Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp16290022ybl; Wed, 1 Jan 2020 02:09:58 -0800 (PST) X-Google-Smtp-Source: APXvYqypgzIfjoRQUw2PtO2Er3N/O3XrQxWnPeZXY6jGOO7lAp+dwKL+oLVk10DXxCxQiQ8RkX90 X-Received: by 2002:a05:6402:1d9a:: with SMTP id dk26mr82451764edb.37.1577873398513; Wed, 01 Jan 2020 02:09:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1577873398; cv=none; d=google.com; s=arc-20160816; b=hrGn/+1cJXlTfJ0c1iJhoklrE0YOat+vt1gojVyhmYMo+NKrtRmYY8Eik/cDGx09HF 2mV2Yw7goUCKUvbA1Pa2BehLQnW2mZzxpeYyQFIJKUv2X+7hSoLvfBedokY+wwv8TOq0 GCDJZDQtbVCT5LwoBrCtYqn2YV41sWkPunRc4AzklOntqN2cQyVNqQcdG+tJCWWpPz34 FXtPEl9TJgkdTMFvTKofoimTwYoObrEGxiskyM+g7KFbJ2iRBx6XW7pcr7UlgPW0F2Ru gh0jt4odozFhgrfCTPddSGGgfbikyLsXw1DEnZL9sGwgjL5p/XR7zG7ipjls6huP+K+U 3UCg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :robot-unsubscribe:robot-id:message-id:mime-version:references :in-reply-to:cc:subject:to:reply-to:from:date; bh=Ssm4B4JsmKgyFcnyGO0YhuLFzNtqCRmZd1l9ktePUIg=; b=czJwP+BKnVYjHompJhAkwh6lLNQ2K+zuP98P5UF+CdqOmo+dki1qId7awro8vkNzBj jPXvKMV2cqFYUNtiAXAuKI54VGyyI+H7iidjjDEDnQUea/utDZoEE1aMa10DtQdYLwS3 c4SldmV7IhOWsino+5A0a5YxYEZSz28Ghi72cvWOExQ0lR/+sEOFBFD/LZtp/akWOe2I K6LLe9tzuNhij3ZeRcJ3VuJdWZh25wa57Veg3L5GvkMKmk3BkR3R9aZ51RCwLznyamwf y/XpOZiKf3ehbE2cJoE7nmhOPonYCTHHHliMEXG1rn9TdgtQLMEg/hWU96ws0bjgTq60 bkgQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id gg26si34437219ejb.212.2020.01.01.02.09.26; Wed, 01 Jan 2020 02:09:58 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726823AbgAAKHb (ORCPT + 99 others); Wed, 1 Jan 2020 05:07:31 -0500 Received: from Galois.linutronix.de ([193.142.43.55]:52322 "EHLO Galois.linutronix.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726358AbgAAKHa (ORCPT ); Wed, 1 Jan 2020 05:07:30 -0500 Received: from [5.158.153.53] (helo=tip-bot2.lab.linutronix.de) by Galois.linutronix.de with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1imauI-0004P7-2q; Wed, 01 Jan 2020 11:07:14 +0100 Received: from [127.0.1.1] (localhost [IPv6:::1]) by tip-bot2.lab.linutronix.de (Postfix) with ESMTP id A273C1C2C2F; Wed, 1 Jan 2020 11:07:13 +0100 (CET) Date: Wed, 01 Jan 2020 10:07:13 -0000 From: "tip-bot2 for Jann Horn" Reply-to: linux-kernel@vger.kernel.org To: linux-tip-commits@vger.kernel.org Subject: [tip: x86/core] x86/insn-eval: Add support for 64-bit kernel mode Cc: Jann Horn , Borislav Petkov , Alexander Potapenko , Andrey Konovalov , Andrey Ryabinin , Andy Lutomirski , Dmitry Vyukov , "Gustavo A. R. Silva" , "H. Peter Anvin" , Ingo Molnar , kasan-dev@googlegroups.com, Oleg Nesterov , Sean Christopherson , Thomas Gleixner , "x86-ml" , LKML In-Reply-To: <20191218231150.12139-1-jannh@google.com> References: <20191218231150.12139-1-jannh@google.com> MIME-Version: 1.0 Message-ID: <157787323354.30329.6908978173787271263.tip-bot2@tip-bot2> X-Mailer: tip-git-log-daemon Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Linutronix-Spam-Score: -1.0 X-Linutronix-Spam-Level: - X-Linutronix-Spam-Status: No , -1.0 points, 5.0 required, ALL_TRUSTED=-1,SHORTCIRCUIT=-0.0001 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The following commit has been merged into the x86/core branch of tip: Commit-ID: 7be4412721aee25e35583a20a896085dc6b99c3e Gitweb: https://git.kernel.org/tip/7be4412721aee25e35583a20a896085dc6b99c3e Author: Jann Horn AuthorDate: Thu, 19 Dec 2019 00:11:47 +01:00 Committer: Borislav Petkov CommitterDate: Mon, 30 Dec 2019 20:17:15 +01:00 x86/insn-eval: Add support for 64-bit kernel mode To support evaluating 64-bit kernel mode instructions: * Replace existing checks for user_64bit_mode() with a new helper that checks whether code is being executed in either 64-bit kernel mode or 64-bit user mode. * Select the GS base depending on whether the instruction is being evaluated in kernel mode. Signed-off-by: Jann Horn Signed-off-by: Borislav Petkov Cc: Alexander Potapenko Cc: Andrey