From patchwork Tue Apr 3 11:09:05 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Rutland X-Patchwork-Id: 132737 Delivered-To: patch@linaro.org Received: by 10.46.84.29 with SMTP id i29csp3666820ljb; Tue, 3 Apr 2018 04:10:57 -0700 (PDT) X-Google-Smtp-Source: AIpwx4+zs9LXlrX3IFvBtMrNFJjNpzrKGoAa/9Y0OWaZ7/COeBkZ+kRSBpwvvp92XFWACHd3tBqz X-Received: by 2002:a17:902:6984:: with SMTP id l4-v6mr14148752plk.61.1522753856950; Tue, 03 Apr 2018 04:10:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1522753856; cv=none; d=google.com; s=arc-20160816; b=e9BiceIM7c5wn1QOPaCgg6YeSokEis1uishXPZH/wXEcl15A5RfOVZ/WUQIYbNtR7J cxk8GvupMYJIjdmtIGFvlWIx0YL5AxFX09umLvjLAnBlaaFL36HkqbhNp09dTiFCwN04 xFcsUKS03W0knJOao8JiNS/UFy7yc2ac2wP67Lhwt0OEtvRsH35qqx6k0uIH8FxQPLDa mTQVYLmT6LToRtYnPdIb1p+xjUqe4dKif5DzmMvr5NGyKT5wP0k8BNh64liIXaeJFKl3 +lGYtinDpvvUstPFYfVaoYuROcImyG7pn8S7DfALZi3TWguMfr3iTpSavyCx2MCpb8el FFAQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:arc-authentication-results; bh=9nygfsDsyRjriGFwkLzZ5wuocQewr6CBS18ei7IRwM8=; b=nxaN+cCxSekG2PXTf4MglfLWNDqmITq1R1sE8l0OHWNC8FcKKtFerqzGc18LInnBO8 mDJxtEulOzcj6fiIooYtLc44kwQCbbS9JEvhoqe33hKhloup4OKmzH+oXupJ0jLIW+QI tUx82YHj3sKjiJqlpG3Gnu1zIz4cmS83WM/tKXkEJxK8fjzEgxfRDgBfxoojPaikAX5j UQZD5w+3zcwQTVZFJNnUNomJkPeP57DkNHv5MN0TuG0/2RbFdUwiQsqIJTlhyURkuiJj ZmVDTySVN5uLmPYm215xeiHA9CeNaYn2O6VvYbbrLFMBFOMyAl5wSU3GKsr0Wmy9+x4k uCIA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=stable-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q9-v6si295691plr.273.2018.04.03.04.10.56; Tue, 03 Apr 2018 04:10:56 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=stable-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755172AbeDCLKy (ORCPT + 11 others); Tue, 3 Apr 2018 07:10:54 -0400 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:59328 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755443AbeDCLKE (ORCPT ); Tue, 3 Apr 2018 07:10:04 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id A885A1435; Tue, 3 Apr 2018 04:10:03 -0700 (PDT) Received: from lakrids.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.72.51.249]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 77AB13F587; Tue, 3 Apr 2018 04:10:02 -0700 (PDT) From: Mark Rutland To: stable@vger.kernel.org Cc: mark.brown@linaro.org, ard.biesheuvel@linaro.org, marc.zyngier@arm.com, will.deacon@arm.com Subject: [PATCH v4.9.y 09/27] arm64: mm: Map entry trampoline into trampoline and kernel page tables Date: Tue, 3 Apr 2018 12:09:05 +0100 Message-Id: <20180403110923.43575-10-mark.rutland@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180403110923.43575-1-mark.rutland@arm.com> References: <20180403110923.43575-1-mark.rutland@arm.com> Sender: stable-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: Will Deacon commit 51a0048beb44 upstream. The exception entry trampoline needs to be mapped at the same virtual address in both the trampoline page table (which maps nothing else) and also the kernel page table, so that we can swizzle TTBR1_EL1 on exceptions from and return to EL0. This patch maps the trampoline at a fixed virtual address in the fixmap area of the kernel virtual address space, which allows the kernel proper to be randomized with respect to the trampoline when KASLR is enabled. Reviewed-by: Mark Rutland Tested-by: Laura Abbott Tested-by: Shanker