From patchwork Mon Nov 27 16:37:59 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Rutland X-Patchwork-Id: 119749 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp512409qgn; Mon, 27 Nov 2017 08:39:06 -0800 (PST) X-Google-Smtp-Source: AGs4zMYLOCvQY7kxnvDwJWq14Dan03VRQIRwNhTmUzKj8/cvHgtpSaK2IXhLEZwXqHjTxdbnpzEw X-Received: by 10.101.69.141 with SMTP id o13mr31395917pgq.125.1511800746673; Mon, 27 Nov 2017 08:39:06 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1511800746; cv=none; d=google.com; s=arc-20160816; b=eN9tFTesxZ4EzrirLVTf63RR7n92s9UURZr5+xqkcakt2YNzWFAY6mwGT+DPFFtISY wmqDdooqZUOVKn9w2j7nJVM6u9wHTo7pBJa4ZO2+E7ML0VVN5TMlcaBTXpcc3ZS/gem+ KgEpaH0rdcetBAzHqEt8mgPMhLERPycDV//GUIbducSOX+tfUe63rvlz3vCh/x3uPKhv iiPSBZZ30Hm+U1b0VD+vGva4YK7Aq8Uq404IfikDbTG4I8G3h33F4gSXkhP58/il98X4 V93G5xHQXmE46zuftEvXVKqmJGnQPxrjvDPQu2WiOyixT054mtL5S1InBXOgrFRRFHmV gcSA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:arc-authentication-results; bh=FEKmW+rFyA7npoJn0jB/1gKXf9bmFrgmENo8kOqZzh0=; b=D79njriuAtedIKOPNJf2mtabrDEdWtPzBN+7kzeGIpbmSkDK7oWTKPLF5CGvofR4jc jMh3GOiNPpciw7ck8pqqi1IvD7ccSUF0b9dIkEiYu8gkmLTzQ9rDdOWO4Eod8/c7hYv9 FHKDtJZq9GoNHHF/rcerLy0gnFJT8Hs+dJ++/OwqnBXvqPFL6K8HNo5c79Mi5uX+Bv69 7jAzTseGbZVmnPfPr5pRJ7nYO5E/GN445YkJ6n0RWP8irmjsIlujYSuImlCkIbJqobWf WoP/T095fn8McNoTK03gK7odozqyODLehHr6pWn0YVXiB2S6fovHpqUzsu5XtFcoFEoP w4pw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p186si1597575pga.385.2017.11.27.08.39.06; Mon, 27 Nov 2017 08:39:06 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932096AbdK0QjE (ORCPT + 28 others); Mon, 27 Nov 2017 11:39:04 -0500 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:40152 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932075AbdK0QjB (ORCPT ); Mon, 27 Nov 2017 11:39:01 -0500 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id F01C3164F; Mon, 27 Nov 2017 08:39:00 -0800 (PST) Received: from lakrids.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.72.51.249]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 57D153F246; Mon, 27 Nov 2017 08:38:58 -0800 (PST) From: Mark Rutland To: linux-arm-kernel@lists.infradead.org Cc: arnd@arndb.de, catalin.marinas@arm.com, cdall@linaro.org, kvmarm@lists.cs.columbia.edu, linux-arch@vger.kernel.org, marc.zyngier@arm.com, mark.rutland@arm.com, suzuki.poulose@arm.com, will.deacon@arm.com, yao.qi@arm.com, kernel-hardening@lists.openwall.com, linux-kernel@vger.kernel.org, awallis@codeaurora.org Subject: [PATCHv2 05/12] arm64: Don't trap host pointer auth use to EL2 Date: Mon, 27 Nov 2017 16:37:59 +0000 Message-Id: <20171127163806.31435-6-mark.rutland@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20171127163806.31435-1-mark.rutland@arm.com> References: <20171127163806.31435-1-mark.rutland@arm.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org To allow EL0 (and/or EL1) to use pointer authentication functionality, we must ensure that pointer authentication instructions and accesses to pointer authentication keys are not trapped to EL2 (where we will not be able to handle them). This patch ensures that HCR_EL2 is configured appropriately when the kernel is booted at EL2. For non-VHE kernels we set HCR_EL2.{API,APK}, ensuring that EL1 can access keys and permit EL0 use of instructions. For VHE kernels, EL2 access is controlled by EL3, and we need not set anything. This does not enable support for KVM guests, since KVM manages HCR_EL2 itself. Signed-off-by: Mark Rutland Cc: Catalin Marinas Cc: Christoffer Dall Cc: Marc Zyngier Cc: Will Deacon Cc: kvmarm@lists.cs.columbia.edu --- arch/arm64/include/asm/kvm_arm.h | 2 ++ arch/arm64/kernel/head.S | 19 +++++++++++++++++-- 2 files changed, 19 insertions(+), 2 deletions(-) -- 2.11.0 Acked-by: Christoffer Dall diff --git a/arch/arm64/include/asm/kvm_arm.h b/arch/arm64/include/asm/kvm_arm.h index 7f069ff37f06..62854d5d1d3b 100644 --- a/arch/arm64/include/asm/kvm_arm.h +++ b/arch/arm64/include/asm/kvm_arm.h @@ -23,6 +23,8 @@ #include /* Hyp Configuration Register (HCR) bits */ +#define HCR_API (UL(1) << 41) +#define HCR_APK (UL(1) << 40) #define HCR_E2H (UL(1) << 34) #define HCR_ID (UL(1) << 33) #define HCR_CD (UL(1) << 32) diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S index 67e86a0f57ac..06a96e9af26b 100644 --- a/arch/arm64/kernel/head.S +++ b/arch/arm64/kernel/head.S @@ -415,10 +415,25 @@ CPU_LE( bic x0, x0, #(1 << 25) ) // Clear the EE bit for EL2 /* Hyp configuration. */ mov x0, #HCR_RW // 64-bit EL1 - cbz x2, set_hcr + cbz x2, 1f orr x0, x0, #HCR_TGE // Enable Host Extensions orr x0, x0, #HCR_E2H -set_hcr: +1: +#ifdef CONFIG_ARM64_POINTER_AUTHENTICATION + /* + * Disable pointer authentication traps to EL2. The HCR_EL2.{APK,API} + * bits exist iff at least one authentication mechanism is implemented. + */ + mrs x1, id_aa64isar1_el1 + mov_q x3, ((0xf << ID_AA64ISAR1_GPI_SHIFT) | \ + (0xf << ID_AA64ISAR1_GPA_SHIFT) | \ + (0xf << ID_AA64ISAR1_API_SHIFT) | \ + (0xf << ID_AA64ISAR1_APA_SHIFT)) + and x1, x1, x3 + cbz x1, 1f + orr x0, x0, #(HCR_APK | HCR_API) +1: +#endif msr hcr_el2, x0 isb