Received: by 2002:ac0:a582:0:0:0:0:0 with SMTP id m2-v6csp180617imm; Fri, 5 Oct 2018 01:51:39 -0700 (PDT) X-Google-Smtp-Source: ACcGV63XGRB4TRhuiSgsj2aRGwUHt1vwIgA4O33PojUGvlvePauTVhR/FWARYLk4WVIx26U1Ummh X-Received: by 2002:a62:968a:: with SMTP id s10-v6mr10697414pfk.191.1538729498981; Fri, 05 Oct 2018 01:51:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1538729498; cv=none; d=google.com; s=arc-20160816; b=ocQsQo2QQxIoKpm5+7QioJqtNLeQk0B2rsZQrGO1iSPzcAKmfrr4xZ0/TZfaTq1e3m u/ZkKOABneeUQelfRkkw5p0KiI3CSrUStD+m9Q2m5TtW4k6dSn7OnrCmrygoSX657RZc Nntpt93+DWENgcW4ok8boJh4iz+LMLyRilreCHFZkGYQ5EIglTQUbRE/amOiEC0L5ijj HZogtu3bzsgSp17UxRv5WFTzSoI8pCvNFqVvGs5h1vMlooiFrDyx5LREvmBRFeEb4kFk mhX+Ys5kkqSCUOJ/N5vH8hi7a49uVFrqkYdpDoNnODDzHBHQ0CUPJIccSa/7l8oPPoqn r61w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from; bh=4xCflmaAlUPnxxWkkcErOh7EaiZVAXVSRTTeGTPyqyU=; b=KtZOG/BI4LWdU6WQooRWtGeH5QeBbQ2+Zu9J+hVPZxnNrBsHVo56PCnvbm1IwsfAUS Knxp5/WhommQtazAAoHuXy6/3C2+kGxFwpq7xWah0xAWSvrK0Z/RU7RTcIhSgTX1ziyo k6KSGlo5jaBB6Zzc53JKXi7nBdqGWjIY4zuKT9sruyBqoMMvSJrY7dvyZi6UmJ5o2Vph cOOtzbI3kWT7Xea6G/U/5HXIg5ggH1P6HuvSOdLEIVVIW0EF4HeYbi6DFzPU9XEe+7og NH2NhSbB3Gjpp5AAoqvD3RF/4b0rq3NNbZlWd8WFXxBYaviTp0xvDsQeFdglthcapQzD X1vg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t79-v6si8260646pfa.170.2018.10.05.01.51.23; Fri, 05 Oct 2018 01:51:38 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728952AbeJEPsb (ORCPT + 99 others); Fri, 5 Oct 2018 11:48:31 -0400 Received: from foss.arm.com ([217.140.101.70]:48042 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728012AbeJEPsb (ORCPT ); Fri, 5 Oct 2018 11:48:31 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 881E21650; Fri, 5 Oct 2018 01:50:46 -0700 (PDT) Received: from moonbear.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.72.51.249]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 52E713F5B3; Fri, 5 Oct 2018 01:50:43 -0700 (PDT) From: Kristina Martsenko To: linux-arm-kernel@lists.infradead.org Cc: Adam Wallis , Amit Kachhap , Andrew Jones , Ard Biesheuvel , Arnd Bergmann , Catalin Marinas , Christoffer Dall , Dave P Martin , Jacob Bramley , Kees Cook , Marc Zyngier , Mark Rutland , Ramana Radhakrishnan , "Suzuki K . Poulose" , Will Deacon , kvmarm@lists.cs.columbia.edu, linux-arch@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [RFC 14/17] arm64: unwind: strip PAC from kernel addresses Date: Fri, 5 Oct 2018 09:47:51 +0100 Message-Id: <20181005084754.20950-15-kristina.martsenko@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20181005084754.20950-1-kristina.martsenko@arm.com> References: <20181005084754.20950-1-kristina.martsenko@arm.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Mark Rutland When we enable pointer authentication in the kernel, LR values saved to the stack will have a PAC which we must strip in order to retrieve the real return address. Strip PACs when unwinding the stack in order to account for this. Signed-off-by: Mark Rutland Signed-off-by: Kristina Martsenko --- arch/arm64/include/asm/pointer_auth.h | 10 +++++++--- arch/arm64/kernel/ptrace.c | 2 +- arch/arm64/kernel/stacktrace.c | 3 +++ 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/arch/arm64/include/asm/pointer_auth.h b/arch/arm64/include/asm/pointer_auth.h index 5e40533f4ea2..e60f225d9fa2 100644 --- a/arch/arm64/include/asm/pointer_auth.h +++ b/arch/arm64/include/asm/pointer_auth.h @@ -55,12 +55,16 @@ static inline void ptrauth_keys_switch(struct ptrauth_keys *keys) * The EL0 pointer bits used by a pointer authentication code. * This is dependent on TBI0 being enabled, or bits 63:56 would also apply. */ -#define ptrauth_pac_mask() GENMASK(54, VA_BITS) +#define ptrauth_pac_mask_ttbr0() GENMASK(54, VA_BITS) + +#define ptrauth_pac_mask_ttbr1() (GENMASK(63, 56) | GENMASK(54, VA_BITS)) -/* Only valid for EL0 TTBR0 instruction pointers */ static inline unsigned long ptrauth_strip_insn_pac(unsigned long ptr) { - return ptr & ~ptrauth_pac_mask(); + if (ptr & BIT_ULL(55)) + return ptr | ptrauth_pac_mask_ttbr1(); + else + return ptr & ~ptrauth_pac_mask_ttbr0(); } #define ptrauth_task_init_user(tsk) \ diff --git a/arch/arm64/kernel/ptrace.c b/arch/arm64/kernel/ptrace.c index cb8246f8c603..bf4d6d384e4f 100644 --- a/arch/arm64/kernel/ptrace.c +++ b/arch/arm64/kernel/ptrace.c @@ -970,7 +970,7 @@ static int pac_mask_get(struct task_struct *target, * depending on TCR_EL1.TBID*, which we may make use of in future, so * we expose separate masks. */ - unsigned long mask = ptrauth_pac_mask(); + unsigned long mask = ptrauth_pac_mask_ttbr0(); struct user_pac_mask uregs = { .data_mask = mask, .insn_mask = mask, diff --git a/arch/arm64/kernel/stacktrace.c b/arch/arm64/kernel/stacktrace.c index 4989f7ea1e59..44f6a64a8006 100644 --- a/arch/arm64/kernel/stacktrace.c +++ b/arch/arm64/kernel/stacktrace.c @@ -24,6 +24,7 @@ #include #include +#include #include #include @@ -56,6 +57,8 @@ int notrace unwind_frame(struct task_struct *tsk, struct stackframe *frame) frame->fp = READ_ONCE_NOCHECK(*(unsigned long *)(fp)); frame->pc = READ_ONCE_NOCHECK(*(unsigned long *)(fp + 8)); + frame->pc = ptrauth_strip_insn_pac(frame->pc); + #ifdef CONFIG_FUNCTION_GRAPH_TRACER if (tsk->ret_stack && (frame->pc == (unsigned long)return_to_handler)) { -- 2.11.0