| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20220406164546.1888528-34-james.morse@arm.com>
Date: Wed, 6 Apr 2022 17:45:37 +0100
From: James Morse <james.morse@....com>
To: linux-kernel@...r.kernel.org, stable@...r.kernel.org
Cc: James Morse <james.morse@....com>,
Catalin Marinas <catalin.marinas@....com>
Subject: [stable:PATCH v4.9.309 34/43] arm64: entry: Add non-kpti __bp_harden_el1_vectors for mitigations
commit aff65393fa1401e034656e349abd655cfe272de0 upstream.
kpti is an optional feature, for systems not using kpti a set of
vectors for the spectre-bhb mitigations is needed.
Add another set of vectors, __bp_harden_el1_vectors, that will be
used if a mitigation is needed and kpti is not in use.
The EL1 ventries are repeated verbatim as there is no additional
work needed for entry from EL1.
Reviewed-by: Russell King (Oracle) <rmk+kernel@...linux.org.uk>
Reviewed-by: Catalin Marinas <catalin.marinas@....com>
Signed-off-by: James Morse <james.morse@....com>
---
arch/arm64/kernel/entry.S | 34 +++++++++++++++++++++++++++++++++-
1 file changed, 33 insertions(+), 1 deletion(-)
diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S
index b9a757216a80..b732480007a4 100644
--- a/arch/arm64/kernel/entry.S
+++ b/arch/arm64/kernel/entry.S
@@ -924,10 +924,11 @@ __ni_sys_trace:
.macro tramp_ventry, vector_start, regsize, kpti
.align 7
1:
- .if \kpti == 1
.if \regsize == 64
msr tpidrro_el0, x30 // Restored in kernel_ventry
.endif
+
+ .if \kpti == 1
/*
* Defend against branch aliasing attacks by pushing a dummy
* entry onto the return stack and using a RET instruction to
@@ -1010,6 +1011,37 @@ __entry_tramp_data_start:
#endif /* CONFIG_RANDOMIZE_BASE */
#endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */
+/*
+ * Exception vectors for spectre mitigations on entry from EL1 when
+ * kpti is not in use.
+ */
+ .macro generate_el1_vector
+.Lvector_start\@:
+ kernel_ventry 1, sync_invalid // Synchronous EL1t
+ kernel_ventry 1, irq_invalid // IRQ EL1t
+ kernel_ventry 1, fiq_invalid // FIQ EL1t
+ kernel_ventry 1, error_invalid // Error EL1t
+
+ kernel_ventry 1, sync // Synchronous EL1h
+ kernel_ventry 1, irq // IRQ EL1h
+ kernel_ventry 1, fiq_invalid // FIQ EL1h
+ kernel_ventry 1, error_invalid // Error EL1h
+
+ .rept 4
+ tramp_ventry .Lvector_start\@, 64, kpti=0
+ .endr
+ .rept 4
+ tramp_ventry .Lvector_start\@, 32, kpti=0
+ .endr
+ .endm
+
+ .pushsection ".entry.text", "ax"
+ .align 11
+ENTRY(__bp_harden_el1_vectors)
+ generate_el1_vector
+END(__bp_harden_el1_vectors)
+ .popsection
+
/*
* Special system call wrappers.
*/
--
2.30.2
Powered by blists - more mailing lists