[PATCH v4.4 21/45] arm64: entry: Apply BP hardening for high-priority... | linux-arm-kernel

[PATCH v4.4 00/45] V4.4 backport of arm64 Spectre patches · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 01/45] arm64: barrier: Add CSDB macros to control data-value prediction · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 02/45] arm64: Implement array_index_mask_nospec() · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 03/45] arm64: remove duplicate macro __KERNEL__ check · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 04/45] arm64: move TASK_* definitions to <asm/processor.h> · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 05/45] arm64: Make USER_DS an inclusive limit · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 06/45] arm64: Use pointer masking to limit uaccess speculation · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 07/45] arm64: entry: Ensure branch through syscall table is bounded under speculation · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 08/45] arm64: uaccess: Prevent speculative use of the current addr_limit · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 09/45] arm64: uaccess: Don't bother eliding access_ok checks in __{get, put}_user · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 10/45] mm/kasan: add API to check memory regions · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
Re: [PATCH v4.4 10/45] mm/kasan: add API to check memory regions · Julien Thierry <hidden> · 2019-07-04
Re: [PATCH v4.4 10/45] mm/kasan: add API to check memory regions · Viresh Kumar <viresh.kumar@linaro.org> · 2019-07-05
[PATCH v4.4 11/45] arm64: kasan: instrument user memory access API · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 12/45] arm64: uaccess: Mask __user pointers for __arch_{clear, copy_*}_user · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 13/45] arm64: cpufeature: Pass capability structure to ->enable callback · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 14/45] drivers/firmware: Expose psci_get_version through psci_ops structure · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 15/45] arm64: Factor out TTBR0_EL1 post-update workaround into a specific asm macro · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 16/45] arm64: Move post_ttbr_update_workaround to C code · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 17/45] arm64: cpufeature: Add scope for capability check · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 18/45] arm64: Add skeleton to harden the branch predictor against aliasing attacks · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 19/45] arm64: Move BP hardening to check_and_switch_context · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 20/45] mm: Introduce lm_alias · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
Re: [PATCH v4.4 20/45] mm: Introduce lm_alias · Julien Thierry <hidden> · 2019-06-17
Re: [PATCH v4.4 20/45] mm: Introduce lm_alias · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-18
[PATCH v4.4 21/45] arm64: entry: Apply BP hardening for high-priority synchronous exceptions · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 22/45] arm64: entry: Apply BP hardening for suspicious interrupts from EL0 · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 23/45] arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75 · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 24/45] arm64: cpu_errata: Allow an erratum to be match for all revisions of a core · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 25/45] arm64: Implement branch predictor hardening for affected Cortex-A CPUs · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 26/45] arm64: cputype info for Broadcom Vulcan · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 27/45] arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 28/45] arm64: Branch predictor hardening for Cavium ThunderX2 · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 29/45] arm64: KVM: Increment PC after handling an SMC trap · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 30/45] arm/arm64: KVM: Consolidate the PSCI include files · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 31/45] arm/arm64: KVM: Add PSCI_VERSION helper · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 32/45] arm/arm64: KVM: Add smccc accessors to PSCI code · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 33/45] ARM: 8478/2: arm/arm64: add arm-smccc · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 34/45] arm/arm64: KVM: Implement PSCI 1.0 support · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 35/45] arm/arm64: KVM: Advertise SMCCC v1.1 · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 36/45] arm/arm64: KVM: Turn kvm_psci_version into a static inline · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 37/45] arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 38/45] arm64: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 39/45] firmware/psci: Expose PSCI conduit · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 40/45] firmware/psci: Expose SMCCC version through psci_ops · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 41/45] arm/arm64: smccc: Make function identifiers an unsigned quantity · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 42/45] arm/arm64: smccc: Implement SMCCC v1.1 inline primitive · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 43/45] arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 44/45] arm64: Kill PSCI_GET_VERSION as a variant-2 workaround · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
[PATCH v4.4 45/45] arm64: futex: Mask __user pointers prior to dereference · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-14
Re: [PATCH v4.4 00/45] V4.4 backport of arm64 Spectre patches · Greg KH <gregkh@linuxfoundation.org> · 2019-06-17
Re: [PATCH v4.4 00/45] V4.4 backport of arm64 Spectre patches · Julien Thierry <hidden> · 2019-06-17
Re: [PATCH v4.4 00/45] V4.4 backport of arm64 Spectre patches · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-18
Re: [PATCH v4.4 00/45] V4.4 backport of arm64 Spectre patches · Julien Thierry <hidden> · 2019-06-19
Re: [PATCH v4.4 00/45] V4.4 backport of arm64 Spectre patches · Viresh Kumar <viresh.kumar@linaro.org> · 2019-06-19
Re: [PATCH v4.4 00/45] V4.4 backport of arm64 Spectre patches · Julien Thierry <hidden> · 2019-06-17
Re: [PATCH v4.4 00/45] V4.4 backport of arm64 Spectre patches · Julien Thierry <hidden> · 2019-07-11

