LKML Archive on lore.kernel.org
 help / color / Atom feed
From: Kristina Martsenko <kristina.martsenko@arm.com>
To: linux-arm-kernel@lists.infradead.org
Cc: Adam Wallis <awallis@codeaurora.org>,
	Amit Kachhap <Amit.Kachhap@arm.com>,
	Andrew Jones <drjones@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Arnd Bergmann <arnd@arndb.de>,
	Catalin Marinas <catalin.marinas@arm.com>,
	Christoffer Dall <christoffer.dall@arm.com>,
	Dave P Martin <Dave.Martin@arm.com>,
	Jacob Bramley <jacob.bramley@arm.com>,
	Kees Cook <keescook@chromium.org>,
	Marc Zyngier <marc.zyngier@arm.com>,
	Mark Rutland <mark.rutland@arm.com>,
	Ramana Radhakrishnan <ramana.radhakrishnan@arm.com>,
	"Suzuki K . Poulose" <suzuki.poulose@arm.com>,
	Will Deacon <will.deacon@arm.com>,
	kvmarm@lists.cs.columbia.edu, linux-arch@vger.kernel.org,
	linux-kernel@vger.kernel.org
Subject: [RFC 16/17] arm64: initialize and switch ptrauth kernel keys
Date: Fri,  5 Oct 2018 09:47:53 +0100
Message-ID: <20181005084754.20950-17-kristina.martsenko@arm.com> (raw)
In-Reply-To: <20181005084754.20950-1-kristina.martsenko@arm.com>

Set up keys to use pointer auth in the kernel. Each task has its own
APIAKey, which is initialized during fork. The key is changed during
context switch and on kernel entry from EL0.

A function that changes the key cannot return, so inline such functions.

Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Kristina Martsenko <kristina.martsenko@arm.com>
---
 arch/arm64/include/asm/pointer_auth.h |  9 ++++++++-
 arch/arm64/include/asm/ptrauth-asm.h  | 13 +++++++++++++
 arch/arm64/include/asm/thread_info.h  |  1 +
 arch/arm64/kernel/asm-offsets.c       |  1 +
 arch/arm64/kernel/entry.S             |  4 ++++
 arch/arm64/kernel/process.c           |  3 +++
 arch/arm64/kernel/smp.c               |  3 +++
 7 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/arch/arm64/include/asm/pointer_auth.h b/arch/arm64/include/asm/pointer_auth.h
index 0634f06c3af2..e94ca7df8dab 100644
--- a/arch/arm64/include/asm/pointer_auth.h
+++ b/arch/arm64/include/asm/pointer_auth.h
@@ -50,12 +50,13 @@ do {								\
 	write_sysreg_s(__pki_v.hi, SYS_ ## k ## KEYHI_EL1);	\
 } while (0)
 
-static inline void ptrauth_keys_switch(struct ptrauth_keys *keys)
+static __always_inline void ptrauth_keys_switch(struct ptrauth_keys *keys)
 {
 	if (!cpus_have_const_cap(ARM64_HAS_ADDRESS_AUTH))
 		return;
 
 	__ptrauth_key_install(APIA, keys->apia);
+	isb();
 }
 
 static __always_inline void ptrauth_cpu_enable(void)
@@ -85,11 +86,17 @@ static inline unsigned long ptrauth_strip_insn_pac(unsigned long ptr)
 
 #define ptrauth_task_init_user(tsk)	\
 	ptrauth_keys_init(&(tsk)->thread_info.keys_user)
+#define ptrauth_task_init_kernel(tsk)	\
+	ptrauth_keys_init(&(tsk)->thread_info.keys_kernel)
+#define ptrauth_task_switch(tsk)	\
+	ptrauth_keys_switch(&(tsk)->thread_info.keys_kernel)
 
