diff options
| author | Mark Rutland <mark.rutland@arm.com> | 2019-02-15 11:34:27 -0500 |
|---|---|---|
| committer | Will Deacon <will.deacon@arm.com> | 2019-02-18 05:54:47 -0500 |
| commit | f54dada8274643e3ff4436df0ea124aeedc43cae (patch) | |
| tree | e961c2e2c6c983925f2508b3b8c07e0797c00cda | |
| parent | a3b22b9f11d9fbc48b0291ea92259a5a810e9438 (diff) | |
arm64: fix SSBS sanitization
In valid_user_regs() we treat SSBS as a RES0 bit, and consequently it is
unexpectedly cleared when we restore a sigframe or fiddle with GPRs via
ptrace.
This patch fixes valid_user_regs() to account for this, updating the
function to refer to the latest ARM ARM (ARM DDI 0487D.a). For AArch32
tasks, SSBS appears in bit 23 of SPSR_EL1, matching its position in the
AArch32-native PSR format, and we don't need to translate it as we have
to for DIT.
There are no other bit assignments that we need to account for today.
As the recent documentation describes the DIT bit, we can drop our
comment regarding DIT.
While removing SSBS from the RES0 masks, existing inconsistent
whitespace is corrected.
Fixes: d71be2b6c0e19180 ("arm64: cpufeature: Detect SSBS and advertise to userspace")
Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Suzuki K Poulose <suzuki.poulose@arm.com>
Cc: Will Deacon <will.deacon@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
| -rw-r--r-- | arch/arm64/kernel/ptrace.c | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/arch/arm64/kernel/ptrace.c b/arch/arm64/kernel/ptrace.c index 9dce33b0e260..ddaea0fd2fa4 100644 --- a/arch/arm64/kernel/ptrace.c +++ b/arch/arm64/kernel/ptrace.c | |||
| @@ -1702,19 +1702,20 @@ void syscall_trace_exit(struct pt_regs *regs) | |||
| 1702 | } | 1702 | } |
| 1703 | 1703 | ||
| 1704 | /* | 1704 | /* |
| 1705 | * SPSR_ELx bits which are always architecturally RES0 per ARM DDI 0487C.a | 1705 | * SPSR_ELx bits which are always architecturally RES0 per ARM DDI 0487D.a. |
| 1706 | * We also take into account DIT (bit 24), which is not yet documented, and | 1706 | * We permit userspace to set SSBS (AArch64 bit 12, AArch32 bit 23) which is |
| 1707 | * treat PAN and UAO as RES0 bits, as they are meaningless at EL0, and may be | 1707 | * not described in ARM DDI 0487D.a. |
| 1708 | * allocated an EL0 meaning in future. | 1708 | * We treat PAN and UAO as RES0 bits, as they are meaningless at EL0, and may |
| 1709 | * be allocated an EL0 meaning in future. | ||
| 1709 | * Userspace cannot use these until they have an architectural meaning. | 1710 | * Userspace cannot use these until they have an architectural meaning. |
| 1710 | * Note that this follows the SPSR_ELx format, not the AArch32 PSR format. | 1711 | * Note that this follows the SPSR_ELx format, not the AArch32 PSR format. |
| 1711 | * We also reserve IL for the kernel; SS is handled dynamically. | 1712 | * We also reserve IL for the kernel; SS is handled dynamically. |
| 1712 | */ | 1713 | */ |
| 1713 | #define SPSR_EL1_AARCH64_RES0_BITS \ | 1714 | #define SPSR_EL1_AARCH64_RES0_BITS \ |
| 1714 | (GENMASK_ULL(63,32) | GENMASK_ULL(27, 25) | GENMASK_ULL(23, 22) | \ | 1715 | (GENMASK_ULL(63, 32) | GENMASK_ULL(27, 25) | GENMASK_ULL(23, 22) | \ |
| 1715 | GENMASK_ULL(20, 10) | GENMASK_ULL(5, 5)) | 1716 | GENMASK_ULL(20, 13) | GENMASK_ULL(11, 10) | GENMASK_ULL(5, 5)) |
| 1716 | #define SPSR_EL1_AARCH32_RES0_BITS \ | 1717 | #define SPSR_EL1_AARCH32_RES0_BITS \ |
| 1717 | (GENMASK_ULL(63,32) | GENMASK_ULL(23, 22) | GENMASK_ULL(20,20)) | 1718 | (GENMASK_ULL(63, 32) | GENMASK_ULL(22, 22) | GENMASK_ULL(20, 20)) |
| 1718 | 1719 | ||
| 1719 | static int valid_compat_regs(struct user_pt_regs *regs) | 1720 | static int valid_compat_regs(struct user_pt_regs *regs) |
| 1720 | { | 1721 | { |