Received: by 2002:a05:6359:6284:b0:131:369:b2a3 with SMTP id se4csp3519270rwb; Mon, 7 Aug 2023 15:11:39 -0700 (PDT) X-Google-Smtp-Source: AGHT+IH7t54pY5Pny6ZZcptvu/6X7P+niB2PuCRDS8OwVoe3v5mzmMYZOqHEWeFQjx4CYE0WVzvY X-Received: by 2002:a17:902:b682:b0:1b8:17e8:5475 with SMTP id c2-20020a170902b68200b001b817e85475mr10191748pls.24.1691446298823; Mon, 07 Aug 2023 15:11:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691446298; cv=none; d=google.com; s=arc-20160816; b=kWAWGaSJuh4Ph5+hKPQILVczF3yczLdePDa+JIW4o/DvZeM+zxWz7xQGvCVNJXJo1y LnSP9LHefPvbvOmc0VFdwKx3ahS61M+Bl9JtchK5gH1Tj2D728tzXjFC86CkBjlZSdfp h6zArvsv1N0uFyTKDHnx1+oxtm6XEEcydNsjRkKmLFP6wj6k38qxntH7Ws2eRbnh6dIp p6O2fpBuDhIJkx7TJZk+CBVGswq9jGG8ZxAz8hQ0Q9gKgqz9pwDS/dqfi0uWcnMbt4m9 cvyO/5YJ2bHW34oitscA5XZOxP3nrwa3WoyyQM5PYZab6ePmoIHGXlMc+X9hR3O/FqOD 1BUw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:in-reply-to:references:message-id :content-transfer-encoding:mime-version:subject:date:from :dkim-signature; bh=7Xh0jTR0r8+ize43vTl6QzYzhaS83l1nMVxt1u8Uym0=; fh=EdAFSmIgUzZTC6WCy4Jg1wBZ0/m6m2d/OjiRUJ3BsTI=; b=UbEcHzp2isVU/+4ysw1IFd6vQZ40J7KGG2ZR1pm7z0cropkTV4sHFEEY/nrBeT25wH ix+1dC4/85w6+fn37W3QTTMRvTKnCBwskXljZRffGLOPuElRJYE/OvU9TDUuxkGkkviQ jh5pk45uXlC/2190mgxU756dsINmsz+/jR3+QUjUpdmLleVZoiUlUviNPzbbbQHnVIVq cwfYE8EzMPtTeWQa2UWzscZmvU4xE8W4qktAmBnyBDHTU9+D0U7trlZd1meazTHz0ryc kvRMc0DY9EvmLJqOf64cVaLsEETDNWX6O+9CFuFgI6Kjd64XfFnD3KzpH2hZbEAFNSbI 9wpQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=t8SAodXm; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id je7-20020a170903264700b001bbccdceb50si6037377plb.288.2023.08.07.15.11.26; Mon, 07 Aug 2023 15:11:38 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=t8SAodXm; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230502AbjHGWHa (ORCPT + 99 others); Mon, 7 Aug 2023 18:07:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42388 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231532AbjHGWHK (ORCPT ); Mon, 7 Aug 2023 18:07:10 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DF84C19AD; Mon, 7 Aug 2023 15:04:49 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id E1212622A1; Mon, 7 Aug 2023 22:04:02 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 9889AC433C9; Mon, 7 Aug 2023 22:03:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1691445842; bh=0QIP38ZumyMQzrMYtc7Z/0L/bXiC+1OudC2zVRODlMU=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=t8SAodXmV30SSAG9TfCx9T0tc1JXTUDa17ANZoNGGQ8XgDtYpu9jzRwEyCbO/Trm5 HUanShH4KzIaVhqJcHgCNdMADk1LvqZrbyuNIf5KqOEVvL+HGwZgVaByJosicjM8XQ iiUrN0aMxoVoCoTynD6gYha5cPt/aqEpAb2TMWLiALtxeKyuZi0gJ1lqNXYR2tiR5a KBXU5KBnq7mzP1GXxJK99+t17miAdwgg9oriwEXiSPYk27mPJ0Qi+MZLYHm47pIqqt Qo5fmQxX42GbxEYST7aAr58Wb9PBT1wIAT0Ryx+nesWif+E4czI4wG8LIt5VbFolyP oaE6I5a1UNOxQ== From: Mark Brown Date: Mon, 07 Aug 2023 