From patchwork Thu Oct 10 08:36:39 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Greg KH X-Patchwork-Id: 175729 Delivered-To: patch@linaro.org Received: by 2002:a92:7e96:0:0:0:0:0 with SMTP id q22csp1984567ill; Thu, 10 Oct 2019 01:49:46 -0700 (PDT) X-Google-Smtp-Source: APXvYqyrhxjXjCMov/z3jTNw1YqNnxx0muT7LCptLFh1pAje94yaAqSvuWvgWSdxFSFg0o6/AJah X-Received: by 2002:a50:cbcd:: with SMTP id l13mr6979114edi.18.1570697386851; Thu, 10 Oct 2019 01:49:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1570697386; cv=none; d=google.com; s=arc-20160816; b=G+syXxeTnUhAy9VxMKii4788mZf/CboVkACd0yd167JqVYaOvZzxKHR4cvIiOq1iq6 ocj8TjxeYZ3D21MU2jFb4++9Um4ed/0yzQCvdbkVelQsd0/moAimgm8y1dJRuJ66NpYh JNlTJ6Fme8SQVTNnTg8z40qUSjBmkU5zYV54sNWyOMFxcNiqreoPNsxAH40iF404arNQ TdIe+fmElGlzAQL+2gv2CH7obbBsdubyXc4GiueXlfKsx/uBQuVUO3hmbPVGmtrhNYR0 qae1wqewuMiHSHUgcWeXYqQqNp87BlY/5C6zzunfkwuuyqpojVIlpjt5OLmKTXZ7bjaX P7WA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=DPWjoIvMfPUdpBvyn3VyfSXEUJnbkiRamQ1oydr3Kg0=; b=JSSUUUXyjcUMJEoU5ZG/93NQmHZUw+FSQdKmOoQDcE8gYx1r87egnPRzq5gAq15mcx YAMNeM5ll7lGFGi19kxeow1iPb2Z3fp4bS51+N9JoqirCKPqOhgP23F+CKIdjxcOHz02 3fSDDdNrUu0lYeihWc0TaIkI9En8xQGQeCMSZaG2k1ltCTmGSHFAPhzZQokE27j6rGk0 f05dD8VcE5Hj4NNvjZ8vtSm0o8X9oSnCS/m5gsql+HbAyrpTsXyurdwyqQ/UqaCTmEEG wyEuAP4gLJmV2/2WwzRHTFbXD3Rkv4tyYjWaLh+5h73ZjzI1kueA3RHOaqC0bGHSFYCT Qa+A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="H5m/ljzz"; spf=pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=stable-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m24si2573831ejx.286.2019.10.10.01.49.46; Thu, 10 Oct 2019 01:49:46 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="H5m/ljzz"; spf=pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=stable-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2389848AbfJJItm (ORCPT + 13 others); Thu, 10 Oct 2019 04:49:42 -0400 Received: from mail.kernel.org ([198.145.29.99]:56414 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2389843AbfJJItm (ORCPT ); Thu, 10 Oct 2019 04:49:42 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id BEC562064A; Thu, 10 Oct 2019 08:49:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1570697381; bh=uJMfqKzJmIl0AHWLDzSnls3gFjyu1Z+VHOUsfZ8MtdI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=H5m/ljzzYCiUWnQBq+oJ4e+HRidQZ2EjXhhy/8Vqx5dciuQ0jZfzf1nmWC9cYolNq OSjasseeR9Oyyzfd0FUz+gQW8pCLBp+iCsCYvpLq2h46PjvmzRgjHjfy+IytkMS4BO it7N9ZOMNUzYSeX4vBFvtHLjrVSZtQh6CHOxu9e8= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Mark Rutland , Catalin Marinas , Suzuki K Poulose , Will Deacon , Ard Biesheuvel Subject: [PATCH 4.19 092/114] arm64: fix SSBS sanitization Date: Thu, 10 Oct 2019 10:36:39 +0200 Message-Id: <20191010083612.970579789@linuxfoundation.org> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20191010083544.711104709@linuxfoundation.org> References: <20191010083544.711104709@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Sender: stable-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: Mark Rutland [ Upstream commit f54dada8274643e3ff4436df0ea124aeedc43cae ] In valid_user_regs() we treat SSBS as a RES0 bit, and consequently it is unexpectedly cleared when we restore a sigframe or fiddle with GPRs via ptrace. This patch fixes valid_user_regs() to account for this, updating the function to refer to the latest ARM ARM (ARM DDI 0487D.a). For AArch32 tasks, SSBS appears in bit 23 of SPSR_EL1, matching its position in the AArch32-native PSR format, and we don't need to translate it as we have to for DIT. There are no other bit assignments that we need to account for today. As the recent documentation describes the DIT bit, we can drop our comment regarding DIT. While removing SSBS from the RES0 masks, existing inconsistent whitespace is corrected. Fixes: d71be2b6c0e19180 ("arm64: cpufeature: Detect SSBS and advertise to userspace") Signed-off-by: Mark Rutland Cc: Catalin Marinas Cc: Suzuki K Poulose Cc: Will Deacon Signed-off-by: Will Deacon Signed-off-by: Ard Biesheuvel Signed-off-by: Greg Kroah-Hartman --- arch/arm64/kernel/ptrace.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) --- a/arch/arm64/kernel/ptrace.c +++ b/arch/arm64/kernel/ptrace.c @@ -1666,19 +1666,20 @@ void syscall_trace_exit(struct pt_regs * } /* - * SPSR_ELx bits which are always architecturally RES0 per ARM DDI 0487C.a - * We also take into account DIT (bit 24), which is not yet documented, and - * treat PAN and UAO as RES0 bits, as they are meaningless at EL0, and may be - * allocated an EL0 meaning in future. + * SPSR_ELx bits which are always architecturally RES0 per ARM DDI 0487D.a. + * We permit userspace to set SSBS (AArch64 bit 12, AArch32 bit 23) which is + * not described in ARM DDI 0487D.a. + * We treat PAN and UAO as RES0 bits, as they are meaningless at EL0, and may + * be allocated an EL0 meaning in future. * Userspace cannot use these until they have an architectural meaning. * Note that this follows the SPSR_ELx format, not the AArch32 PSR format. * We also reserve IL for the kernel; SS is handled dynamically. */ #define SPSR_EL1_AARCH64_RES0_BITS \ - (GENMASK_ULL(63,32) | GENMASK_ULL(27, 25) | GENMASK_ULL(23, 22) | \ - GENMASK_ULL(20, 10) | GENMASK_ULL(5, 5)) + (GENMASK_ULL(63, 32) | GENMASK_ULL(27, 25) | GENMASK_ULL(23, 22) | \ + GENMASK_ULL(20, 13) | GENMASK_ULL(11, 10) | GENMASK_ULL(5, 5)) #define SPSR_EL1_AARCH32_RES0_BITS \ - (GENMASK_ULL(63,32) | GENMASK_ULL(23, 22) | GENMASK_ULL(20,20)) + (GENMASK_ULL(63, 32) | GENMASK_ULL(22, 22) | GENMASK_ULL(20, 20)) static int valid_compat_regs(struct user_pt_regs *regs) {