Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/sys/arch/aarch64 Not only the kernel thread, but also the us...



details:   https://anonhg.NetBSD.org/src/rev/a80a26b2aee1
branches:  trunk
changeset: 972318:a80a26b2aee1
user:      ryo <ryo%NetBSD.org@localhost>
date:      Sat May 23 18:08:58 2020 +0000

description:
Not only the kernel thread, but also the userland PAC keys
(APIA,APIB,APDA,APDB,APGA) are now randomly initialized at exec, and switched
when context switch.
userland programs are able to perform pointer authentication on ARMv8.3+PAC cpu.

reviewd by maxv@, thanks.

diffstat:

 sys/arch/aarch64/aarch64/cpufunc.c          |   8 ++--
 sys/arch/aarch64/aarch64/cpuswitch.S        |  54 +++++++++++++---------------
 sys/arch/aarch64/aarch64/exec_machdep.c     |  42 +++++++++++++++++++++-
 sys/arch/aarch64/aarch64/genassym.cf        |  14 ++++--
 sys/arch/aarch64/aarch64/netbsd32_machdep.c |   6 ++-
 sys/arch/aarch64/aarch64/vectors.S          |   9 +---
 sys/arch/aarch64/aarch64/vm_machdep.c       |  22 +++++++++--
 sys/arch/aarch64/include/armreg.h           |  22 +++++++++++-
 sys/arch/aarch64/include/machdep.h          |   5 ++-
 sys/arch/aarch64/include/proc.h             |  13 +++---
 10 files changed, 135 insertions(+), 60 deletions(-)

diffs (truncated from 435 to 300 lines):

diff -r b289226b070d -r a80a26b2aee1 sys/arch/aarch64/aarch64/cpufunc.c
--- a/sys/arch/aarch64/aarch64/cpufunc.c        Sat May 23 17:28:27 2020 +0000
+++ b/sys/arch/aarch64/aarch64/cpufunc.c        Sat May 23 18:08:58 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: cpufunc.c,v 1.18 2020/05/15 04:55:40 ryo Exp $ */
+/*     $NetBSD: cpufunc.c,v 1.19 2020/05/23 18:08:58 ryo Exp $ */
 
 /*
  * Copyright (c) 2017 Ryo Shimizu <ryo%nerv.org@localhost>
@@ -30,7 +30,7 @@
 #include "opt_multiprocessor.h"
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: cpufunc.c,v 1.18 2020/05/15 04:55:40 ryo Exp $");
+__KERNEL_RCSID(0, "$NetBSD: cpufunc.c,v 1.19 2020/05/23 18:08:58 ryo Exp $");
 
 #include <sys/param.h>
 #include <sys/types.h>
@@ -474,8 +474,8 @@
                return -1;
 
        /* Set the key. Curlwp here is the CPU's idlelwp. */
-       reg_APIAKeyLo_EL1_write(curlwp->l_md.md_ia_kern_lo);
-       reg_APIAKeyHi_EL1_write(curlwp->l_md.md_ia_kern_hi);
+       reg_APIAKeyLo_EL1_write(curlwp->l_md.md_ia_kern[0]);
+       reg_APIAKeyHi_EL1_write(curlwp->l_md.md_ia_kern[1]);
 
        return 0;
 #else
diff -r b289226b070d -r a80a26b2aee1 sys/arch/aarch64/aarch64/cpuswitch.S
--- a/sys/arch/aarch64/aarch64/cpuswitch.S      Sat May 23 17:28:27 2020 +0000
+++ b/sys/arch/aarch64/aarch64/cpuswitch.S      Sat May 23 18:08:58 2020 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: cpuswitch.S,v 1.20 2020/05/22 19:29:26 ryo Exp $ */
+/* $NetBSD: cpuswitch.S,v 1.21 2020/05/23 18:08:59 ryo Exp $ */
 
 /*-
  * Copyright (c) 2014 The NetBSD Foundation, Inc.
@@ -38,7 +38,7 @@
 #include "opt_ddb.h"
 #include "opt_kasan.h"
 
-RCSID("$NetBSD: cpuswitch.S,v 1.20 2020/05/22 19:29:26 ryo Exp $")
+RCSID("$NetBSD: cpuswitch.S,v 1.21 2020/05/23 18:08:59 ryo Exp $")
 
        ARMV8_DEFINE_OPTIONS
 
@@ -92,14 +92,27 @@
        adrl    x4, _C_LABEL(aarch64_pac_enabled)
        ldr     w4, [x4]
        cbz     w4, 1f
-#if L_MD_IA_KERN_LO + 8 == L_MD_IA_KERN_HI
-       ldp     x5, x6, [x1, #L_MD_IA_KERN_LO]
-#else
-       ldr     x5, [x1, #L_MD_IA_KERN_LO]
-       ldr     x6, [x1, #L_MD_IA_KERN_HI]
-#endif
+       ldp     x5, x6, [x1, #L_MD_IA_KERN]
        msr     APIAKeyLo_EL1, x5
        msr     APIAKeyHi_EL1, x6
+
+       /* Other keys only need to be updated when switching to user process */
+       ldr     w5, [x1, #L_FLAG]
+       and     w5, w5, #LW_SYSTEM      /* (lwp->l_flag & LW_SYSTEM) ? */
+       cbnz    w5, 1f
+
+       ldp     x5, x6, [x1, #L_MD_IB_USER]
+       msr     APIBKeyLo_EL1, x5
+       msr     APIBKeyHi_EL1, x6
+       ldp     x5, x6, [x1, #L_MD_DA_USER]
+       msr     APDAKeyLo_EL1, x5
+       msr     APDAKeyHi_EL1, x6
+       ldp     x5, x6, [x1, #L_MD_DB_USER]
+       msr     APDBKeyLo_EL1, x5
+       msr     APDBKeyHi_EL1, x6
+       ldp     x5, x6, [x1, #L_MD_GA_USER]
+       msr     APGAKeyLo_EL1, x5
+       msr     APGAKeyHi_EL1, x6
 1:
 #endif
 