23:00:29 +0100 Subject: [PATCH v4 24/36] arm64/ptrace: Expose GCS via ptrace and core files MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Message-Id: <20230807-arm64-gcs-v4-24-68cfa37f9069@kernel.org> References: <20230807-arm64-gcs-v4-0-68cfa37f9069@kernel.org> In-Reply-To: <20230807-arm64-gcs-v4-0-68cfa37f9069@kernel.org> To: Catalin Marinas , Will Deacon , Jonathan Corbet , Andrew Morton , Marc Zyngier , Oliver Upton , James Morse , Suzuki K Poulose , Arnd Bergmann , Oleg Nesterov , Eric Biederman , Kees Cook , Shuah Khan , "Rick P. Edgecombe" , Deepak Gupta , Ard Biesheuvel , Szabolcs Nagy Cc: "H.J. Lu" , Paul Walmsley , Palmer Dabbelt , Albert Ou , linux-arm-kernel@lists.infradead.org, linux-doc@vger.kernel.org, kvmarm@lists.linux.dev, linux-fsdevel@vger.kernel.org, linux-arch@vger.kernel.org, linux-mm@kvack.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, linux-riscv@lists.infradead.org, Mark Brown X-Mailer: b4 0.13-dev-034f2 X-Developer-Signature: v=1; a=openpgp-sha256; l=4259; i=broonie@kernel.org; h=from:subject:message-id; bh=0QIP38ZumyMQzrMYtc7Z/0L/bXiC+1OudC2zVRODlMU=; b=owEBbQGS/pANAwAKASTWi3JdVIfQAcsmYgBk0WmrLgjCxlg0UGVpy5E7U+JcqO/N4JM5rjw02mao hZnV3zWJATMEAAEKAB0WIQSt5miqZ1cYtZ/in+ok1otyXVSH0AUCZNFpqwAKCRAk1otyXVSH0PnlB/ oDdyHIOa8icx1bsyF+SJQ9duVfWg7gwTkO/RfjwXSEpwdUEMMlXLDWrwhb12vC5Mm3Bjq6StFpKbgS CKSDQJJIY+xNJXFtxREcls2VA7vIKUexY0482OqGRTM7jtul02zjku/wNRalUHx+SRLWPenORSda2Z fXANEjIjEfPtX7FoGdpDkK877+dKUfzvCK6X5YsWhUpq6J+BBHUuXVw33S4CP5Dwzbx7EoS87RLc05 2ZN5FOuD+uXdItk+ltL89Dncj5XytV3T815hsHegWS9fEyAiKnuP1Ho2zEAqYS0C3+44MfWoe8jiTA 2bPdAXBLpb3l0KkFMhl97WPzxFmUl1 X-Developer-Key: i=broonie@kernel.org; a=openpgp; fpr=3F2568AAC26998F9E813A1C5C3F436CA30F5D8EB X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Provide a new register type NT_ARM_GCS reporting the current GCS mode and pointer for EL0. Due to the interactions with allocation and deallocation of Guarded Control Stacks we do not permit any changes to the GCS mode via ptrace, only GCSPR_EL0 may be changed. Signed-off-by: Mark Brown --- arch/arm64/include/uapi/asm/ptrace.h | 8 +++++ arch/arm64/kernel/ptrace.c | 59 ++++++++++++++++++++++++++++++++++++ include/uapi/linux/elf.h | 1 + 3 files changed, 68 insertions(+) diff --git a/arch/arm64/include/uapi/asm/ptrace.h b/arch/arm64/include/uapi/asm/ptrace.h index 7fa2f7036aa7..0f39ba4f3efd 100644 --- a/arch/arm64/include/uapi/asm/ptrace.h +++ b/arch/arm64/include/uapi/asm/ptrace.h @@ -324,6 +324,14 @@ struct user_za_header { #define ZA_PT_SIZE(vq) \ (ZA_PT_ZA_OFFSET + ZA_PT_ZA_SIZE(vq)) +/* GCS state (NT_ARM_GCS) */ + +struct user_gcs { + __u64 features_enabled; + __u64 features_locked; + __u64 gcspr_el0; +}; + #endif /* __ASSEMBLY__ */ #endif /* _UAPI__ASM_PTRACE_H */ diff --git a/arch/arm64/kernel/ptrace.c b/arch/arm64/kernel/ptrace.c