| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZS_WHHnWzfkKtJWs@FVFF77S0Q05N.cambridge.arm.com>
Date: Wed, 18 Oct 2023 13:57:00 +0100
From: Mark Rutland <mark.rutland@....com>
To: Andrea della Porta <andrea.porta@...e.com>
Cc: Catalin Marinas <catalin.marinas@....com>,
Will Deacon <will@...nel.org>,
linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
nik.borisov@...e.com
Subject: Re: [PATCH 3/4] arm64/entry-common: Make Aarch32 syscalls'
availability depend on aarch32_enabled()
On Wed, Oct 18, 2023 at 01:13:21PM +0200, Andrea della Porta wrote:
> Another major aspect of supporting running of 32bit processes is the
> ability to access 32bit syscalls. Such syscalls can be invoked by
> using the svc instruction.
>
> If Aarch32 emulation is disabled ensure that calling svc results
> in the same behavior as if CONFIG_COMPAT has not been enabled (i.e.
> a kernel panic).
It's not "emulation" it's directly supported by the hardware.
>
> Signed-off-by: Andrea della Porta <andrea.porta@...e.com>
> ---
> arch/arm64/kernel/entry-common.c | 25 ++++++++++++++++++++++---
> 1 file changed, 22 insertions(+), 3 deletions(-)
>
> diff --git a/arch/arm64/kernel/entry-common.c b/arch/arm64/kernel/entry-common.c
> index 69ff9b8c0bde..32761760d9dd 100644
> --- a/arch/arm64/kernel/entry-common.c
> +++ b/arch/arm64/kernel/entry-common.c
> @@ -802,6 +802,11 @@ asmlinkage void noinstr el0t_64_error_handler(struct pt_regs *regs)
> }
>
> #ifdef CONFIG_COMPAT
> +UNHANDLED(el0t, 32, sync_ni)
> +UNHANDLED(el0t, 32, irq_ni)
> +UNHANDLED(el0t, 32, fiq_ni)
> +UNHANDLED(el0t, 32, error_ni)
IRQ, FIQ, and SError are not syscalls, so the commit title is bad.
> +
> static void noinstr el0_cp15(struct pt_regs *regs, unsigned long esr)
> {
> enter_from_user_mode(regs);
> @@ -821,6 +826,11 @@ static void noinstr el0_svc_compat(struct pt_regs *regs)
>
> asmlinkage void noinstr el0t_32_sync_handler(struct pt_regs *regs)
> {
> + if (!aarch32_enabled()) {
> + el0t_32_sync_ni_handler(regs);
> + return;
> + }
Why do we have to do this at all?
If we don't have AArch32 tasks, these paths are unreachable. Why do we need to
check that they aren't called?
Mark.
> +
> unsigned long esr = read_sysreg(esr_el1);
>
> switch (ESR_ELx_EC(esr)) {
> @@ -865,17 +875,26 @@ asmlinkage void noinstr el0t_32_sync_handler(struct pt_regs *regs)
>
> asmlinkage void noinstr el0t_32_irq_handler(struct pt_regs *regs)
> {
> - __el0_irq_handler_common(regs);
> + if (!aarch32_enabled())
> + el0t_32_irq_ni_handler(regs);
> + else
> + __el0_irq_handler_common(regs);
> }
>
> asmlinkage void noinstr el0t_32_fiq_handler(struct pt_regs *regs)
> {
> - __el0_fiq_handler_common(regs);
> + if (!aarch32_enabled())
> + el0t_32_fiq_ni_handler(regs);
> + else
> + __el0_fiq_handler_common(regs);
> }
>
> asmlinkage void noinstr el0t_32_error_handler(struct pt_regs *regs)
> {
> - __el0_error_handler_common(regs);
> + if (!aarch32_enabled())
> + el0t_32_error_ni_handler(regs);
> + else
> + __el0_error_handler_common(regs);
> }
>
> bool __aarch32_enabled __ro_after_init = true;
> --
> 2.35.3
>
Powered by blists - more mailing lists