Received: by 2002:a05:7412:f690:b0:e2:908c:2ebd with SMTP id ej16csp323773rdb; Thu, 19 Oct 2023 05:51:29 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEEhgePsMyppp+BjFSCdrgF3KPUJwHWz6FtJhC0K099TYhRYX1MvoETREx2wlMsUcfzQH3Z X-Received: by 2002:a17:90b:3588:b0:27d:452a:8bb6 with SMTP id mm8-20020a17090b358800b0027d452a8bb6mr2718276pjb.10.1697719889491; Thu, 19 Oct 2023 05:51:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697719889; cv=none; d=google.com; s=arc-20160816; b=jfrtqSpvmIMpJ13tQK3yVrFWaI3l99HS7+RHevs3tS4FBw6RxQT733OaVPlMxQN8EQ nZ8hg4r3DtcY4swSDFDmEOCp882jdwRjlctuHZoXS4jE6w2aGHV7/Q+yYOivelY/DVS1 /q2qJ8Aw3YJS7zl4BaqdjRmeB/BZLWKdaxXp00oG4DjUv093DXhH9mN09M13x0fPo0Ss zKP595HGciMdWFsaf+U9EIWQGjeTrEunXLEj8R9DZd21jy601P6Zk4BRF8LOl3uUMWyY CAz3lCffLN4P8JQKFhtwrZ4VbhDF7Rf7uJscxuRBdhLZf18hejqS3EXzart7818vaYBo IvuA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:mail-followup-to:message-id:subject:cc:to:from:date :dkim-signature:dkim-signature; bh=lW0oi5t9RJVIfyM9NQMzhwbPShfe2mX7ZAVw1vE6IBc=; fh=YElFkqDxIzKQQanb5bRwHpEwnm6kPOq9iTKP1g+/qK8=; b=qsPEcDuusDNesaEOAtzwhZuEBHeDs7Jq08rZtkXBNu3Vtx1IyouJHyxorgqfA3Wk+w eVqJQAYWU82ymfv4ePeLYh37dH65Ra4BUf3eDyrVmyTMDIkPjDLK3B8wcLRNxKwKlpUy A6GrEpTTdM0HqxXot1eo3M5Fx6/69XhPcJcG4OR9pDm0Mgbhy7Sfms5XvUEHz+4SPkey 7dPvBpZW3E943ZIgaHDRv4mu1mmcau6D1CkM9t+D4cJs+fkOEBjI0jfvlK1zL7FxcIX3 j702XNqc8mYvSzDSZTwlkrQNWwnXJvXoHhuMjivK06Uq5PMkbrTBP+6pmyJLjRbkC7ck 8uQA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=y8sv0dBd; dkim=neutral (no key) header.i=@suse.de header.s=susede2_ed25519 header.b=tfomFNiM; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:1 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Return-Path: Received: from morse.vger.email (morse.vger.email. [2620:137:e000::3:1]) by mx.google.com with ESMTPS id om14-20020a17090b3a8e00b0027d3ed58c04si2209779pjb.173.2023.10.19.05.51.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Oct 2023 05:51:29 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:1 as permitted sender) client-ip=2620:137:e000::3:1; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=y8sv0dBd; dkim=neutral (no key) header.i=@suse.de header.s=susede2_ed25519 header.b=tfomFNiM; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:1 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by morse.vger.email (Postfix) with ESMTP id 2204B80A7CEB; Thu, 19 Oct 2023 05:50:34 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at morse.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345710AbjJSMuW (ORCPT + 99 others); Thu, 19 Oct 2023 08:50:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54902 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345698AbjJSMuR (ORCPT ); Thu, 19 Oct 2023 08:50:17 -0400 Received: from smtp-out2.suse.de (smtp-out2.suse.de [IPv6:2001:67c:2178:6::1d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F2981112 for ; Thu, 19 Oct 2023 05:50:15 -0700 (PDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id 486701F45B; Thu, 19 Oct 2023 12:50:14 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1697719814; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=lW0oi5t9RJVIfyM9NQMzhwbPShfe2mX7ZAVw1vE6IBc=; b=y8sv0dBdsT8JSiB68qv++9wi0gXNI78pEbuvU6KJ6HJXOc3roUjfOh/MXt8odUK8ck8HyJ BvxMoj/gGMBFhY9W7akTLw5Y3jwS8T6lIyvtawsahEpsECCbJK7WXcoJWfaGk6yRPmmoYn CPt/I1+7kmlUy9gm/KbckfRwuCAle2U= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1697719814; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=lW0oi5t9RJVIfyM9NQMzhwbPShfe2mX7ZAVw1vE6IBc=; b=tfomFNiMemAO/QOMmicfalJ6LTcv/H0WnZIniw2O+OWrweLH3CV8J8yqS2Tgb8o58VPfa3 XlOz32fGfPYWC3CQ== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 2CFEB1357F; Thu, 19 Oct 2023 12:50:14 