From patchwork Sun Oct 27 21:00:48 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Greg KH X-Patchwork-Id: 177848 Delivered-To: patch@linaro.org Received: by 2002:a92:409a:0:0:0:0:0 with SMTP id d26csp2532251ill; Sun, 27 Oct 2019 14:10:05 -0700 (PDT) X-Google-Smtp-Source: APXvYqyO46GdZwLPPZKQjg0f+q8jwa/Dg4ZLCfpor114icjo6KnAtPLhk4/R+xUllQBxcHTD2qh4 X-Received: by 2002:a50:950a:: with SMTP id u10mr16394458eda.68.1572210605063; Sun, 27 Oct 2019 14:10:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1572210605; cv=none; d=google.com; s=arc-20160816; b=A94Pyv54jbhIkiIWGCMGhUp5Z17hAu4M/TwlM62oLG1wPbD1FxxO7bSNct3fwLq+fG TTqCqo2cBhfpYMjyG3xW2ghTwzn3SAw2CWqt8bJs0uHjNBq8GMyv4HAg2p/J7QGlbeQp SmrtYliFef1XXpK3YO4/yEIpQvbDPyh5RwScWtJcQ0kzgy4nvbksOPLdmUZIziqJn0kz /LijQJ9JxtRQgBys7krhj54AuHFEjAcDz81D3za5CtTX3OsagNroCvRwJ/0XlSjZnNID FofYB0vTjMa86FdCcS1LJjw6PbzxJHb3N1fSEoOwYm7XbI4LKtpzrnlkq3yYaJmvSilo 8Ptg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=D+KpQWA3MLz+NazISVhX4Y8kSDouTlhnsg6Yn10zBP4=; b=WCJLkw4JpguhC2TrXiIFIbnS+y1oAS53yfaLwp2f4DhqRgLOuXv68KDl55k0gSH99U kxf8u7+Nfhocj5ro7/+vLjYeZ5utpccMVqsHhmxBvT3ELrdBLf3CyeNBW7n4L/ORUDR9 ckzXKL8omXIK8KDHqCFI1+v39oWf1ZEYY8iWpaF3hWnEl9gvMZgLajUKsgVFu6LJmpmh 40eIsVzUuc//2MvRWQvZKViw3NHcqpVMfAq5DwanSYTymOjn7LzCU9q1Sqdam3pFyLrm TgO+aKHEnDAmJFJLYD6pg4QGH+sBK9qR1nopRkoYM4sL+f/5bnWjr3HRELwdq94iS5nq ciXQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=iJg2mML4; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g2si5556436edn.415.2019.10.27.14.10.04; Sun, 27 Oct 2019 14:10:05 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=iJg2mML4; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729616AbfJ0VKD (ORCPT + 26 others); Sun, 27 Oct 2019 17:10:03 -0400 Received: from mail.kernel.org ([198.145.29.99]:56388 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729606AbfJ0VKA (ORCPT ); Sun, 27 Oct 2019 17:10:00 -0400 Received: from localhost (100.50.158.77.rev.sfr.net [77.158.50.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id EF08C2064A; Sun, 27 Oct 2019 21:09:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1572210599; bh=pXZAtazzLCACvaPEX4JchWnZpKx6+ZkzhKfFsgI1nTc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=iJg2mML4BqEjIWz3BT6X5HYLPL5v06+rc04CUq2HHfGqWgtRHcEmVFLuo7RVhrnFN DpLNBguwD9CBbYslROTjH7bl7kofqKX3EUz8zTyJ4P3uiTrd3eyVxUNj3gAnpqamla gKQA/h7d4zFMSymzEzZoqtGIzQ7WG9gLthhWt9qA= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org, stable@vger.kernel.org Cc: Greg Kroah-Hartman , Mark Rutland , Catalin Marinas , Suzuki K Poulose , Will Deacon , Ard Biesheuvel Subject: [PATCH 4.14 071/119] arm64: fix SSBS sanitization Date: Sun, 27 Oct 2019 22:00:48 +0100 Message-Id: <20191027203337.157715441@linuxfoundation.org> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20191027203259.948006506@linuxfoundation.org> References: <20191027203259.948006506@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Mark Rutland [ Upstream commit f54dada8274643e3ff4436df0ea124aeedc43cae ] In valid_user_regs() we treat SSBS as a RES0 bit, and consequently it is unexpectedly cleared when we restore a sigframe or fiddle with GPRs via ptrace. This patch fixes valid_user_regs() to account for this, updating the function to refer to the latest ARM ARM (ARM DDI 0487D.a). For AArch32 tasks, SSBS appears in bit 23 of SPSR_EL1, matching its position in the AArch32-native PSR format, and we don't need to translate it as we have to for DIT. There are no other bit assignments that we need to account for today. As the recent documentation describes the DIT bit, we can drop our comment regarding DIT. While removing SSBS from the RES0 masks, existing inconsistent whitespace is corrected. Fixes: d71be2b6c0e19180 ("arm64: cpufeature: Detect SSBS and advertise to userspace") Signed-off-by: Mark Rutland Cc: Catalin Marinas Cc: Suzuki K Poulose Cc: Will Deacon Signed-off-by: Will Deacon Signed-off-by: Ard Biesheuvel Signed-off-by: Greg Kroah-Hartman --- arch/arm64/kernel/ptrace.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) --- a/arch/arm64/kernel/ptrace.c +++ b/arch/arm64/kernel/ptrace.c @@ -1402,19 +1402,20 @@ asmlinkage void syscall_trace_exit(struc } /* - * SPSR_ELx bits which are always architecturally RES0 per ARM DDI 0487C.a - * We also take into account DIT (bit 24), which is not yet documented, and - * treat PAN and UAO as RES0 bits, as they are meaningless at EL0, and may be - * allocated an EL0 meaning in future. + * SPSR_ELx bits which are always architecturally RES0 per ARM DDI 0487D.a. + * We permit userspace to set SSBS (AArch64 bit 12, AArch32 bit 23) which is + * not described in ARM DDI 0487D.a. + * We treat PAN and UAO as RES0 bits, as they are meaningless at EL0, and may + * be allocated an EL0 meaning in future. * Userspace cannot use these until they have an architectural meaning. * Note that this follows the SPSR_ELx format, not the AArch32 PSR format. * We also reserve IL for the kernel; SS is handled dynamically. */ #define SPSR_EL1_AARCH64_RES0_BITS \ - (GENMASK_ULL(63,32) | GENMASK_ULL(27, 25) | GENMASK_ULL(23, 22) | \ - GENMASK_ULL(20, 10) | GENMASK_ULL(5, 5)) + (GENMASK_ULL(63, 32) | GENMASK_ULL(27, 25) | GENMASK_ULL(23, 22) | \ + GENMASK_ULL(20, 13) | GENMASK_ULL(11, 10) | GENMASK_ULL(5, 5)) #define SPSR_EL1_AARCH32_RES0_BITS \ - (GENMASK_ULL(63,32) | GENMASK_ULL(23, 22) | GENMASK_ULL(20,20)) + (GENMASK_ULL(63, 32) | GENMASK_ULL(22, 22) | GENMASK_ULL(20, 20)) static int valid_compat_regs(struct user_pt_regs *regs) {