Donthineni Signed-off-by: Will Deacon Signed-off-by: Alex Shi Reviewed-by: Mark Rutland [v4.9 backport] --- arch/arm64/include/asm/fixmap.h | 5 +++++ arch/arm64/include/asm/pgtable.h | 1 + arch/arm64/kernel/asm-offsets.c | 6 +++++- arch/arm64/mm/mmu.c | 23 +++++++++++++++++++++++ 4 files changed, 34 insertions(+), 1 deletion(-) -- 2.11.0 Signed-off-by: Mark Rutland [v4.9 backport] diff --git a/arch/arm64/include/asm/fixmap.h b/arch/arm64/include/asm/fixmap.h index caf86be815ba..7b1d88c18143 100644 --- a/arch/arm64/include/asm/fixmap.h +++ b/arch/arm64/include/asm/fixmap.h @@ -51,6 +51,11 @@ enum fixed_addresses { FIX_EARLYCON_MEM_BASE, FIX_TEXT_POKE0, + +#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 + FIX_ENTRY_TRAMP_TEXT, +#define TRAMP_VALIAS (__fix_to_virt(FIX_ENTRY_TRAMP_TEXT)) +#endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */ __end_of_permanent_fixed_addresses, /* diff --git a/arch/arm64/include/asm/pgtable.h b/arch/arm64/include/asm/pgtable.h index 7acd3c5c7643..3a30a3994e4a 100644 --- a/arch/arm64/include/asm/pgtable.h +++ b/arch/arm64/include/asm/pgtable.h @@ -692,6 +692,7 @@ static inline void pmdp_set_wrprotect(struct mm_struct *mm, extern pgd_t swapper_pg_dir[PTRS_PER_PGD]; extern pgd_t idmap_pg_dir[PTRS_PER_PGD]; +extern pgd_t tramp_pg_dir[PTRS_PER_PGD]; /* * Encode and decode a swap entry: diff --git a/arch/arm64/kernel/asm-offsets.c b/arch/arm64/kernel/asm-offsets.c index c58ddf8c4062..5f4bf3c6f016 100644 --- a/arch/arm64/kernel/asm-offsets.c +++ b/arch/arm64/kernel/asm-offsets.c @@ -24,6 +24,7 @@ #include #include #include +#include #include #include #include @@ -144,11 +145,14 @@ int main(void) DEFINE(ARM_SMCCC_RES_X2_OFFS, offsetof(struct arm_smccc_res, a2)); DEFINE(ARM_SMCCC_QUIRK_ID_OFFS, offsetof(struct arm_smccc_quirk, id)); DEFINE(ARM_SMCCC_QUIRK_STATE_OFFS, offsetof(struct arm_smccc_quirk, state)); - BLANK(); DEFINE(HIBERN_PBE_ORIG, offsetof(struct pbe, orig_address)); DEFINE(HIBERN_PBE_ADDR, offsetof(struct pbe, address)); DEFINE(HIBERN_PBE_NEXT, offsetof(struct pbe, next)); DEFINE(ARM64_FTR_SYSVAL, offsetof(struct arm64_ftr_reg, sys_val)); + BLANK(); +#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 + DEFINE(TRAMP_VALIAS, TRAMP_VALIAS); +#endif return 0; } diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c index 638f7f2bd79c..3a57fec16b32 100644 --- a/arch/arm64/mm/mmu.c +++ b/arch/arm64/mm/mmu.c @@ -419,6 +419,29 @@ static void __init map_kernel_segment(pgd_t *pgd, void *va_start, void *va_end, vm_area_add_early(vma); } +#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 +static int __init map_entry_trampoline(void) +{ + extern char __entry_tramp_text_start[]; + + pgprot_t prot = rodata_enabled ? PAGE_KERNEL_ROX : PAGE_KERNEL_EXEC; + phys_addr_t pa_start = __pa_symbol(__entry_tramp_text_start); + + /* The trampoline is always mapped and can therefore be global */ + pgprot_val(prot) &= ~PTE_NG; + + /* Map only the text into the trampoline page table */ + memset(tramp_pg_dir, 0, PGD_SIZE); + __create_pgd_mapping(tramp_pg_dir, pa_start, TRAMP_VALIAS, PAGE_SIZE, + prot, pgd_pgtable_alloc, 0); + + /* ...as well as the kernel page table */ + __set_fixmap(FIX_ENTRY_TRAMP_TEXT, pa_start, prot); + return 0; +} +core_initcall(map_entry_trampoline); +#endif + /* * Create fine-grained mappings for the kernel. */