From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id 61304C636CD
	for <linux-arm-kernel@archiver.kernel.org>; Wed,  1 Feb 2023 13:26:59 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20210309; h=Sender:
	Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:
	List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:
	Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description:
	Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
	List-Owner; bh=U3c0qh4WfQ8oT47AUi4qOS8OQdJaT0xcmZy4cH6DK5s=; b=Jtozf8VNJ0+5lC
	AVKqwMAW1jMY6iI9YoBZj62hCKuCgs6GbDeXvr5xRyB5zfK/j3NjmKi6sgP0k37mFXEaVhjGM1aTG
	7o3YT47ldTmMP8qE5W33s0hL15IVj0eeBiJMRt6c66Xkg7+TKhQD+wht6t+ycxAaK4royvLAwjNyS
	ENAqe179Xjvnxb/F+SoZpyLPhPRS6QoK41bRFAEHmW06uehfVyqjdJzLmLglZOOTZDC3yOVnJ8Hbu
	WK+6lWTFdu0i1kazEy3DSHn55I5IIxtrJjW3US/bcch589GYNpKhUBDNpmCFShiXTvJiGgzZVjgki
	brL7VW/w4s32SW0mnI1g==;
Received: from localhost ([::1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux))
	id 1pND7n-00C2xK-Md; Wed, 01 Feb 2023 13:26:07 +0000
Received: from dfw.source.kernel.org ([2604:1380:4641:c500::1])
	by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux))
	id 1pND7W-00C2s1-37
	for linux-arm-kernel@lists.infradead.org; Wed, 01 Feb 2023 13:25:51 +0000
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by dfw.source.kernel.org (Postfix) with ESMTPS id AF8EA617A8;
	Wed,  1 Feb 2023 13:25:49 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 146C4C433A0;
	Wed,  1 Feb 2023 13:25:47 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1675257949;
	bh=WsMYBTzQwtfr7VHa+Yp3YtdRpvv4/gcwXOJNhdMaYF4=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=t226Jetz03M9YbM8jju1oIRhMYFPojBiOTUzY0iCOKSifUlTKRVXKASzhzHFIFHyw
	 qboIMjx1yyIkEEDTWnmI352IxKis8t43pKXM3jExeMYahwHjvy+YZG8UcODJxvOrRp
	 eMbiBzd37+vlYYFCy15PaT3nWt3PeHOJSXVHdWkyVJMY4vgg4Z/v0q2laRhSKtY0Zf
	 KUGumMPZuS7BBWxCL9RvwJL2tWFr5892rOQmWgNKRnzVfJ9TYFYQAVNtAYjKbZQYAZ
	 kXbdckakSIvgkBwwF8m3leyQtkgs9vQarNNy1RegQhaIXV3MI0vkhvuKA8amySDr4J
	 591QAjOhrLoqg==
From: Ard Biesheuvel <ardb@kernel.org>
To: linux-efi@vger.kernel.org
Cc: linux-arm-kernel@lists.infradead.org,
	Ard Biesheuvel <ardb@kernel.org>,
	Catalin Marinas <catalin.marinas@arm.com>,
	Will Deacon <will@kernel.org>,
	Kees Cook <keescook@chromium.org>,
	Mark Rutland <mark.rutland@arm.com>
Subject: [PATCH 2/2] efi: arm64: Wire up BTI annotation in memory attributes table
Date: Wed,  1 Feb 2023 14:25:40 +0100
Message-Id: <20230201132540.2196065-3-ardb@kernel.org>
X-Mailer: git-send-email 2.39.0
In-Reply-To: <20230201132540.2196065-1-ardb@kernel.org>
References: <20230201132540.2196065-1-ardb@kernel.org>
MIME-Version: 1.0
X-Developer-Signature: v=1; a=openpgp-sha256; l=1976; i=ardb@kernel.org; h=from:subject; bh=WsMYBTzQwtfr7VHa+Yp3YtdRpvv4/gcwXOJNhdMaYF4=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBj2mhTE35eHSzyUwwIe7ahC7aV00BTCDk70Hkfr C0SIlWB6L6JAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCY9poUwAKCRDDTyI5ktmP JI+bC/9Hvi9k74QktoS0ap39LVhC39lghnseJ6rw25VLpyJ/AfN8ELq8HLIYs//7i6vwzQ8/btm KP2+yZfoeNvV7JUKjmWegSrfPMXZ6ypbhF9jgKQ7Cm7EdSv12h1ej614U2LwQ163jEF+Eet2HSK jS7hVfSIMHbzL4utLGCTO8jXY7apKC5EVMx/IBtrRMaPPIqwUlpueGpCc4fb0S8Rc3/DWA1jpEv cS+9saZimBsQWMpnyhikAkL5XPqat7IhlCFGCWZK1mQBamY5FqrIcpPG1eRKQTbwEYJg2g9gTGD Y2vO1OVHOyN6lyoaISj3PGA1t+tyRjNP6p457/WksKys9bSgE7iPUKyu5/PHhnOK10zGgDzl3Cl Lm5RNseGa8Fcya++0nNzXuyrmhv9t8RcKGLcocW2FQ/TD7hFzlE9K5ndz5sTjvnMxf1xjRPrR8O lSqIAKReVwWEv+nhEN5L5m7pJ9Slu/7cm7i/QxAUNp81DOyItty4XPv+B81yjQ5nI+Hvc=
X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20230201_052550_226240_3796FF7A 
X-CRM114-Status: GOOD (  13.92  )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org

