Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/arch/aarch64 Not only the kernel thread, but also the us...
details: https://anonhg.NetBSD.org/src/rev/a80a26b2aee1
branches: trunk
changeset: 972318:a80a26b2aee1
user: ryo <ryo%NetBSD.org@localhost>
date: Sat May 23 18:08:58 2020 +0000
description:
Not only the kernel thread, but also the userland PAC keys
(APIA,APIB,APDA,APDB,APGA) are now randomly initialized at exec, and switched
when context switch.
userland programs are able to perform pointer authentication on ARMv8.3+PAC cpu.
reviewd by maxv@, thanks.
diffstat:
sys/arch/aarch64/aarch64/cpufunc.c | 8 ++--
sys/arch/aarch64/aarch64/cpuswitch.S | 54 +++++++++++++---------------
sys/arch/aarch64/aarch64/exec_machdep.c | 42 +++++++++++++++++++++-
sys/arch/aarch64/aarch64/genassym.cf | 14 ++++--
sys/arch/aarch64/aarch64/netbsd32_machdep.c | 6 ++-
sys/arch/aarch64/aarch64/vectors.S | 9 +---
sys/arch/aarch64/aarch64/vm_machdep.c | 22 +++++++++--
sys/arch/aarch64/include/armreg.h | 22 +++++++++++-
sys/arch/aarch64/include/machdep.h | 5 ++-
sys/arch/aarch64/include/proc.h | 13 +++---
10 files changed, 135 insertions(+), 60 deletions(-)
diffs (truncated from 435 to 300 lines):
diff -r b289226b070d -r a80a26b2aee1 sys/arch/aarch64/aarch64/cpufunc.c
--- a/sys/arch/aarch64/aarch64/cpufunc.c Sat May 23 17:28:27 2020 +0000
+++ b/sys/arch/aarch64/aarch64/cpufunc.c Sat May 23 18:08:58 2020 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: cpufunc.c,v 1.18 2020/05/15 04:55:40 ryo Exp $ */
+/* $NetBSD: cpufunc.c,v 1.19 2020/05/23 18:08:58 ryo Exp $ */
/*
* Copyright (c) 2017 Ryo Shimizu <ryo%nerv.org@localhost>
@@ -30,7 +30,7 @@
#include "opt_multiprocessor.h"
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: cpufunc.c,v 1.18 2020/05/15 04:55:40 ryo Exp $");
+__KERNEL_RCSID(0, "$NetBSD: cpufunc.c,v 1.19 2020/05/23 18:08:58 ryo Exp $");
#include <sys/param.h>
#include <sys/types.h>
@@ -474,8 +474,8 @@
return -1;
/* Set the key. Curlwp here is the CPU's idlelwp. */
- reg_APIAKeyLo_EL1_write(curlwp->l_md.md_ia_kern_lo);
- reg_APIAKeyHi_EL1_write(curlwp->l_md.md_ia_kern_hi);
+ reg_APIAKeyLo_EL1_write(curlwp->l_md.md_ia_kern[0]);
+ reg_APIAKeyHi_EL1_write(curlwp->l_md.md_ia_kern[1]);
return 0;
#else
diff -r b289226b070d -r a80a26b2aee1 sys/arch/aarch64/aarch64/cpuswitch.S
--- a/sys/arch/aarch64/aarch64/cpuswitch.S Sat May 23 17:28:27 2020 +0000
+++ b/sys/arch/aarch64/aarch64/cpuswitch.S Sat May 23 18:08:58 2020 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: cpuswitch.S,v 1.20 2020/05/22 19:29:26 ryo Exp $ */
+/* $NetBSD: cpuswitch.S,v 1.21 2020/05/23 18:08:59 ryo Exp $ */
/*-
* Copyright (c) 2014 The NetBSD Foundation, Inc.
