linux-fsdevel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Mark Rutland <mark.rutland@arm.com>
To: linux-arm-kernel@lists.infradead.org
Cc: linux-kernel@vger.kernel.org, catalin.marinas@arm.com,
	dave.martin@arm.com, james.morse@arm.com,
	linux@dominikbrodowski.net, linux-fsdevel@vger.kernel.org,
	marc.zyngier@arm.com, mark.rutland@arm.com,
	viro@zeniv.linux.org.uk, will.deacon@arm.com
Subject: [PATCH 11/18] arm64: zero GPRs upon entry from EL0
Date: Mon, 14 May 2018 10:46:33 +0100	[thread overview]
Message-ID: <20180514094640.27569-12-mark.rutland@arm.com> (raw)
In-Reply-To: <20180514094640.27569-1-mark.rutland@arm.com>

We can zero GPRs x0 - x29 upon entry from EL0 to make it harder for
userspace to control values consumed by speculative gadgets.

We don't blat x30, since this is stashed much later, and we'll blat it
before invoking C code.

Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Will Deacon <will.deacon@arm.com>
---
 arch/arm64/kernel/entry.S | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S
index 13afefbf608f..4dd529fd03fd 100644
--- a/arch/arm64/kernel/entry.S
+++ b/arch/arm64/kernel/entry.S
@@ -62,6 +62,12 @@
 #endif
 	.endm
 
+	.macro	clear_gp_regs
+	.irp	n,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29
+	mov	x\n, xzr
+	.endr
+	.endm
+
 /*
  * Bad Abort numbers
  *-----------------
@@ -158,12 +164,11 @@ alternative_else_nop_endif
 	stp	x28, x29, [sp, #16 * 14]
 
 	.if	\el == 0
+	clear_gp_regs
 	mrs	x21, sp_el0
 	ldr_this_cpu	tsk, __entry_task, x20	// Ensure MDSCR_EL1.SS is clear,
 	ldr	x19, [tsk, #TSK_TI_FLAGS]	// since we can unmask debug
 	disable_step_tsk x19, x20		// exceptions when scheduling.
-
-	mov	x29, xzr			// fp pointed to user-space
 	.else
 	add	x21, sp, #S_FRAME_SIZE
 	get_thread_info tsk
-- 
2.11.0

  parent reply	other threads:[~2018-05-14  9:46 UTC|newest]

Thread overview: 63+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-05-14  9:46 [PATCH 00/18] arm64: invoke syscalls with pt_regs Mark Rutland
2018-05-14  9:46 ` [PATCH 01/18] arm64: consistently use unsigned long for thread flags Mark Rutland
2018-05-14  9:57   ` Dave Martin
2018-05-14  9:46 ` [PATCH 02/18] arm64: move SCTLR_EL{1,2} assertions to <asm/sysreg.h> Mark Rutland
2018-05-14 10:00   ` Dave Martin
2018-05-14 10:08     ` Mark Rutland
2018-05-14 11:20       ` Dave Martin
2018-05-14 11:56         ` Robin Murphy
2018-05-14 12:06           ` Mark Rutland
2018-05-14 12:41             ` Dave Martin
2018-05-14 13:10               ` Mark Rutland
2018-05-14  9:46 ` [PATCH 03/18] arm64: introduce sysreg_clear_set() Mark Rutland
2018-05-14 10:04   ` Dave Martin
2018-05-14  9:46 ` [PATCH 04/18] arm64: kill config_sctlr_el1() Mark Rutland
2018-05-14 10:05   ` Dave Martin
2018-05-14  9:46 ` [PATCH 05/18] arm64: kill change_cpacr() Mark Rutland
2018-05-14 10:06   ` Dave Martin
2018-05-14  9:46 ` [PATCH 06/18] arm64: move sve_user_{enable,disable} to <asm/fpsimd.h> Mark Rutland
2018-05-14 11:06   ` [PATCH 06/18] arm64: move sve_user_{enable, disable} " Dave Martin
2018-05-15 10:39     ` Mark Rutland
2018-05-15 12:19       ` Dave Martin
2018-05-15 16:33         ` Mark Rutland
2018-05-16  9:01           ` Dave Martin
2018-06-01 10:29             ` Mark Rutland
2018-06-01 10:42               ` Dave Martin
2018-05-14  9:46 ` [PATCH 07/18] arm64: remove sigreturn wrappers Mark Rutland
2018-05-14 11:07   ` Dave Martin
2018-05-14  9:46 ` [PATCH 08/18] arm64: convert raw syscall invocation to C Mark Rutland
2018-05-14 11:07   ` Dave Martin
2018-05-14 11:41     ` Mark Rutland
2018-05-14 12:53       ` Dave Martin
2018-05-14 20:24       ` Dominik Brodowski
2018-05-15  8:22         ` Mark Rutland
2018-05-15 10:01           ` Dominik Brodowski
2018-05-15 10:13             ` Mark Rutland
2018-05-14 18:00   ` Dominik Brodowski
2018-05-15  8:18     ` Mark Rutland
2018-05-14  9:46 ` [PATCH 09/18] arm64: convert syscall trace logic " Mark Rutland
2018-05-14  9:46 ` [PATCH 10/18] arm64: convert native/compat syscall entry " Mark Rutland
2018-05-14 11:07   ` Dave Martin
2018-05-14 11:58     ` Mark Rutland
2018-05-14 14:43       ` Dave Martin
2018-05-14 15:01         ` Mark Rutland
2018-05-14  9:46 ` Mark Rutland [this message]
2018-05-14 11:07   ` [PATCH 11/18] arm64: zero GPRs upon entry from EL0 Dave Martin
2018-05-14  9:46 ` [PATCH 12/18] kernel: add ksys_personality() Mark Rutland
2018-05-14 11:08   ` Dave Martin
2018-05-14 12:07   ` Christoph Hellwig
2018-05-15  9:56     ` Mark Rutland
2018-05-14  9:46 ` [PATCH 13/18] kernel: add kcompat_sys_{f,}statfs64() Mark Rutland
2018-05-14 17:14   ` Mark Rutland
2018-05-14 20:34     ` Dominik Brodowski
2018-05-15  9:53       ` Mark Rutland
2018-05-15  9:58         ` Dominik Brodowski
2018-05-14  9:46 ` [PATCH 14/18] arm64: remove in-kernel call to sys_personality() Mark Rutland
2018-05-14  9:46 ` [PATCH 15/18] arm64: use {COMPAT,}SYSCALL_DEFINE0 for sigreturn Mark Rutland
2018-05-14  9:46 ` [PATCH 16/18] arm64: use SYSCALL_DEFINE6() for mmap Mark Rutland
2018-05-14  9:46 ` [PATCH 17/18] arm64: convert compat wrappers to C Mark Rutland
2018-05-14 12:10   ` Christoph Hellwig
2018-05-14 12:43     ` Mark Rutland
2018-05-14  9:46 ` [PATCH 18/18] arm64: implement syscall wrappers Mark Rutland
2018-05-14 20:57   ` Dominik Brodowski
2018-05-15  8:37     ` Mark Rutland

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180514094640.27569-12-mark.rutland@arm.com \
    --to=mark.rutland@arm.com \
    --cc=catalin.marinas@arm.com \
    --cc=dave.martin@arm.com \
    --cc=james.morse@arm.com \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux@dominikbrodowski.net \
    --cc=marc.zyngier@arm.com \
    --cc=viro@zeniv.linux.org.uk \
    --cc=will.deacon@arm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).