 #else /* CONFIG_ARM64_PTR_AUTH */
 #define __no_ptrauth
 #define ptrauth_strip_insn_pac(lr)	(lr)
 #define ptrauth_task_init_user(tsk)
+#define ptrauth_task_init_kernel(tsk)
+#define ptrauth_task_switch(tsk)
 #define ptrauth_cpu_enable(tsk)
 #endif /* CONFIG_ARM64_PTR_AUTH */
 
diff --git a/arch/arm64/include/asm/ptrauth-asm.h b/arch/arm64/include/asm/ptrauth-asm.h
index f50bdfc4046c..3ef1cc8903d5 100644
--- a/arch/arm64/include/asm/ptrauth-asm.h
+++ b/arch/arm64/include/asm/ptrauth-asm.h
@@ -16,11 +16,24 @@ alternative_if ARM64_HAS_ADDRESS_AUTH
 alternative_else_nop_endif
 	.endm
 
+	.macro ptrauth_keys_install_kernel tsk, tmp
+alternative_if ARM64_HAS_ADDRESS_AUTH
+	ldr	\tmp, [\tsk, #(TSK_TI_KEYS_KERNEL + PTRAUTH_KEY_APIALO)]
+	msr_s	SYS_APIAKEYLO_EL1, \tmp
+	ldr	\tmp, [\tsk, #(TSK_TI_KEYS_KERNEL + PTRAUTH_KEY_APIAHI)]
+	msr_s	SYS_APIAKEYHI_EL1, \tmp
+	isb
+alternative_else_nop_endif
+	.endm
+
 #else /* CONFIG_ARM64_PTR_AUTH */
 
 	.macro ptrauth_keys_install_user tsk, tmp
 	.endm
 
+	.macro ptrauth_keys_install_kernel tsk, tmp
+	.endm
+
 #endif /* CONFIG_ARM64_PTR_AUTH */
 
 #endif /* __ASM_PTRAUTH_ASM_H */
diff --git a/arch/arm64/include/asm/thread_info.h b/arch/arm64/include/asm/thread_info.h
index ea9272fb52d4..e3ec5345addc 100644
--- a/arch/arm64/include/asm/thread_info.h
+++ b/arch/arm64/include/asm/thread_info.h
@@ -46,6 +46,7 @@ struct thread_info {
 	int			preempt_count;	/* 0 => preemptable, <0 => bug */
 #ifdef CONFIG_ARM64_PTR_AUTH
 	struct ptrauth_keys	keys_user;
+	struct ptrauth_keys	keys_kernel;
 #endif
 };
 
diff --git a/arch/arm64/kernel/asm-offsets.c b/arch/arm64/kernel/asm-offsets.c
index b6be0dd037fd..6c61c9722b47 100644
--- a/arch/arm64/kernel/asm-offsets.c
+++ b/arch/arm64/kernel/asm-offsets.c
@@ -47,6 +47,7 @@ int main(void)
 #endif
 #ifdef CONFIG_ARM64_PTR_AUTH
   DEFINE(TSK_TI_KEYS_USER, 	offsetof(struct task_struct, thread_info.keys_user));
+  DEFINE(TSK_TI_KEYS_KERNEL, 	offsetof(struct task_struct, thread_info.keys_kernel));
 #endif
   DEFINE(TSK_STACK,		offsetof(struct task_struct, stack));
   BLANK();
diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S
index 1e925f6d2978..a4503da445f7 100644
--- a/arch/arm64/kernel/entry.S
+++ b/arch/arm64/kernel/entry.S
@@ -250,6 +250,10 @@ alternative_else_nop_endif
 	msr	sp_el0, tsk
 	.endif
 
+	.if	\el == 0
+	ptrauth_keys_install_kernel tsk, x20
+	.endif
+
 	/*
 	 * Registers that may be useful after this macro is invoked:
 	 *
diff --git a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c
index 857ae05cd04c..a866996610de 100644
--- a/arch/arm64/kernel/process.c
+++ b/arch/arm64/kernel/process.c
@@ -330,6 +330,8 @@ int copy_thread(unsigned long clone_flags, unsigned long stack_start,
 	 */
 	fpsimd_flush_task_state(p);
 