@@ -38,7 +38,7 @@
#include "opt_ddb.h"
#include "opt_kasan.h"
-RCSID("$NetBSD: cpuswitch.S,v 1.20 2020/05/22 19:29:26 ryo Exp $")
+RCSID("$NetBSD: cpuswitch.S,v 1.21 2020/05/23 18:08:59 ryo Exp $")
ARMV8_DEFINE_OPTIONS
@@ -92,14 +92,27 @@
adrl x4, _C_LABEL(aarch64_pac_enabled)
ldr w4, [x4]
cbz w4, 1f
-#if L_MD_IA_KERN_LO + 8 == L_MD_IA_KERN_HI
- ldp x5, x6, [x1, #L_MD_IA_KERN_LO]
-#else
- ldr x5, [x1, #L_MD_IA_KERN_LO]
- ldr x6, [x1, #L_MD_IA_KERN_HI]
-#endif
+ ldp x5, x6, [x1, #L_MD_IA_KERN]
msr APIAKeyLo_EL1, x5
msr APIAKeyHi_EL1, x6
+
+ /* Other keys only need to be updated when switching to user process */
+ ldr w5, [x1, #L_FLAG]
+ and w5, w5, #LW_SYSTEM /* (lwp->l_flag & LW_SYSTEM) ? */
+ cbnz w5, 1f
+
+ ldp x5, x6, [x1, #L_MD_IB_USER]
+ msr APIBKeyLo_EL1, x5
+ msr APIBKeyHi_EL1, x6
+ ldp x5, x6, [x1, #L_MD_DA_USER]
+ msr APDAKeyLo_EL1, x5
+ msr APDAKeyHi_EL1, x6
+ ldp x5, x6, [x1, #L_MD_DB_USER]
+ msr APDBKeyLo_EL1, x5
+ msr APDBKeyHi_EL1, x6
+ ldp x5, x6, [x1, #L_MD_GA_USER]
+ msr APGAKeyLo_EL1, x5
+ msr APGAKeyHi_EL1, x6
1:
#endif
@@ -163,12 +176,7 @@
adrl x4, _C_LABEL(aarch64_pac_enabled)
ldr w4, [x4]
cbz w4, 1f
-#if L_MD_IA_KERN_LO + 8 == L_MD_IA_KERN_HI
- ldp x5, x6, [x0, #L_MD_IA_KERN_LO]
-#else
- ldr x5, [x0, #L_MD_IA_KERN_LO]
- ldr x6, [x0, #L_MD_IA_KERN_HI]
-#endif
+ ldp x5, x6, [x0, #L_MD_IA_KERN]
msr APIAKeyLo_EL1, x5
msr APIAKeyHi_EL1, x6
1:
@@ -209,12 +217,7 @@
adrl x4, _C_LABEL(aarch64_pac_enabled)
ldr w4, [x4]
cbz w4, 1f
-#if L_MD_IA_KERN_LO + 8 == L_MD_IA_KERN_HI
- ldp x5, x6, [x19, #L_MD_IA_KERN_LO]
-#else
- ldr x5, [x19, #L_MD_IA_KERN_LO]
- ldr x6, [x19, #L_MD_IA_KERN_HI]
-#endif
+ ldp x5, x6, [x19, #L_MD_IA_KERN]
msr APIAKeyLo_EL1, x5
msr APIAKeyHi_EL1, x6
1:
@@ -271,10 +274,10 @@
cbz w4, 1f
mov x26, x1
bl _C_LABEL(cprng_strong64)
- str x0, [x26, #L_MD_IA_KERN_LO]
+ str x0, [x26, #L_MD_IA_KERN]
msr APIAKeyLo_EL1, x0
bl _C_LABEL(cprng_strong64)
- str x0, [x26, #L_MD_IA_KERN_HI]
+ str x0, [x26, #(L_MD_IA_KERN + 8)]
msr APIAKeyHi_EL1, x0
1:
#endif
@@ -395,12 +398,7 @@
adrl x4, _C_LABEL(aarch64_pac_enabled)
ldr w4, [x4]
cbz w4, 1f
-#if L_MD_IA_USER_LO + 8 == L_MD_IA_USER_HI
- ldp x5, x6, [x9, #L_MD_IA_USER_LO]
-#else
- ldr x5, [x9, #L_MD_IA_USER_LO]
- ldr x6, [x9, #L_MD_IA_USER_HI]
-#endif
+ ldp x5, x6, [x9, #L_MD_IA_USER]
msr APIAKeyLo_EL1, x5
msr APIAKeyHi_EL1, x6
1:
diff -r b289226b070d -r a80a26b2aee1 sys/arch/aarch64/aarch64/exec_machdep.c
--- a/sys/arch/aarch64/aarch64/exec_machdep.c Sat May 23 17:28:27 2020 +0000
+++ b/sys/arch/aarch64/aarch64/exec_machdep.c Sat May 23 18:08:58 2020 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: exec_machdep.c,v 1.6 2019/11/24 11:45:00 rin Exp $ */
+/* $NetBSD: exec_machdep.c,v 1.7 2020/05/23 18:08:59 ryo Exp $ */
/*-
* Copyright (c) 2014 The NetBSD Foundation, Inc.