Konovalov Cc: Andrey Ryabinin Cc: Andy Lutomirski Cc: Dmitry Vyukov Cc: "Gustavo A. R. Silva" Cc: "H. Peter Anvin" Cc: Ingo Molnar Cc: kasan-dev@googlegroups.com Cc: Oleg Nesterov Cc: Sean Christopherson Cc: Thomas Gleixner Cc: x86-ml Link: https://lkml.kernel.org/r/20191218231150.12139-1-jannh@google.com --- arch/x86/include/asm/ptrace.h | 13 +++++++++++++ arch/x86/lib/insn-eval.c | 26 +++++++++++++++----------- 2 files changed, 28 insertions(+), 11 deletions(-) diff --git a/arch/x86/include/asm/ptrace.h b/arch/x86/include/asm/ptrace.h index 5057a8e..ac45b06 100644 --- a/arch/x86/include/asm/ptrace.h +++ b/arch/x86/include/asm/ptrace.h @@ -159,6 +159,19 @@ static inline bool user_64bit_mode(struct pt_regs *regs) #endif } +/* + * Determine whether the register set came from any context that is running in + * 64-bit mode. + */ +static inline bool any_64bit_mode(struct pt_regs *regs) +{ +#ifdef CONFIG_X86_64 + return !user_mode(regs) || user_64bit_mode(regs); +#else + return false; +#endif +} + #ifdef CONFIG_X86_64 #define current_user_stack_pointer() current_pt_regs()->sp #define compat_user_stack_pointer() current_pt_regs()->sp diff --git a/arch/x86/lib/insn-eval.c b/arch/x86/lib/insn-eval.c index 306c3a0..31600d8 100644 --- a/arch/x86/lib/insn-eval.c +++ b/arch/x86/lib/insn-eval.c @@ -155,7 +155,7 @@ static bool check_seg_overrides(struct insn *insn, int regoff) */ static int resolve_default_seg(struct insn *insn, struct pt_regs *regs, int off) { - if (user_64bit_mode(regs)) + if (any_64bit_mode(regs)) return INAT_SEG_REG_IGNORE; /* * Resolve the default segment register as described in Section 3.7.4 @@ -266,7 +266,7 @@ static int resolve_seg_reg(struct insn *insn, struct pt_regs *regs, int regoff) * which may be invalid at this point. */ if (regoff == offsetof(struct pt_regs, ip)) { - if (user_64bit_mode(regs)) + if (any_64bit_mode(regs)) return INAT_SEG_REG_IGNORE; else return INAT_SEG_REG_CS; @@ -289,7 +289,7 @@ static int resolve_seg_reg(struct insn *insn, struct pt_regs *regs, int regoff) * In long mode, segment override prefixes are ignored, except for * overrides for FS and GS. */ - if (user_64bit_mode(regs)) { + if (any_64bit_mode(regs)) { if (idx != INAT_SEG_REG_FS && idx != INAT_SEG_REG_GS) idx = INAT_SEG_REG_IGNORE; @@ -646,23 +646,27 @@ unsigned long insn_get_seg_base(struct pt_regs *regs, int seg_reg_idx) */ return (unsigned long)(sel << 4); - if (user_64bit_mode(regs)) { + if (any_64bit_mode(regs)) { /* * Only FS or GS will have a base address, the rest of * the segments' bases are forced to 0. */ unsigned long base; - if (seg_reg_idx == INAT_SEG_REG_FS) + if (seg_reg_idx == INAT_SEG_REG_FS) { rdmsrl(MSR_FS_BASE, base); - else if (seg_reg_idx == INAT_SEG_REG_GS) + } else if (seg_reg_idx == INAT_SEG_REG_GS) { /* * swapgs was called at the kernel entry point. Thus, * MSR_KERNEL_GS_BASE will have the user-space GS base. */ - rdmsrl(MSR_KERNEL_GS_BASE, base); - else + if (user_mode(regs)) + rdmsrl(MSR_KERNEL_GS_BASE, base); + else + rdmsrl(MSR_GS_BASE, base); + } else { base = 0; + } return base; } @@ -703,7 +707,7 @@ static unsigned long get_seg_limit(struct pt_regs *regs, int seg_reg_idx) if (sel < 0) return 0; - if (user_64bit_mode(regs) || v8086_mode(regs)) + if (any_64bit_mode(regs) || v8086_mode(regs)) return -1L; if (!sel) @@ -948,7 +952,7 @@ static int get_eff_addr_modrm(struct insn *insn, struct pt_regs *regs, * following instruction. */ if (*regoff == -EDOM) { - if (user_64bit_mode(regs)) + if (any_64bit_mode(regs)) tmp = regs->ip + insn->length; else tmp = 0; @@ -1250,7 +1254,7 @@ static void __user *get_addr_ref_32(struct insn *insn, struct pt_regs *regs) * After computed, the effective address is treated as an unsigned * quantity. */ - if (!user_64bit_mode(regs) && ((unsigned int)eff_addr > seg_limit)) + if (!any_64bit_mode(regs) && ((unsigned int)eff_addr > seg_limit)) goto out; /*