Received: by 2002:a05:6a10:2785:0:0:0:0 with SMTP id ia5csp706587pxb; Fri, 8 Jan 2021 16:32:39 -0800 (PST) X-Google-Smtp-Source: ABdhPJwtBaxYKgoAamiximinw8wztR+iXgMIqh562a+nKaZTGLwZKj6VA40FsXAotYTIeeUR6n0S X-Received: by 2002:a05:6402:1b1e:: with SMTP id by30mr6872535edb.75.1610152359174; Fri, 08 Jan 2021 16:32:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1610152359; cv=none; d=google.com; s=arc-20160816; b=I7gBmDvyejtgkarJBrG9nnu78DqKA0XqS/f/9Yt/Y9dYUfHsrimivFMNBeUexpW3T3 tNinuVkT0siMf5S3ID7/9OJaYvGX8Ih8txSySEH2WLTkLjFHxqu3v645ichhICYJ48Af 58NJCBrzhpID+Abov6NfJoszQxL/jIaOiSh3SUNxF58Gtq4xGcxV4vyrG7ZpbApopXIo 3d4CSKzLRnp681WRikDJAYiViHIB/loo7ZVlohoAdq1wYgoyg0dhmbAX2oztMjW5zffh WGIwpRBV20U1NWJr7JEjDbqssBmjqmvXahdrMxm/4VVhMNB+GhW7DtJg9XshB34e9yg0 4Bdg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:references:in-reply-to:message-id:date:subject :cc:to:from:dmarc-filter:sender:dkim-signature; bh=x4r+cxfcBhFHJ1Qr3evoxkKZBnhLO4PcCu/YZQwVgd4=; b=dT9y79bM9M/r5sRUNLPfP7LdKP3hoA24QLaXyTcuR8OwRcYBM959EphRTsYovGscBn rcQIWORn0zi0MLshomN2Rx0MJD2W0DKXByvVOsyQWc5TxJd1TqwmCKkgXvZwI+91u+0A LFuEwFlVzzjyariqQMZxdMy37aGBqwD4BaC77rW+TKmguGowKQJaaLF1giQdPc7Vx2Zq xv4fXRtcb86IkKDTbLhulmczevE+msFDucQw0AjxCzQq/B8TVZuJNBhT34bdOhfpTfEI GmbPJpG4yrhKabQqjwY97bD2YTiPhyC7qhtbOkd5qyFS0sMa7uNmj0hGxIxHHU/xXO9H FaXw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@mg.codeaurora.org header.s=smtp header.b=vUgNwZs5; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id n17si4021877eja.271.2021.01.08.16.32.15; Fri, 08 Jan 2021 16:32:39 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@mg.codeaurora.org header.s=smtp header.b=vUgNwZs5; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726476AbhAIAar (ORCPT + 99 others); Fri, 8 Jan 2021 19:30:47 -0500 Received: from m43-15.mailgun.net ([69.72.43.15]:51339 "EHLO m43-15.mailgun.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726430AbhAIAap (ORCPT ); Fri, 8 Jan 2021 19:30:45 -0500 DKIM-Signature: a=rsa-sha256; v=1; c=relaxed/relaxed; d=mg.codeaurora.org; q=dns/txt; s=smtp; t=1610152219; h=References: In-Reply-To: Message-Id: Date: Subject: Cc: To: From: Sender; bh=x4r+cxfcBhFHJ1Qr3evoxkKZBnhLO4PcCu/YZQwVgd4=; b=vUgNwZs5+dtOCSW4A1rMcIvCVGV0ZBgqpmsLLvBf4SThYhFogo/Wf3W/hTcORFG4H1qUXPe/ JnWy/9DdUYnbADSqu5CDW7lLgxcQ/hD2KFyX4tyTjXNIGjiNeb9QwJifZmAcWIbMFGhfwqlb 0SEmRkyU/X9C2DCs0Z0LDb/yOFQ= X-Mailgun-Sending-Ip: 69.72.43.15 X-Mailgun-Sid: WyI0MWYwYSIsICJsaW51eC1rZXJuZWxAdmdlci5rZXJuZWwub3JnIiwgImJlOWU0YSJd Received: from smtp.codeaurora.org (ec2-35-166-182-171.us-west-2.compute.amazonaws.com [35.166.182.171]) by smtp-out-n07.prod.us-east-1.postgun.com with SMTP id 5ff8f8fa4dcca12475ec3089 (version=TLS1.2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256); Sat, 09 Jan 2021 00:29:46 GMT Sender: sramana=codeaurora.org@mg.codeaurora.org Received: by smtp.codeaurora.org (Postfix, from userid 1001) id 62E47C43466; Sat, 9 Jan 2021 00:29:45 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-caf-mail-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=ALL_TRUSTED,BAYES_00,SPF_FAIL autolearn=no autolearn_force=no version=3.4.0 Received: from sramana-linux1.qualcomm.com (i-global254.qualcomm.com [199.106.103.254]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: sramana) by smtp.codeaurora.org (Postfix) with ESMTPSA id 218FFC43464; Sat, 9 Jan 2021 00:29:44 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 smtp.codeaurora.org 218FFC43464 Authentication-Results: aws-us-west-2-caf-mail-1.web.codeaurora.org; dmarc=none (p=none dis=none) header.from=codeaurora.org Authentication-Results: aws-us-west-2-caf-mail-1.web.codeaurora.org; spf=fail smtp.mailfrom=sramana@codeaurora.org From: Srinivas Ramana To: catalin.marinas@arm.com, will@kernel.org, pajay@qti.qualcomm.com Cc: linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-arm-msm@vger.kernel.org, Srinivas Ramana , Prasad Sodagudi Subject: [PATCH 3/3] arm64: Enable control of pointer authentication using early param Date: Fri, 8 Jan 2021 16:29:23 -0800 Message-Id: <1610152163-16554-4-git-send-email-sramana@codeaurora.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1610152163-16554-1-git-send-email-sramana@codeaurora.org> References: <1610152163-16554-1-git-send-email-sramana@codeaurora.org> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Add support to control turning off the pointer authentication using a kernel command line early param. This will help control pointer authentication feature for both kernel and userspace without kernel changes. Signed-off-by: Ajay Patil Signed-off-by: Prasad Sodagudi Signed-off-by: Srinivas Ramana --- Documentation/admin-guide/kernel-parameters.txt | 6 ++++ arch/arm64/kernel/cpufeature.c | 38 +++++++++++++++++++------ 2 files changed, 36 insertions(+), 8 deletions(-) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index c722ec19cd00..d6855e0a9085 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -373,6 +373,12 @@ arcrimi= [HW,NET] ARCnet - "RIM I" (entirely mem-mapped) cards Format: ,, + arm64.disable_ptr_auth= + [ARM64] Force disable Linux support for address + authentication (both user and in-kernel). + 0 - Pointer authentication is enabled[Default] + 1 - Pointer authentication is force disabled + ataflop= [HW,M68k] atarimouse= [HW,MOUSE] Atari Mouse diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c index b2ffa9eaaaff..bdaaff78240b 100644 --- a/arch/arm64/kernel/cpufeature.c +++ b/arch/arm64/kernel/cpufeature.c @@ -164,6 +164,24 @@ static void cpu_enable_cnp(struct arm64_cpu_capabilities const *cap); static bool __system_matches_cap(unsigned int n); +#ifdef CONFIG_ARM64_PTR_AUTH +bool arm64_disable_ptr_auth; + +static int __init arm64_disable_ptr_auth_fn(char *buf) +{ + return strtobool(buf, &arm64_disable_ptr_auth); +} +early_param("arm64.disable_ptr_auth", arm64_disable_ptr_auth_fn); + +s64 ptr_auth_ftr_filter(const struct arm64_ftr_bits *ftrp, s64 val) +{ + if (arm64_disable_ptr_auth) + return 0; + else + return val; +} +#endif + /* * NOTE: Any changes to the visibility of features should be kept in * sync with the documentation of the CPU feature register ABI. @@ -193,17 +211,21 @@ static const struct arm64_ftr_bits ftr_id_aa64isar1[] = { ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, ID_AA64ISAR1_SPECRES_SHIFT, 4, 0), ARM64_FTR_BITS(FTR_VISIBLE, FTR_STRICT, FTR_LOWER_SAFE, ID_AA64ISAR1_SB_SHIFT, 4, 0), ARM64_FTR_BITS(FTR_VISIBLE, FTR_STRICT, FTR_LOWER_SAFE, ID_AA64ISAR1_FRINTTS_SHIFT, 4, 0), - ARM64_FTR_BITS(FTR_VISIBLE_IF_IS_ENABLED(CONFIG_ARM64_PTR_AUTH), - FTR_STRICT, FTR_LOWER_SAFE, ID_AA64ISAR1_GPI_SHIFT, 4, 0), - ARM64_FTR_BITS(FTR_VISIBLE_IF_IS_ENABLED(CONFIG_ARM64_PTR_AUTH), - FTR_STRICT, FTR_LOWER_SAFE, ID_AA64ISAR1_GPA_SHIFT, 4, 0), +#ifdef CONFIG_ARM64_PTR_AUTH + FILTERED_ARM64_FTR_BITS(FTR_UNSIGNED, FTR_VISIBLE, FTR_STRICT, FTR_LOWER_SAFE, + ID_AA64ISAR1_GPI_SHIFT, 4, 0, ptr_auth_ftr_filter), + FILTERED_ARM64_FTR_BITS(FTR_UNSIGNED, FTR_VISIBLE, FTR_STRICT, FTR_LOWER_SAFE, + ID_AA64ISAR1_GPA_SHIFT, 4, 0, ptr_auth_ftr_filter), +#endif ARM64_FTR_BITS(FTR_VISIBLE, FTR_STRICT, FTR_LOWER_SAFE, ID_AA64ISAR1_LRCPC_SHIFT, 4, 0), ARM64_FTR_BITS(FTR_VISIBLE, FTR_STRICT, FTR_LOWER_SAFE, ID_AA64ISAR1_FCMA_SHIFT, 4, 0), ARM64_FTR_BITS(FTR_VISIBLE, FTR_STRICT, FTR_LOWER_SAFE, ID_AA64ISAR1_JSCVT_SHIFT, 4, 0), - ARM64_FTR_BITS(FTR_VISIBLE_IF_IS_ENABLED(CONFIG_ARM64_PTR_AUTH), - FTR_STRICT, FTR_EXACT, ID_AA64ISAR1_API_SHIFT, 4, 0), - ARM64_FTR_BITS(FTR_VISIBLE_IF_IS_ENABLED(CONFIG_ARM64_PTR_AUTH), - FTR_STRICT, FTR_EXACT, ID_AA64ISAR1_APA_SHIFT, 4, 0), +#ifdef CONFIG_ARM64_PTR_AUTH + FILTERED_ARM64_FTR_BITS(FTR_UNSIGNED, FTR_VISIBLE, FTR_STRICT, FTR_LOWER_SAFE, + ID_AA64ISAR1_API_SHIFT, 4, 0, ptr_auth_ftr_filter), + FILTERED_ARM64_FTR_BITS(FTR_UNSIGNED, FTR_VISIBLE, FTR_STRICT, FTR_LOWER_SAFE, + ID_AA64ISAR1_APA_SHIFT, 4, 0, ptr_auth_ftr_filter), +#endif ARM64_FTR_BITS(FTR_VISIBLE, FTR_STRICT, FTR_LOWER_SAFE, ID_AA64ISAR1_DPB_SHIFT, 4, 0), ARM64_FTR_END, }; -- 2.7.4