From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id AFF1EC5472C for ; Sun, 25 Aug 2024 18:31:53 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 34B4E8D0022; Sun, 25 Aug 2024 14:31:50 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 2BA9D8D002B; Sun, 25 Aug 2024 14:31:50 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id CF1208D002D; Sun, 25 Aug 2024 14:31:49 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 6EDC08D0028 for ; Sun, 25 Aug 2024 14:31:49 -0400 (EDT) Received: from smtpin30.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 1D8B11A07F3 for ; Sun, 25 Aug 2024 18:31:49 +0000 (UTC) X-FDA: 82491611538.30.715C471 Received: from nyc.source.kernel.org (nyc.source.kernel.org [147.75.193.91]) by imf26.hostedemail.com (Postfix) with ESMTP id 816E0140004 for ; Sun, 25 Aug 2024 18:31:47 +0000 (UTC) Authentication-Results: imf26.hostedemail.com; dkim=none; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=arm.com (policy=none); spf=pass (imf26.hostedemail.com: domain of cmarinas@kernel.org designates 147.75.193.91 as permitted sender) smtp.mailfrom=cmarinas@kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1724610624; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=lCEafb5Rt6cFKxqC/+absNcN7DkLT1fgbJ6w7vgzUsM=; b=qxYo0ezhqL5/rZZ53yj5yNFkmb8Zc3CGDJMy+bGVKroQ3SdavYhGytdCXuuBAKkM/DQUrp uiY1hOhmI4bmJuP5HeizTzZdx1z5Nqz/S80+Jup/WqqQWZT4/TZpPFqBLPALDSgNIXTCyt w7oFgQBzwq39i3dH9Mltwh31JCCJ12I= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1724610624; a=rsa-sha256; cv=none; b=pdLJxgpDcD4SvFGU7ve5gWXabId/xWRmUQ1e55vStnecaQAhaDdiXBdOt5k93qx/hbkDmm XjfBMOMExofmccwnOAnrd9+pfojxAMo42tM4TozoPIKTDeezqPai+awmbjhTEmc2YnYby5 xFx1+ACwWLS3H0RTM3J6dDRlnL07+ic= ARC-Authentication-Results: i=1; imf26.hostedemail.com; dkim=none; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=arm.com (policy=none); spf=pass (imf26.hostedemail.com: domain of cmarinas@kernel.org designates 147.75.193.91 as permitted sender) smtp.mailfrom=cmarinas@kernel.org Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by nyc.source.kernel.org (Postfix) with ESMTP id 8EFE9A425B9; Fri, 23 Aug 2024 09:11:47 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 27A89C32786; Fri, 23 Aug 2024 09:11:47 +0000 (UTC) Date: Fri, 23 Aug 2024 10:11:45 +0100 From: Catalin Marinas To: Mark Brown Cc: Will Deacon , Jonathan Corbet , Andrew Morton , Marc Zyngier , Oliver Upton , James Morse , Suzuki K Poulose , Arnd Bergmann , Oleg Nesterov , Eric Biederman , Shuah Khan , "Rick P. Edgecombe" , Deepak Gupta , Ard Biesheuvel , Szabolcs Nagy , Kees Cook , "H.J. Lu" , Paul Walmsley , Palmer Dabbelt , Albert Ou , Florian Weimer , Christian Brauner , Thiago Jung Bauermann , Ross Burton , Yury Khrustalev , Wilco Dijkstra , linux-arm-kernel@lists.infradead.org, linux-doc@vger.kernel.org, kvmarm@lists.linux.dev, linux-fsdevel@vger.kernel.org, linux-arch@vger.kernel.org, linux-mm@kvack.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, linux-riscv@lists.infradead.org Subject: Re: [PATCH v11 24/39] arm64/signal: Set up and restore the GCS context for signal handlers Message-ID: References: <20240822-arm64-gcs-v11-0-41b81947ecb5@kernel.org> <20240822-arm64-gcs-v11-24-41b81947ecb5@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240822-arm64-gcs-v11-24-41b81947ecb5@kernel.org> X-Rspamd-Queue-Id: 816E0140004 X-Stat-Signature: x4gegownfn9xdpuc6a3t6uu81ma8uzeo X-Rspamd-Server: rspam09 X-Rspam-User: X-HE-Tag: 1724610707-726374 X-HE-Meta: U2FsdGVkX1/clRdO8u0fVogLSodzxmfHkyd/rCUJ9Wp8ZorDsPRQOt2Nd1RVAii0Qs4bWuqQQIidLr9GmMKzCeknUERpaACoL6Nc6ZBSqS7WSjnYLQx7QvOSgNPzE8S+esJWpm2wZtVq03DWnmGahyB7g/Dn8UX7dFZruXa4IWqJCgMaU3RJtZHaqZ3pHgVl2/d9xpFNZOTJ5H0nKEJR+M4V+vnG9aIvdIUXRzimK6LVVdN2+y/kM0Tpsk4xD2kyKvmV3xU4mexfdkv40eFdGyPIu7S1nHkwKqMcg+5XKh0sy5pKV0FmUEiWa3vB1QUDjlCQUSYjVeQzuhn/F4cID77f/3cvCs36VVFIG1AAP8FwTqeszOLKfb4e/7Rw1xEA961wW9Lx3DejxBmA4zA5grGuwpuPlne5RcC3iSwnWWYBBwabXMNGbZXYuYCiM0tzfFQQrgdWgTh/ko3xjpTibIrcmOhLXxlGmjeqfVH3envpF4WiL1mz2xd0gNhdKuLH9TPqGW7t4fjjWOhr++9L8M3fUEq9bKaPmupzLWAS+5428lKeozzFARJj3/+gcjtMr7YXyuazmIabTCQN5m6u7emhRGBRXXTw6AwJqSA2ssh5sxSPxApfLZ4PpoOlp2iNHDA3OYfSn7IIewFGGvLo4hBEFZ9JCIFdnVl2J5khuP1MRz5vzfDjVq91+LE/CUDGgfCFeh0B7XglGFt60Rtbrapv9atTldp9bxt+3j1o9I7pOlcsW4UMO7r9F0+46drGwaMm3bR++NT415IBSpy6WoV6eF9icbdEuAMrotRCI+NaOD+Nzv2dbI8gSeAn+4rNS3ESlFqp2QM589oFUTC+EAqVqR2Pv7CiahPZSUZO6Jp0LCz3eLTs2tZhA66u81gBtZVi0WhjR0I+Y0ZnJtV+XUYMriY0Jec1SK4Bn5j//95830NQyUQNphZfiAMm5t2WuKawIhFWJFFbmQ/3UPf HGRRS1xi rbnhKh2j164dMo5zTgpQA86goMD55rzpwjVqmagnC6y9EMLyhSJB2pxMwv9KuL4y9ZhLWLJog/m/2TTem08n/QoQKONa/by+YfE0/e4Q4zwfn3yaksE+7CzGG/OfRHLnJGiHx9N/hOyVzgh8fV7zS2wchDL2nlsEjIT233/Q59Il/dHYoeR/M1xNCmQihbpNnRsV+MvMxd1Aj8DlZIADZFikEGRURhMRwVrhqJMaCaOsjCPZohovcHvmRQ/70jMmV2sMnpLQqWI71cFI/MJzXmcpZnEA9SHnkh3k2IKCYSonWxuUiaudj1sbM74o6hJu/PHnwxcLSFymE+JTtDpOQrFjRBCKkAa1L557yqOMon1Wq0BYuBbFPPSZMFxRkb2hYHZLVzrTvI/cFBjrDFyKw2cxJqaoJ4uI27oW23NvLlua1wYNIslG1ozSuWYy6F3tQY19Zi09bbQTO+6xfYydH49xIG/sl9dBq68t2v7EmsREO6Tb2hJbK6z2BE6eZaCkvIuIlkayL9omtdfIyVjyEnfixqBrGQHE2Cz3AzOMXfxVrZFFd4dqAjjjlFHq+RmFsEQWu4K7bUUtCCNQgKmtfdxUlZgvVjsDa3rW+W7imQVr3mAYnuc0AX8azjDp0YJGYiixR X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Thu, Aug 22, 2024 at 02:15:27AM +0100, Mark Brown wrote: > When invoking a signal handler we use the GCS configuration and stack > for the current thread. > > Since we implement signal return by calling the signal handler with a > return address set up pointing to a trampoline in the vDSO we need to > also configure any active GCS for this by pushing a frame for the > trampoline onto the GCS. If we do not do this then signal return will > generate a GCS protection fault. > > In order to guard against attempts to bypass GCS protections via signal > return we only allow returning with GCSPR_EL0 pointing to an address > where it was previously preempted by a signal. We do this by pushing a > cap onto the GCS, this takes the form of an architectural GCS cap token > with the top bit set and token type of 0 which we add on signal entry > and validate and pop off on signal return. The combination of the top > bit being set and the token type mean that this can't be interpreted as > a valid token or address. > > Reviewed-by: Thiago Jung Bauermann > Signed-off-by: Mark Brown Reviewed-by: Catalin Marinas