Startsida Utforska Hjälp
Registrera dig Logga in
RD_Software
/
ark1668ed-bsp
2
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Träd: fc47107f95
Grenar Taggar
ark1668ed-bsp
/
linux
/
arch
/
x86
/
kernel
/
cet.c

cet.c 4.2 KB
Historik

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161 
  1. // SPDX-License-Identifier: GPL-2.0
    2. 

  2. 

  3. #include <linux/ptrace.h>
    4. 

  4. #include <asm/bugs.h>
    5. 

  5. #include <asm/traps.h>
    6. 

  6. 

  7. enum cp_error_code {
    8. 

  8. 	CP_EC        = (1 << 15) - 1,
    9. 

  9. 

  10. 	CP_RET       = 1,
    11. 

  11. 	CP_IRET      = 2,
    12. 

  12. 	CP_ENDBR     = 3,
    13. 

  13. 	CP_RSTRORSSP = 4,
    14. 

  14. 	CP_SETSSBSY  = 5,
    15. 

  15. 

  16. 	CP_ENCL	     = 1 << 15,
    17. 

  17. };
    18. 

  18. 

  19. static const char cp_err[][10] = {
    20. 

  20. 	[0] = "unknown",
    21. 

  21. 	[1] = "near ret",
    22. 

  22. 	[2] = "far/iret",
    23. 

  23. 	[3] = "endbranch",
    24. 

  24. 	[4] = "rstorssp",
    25. 

  25. 	[5] = "setssbsy",
    26. 

  26. };
    27. 

  27. 

  28. static const char *cp_err_string(unsigned long error_code)
    29. 

  29. {
    30. 

  30. 	unsigned int cpec = error_code & CP_EC;
    31. 

  31. 

  32. 	if (cpec >= ARRAY_SIZE(cp_err))
    33. 

  33. 		cpec = 0;
    34. 

  34. 	return cp_err[cpec];
    35. 

  35. }
    36. 

  36. 

  37. static void do_unexpected_cp(struct pt_regs *regs, unsigned long error_code)
    38. 

  38. {
    39. 

  39. 	WARN_ONCE(1, "Unexpected %s #CP, error_code: %s\n",
    40. 

  40. 		  user_mode(regs) ? "user mode" : "kernel mode",
    41. 

  41. 		  cp_err_string(error_code));
    42. 

  42. }
    43. 

  43. 

  44. static DEFINE_RATELIMIT_STATE(cpf_rate, DEFAULT_RATELIMIT_INTERVAL,
    45. 

  45. 			      DEFAULT_RATELIMIT_BURST);
    46. 

  46. 

  47. static void do_user_cp_fault(struct pt_regs *regs, unsigned long error_code)
    48. 

  48. {
    49. 

  49. 	struct task_struct *tsk;
    50. 

  50. 	unsigned long ssp;
    51. 

  51. 

  52. 	/*
    53. 

  53. 	 * An exception was just taken from userspace. Since interrupts are disabled
    54. 

  54. 	 * here, no scheduling should have messed with the registers yet and they
    55. 

  55. 	 * will be whatever is live in userspace. So read the SSP before enabling
    56. 

  56. 	 * interrupts so locking the fpregs to do it later is not required.
    57. 

  57. 	 */
    58. 

  58. 	rdmsrl(MSR_IA32_PL3_SSP, ssp);
    59. 

  59. 

  60. 	cond_local_irq_enable(regs);
    61. 

  61. 

  62. 	tsk = current;
    63. 

  63. 	tsk->thread.error_code = error_code;
    64. 

  64. 	tsk->thread.trap_nr = X86_TRAP_CP;
    65. 

  65. 

  66. 	/* Ratelimit to prevent log spamming. */
    67. 

  67. 	if (show_unhandled_signals && unhandled_signal(tsk, SIGSEGV) &&
    68. 

  68. 	    __ratelimit(&cpf_rate)) {
    69. 

  69. 		pr_emerg("%s[%d] control protection ip:%lx sp:%lx ssp:%lx error:%lx(%s)%s",
    70. 

  70. 			 tsk->comm, task_pid_nr(tsk),
    71. 

  71. 			 regs->ip, regs->sp, ssp, error_code,
    72. 

  72. 			 cp_err_string(error_code),
    73. 

  73. 			 error_code & CP_ENCL ? " in enclave" : "");
    74. 

  74. 		print_vma_addr(KERN_CONT " in ", regs->ip);
    75. 

  75. 		pr_cont("\n");
    76. 

  76. 	}
    77. 

  77. 

  78. 	force_sig_fault(SIGSEGV, SEGV_CPERR, (void __user *)0);
    79. 