UEFI v2.10 extends the EFI memory attributes table with a flag that
indicates whether or not all RuntimeServicesCode regions were
constructed with BTI landing pads, permitting the OS to map these
regions with BTI restrictions enabled.

So let's take this into account on arm64.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 arch/arm64/kernel/efi.c | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/arch/arm64/kernel/efi.c b/arch/arm64/kernel/efi.c
index 908499486b00274e..6a61553b64c51dcd 100644
--- a/arch/arm64/kernel/efi.c
+++ b/arch/arm64/kernel/efi.c
@@ -97,15 +97,24 @@ int __init efi_create_mapping(struct mm_struct *mm, efi_memory_desc_t *md)
 	return 0;
 }
 
+struct set_perm_data {
+	const efi_memory_desc_t	*md;
+	bool			has_bti;
+};
+
 static int __init set_permissions(pte_t *ptep, unsigned long addr, void *data)
 {
-	efi_memory_desc_t *md = data;
+	struct set_perm_data *spd = data;
+	const efi_memory_desc_t *md = spd->md;
 	pte_t pte = READ_ONCE(*ptep);
 
 	if (md->attribute & EFI_MEMORY_RO)
 		pte = set_pte_bit(pte, __pgprot(PTE_RDONLY));
 	if (md->attribute & EFI_MEMORY_XP)
 		pte = set_pte_bit(pte, __pgprot(PTE_PXN));
+	else if (IS_ENABLED(CONFIG_ARM64_BTI_KERNEL) &&
+		 system_supports_bti() && spd->has_bti)
+		pte = set_pte_bit(pte, __pgprot(PTE_GP));
 	set_pte(ptep, pte);
 	return 0;
 }
@@ -114,6 +123,8 @@ int __init efi_set_mapping_permissions(struct mm_struct *mm,
 				       efi_memory_desc_t *md,
 				       bool has_bti)
 {
+	struct set_perm_data data = { md, has_bti };
+
 	BUG_ON(md->type != EFI_RUNTIME_SERVICES_CODE &&
 	       md->type != EFI_RUNTIME_SERVICES_DATA);
 
@@ -129,7 +140,7 @@ int __init efi_set_mapping_permissions(struct mm_struct *mm,
 	 */
 	return apply_to_page_range(mm, md->virt_addr,
 				   md->num_pages << EFI_PAGE_SHIFT,
-				   set_permissions, md);
+				   set_permissions, &data);
 }
 
 /*
-- 
2.39.0


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel