
#include <asm/types.h>
/* Hyp Configuration Register (HCR) bits */
+#define HCR_API (UL(1) << 41)
+#define HCR_APK (UL(1) << 40)
#define HCR_E2H (UL(1) << 34)
#define HCR_ID (UL(1) << 33)
#define HCR_CD (UL(1) << 32)
diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S
index 0b13748..9f3f49f 100644
--- a/arch/arm64/kernel/head.S
+++ b/arch/arm64/kernel/head.S
@@ -562,10 +562,25 @@ CPU_LE( bic x0, x0, #(1 << 25) ) // Clear the EE bit for EL2
/* Hyp configuration. */
mov x0, #HCR_RW // 64-bit EL1
- cbz x2, set_hcr
+ cbz x2, 1f
orr x0, x0, #HCR_TGE // Enable Host Extensions
orr x0, x0, #HCR_E2H
-set_hcr:
+1:
+#ifdef CONFIG_ARM64_POINTER_AUTHENTICATION
+ /*
+ * Disable pointer authentication traps to EL2. The HCR_EL2.{APK,API}
+ * bits exist iff at least one authentication mechanism is implemented.
+ */
+ mrs x1, id_aa64isar1_el1
+ mov_q x3, ((0xf << ID_AA64ISAR1_GPI_SHIFT) | \
+ (0xf << ID_AA64ISAR1_GPA_SHIFT) | \
+ (0xf << ID_AA64ISAR1_API_SHIFT) | \
+ (0xf << ID_AA64ISAR1_APA_SHIFT))
+ and x1, x1, x3
+ cbz x1, 1f
+ orr x0, x0, #(HCR_APK | HCR_API)
+1:
+#endif
msr hcr_el2, x0
isb
--
1.9.1
next prev parent reply other threads:[~2017-04-03 15:19 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-03 15:19 [RFC 0/9] ARMv8.3 pointer authentication userspace support Mark Rutland
2017-04-03 15:19 ` [RFC 1/9] asm-generic: mm_hooks: allow hooks to be overridden individually Mark Rutland
2017-04-03 15:19 ` Mark Rutland
2017-04-03 15:19 ` [RFC 2/9] arm64: add pointer authentication register bits Mark Rutland
2017-04-03 15:19 ` Mark Rutland
2017-04-03 15:19 ` [RFC 3/9] arm64/cpufeature: add ARMv8.3 id_aa64isar1 bits Mark Rutland
2017-04-03 15:19 ` Mark Rutland
2017-04-03 15:19 ` [RFC 4/9] arm64/cpufeature: detect pointer authentication Mark Rutland
2017-04-03 15:19 ` Mark Rutland
2017-04-03 15:19 ` Mark Rutland [this message]
2017-04-03 15:19 ` [RFC 5/9] arm64: Don't trap host pointer auth use to EL2 Mark Rutland
2017-04-03 15:19 ` [RFC 6/9] arm64: add basic pointer authentication support Mark Rutland
2017-04-03 15:19 ` Mark Rutland
2017-04-03 15:19 ` [RFC 7/9] arm64: expose PAC bit positions via ptrace Mark Rutland
2017-04-03 15:19 ` Mark Rutland
2017-07-25 12:11 ` Dave Martin
2017-07-25 14:59 ` Mark Rutland
2017-07-25 15:06 ` Dave Martin
2017-04-03 15:19 ` [RFC 8/9] arm64/kvm: context-switch PAC registers Mark Rutland
2017-04-03 15:19 ` Mark Rutland
2017-04-07 15:41 ` Marc Zyngier
2017-04-03 15:19 ` [RFC 9/9] arm64: docs: document pointer authentication Mark Rutland
2017-04-07 15:09 ` [RFC 0/9] ARMv8.3 pointer authentication userspace support Adam Wallis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1491232765-32501-6-git-send-email-mark.rutland@arm.com \
--to=mark.rutland@arm.com \
--cc=arnd@arndb.de \
--cc=catalin.marinas@arm.com \
--cc=jiong.wang@arm.com \
--cc=kvmarm@lists.cs.columbia.edu \
--cc=linux-arch@vger.kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=marc.zyngier@arm.com \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).