@@ -31,7 +31,7 @@
#include <sys/cdefs.h>
-__KERNEL_RCSID(1, "$NetBSD: exec_machdep.c,v 1.6 2019/11/24 11:45:00 rin Exp $");
+__KERNEL_RCSID(1, "$NetBSD: exec_machdep.c,v 1.7 2020/05/23 18:08:59 ryo Exp $");
#include "opt_compat_netbsd.h"
#include "opt_compat_netbsd32.h"
@@ -40,6 +40,7 @@
#include <sys/systm.h>
#include <sys/proc.h>
#include <sys/exec.h>
+#include <sys/cprng.h>
#include <uvm/uvm_extern.h>
@@ -51,7 +52,9 @@
#endif
#include <aarch64/armreg.h>
+#include <aarch64/cpufunc.h>
#include <aarch64/frame.h>
+#include <aarch64/machdep.h>
#if EXEC_ELF64
int
@@ -97,11 +100,46 @@
#endif
void
+aarch64_setregs_ptrauth(struct lwp *l, bool randomize)
+{
+#ifdef ARMV83_PAC
+ if (!aarch64_pac_enabled)
+ return;
+
+ if (randomize) {
+ cprng_strong(kern_cprng, l->l_md.md_ia_user,
+ sizeof(l->l_md.md_ia_user), 0);
+ cprng_strong(kern_cprng, l->l_md.md_ib_user,
+ sizeof(l->l_md.md_ib_user), 0);
+ cprng_strong(kern_cprng, l->l_md.md_da_user,
+ sizeof(l->l_md.md_da_user), 0);
+ cprng_strong(kern_cprng, l->l_md.md_db_user,
+ sizeof(l->l_md.md_db_user), 0);
+ cprng_strong(kern_cprng, l->l_md.md_ga_user,
+ sizeof(l->l_md.md_ga_user), 0);
+ } else {
+ memset(l->l_md.md_ia_user, 0,
+ sizeof(l->l_md.md_ia_user));
+ memset(l->l_md.md_ib_user, 0,
+ sizeof(l->l_md.md_ib_user));
+ memset(l->l_md.md_da_user, 0,
+ sizeof(l->l_md.md_da_user));
+ memset(l->l_md.md_db_user, 0,
+ sizeof(l->l_md.md_db_user));
+ memset(l->l_md.md_ga_user, 0,
+ sizeof(l->l_md.md_ga_user));
+ }
+#endif
+}
+
+void
setregs(struct lwp *l, struct exec_package *pack, vaddr_t stack)
{
struct proc * const p = l->l_proc;
struct trapframe * const tf = l->l_md.md_utf;
+ aarch64_setregs_ptrauth(l, true);
+
p->p_flag &= ~PK_32;
/*
diff -r b289226b070d -r a80a26b2aee1 sys/arch/aarch64/aarch64/genassym.cf
--- a/sys/arch/aarch64/aarch64/genassym.cf Sat May 23 17:28:27 2020 +0000
+++ b/sys/arch/aarch64/aarch64/genassym.cf Sat May 23 18:08:58 2020 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: genassym.cf,v 1.24 2020/05/15 04:55:40 ryo Exp $
+# $NetBSD: genassym.cf,v 1.25 2020/05/23 18:08:59 ryo Exp $
#-
# Copyright (c) 2014 The NetBSD Foundation, Inc.
# All rights reserved.
@@ -144,16 +144,20 @@
# Important offsets into the lwp and proc structs & associated constants
define L_PCB offsetof(struct lwp, l_addr)
define L_CPU offsetof(struct lwp, l_cpu)
+define L_FLAG offsetof(struct lwp, l_flag)
define L_PROC offsetof(struct lwp, l_proc)
define L_PRIVATE offsetof(struct lwp, l_private)
define L_MD_FLAGS offsetof(struct lwp, l_md.md_flags)
define L_MD_UTF offsetof(struct lwp, l_md.md_utf)
define L_MD_CPACR offsetof(struct lwp, l_md.md_cpacr)
define L_MD_ONFAULT offsetof(struct lwp, l_md.md_onfault)
-define L_MD_IA_KERN_LO offsetof(struct lwp, l_md.md_ia_kern_lo)
-define L_MD_IA_KERN_HI offsetof(struct lwp, l_md.md_ia_kern_hi)
-define L_MD_IA_USER_LO offsetof(struct lwp, l_md.md_ia_user_lo)
-define L_MD_IA_USER_HI offsetof(struct lwp, l_md.md_ia_user_hi)
+define L_MD_IA_KERN offsetof(struct lwp, l_md.md_ia_kern)
+define L_MD_IA_USER offsetof(struct lwp, l_md.md_ia_user)
+define L_MD_IB_USER offsetof(struct lwp, l_md.md_ib_user)
+define L_MD_DA_USER offsetof(struct lwp, l_md.md_da_user)
+define L_MD_DB_USER offsetof(struct lwp, l_md.md_db_user)
+define L_MD_GA_USER offsetof(struct lwp, l_md.md_ga_user)
+define LW_SYSTEM LW_SYSTEM
define FB_X19 FB_X19
define FB_X20 FB_X20
diff -r b289226b070d -r a80a26b2aee1 sys/arch/aarch64/aarch64/netbsd32_machdep.c
--- a/sys/arch/aarch64/aarch64/netbsd32_machdep.c Sat May 23 17:28:27 2020 +0000
+++ b/sys/arch/aarch64/aarch64/netbsd32_machdep.c Sat May 23 18:08:58 2020 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: netbsd32_machdep.c,v 1.12 2020/04/23 17:21:53 skrll Exp $ */
+/* $NetBSD: netbsd32_machdep.c,v 1.13 2020/05/23 18:08:59 ryo Exp $ */
/*
* Copyright (c) 2018 Ryo Shimizu <ryo%nerv.org@localhost>
@@ -27,7 +27,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: netbsd32_machdep.c,v 1.12 2020/04/23 17:21:53 skrll Exp $");
+__KERNEL_RCSID(0, "$NetBSD: netbsd32_machdep.c,v 1.13 2020/05/23 18:08:59 ryo Exp $");
#if defined(_KERNEL_OPT)
#include "opt_compat_netbsd.h"
@@ -63,6 +63,8 @@
struct proc * const p = l->l_proc;
struct trapframe * const tf = l->l_md.md_utf;
+ aarch64_setregs_ptrauth(l, false);
+
p->p_flag |= PK_32;
/*
diff -r b289226b070d -r a80a26b2aee1 sys/arch/aarch64/aarch64/vectors.S
--- a/sys/arch/aarch64/aarch64/vectors.S Sat May 23 17:28:27 2020 +0000
+++ b/sys/arch/aarch64/aarch64/vectors.S Sat May 23 18:08:58 2020 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: vectors.S,v 1.16 2020/05/15 09:08:10 ryo Exp $ */
+/* $NetBSD: vectors.S,v 1.17 2020/05/23 18:08:59 ryo Exp $ */
#include <aarch64/asm.h>
#include "assym.h"
@@ -91,12 +91,7 @@
adrl x4, _C_LABEL(aarch64_pac_enabled)
ldr w4, [x4]
cbz w4, 1f
-#if L_MD_IA_KERN_LO + 8 == L_MD_IA_KERN_HI
- ldp x5, x6, [x1, #L_MD_IA_KERN_LO]
-#else
- ldr x5, [x1, #L_MD_IA_KERN_LO]
- ldr x6, [x1, #L_MD_IA_KERN_HI]
-#endif
+ ldp x5, x6, [x1, #L_MD_IA_KERN]
Home |
Main Index |
Thread Index |
Old Index