lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20240203-arm64-gcs-v8-4-c9fec77673ef@kernel.org>
Date: Sat, 03 Feb 2024 12:25:30 +0000
From: Mark Brown <broonie@...nel.org>
To: Catalin Marinas <catalin.marinas@....com>, 
 Will Deacon <will@...nel.org>, Jonathan Corbet <corbet@....net>, 
 Andrew Morton <akpm@...ux-foundation.org>, Marc Zyngier <maz@...nel.org>, 
 Oliver Upton <oliver.upton@...ux.dev>, James Morse <james.morse@....com>, 
 Suzuki K Poulose <suzuki.poulose@....com>, Arnd Bergmann <arnd@...db.de>, 
 Oleg Nesterov <oleg@...hat.com>, Eric Biederman <ebiederm@...ssion.com>, 
 Kees Cook <keescook@...omium.org>, Shuah Khan <shuah@...nel.org>, 
 "Rick P. Edgecombe" <rick.p.edgecombe@...el.com>, 
 Deepak Gupta <debug@...osinc.com>, Ard Biesheuvel <ardb@...nel.org>, 
 Szabolcs Nagy <Szabolcs.Nagy@....com>
Cc: "H.J. Lu" <hjl.tools@...il.com>, 
 Paul Walmsley <paul.walmsley@...ive.com>, 
 Palmer Dabbelt <palmer@...belt.com>, Albert Ou <aou@...s.berkeley.edu>, 
 Florian Weimer <fweimer@...hat.com>, Christian Brauner <brauner@...nel.org>, 
 Thiago Jung Bauermann <thiago.bauermann@...aro.org>, 
 linux-arm-kernel@...ts.infradead.org, linux-doc@...r.kernel.org, 
 kvmarm@...ts.linux.dev, linux-fsdevel@...r.kernel.org, 
 linux-arch@...r.kernel.org, linux-mm@...ck.org, 
 linux-kselftest@...r.kernel.org, linux-kernel@...r.kernel.org, 
 linux-riscv@...ts.infradead.org, Mark Brown <broonie@...nel.org>
Subject: [PATCH v8 04/38] arm64: Document boot requirements for Guarded
 Control Stacks

FEAT_GCS introduces a number of new system registers, we require that
access to these registers is not trapped when we identify that the feature
is detected.

Signed-off-by: Mark Brown <broonie@...nel.org>
---
 Documentation/arch/arm64/booting.rst | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/Documentation/arch/arm64/booting.rst b/Documentation/arch/arm64/booting.rst
index b57776a68f15..de3679770c64 100644
--- a/Documentation/arch/arm64/booting.rst
+++ b/Documentation/arch/arm64/booting.rst
@@ -411,6 +411,28 @@ Before jumping into the kernel, the following conditions must be met:
 
     - HFGRWR_EL2.nPIRE0_EL1 (bit 57) must be initialised to 0b1.
 
+ - For features with Guarded Control Stacks (FEAT_GCS):
+
+  - If EL3 is present:
+
+    - SCR_EL3.GCSEn (bit 39) must be initialised to 0b1.
+
+ - If the kernel is entered at EL1 and EL2 is present:
+
+    - HFGITR_EL2.nGCSEPP (bit 59) must be initialised to 0b1.
+
+    - HFGITR_EL2.nGCSSTR_EL1 (bit 58) must be initialised to 0b1.
+
+    - HFGITR_EL2.nGCSPUSHM_EL1 (bit 57) must be initialised to 0b1.
+
+    - HFGRTR_EL2.nGCS_EL1 (bit 53) must be initialised to 0b1.
+
+    - HFGRTR_EL2.nGCS_EL0 (bit 52) must be initialised to 0b1.
+
+    - HFGWTR_EL2.nGCS_EL1 (bit 53) must be initialised to 0b1.
+
+    - HFGWTR_EL2.nGCS_EL0 (bit 52) must be initialised to 0b1.
+
 The requirements described above for CPU mode, caches, MMUs, architected
 timers, coherency and system registers apply to all CPUs.  All CPUs must
 enter the kernel in the same exception level.  Where the values documented

-- 
2.30.2


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