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id yF8WCQYmMWXUSgAAMHmgww (envelope-from ); Thu, 19 Oct 2023 12:50:14 +0000 Date: Thu, 19 Oct 2023 14:50:13 +0200 From: Andrea della Porta To: Mark Rutland Cc: Andrea della Porta , Catalin Marinas , Will Deacon , linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, nik.borisov@suse.com Subject: Re: [PATCH 4/4] arm64: Make Aarch32 emulation boot time configurable Message-ID: Mail-Followup-To: Mark Rutland , Andrea della Porta , Catalin Marinas , Will Deacon , linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, nik.borisov@suse.com References: <1029761eb218702d4aafa58d83c4bf9d3a760264.1697614386.git.andrea.porta@suse.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Authentication-Results: smtp-out2.suse.de; none X-Spam-Level: X-Spam-Score: -10.60 X-Spamd-Result: default: False [-10.60 / 50.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-3.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; REPLY(-4.00)[]; DKIM_SIGNED(0.00)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RCPT_COUNT_SEVEN(0.00)[7]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; MID_RHS_NOT_FQDN(0.50)[]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; BAYES_HAM(-3.00)[100.00%] X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on morse.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (morse.vger.email [0.0.0.0]); Thu, 19 Oct 2023 05:50:34 -0700 (PDT) On 14:02 Wed 18 Oct , Mark Rutland wrote: > On Wed, Oct 18, 2023 at 01:13:22PM +0200, Andrea della Porta wrote: > > Distributions would like to reduce their attack surface as much as > > possible but at the same time they'd want to retain flexibility to > > cater to a variety of legacy software. This stems from the conjecture > > that compat layer is likely rarely tested and could have latent > > security bugs. Ideally distributions will set their default policy > > and also give users the ability to override it as appropriate. > > > > To enable this use case, introduce CONFIG_AARCH32_EMULATION_DEFAULT_DISABLED > > compile time option, which controls whether 32bit processes/syscalls > > should be allowed or not. This option is aimed mainly at distributions > > to set their preferred default behavior in their kernels. > > > > To allow users to override the distro's policy, introduce the > > 'aarch32_emulation' parameter which allows overriding > > CONFIG_AARCH32_EMULATION_DEFAULT_DISABLED state at boot time. > > > > Signed-off-by: Andrea della Porta > > --- > > Documentation/admin-guide/kernel-parameters.txt | 7 +++++++ > > arch/arm64/Kconfig | 9 +++++++++ > > arch/arm64/kernel/entry-common.c | 8 +++++++- > > 3 files changed, 23 insertions(+), 1 deletion(-) > > > > diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt > > index 0a1731a0f0ef..a41c5e6f5d2e 100644 > > --- a/Documentation/admin-guide/kernel-parameters.txt > > +++ b/Documentation/admin-guide/kernel-parameters.txt > > @@ -1,3 +1,10 @@ > > + aarch32_emulation= [ARM64] > > + Format: > > + When true, allows loading 32-bit programs and executing > > + 32-bit syscalls, essentially overriding > > + AARCH32_EMULATION_DEFAULT_DISABLED at boot time. when false, > > + unconditionally disables AARCH32 emulation. > > Can we please drop the 'emulation' part of the name? We don't use that > terminology on arm64 for regular execution of compat tasks, and only use that > to refer to true emulation of deprecated instructions. > > We already have the 'allow_mismatched_32bit_el0' option; can we please us a > name that aligns with that? e.g. 'allow_32bit_el0=false' to disable support. > Sure, 'allow_mismatched_32bit_el0' will do. I'll prepare a patch accordingly. Andrea