index d7f4f0d1ae12..c159090bc731 100644 --- a/arch/arm64/kernel/ptrace.c +++ b/arch/arm64/kernel/ptrace.c @@ -33,6 +33,7 @@ #include #include #include +#include #include #include #include @@ -1390,6 +1391,51 @@ static int tagged_addr_ctrl_set(struct task_struct *target, const struct } #endif +#ifdef CONFIG_ARM64_GCS +static int gcs_get(struct task_struct *target, + const struct user_regset *regset, + struct membuf to) +{ + struct user_gcs user_gcs; + + if (target == current) + gcs_preserve_current_state(); + + user_gcs.features_enabled = target->thread.gcs_el0_mode; + user_gcs.features_locked = target->thread.gcs_el0_locked; + user_gcs.gcspr_el0 = target->thread.gcspr_el0; + + return membuf_write(&to, &user_gcs, sizeof(user_gcs)); +} + +static int gcs_set(struct task_struct *target, const struct + user_regset *regset, unsigned int pos, + unsigned int count, const void *kbuf, const + void __user *ubuf) +{ + int ret; + struct user_gcs user_gcs; + + ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &user_gcs, 0, -1); + if (ret) + return ret; + + if (user_gcs.features_enabled & ~PR_SHADOW_STACK_SUPPORTED_STATUS_MASK) + return -EINVAL; + + /* Do not allow enable via ptrace */ + if ((user_gcs.features_enabled & PR_SHADOW_STACK_ENABLE) && + !!(target->thread.gcs_el0_mode & PR_SHADOW_STACK_ENABLE)) + return -EBUSY; + + target->thread.gcs_el0_mode = user_gcs.features_enabled; + target->thread.gcs_el0_locked = user_gcs.features_locked; + target->thread.gcspr_el0 = user_gcs.gcspr_el0; + + return 0; +} +#endif + enum aarch64_regset { REGSET_GPR, REGSET_FPR, @@ -1418,6 +1464,9 @@ enum aarch64_regset { #ifdef CONFIG_ARM64_TAGGED_ADDR_ABI REGSET_TAGGED_ADDR_CTRL, #endif +#ifdef CONFIG_ARM64_GCS + REGSET_GCS, +#endif }; static const struct user_regset aarch64_regsets[] = { @@ -1568,6 +1617,16 @@ static const struct user_regset aarch64_regsets[] = { .set = tagged_addr_ctrl_set, }, #endif +#ifdef CONFIG_ARM64_GCS + [REGSET_GCS] = { + .core_note_type = NT_ARM_GCS, + .n = sizeof(struct user_gcs) / sizeof(u64), + .size = sizeof(u64), + .align = sizeof(u64), + .regset_get = gcs_get, + .set = gcs_set, + }, +#endif }; static const struct user_regset_view user_aarch64_view = { diff --git a/include/uapi/linux/elf.h b/include/uapi/linux/elf.h index 0c8cf359ea5b..00f698a2ab17 100644 --- a/include/uapi/linux/elf.h +++ b/include/uapi/linux/elf.h @@ -438,6 +438,7 @@ typedef struct elf64_shdr { #define NT_ARM_SSVE 0x40b /* ARM Streaming SVE registers */ #define NT_ARM_ZA 0x40c /* ARM SME ZA registers */ #define NT_ARM_ZT 0x40d /* ARM SME ZT registers */ +#define NT_ARM_GCS 0x40e /* ARM GCS state */ #define NT_ARC_V2 0x600 /* ARCv2 accumulator/extra registers */ #define NT_VMCOREDD 0x700 /* Vmcore Device Dump Note */ #define NT_MIPS_DSP 0x800 /* MIPS DSP ASE registers */ -- 2.30.2