+	ptrauth_task_init_kernel(p);
+
 	if (likely(!(p->flags & PF_KTHREAD))) {
 		*childregs = *current_pt_regs();
 		childregs->regs[0] = 0;
@@ -426,6 +428,7 @@ __notrace_funcgraph struct task_struct *__switch_to(struct task_struct *prev,
 	contextidr_thread_switch(next);
 	entry_task_switch(next);
 	uao_thread_switch(next);
+	ptrauth_task_switch(next);
 
 	/*
 	 * Complete any pending TLB or cache maintenance on this CPU in case
diff --git a/arch/arm64/kernel/smp.c b/arch/arm64/kernel/smp.c
index 09690024dce8..d952dd62c780 100644
--- a/arch/arm64/kernel/smp.c
+++ b/arch/arm64/kernel/smp.c
@@ -212,6 +212,7 @@ asmlinkage notrace void secondary_start_kernel(void)
 	 */
 	check_local_cpu_capabilities();
 
+	ptrauth_task_switch(current);
 	ptrauth_cpu_enable();
 
 	if (cpu_ops[cpu]->cpu_postboot)
@@ -418,6 +419,8 @@ void __init __no_ptrauth smp_prepare_boot_cpu(void)
 	jump_label_init();
 	cpuinfo_store_boot_cpu();
 
+	ptrauth_task_init_kernel(current);
+	ptrauth_task_switch(current);
 	ptrauth_cpu_enable();
 }
 
-- 
2.11.0


  parent reply index

Thread overview: 62+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-10-05  8:47 [PATCH 00/17] ARMv8.3 pointer authentication support Kristina Martsenko
2018-10-05  8:47 ` [PATCH v5 01/17] arm64: add pointer authentication register bits Kristina Martsenko
2018-10-11 16:28   ` Will Deacon
2018-10-12  8:53     ` Mark Rutland
2018-10-12  8:56       ` Will Deacon
2018-10-12  9:50         ` Mark Rutland
2018-10-05  8:47 ` [PATCH v5 02/17] arm64/kvm: consistently handle host HCR_EL2 flags Kristina Martsenko
2018-10-05  8:47 ` [PATCH v5 03/17] arm64/kvm: hide ptrauth from guests Kristina Martsenko
2018-10-05  8:47 ` [PATCH v5 04/17] arm64: Don't trap host pointer auth use to EL2 Kristina Martsenko
2018-10-05  8:47 ` [PATCH v5 05/17] arm64/cpufeature: detect pointer authentication Kristina Martsenko
2018-10-05  8:47 ` [PATCH v5 06/17] asm-generic: mm_hooks: allow hooks to be overridden individually Kristina Martsenko
2018-10-05  8:47 ` [PATCH v5 07/17] arm64: add basic pointer authentication support Kristina Martsenko
2018-10-11 16:00   ` Suzuki K Poulose
2018-10-19 11:15   ` Catalin Marinas
2018-10-19 11:24     ` Will Deacon
2018-10-19 15:36       ` Kees Cook
2018-10-19 15:49         ` Will Deacon
2018-10-19 16:05           ` Kees Cook
2018-10-19 16:16             ` Will Deacon
2018-10-19 15:54         ` Mark Rutland
2018-10-19 16:49       ` Cyrill Gorcunov
2018-11-14 18:11       ` Will Deacon
2018-11-15 10:25         ` Dave Martin
2018-10-23  8:36     ` Ramana Radhakrishnan
2018-10-23 10:20       ` Will Deacon
2018-10-05  8:47 ` [PATCH v5 08/17] arm64: expose user PAC bit positions via ptrace Kristina Martsenko
2018-10-05  8:47 ` [PATCH v5 09/17] arm64: perf: strip PAC when unwinding userspace Kristina Martsenko
2018-10-05  8:47 ` [PATCH v5 10/17] arm64: enable pointer authentication Kristina Martsenko
2018-10-05  8:47 ` [PATCH v5 11/17] arm64: docs: document " Kristina Martsenko
2018-10-05  9:04   ` Ramana Radhakrishnan
2018-10-16 16:14     ` Kristina Martsenko
2018-10-19 11:35       ` Catalin Marinas
2018-10-19 11:47         ` Marc Zyngier
2018-10-19 12:22         ` Will Deacon
2018-10-19 14:42         ` Kristina Martsenko
2018-10-19 15:10           ` Catalin Marinas
2018-10-19 17:45             ` Will Deacon
2018-11-02  6:02               ` Jon Masters
2018-10-24 10:56         ` Ramana Radhakrishnan
2018-10-15 22:35   ` Kees Cook
2018-11-02  9:46     ` Ramana Radhakrishnan
2018-10-05  8:47 ` [RFC 12/17] arm64: move ptrauth keys to thread_info Kristina Martsenko
2018-10-19 11:38   ` Catalin Marinas
2018-10-05  8:47 ` [RFC 13/17] arm64: install user ptrauth keys at kernel exit time Kristina Martsenko
2018-10-05  8:47 ` [RFC 14/17] arm64: unwind: strip PAC from kernel addresses Kristina Martsenko
2018-10-05  8:47 ` [RFC 15/17] arm64: enable ptrauth earlier Kristina Martsenko
2018-10-06 12:51   ` Amit Kachhap
2018-10-05  8:47 ` Kristina Martsenko [this message]
2018-10-06 12:56   ` [RFC 16/17] arm64: initialize and switch ptrauth kernel keys Amit Kachhap
2018-10-05  8:47 ` [RFC 17/17] arm64: compile the kernel with ptrauth -msign-return-address Kristina Martsenko
2018-10-05  9:01   ` Ramana Radhakrishnan
2018-10-11 14:00     ` Kristina Martsenko
2018-10-11 14:23   ` Vladimir Murzin
2018-10-15 22:38     ` Kees Cook
2018-10-15 22:42 ` [PATCH 00/17] ARMv8.3 pointer authentication support Kees Cook
2018-11-13 16:17   ` Kristina Martsenko
2018-11-13 23:09     ` Kees Cook
2018-11-14 15:54       ` Kristina Martsenko
2018-11-14 21:47       ` Mark Rutland
2018-11-14 22:48         ` Kees Cook
2018-10-19 12:36 ` Will Deacon
2018-10-23  8:39   ` Ramana Radhakrishnan

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20181005084754.20950-17-kristina.martsenko@arm.com \
    --to=kristina.martsenko@arm.com \
    --cc=Amit.Kachhap@arm.com \
    --cc=Dave.Martin@arm.com \
    --cc=ard.biesheuvel@linaro.org \
    --cc=arnd@arndb.de \
    --cc=awallis@codeaurora.org \
    --cc=catalin.marinas@arm.com \
    --cc=christoffer.dall@arm.com \
    --cc=drjones@redhat.com \
    --cc=jacob.bramley@arm.com \
    --cc=keescook@chromium.org \
    --cc=kvmarm@lists.cs.columbia.edu \
    --cc=linux-arch@vger.kernel.org \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=marc.zyngier@arm.com \
    --cc=mark.rutland@arm.com \
    --cc=ramana.radhakrishnan@arm.com \
    --cc=suzuki.poulose@arm.com \
    --cc=will.deacon@arm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

LKML Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/lkml/0 lkml/git/0.git
	git clone --mirror https://lore.kernel.org/lkml/1 lkml/git/1.git
	git clone --mirror https://lore.kernel.org/lkml/2 lkml/git/2.git
	git clone --mirror https://lore.kernel.org/lkml/3 lkml/git/3.git
	git clone --mirror https://lore.kernel.org/lkml/4 lkml/git/4.git
	git clone --mirror https://lore.kernel.org/lkml/5 lkml/git/5.git
	git clone --mirror https://lore.kernel.org/lkml/6 lkml/git/6.git
	git clone --mirror https://lore.kernel.org/lkml/7 lkml/git/7.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 lkml lkml/ https://lore.kernel.org/lkml \
		linux-kernel@vger.kernel.org
	public-inbox-index lkml

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-kernel


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git