From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.8 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH, MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 81488C4363A for ; Mon, 26 Oct 2020 13:36:40 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 1E58F206DD for ; Mon, 26 Oct 2020 13:36:40 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="CGeY44SU" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 1E58F206DD Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=arm.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:MIME-Version:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:References:In-Reply-To:Message-Id:Date:Subject:To: From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=prEDMICy0Tvtub78jn+edIRZ7BYuwDwZ7MCk6co6SS4=; b=CGeY44SU0XdDQMogCg6X/7GMNJ d+eAvWXjHmhkNrCB96Ovin6Q7CA0ccShYARpD4SRJLmEbPL9uSk7d0RGt03VXvM3uIN0wAOItxSQl g/aMG8oHeve8hYx/D//MhwxCQVMqdqqhfz2oj7/sjLnki8xd7/n70m8NVs/+nhkorERA9TZeMkRB9 Ze2O12FEnWdUYmgktec3T01TQgrVGhDuuT5jT9FBSrEsuXqHbCzRjgQIYVuA4603VcIE9YmcEM+pH 9680nkGw/94Z4QfZ0XX4G8Gj9hBScwJliVDcMzFFdbpwlwYMjQFkf83zEDAHdIbqQT4mKI7XeEtnG 81vtNi2A==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1kX2cy-0006wq-PP; Mon, 26 Oct 2020 13:33:37 +0000 Received: from foss.arm.com ([217.140.110.172]) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1kX2br-0006YJ-L7 for linux-arm-kernel@lists.infradead.org; Mon, 26 Oct 2020 13:32:30 +0000 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id ED5E91516; Mon, 26 Oct 2020 06:32:26 -0700 (PDT) Received: from lakrids.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.121.207.14]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id EDEB33F68F; Mon, 26 Oct 2020 06:32:25 -0700 (PDT) From: Mark Rutland To: linux-arm-kernel@lists.infradead.org Subject: [PATCHv3 07/17] arm64: sdei: explicitly simulate PAN/UAO entry Date: Mon, 26 Oct 2020 13:31:46 +0000 Message-Id: <20201026133156.44186-8-mark.rutland@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20201026133156.44186-1-mark.rutland@arm.com> References: <20201026133156.44186-1-mark.rutland@arm.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20201026_093227_861472_C05CCD5C X-CRM114-Status: GOOD ( 19.64 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: mark.rutland@arm.com, catalin.marinas@arm.com, robin.murphy@arm.com, james.morse@arm.com, will@kernel.org, hch@lst.de MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org SDEI enters the kernel with a non-architectural exception which does not manipulate PSTATE bits (e.g. PAN, UAO) in the same way as architectural exceptions. We currently fix this up with a combination of __uaccess_enable_hw_pan() and force_uaccess_access_begin(), but this has a few problems: * When set_fs() is removed, force_uaccess_begin() will have no HW side-effects, and UAO will need to be reset elsewhere. * Kernels built without support for PAN or UAO will not reset these bits upon SDEI entry, and may inherit the values used by a VM, leading to unexpected behaviour. * Kernels built *with* support for PAN or UAO, when run on systems with mismatched support across CPUs, will not reset these bits upon SDEI entry, and may inherit the values used by a VM, leading to unexpected behaviour. To deal with all of these, let's always explicitly reset the PAN and UAO bits when an SDEI event is delivered to the kernel. As above, we must do so even when the kernel has chosen to not use PAN/UAO, or was not built with support for PAN/UAO generally. The existing system_uses_ttbr0_pan() is redefined in terms of system_uses_hw_pan() both for clarity and as a minor optimization when HW PAN is not selected. Signed-off-by: Mark Rutland Cc: Catalin Marinas Cc: Christoph Hellwig Cc: James Morse Cc: Will Deacon --- arch/arm64/include/asm/cpufeature.h | 22 +++++++++++++++++++++- arch/arm64/kernel/sdei.c | 19 ++++++++++++++----- 2 files changed, 35 insertions(+), 6 deletions(-) diff --git a/arch/arm64/include/asm/cpufeature.h b/arch/arm64/include/asm/cpufeature.h index f7e7144af174c..8f83582d370ec 100644 --- a/arch/arm64/include/asm/cpufeature.h +++ b/arch/arm64/include/asm/cpufeature.h @@ -645,10 +645,16 @@ static __always_inline bool system_supports_fpsimd(void) return !cpus_have_const_cap(ARM64_HAS_NO_FPSIMD); } +static inline bool system_uses_hw_pan(void) +{ + return IS_ENABLED(CONFIG_ARM64_PAN) && + cpus_have_const_cap(ARM64_HAS_PAN); +} + static inline bool system_uses_ttbr0_pan(void) { return IS_ENABLED(CONFIG_ARM64_SW_TTBR0_PAN) && - !cpus_have_const_cap(ARM64_HAS_PAN); + !system_uses_hw_pan(); } static __always_inline bool system_supports_sve(void) @@ -740,6 +746,20 @@ static inline bool cpu_has_hw_af(void) ID_AA64MMFR1_HADBS_SHIFT); } +static inline bool cpu_has_pan(void) +{ + u64 mmfr1 = read_cpuid(ID_AA64MMFR1_EL1); + return cpuid_feature_extract_unsigned_field(mmfr1, + ID_AA64MMFR1_PAN_SHIFT); +} + +static inline bool cpu_has_uao(void) +{ + u64 mmfr2 = read_cpuid(ID_AA64MMFR2_EL1); + return cpuid_feature_extract_unsigned_field(mmfr2, + ID_AA64MMFR2_UAO_SHIFT); +} + #ifdef CONFIG_ARM64_AMU_EXTN /* Check whether the cpu supports the Activity Monitors Unit (AMU) */ extern bool cpu_has_amu_feat(int cpu); diff --git a/arch/arm64/kernel/sdei.c b/arch/arm64/kernel/sdei.c index 4a5f24602aa0c..908d7be70eac0 100644 --- a/arch/arm64/kernel/sdei.c +++ b/arch/arm64/kernel/sdei.c @@ -216,6 +216,16 @@ static __kprobes unsigned long _sdei_handler(struct pt_regs *regs, return vbar + 0x480; } +static void __kprobes notrace __sdei_pstate_entry(void) +{ + if (system_uses_hw_pan()) + set_pstate_pan(1); + else if (cpu_has_pan()) + set_pstate_pan(0); + + if (cpu_has_uao()) + set_pstate_uao(0); +} asmlinkage __kprobes notrace unsigned long __sdei_handler(struct pt_regs *regs, struct sdei_registered_event *arg) @@ -224,12 +234,11 @@ __sdei_handler(struct pt_regs *regs, struct sdei_registered_event *arg) mm_segment_t orig_addr_limit; /* - * We didn't take an exception to get here, so the HW hasn't set PAN or - * cleared UAO, and the exception entry code hasn't reset addr_limit. - * Set PAN, then use force_uaccess_begin() to clear UAO and reset - * addr_limit. + * We didn't take an exception to get here, so the HW hasn't + * set/cleared bits in PSTATE that we may rely on. Intialize PAN/UAO, + * then use force_uaccess_begin() to reset addr_limit. */ - __uaccess_enable_hw_pan(); + __sdei_pstate_entry(); orig_addr_limit = force_uaccess_begin(); nmi_enter(); -- 2.11.0 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel