From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Mark Rutland <mark.rutland@arm.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Will Deacon <will.deacon@arm.com>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>
Subject: [PATCH 4.19 092/114] arm64: fix SSBS sanitization
Date: Thu, 10 Oct 2019 10:36:39 +0200 [thread overview]
Message-ID: <20191010083612.970579789@linuxfoundation.org> (raw)
In-Reply-To: <20191010083544.711104709@linuxfoundation.org>
From: Mark Rutland <mark.rutland@arm.com>
[ Upstream commit f54dada8274643e3ff4436df0ea124aeedc43cae ]
In valid_user_regs() we treat SSBS as a RES0 bit, and consequently it is
unexpectedly cleared when we restore a sigframe or fiddle with GPRs via
ptrace.
This patch fixes valid_user_regs() to account for this, updating the
function to refer to the latest ARM ARM (ARM DDI 0487D.a). For AArch32
tasks, SSBS appears in bit 23 of SPSR_EL1, matching its position in the
AArch32-native PSR format, and we don't need to translate it as we have
to for DIT.
There are no other bit assignments that we need to account for today.
As the recent documentation describes the DIT bit, we can drop our
comment regarding DIT.
While removing SSBS from the RES0 masks, existing inconsistent
whitespace is corrected.
Fixes: d71be2b6c0e19180 ("arm64: cpufeature: Detect SSBS and advertise to userspace")
Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Suzuki K Poulose <suzuki.poulose@arm.com>
Cc: Will Deacon <will.deacon@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
arch/arm64/kernel/ptrace.c | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
--- a/arch/arm64/kernel/ptrace.c
+++ b/arch/arm64/kernel/ptrace.c
@@ -1666,19 +1666,20 @@ void syscall_trace_exit(struct pt_regs *
}
/*
- * SPSR_ELx bits which are always architecturally RES0 per ARM DDI 0487C.a
- * We also take into account DIT (bit 24), which is not yet documented, and
- * treat PAN and UAO as RES0 bits, as they are meaningless at EL0, and may be
- * allocated an EL0 meaning in future.
+ * SPSR_ELx bits which are always architecturally RES0 per ARM DDI 0487D.a.
+ * We permit userspace to set SSBS (AArch64 bit 12, AArch32 bit 23) which is
+ * not described in ARM DDI 0487D.a.
+ * We treat PAN and UAO as RES0 bits, as they are meaningless at EL0, and may
+ * be allocated an EL0 meaning in future.
* Userspace cannot use these until they have an architectural meaning.
* Note that this follows the SPSR_ELx format, not the AArch32 PSR format.
* We also reserve IL for the kernel; SS is handled dynamically.
*/
#define SPSR_EL1_AARCH64_RES0_BITS \
- (GENMASK_ULL(63,32) | GENMASK_ULL(27, 25) | GENMASK_ULL(23, 22) | \
- GENMASK_ULL(20, 10) | GENMASK_ULL(5, 5))
+ (GENMASK_ULL(63, 32) | GENMASK_ULL(27, 25) | GENMASK_ULL(23, 22) | \
+ GENMASK_ULL(20, 13) | GENMASK_ULL(11, 10) | GENMASK_ULL(5, 5))
#define SPSR_EL1_AARCH32_RES0_BITS \
- (GENMASK_ULL(63,32) | GENMASK_ULL(23, 22) | GENMASK_ULL(20,20))
+ (GENMASK_ULL(63, 32) | GENMASK_ULL(22, 22) | GENMASK_ULL(20, 20))
static int valid_compat_regs(struct user_pt_regs *regs)
{
next prev parent reply other threads:[~2019-10-10 8:49 UTC|newest]
Thread overview: 124+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-10 8:35 [PATCH 4.19 000/114] 4.19.79-stable review Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 001/114] s390/process: avoid potential reading of freed stack Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 002/114] KVM: s390: Test for bad access register and size at the start of S390_MEM_OP Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 003/114] s390/topology: avoid firing events before kobjs are created Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 004/114] s390/cio: exclude subchannels with no parent from pseudo check Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 005/114] KVM: PPC: Book3S HV: Fix race in re-enabling XIVE escalation interrupts Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 006/114] KVM: PPC: Book3S HV: Check for MMU ready on piggybacked virtual cores Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 007/114] KVM: PPC: Book3S HV: Dont lose pending doorbell request on migration on P9 Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 008/114] KVM: X86: Fix userspace set invalid CR4 Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 009/114] KVM: nVMX: handle page fault in vmread fix Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 010/114] nbd: fix max number of supported devs Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 011/114] PM / devfreq: tegra: Fix kHz to Hz conversion Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 012/114] ASoC: Define a set of DAPM pre/post-up events Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 013/114] ASoC: sgtl5000: Improve VAG power and mute control Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 014/114] powerpc/mce: Fix MCE handling for huge pages Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 015/114] powerpc/mce: Schedule work from irq_work Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 016/114] powerpc/powernv: Restrict OPAL symbol map to only be readable by root Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 017/114] powerpc/powernv/ioda: Fix race in TCE level allocation Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 018/114] powerpc/book3s64/mm: Dont do tlbie fixup for some hardware revisions Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 019/114] can: mcp251x: mcp251x_hw_reset(): allow more time after a reset Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 020/114] tools lib traceevent: Fix "robust" test of do_generate_dynamic_list_file Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 021/114] crypto: qat - Silence smp_processor_id() warning Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 022/114] crypto: skcipher - Unmap pages after an external error Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 023/114] crypto: cavium/zip - Add missing single_release() Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 024/114] crypto: caam - fix concurrency issue in givencrypt descriptor Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 025/114] crypto: ccree - account for TEE not ready to report Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 026/114] crypto: ccree - use the full crypt length value Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 027/114] MIPS: Treat Loongson Extensions as ASEs Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 028/114] power: supply: sbs-battery: use correct flags field Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 029/114] power: supply: sbs-battery: only return health when battery present Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 030/114] tracing: Make sure variable reference alias has correct var_ref_idx Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 031/114] usercopy: Avoid HIGHMEM pfn warning Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 032/114] timer: Read jiffies once when forwarding base clk Greg Kroah-Hartman
2019-10-13 15:47 ` Pavel Machek
2019-10-10 8:35 ` [PATCH 4.19 033/114] PCI: vmd: Fix shadow offsets to reflect spec changes Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 034/114] PCI: Restore Resizable BAR size bits correctly for 1MB BARs Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 035/114] watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 036/114] perf stat: Fix a segmentation fault when using repeat forever Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 037/114] drm/omap: fix max fclk divider for omap36xx Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 038/114] drm/msm/dsi: Fix return value check for clk_get_parent Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 039/114] drm/nouveau/kms/nv50-: Dont create MSTMs for eDP connectors Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 040/114] drm/i915/gvt: update vgpu workload head pointer correctly Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 041/114] mmc: sdhci: improve ADMA error reporting Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 042/114] mmc: sdhci-of-esdhc: set DMA snooping based on DMA coherence Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 043/114] Revert "locking/pvqspinlock: Dont wait if vCPU is preempted" Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 044/114] xen/xenbus: fix self-deadlock after killing user process Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 045/114] ieee802154: atusb: fix use-after-free at disconnect Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 046/114] s390/cio: avoid calling strlen on null pointer Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 047/114] cfg80211: initialize on-stack chandefs Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 048/114] arm64: cpufeature: Detect SSBS and advertise to userspace Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 049/114] ima: always return negative code for error Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 050/114] ima: fix freeing ongoing ahash_request Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 051/114] fs: nfs: Fix possible null-pointer dereferences in encode_attrs() Greg Kroah-Hartman
2019-10-10 8:35 ` [PATCH 4.19 052/114] 9p: Transport error uninitialized Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 053/114] 9p: avoid attaching writeback_fid on mmap with type PRIVATE Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 054/114] xen/pci: reserve MCFG areas earlier Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 055/114] ceph: fix directories inode i_blkbits initialization Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 056/114] ceph: reconnect connection if session hang in opening state Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 057/114] watchdog: aspeed: Add support for AST2600 Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 058/114] netfilter: nf_tables: allow lookups in dynamic sets Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 059/114] drm/amdgpu: Fix KFD-related kernel oops on Hawaii Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 060/114] drm/amdgpu: Check for valid number of registers to read Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 061/114] pNFS: Ensure we do clear the return-on-close layout stateid on fatal errors Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 062/114] pwm: stm32-lp: Add check in case requested period cannot be achieved Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 063/114] x86/purgatory: Disable the stackleak GCC plugin for the purgatory Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 064/114] ntb: point to right memory window index Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 065/114] thermal: Fix use-after-free when unregistering thermal zone device Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 066/114] thermal_hwmon: Sanitize thermal_zone type Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 067/114] libnvdimm/region: Initialize bad block for volatile namespaces Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 068/114] fuse: fix memleak in cuse_channel_open Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 069/114] libnvdimm/nfit_test: Fix acpi_handle redefinition Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 070/114] sched/membarrier: Call sync_core only before usermode for same mm Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 071/114] sched/membarrier: Fix private expedited registration check Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 072/114] sched/core: Fix migration to invalid CPU in __set_cpus_allowed_ptr() Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 073/114] perf build: Add detection of java-11-openjdk-devel package Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 074/114] kernel/elfcore.c: include proper prototypes Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 075/114] perf unwind: Fix libunwind build failure on i386 systems Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 076/114] nfp: flower: fix memory leak in nfp_flower_spawn_vnic_reprs Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 077/114] drm/radeon: Bail earlier when radeon.cik_/si_support=0 is passed Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 078/114] KVM: PPC: Book3S HV: XIVE: Free escalation interrupts before disabling the VP Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 079/114] KVM: nVMX: Fix consistency check on injected exception error code Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 080/114] nbd: fix crash when the blksize is zero Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 081/114] powerpc/pseries: Fix cpu_hotplug_lock acquisition in resize_hpt() Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 082/114] powerpc/book3s64/radix: Rename CPU_FTR_P9_TLBIE_BUG feature flag Greg Kroah-Hartman
2019-10-11 11:21 ` Pavel Machek
2019-10-11 12:58 ` Greg Kroah-Hartman
2019-10-11 16:05 ` Sasha Levin
2019-10-10 8:36 ` [PATCH 4.19 083/114] tools lib traceevent: Do not free tep->cmdlines in add_new_comm() on failure Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 084/114] tick: broadcast-hrtimer: Fix a race in bc_set_next Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 086/114] perf stat: Reset previous counts on repeat with interval Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 087/114] drm/i915/userptr: Acquire the page lock around set_page_dirty() Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 088/114] riscv: Avoid interrupts being erroneously enabled in handle_exception() Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 089/114] arm64: ssbd: Add support for PSTATE.SSBS rather than trapping to EL3 Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 090/114] KVM: arm64: Set SCTLR_EL2.DSSBS if SSBD is forcefully disabled and !vhe Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 091/114] arm64: docs: Document SSBS HWCAP Greg Kroah-Hartman
2019-10-10 8:36 ` Greg Kroah-Hartman [this message]
2019-10-10 8:36 ` [PATCH 4.19 093/114] arm64: Add sysfs vulnerability show for spectre-v1 Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 094/114] arm64: add sysfs vulnerability show for meltdown Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 095/114] arm64: enable generic CPU vulnerabilites support Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 096/114] arm64: Always enable ssb vulnerability detection Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 097/114] arm64: Provide a command line to disable spectre_v2 mitigation Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 098/114] arm64: Advertise mitigation of Spectre-v2, or lack thereof Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 099/114] arm64: Always enable spectre-v2 vulnerability detection Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 100/114] arm64: add sysfs vulnerability show for spectre-v2 Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 101/114] arm64: add sysfs vulnerability show for speculative store bypass Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 102/114] arm64: ssbs: Dont treat CPUs with SSBS as unaffected by SSB Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 103/114] arm64: Force SSBS on context switch Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 104/114] arm64: Use firmware to detect CPUs that are not affected by Spectre-v2 Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 105/114] arm64/speculation: Support mitigations= cmdline option Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 106/114] vfs: Fix EOVERFLOW testing in put_compat_statfs64 Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 107/114] coresight: etm4x: Use explicit barriers on enable/disable Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 108/114] staging: erofs: fix an error handling in erofs_readdir() Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 109/114] staging: erofs: some compressed cluster should be submitted for corrupted images Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 110/114] staging: erofs: add two missing erofs_workgroup_put " Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 111/114] staging: erofs: detect potential multiref due to " Greg Kroah-Hartman
2019-10-10 8:36 ` [PATCH 4.19 112/114] cfg80211: add and use strongly typed element iteration macros Greg Kroah-Hartman
2019-10-10 8:37 ` [PATCH 4.19 113/114] cfg80211: Use const more consistently in for_each_element macros Greg Kroah-Hartman
2019-10-10 8:37 ` [PATCH 4.19 114/114] nl80211: validate beacon head Greg Kroah-Hartman
2019-10-10 14:41 ` [PATCH 4.19 000/114] 4.19.79-stable review kernelci.org bot
2019-10-10 17:04 ` Naresh Kamboju
2019-10-10 22:19 ` Guenter Roeck
2019-10-10 23:03 ` Didik Setiawan
2019-10-11 3:05 ` shuah
2019-10-11 8:33 ` Jon Hunter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191010083612.970579789@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=ard.biesheuvel@linaro.org \
--cc=catalin.marinas@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=stable@vger.kernel.org \
--cc=suzuki.poulose@arm.com \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).