  79. 	cond_local_irq_disable(regs);
    80. 

  80. }
    81. 

  81. 

  82. static __ro_after_init bool ibt_fatal = true;
    83. 

  83. 

  84. /*
    85. 

  85.  * By definition, all missing-ENDBRANCH #CPs are a result of WFE && !ENDBR.
    86. 

  86.  *
    87. 

  87.  * For the kernel IBT no ENDBR selftest where #CPs are deliberately triggered,
    88. 

  88.  * the WFE state of the interrupted context needs to be cleared to let execution
    89. 

  89.  * continue.  Otherwise when the CPU resumes from the instruction that just
    90. 

  90.  * caused the previous #CP, another missing-ENDBRANCH #CP is raised and the CPU
    91. 

  91.  * enters a dead loop.
    92. 

  92.  *
    93. 

  93.  * This is not a problem with IDT because it doesn't preserve WFE and IRET doesn't
    94. 

  94.  * set WFE.  But FRED provides space on the entry stack (in an expanded CS area)
    95. 

  95.  * to save and restore the WFE state, thus the WFE state is no longer clobbered,
    96. 

  96.  * so software must clear it.
    97. 

  97.  */
    98. 

  98. static void ibt_clear_fred_wfe(struct pt_regs *regs)
    99. 

  99. {
    100. 

  100. 	/*
    101. 

  101. 	 * No need to do any FRED checks.
    102. 

  102. 	 *
    103. 

  103. 	 * For IDT event delivery, the high-order 48 bits of CS are pushed
    104. 

  104. 	 * as 0s into the stack, and later IRET ignores these bits.
    105. 

  105. 	 *
    106. 

  106. 	 * For FRED, a test to check if fred_cs.wfe is set would be dropped
    107. 

  107. 	 * by compilers.
    108. 

  108. 	 */
    109. 

  109. 	regs->fred_cs.wfe = 0;
    110. 

  110. }
    111. 

  111. 

  112. static void do_kernel_cp_fault(struct pt_regs *regs, unsigned long error_code)
    113. 

  113. {
    114. 

  114. 	if ((error_code & CP_EC) != CP_ENDBR) {
    115. 

  115. 		do_unexpected_cp(regs, error_code);
    116. 

  116. 		return;
    117. 

  117. 	}
    118. 

  118. 

  119. 	if (unlikely(regs->ip == (unsigned long)&ibt_selftest_noendbr)) {
    120. 

  120. 		regs->ax = 0;
    121. 

  121. 		ibt_clear_fred_wfe(regs);
    122. 

  122. 		return;
    123. 

  123. 	}
    124. 

  124. 

  125. 	pr_err("Missing ENDBR: %pS\n", (void *)instruction_pointer(regs));
    126. 

  126. 	if (!ibt_fatal) {
    127. 

  127. 		printk(KERN_DEFAULT CUT_HERE);
    128. 

  128. 		__warn(__FILE__, __LINE__, (void *)regs->ip, TAINT_WARN, regs, NULL);
    129. 

  129. 		ibt_clear_fred_wfe(regs);
    130. 

  130. 		return;
    131. 

  131. 	}
    132. 

  132. 	BUG();
    133. 

  133. }
    134. 

  134. 

  135. static int __init ibt_setup(char *str)
    136. 

  136. {
    137. 

  137. 	if (!strcmp(str, "off"))
    138. 

  138. 		setup_clear_cpu_cap(X86_FEATURE_IBT);
    139. 

  139. 

  140. 	if (!strcmp(str, "warn"))
    141. 

  141. 		ibt_fatal = false;
    142. 

  142. 

  143. 	return 1;
    144. 

  144. }
    145. 

  145. 

  146. __setup("ibt=", ibt_setup);
    147. 

  147. 

  148. DEFINE_IDTENTRY_ERRORCODE(exc_control_protection)
    149. 

  149. {
    150. 

  150. 	if (user_mode(regs)) {
    151. 

  151. 		if (cpu_feature_enabled(X86_FEATURE_USER_SHSTK))
    152. 

  152. 			do_user_cp_fault(regs, error_code);
    153. 

  153. 		else
    154. 

  154. 			do_unexpected_cp(regs, error_code);
    155. 

  155. 	} else {
    156. 

  156. 		if (cpu_feature_enabled(X86_FEATURE_IBT))
    157. 

  157. 			do_kernel_cp_fault(regs, error_code);
    158. 

  158. 		else
    159. 

  159. 			do_unexpected_cp(regs, error_code);
    160. 

  160. 	}
    161. 

  161. }
    162.