STALE2545d REVIEWED: 1 (0M)

Revisions (3)

2019-06-14 v4 current
2019-07-12 v4 [diff vs current]
2019-08-29 v4 [diff vs current]

[PATCH v4.4 21/45] arm64: entry: Apply BP hardening for high-priority synchronous exceptions

From: Viresh Kumar <viresh.kumar@linaro.org>
Date: 2019-06-14 03:12:51
Also in: stable
Subsystem: arm64 port (aarch64 architecture), the rest · Maintainers: Catalin Marinas, Will Deacon, Linus Torvalds

From: Will Deacon <redacted>

commit 5dfc6ed27710c42cbc15db5c0d4475699991da0a upstream.

Software-step and PC alignment fault exceptions have higher priority than
instruction abort exceptions, so apply the BP hardening hooks there too
if the user PC appears to reside in kernel space.

Reported-by: Dan Hettena <redacted>
Reviewed-by: Marc Zyngier <redacted>
Signed-off-by: Will Deacon <redacted>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
[ v4.4: Resolved rebase conflicts ]
Signed-off-by: Viresh Kumar <viresh.kumar@linaro.org>
---
 arch/arm64/kernel/entry.S | 6 ++++--
 arch/arm64/mm/fault.c     | 9 +++++++++
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S
index 05bfc71639fc..42a141f01f3b 100644
--- a/arch/arm64/kernel/entry.S
+++ b/arch/arm64/kernel/entry.S

@@ -530,8 +530,10 @@ ENDPROC(el1_irq)
 	 * Stack or PC alignment exception handling
 	 */
 	mrs	x26, far_el1
-	// enable interrupts before calling the main handler
-	enable_dbg_and_irq
+	enable_dbg
+#ifdef CONFIG_TRACE_IRQFLAGS
+	bl	trace_hardirqs_off
+#endif
 	ct_user_exit
 	mov	x0, x26
 	mov	x1, x25

diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c
index 1878c881a247..082f385b6592 100644
--- a/arch/arm64/mm/fault.c
+++ b/arch/arm64/mm/fault.c

@@ -561,6 +561,12 @@ asmlinkage void __exception do_sp_pc_abort(unsigned long addr,
 	struct siginfo info;
 	struct task_struct *tsk = current;
 
+	if (user_mode(regs)) {
+		if (instruction_pointer(regs) > TASK_SIZE)
+			arm64_apply_bp_hardening();
+		local_irq_enable();
+	}
+
 	if (show_unhandled_signals && unhandled_signal(tsk, SIGBUS))
 		pr_info_ratelimited("%s[%d]: %s exception: pc=%p sp=%p\n",
 				    tsk->comm, task_pid_nr(tsk),

@@ -621,6 +627,9 @@ asmlinkage int __exception do_debug_exception(unsigned long addr_if_watchpoint,
 	if (interrupts_enabled(regs))
 		trace_hardirqs_off();
 
+	if (user_mode(regs) && instruction_pointer(regs) > TASK_SIZE)
+		arm64_apply_bp_hardening();
+
 	if (!inf->fn(addr_if_watchpoint, esr, regs)) {
 		rv = 1;
 	} else {

-- 
2.21.0.rc0.269.g1a574e7a288b


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help