@@ -163,12 +176,7 @@
        adrl    x4, _C_LABEL(aarch64_pac_enabled)
        ldr     w4, [x4]
        cbz     w4, 1f
-#if L_MD_IA_KERN_LO + 8 == L_MD_IA_KERN_HI
-       ldp     x5, x6, [x0, #L_MD_IA_KERN_LO]
-#else
-       ldr     x5, [x0, #L_MD_IA_KERN_LO]
-       ldr     x6, [x0, #L_MD_IA_KERN_HI]
-#endif
+       ldp     x5, x6, [x0, #L_MD_IA_KERN]
        msr     APIAKeyLo_EL1, x5
        msr     APIAKeyHi_EL1, x6
 1:
@@ -209,12 +217,7 @@
        adrl    x4, _C_LABEL(aarch64_pac_enabled)
        ldr     w4, [x4]
        cbz     w4, 1f
-#if L_MD_IA_KERN_LO + 8 == L_MD_IA_KERN_HI
-       ldp     x5, x6, [x19, #L_MD_IA_KERN_LO]
-#else
-       ldr     x5, [x19, #L_MD_IA_KERN_LO]
-       ldr     x6, [x19, #L_MD_IA_KERN_HI]
-#endif
+       ldp     x5, x6, [x19, #L_MD_IA_KERN]
        msr     APIAKeyLo_EL1, x5
        msr     APIAKeyHi_EL1, x6
 1:
@@ -271,10 +274,10 @@
        cbz     w4, 1f
        mov     x26, x1
        bl      _C_LABEL(cprng_strong64)
-       str     x0, [x26, #L_MD_IA_KERN_LO]
+       str     x0, [x26, #L_MD_IA_KERN]
        msr     APIAKeyLo_EL1, x0
        bl      _C_LABEL(cprng_strong64)
-       str     x0, [x26, #L_MD_IA_KERN_HI]
+       str     x0, [x26, #(L_MD_IA_KERN + 8)]
        msr     APIAKeyHi_EL1, x0
 1:
 #endif
@@ -395,12 +398,7 @@
        adrl    x4, _C_LABEL(aarch64_pac_enabled)
        ldr     w4, [x4]
        cbz     w4, 1f
-#if L_MD_IA_USER_LO + 8 == L_MD_IA_USER_HI
-       ldp     x5, x6, [x9, #L_MD_IA_USER_LO]
-#else
-       ldr     x5, [x9, #L_MD_IA_USER_LO]
-       ldr     x6, [x9, #L_MD_IA_USER_HI]
-#endif
+       ldp     x5, x6, [x9, #L_MD_IA_USER]
        msr     APIAKeyLo_EL1, x5
        msr     APIAKeyHi_EL1, x6
 1:
diff -r b289226b070d -r a80a26b2aee1 sys/arch/aarch64/aarch64/exec_machdep.c
--- a/sys/arch/aarch64/aarch64/exec_machdep.c   Sat May 23 17:28:27 2020 +0000
+++ b/sys/arch/aarch64/aarch64/exec_machdep.c   Sat May 23 18:08:58 2020 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: exec_machdep.c,v 1.6 2019/11/24 11:45:00 rin Exp $ */
+/* $NetBSD: exec_machdep.c,v 1.7 2020/05/23 18:08:59 ryo Exp $ */
 
 /*-
  * Copyright (c) 2014 The NetBSD Foundation, Inc.
@@ -31,7 +31,7 @@
 
 #include <sys/cdefs.h>
 
-__KERNEL_RCSID(1, "$NetBSD: exec_machdep.c,v 1.6 2019/11/24 11:45:00 rin Exp $");
+__KERNEL_RCSID(1, "$NetBSD: exec_machdep.c,v 1.7 2020/05/23 18:08:59 ryo Exp $");
 
 #include "opt_compat_netbsd.h"
 #include "opt_compat_netbsd32.h"
@@ -40,6 +40,7 @@
 #include <sys/systm.h>
 #include <sys/proc.h>
 #include <sys/exec.h>
+#include <sys/cprng.h>
 
 #include <uvm/uvm_extern.h>
 
@@ -51,7 +52,9 @@
 #endif
 
 #include <aarch64/armreg.h>
+#include <aarch64/cpufunc.h>
 #include <aarch64/frame.h>
+#include <aarch64/machdep.h>
 
 #if EXEC_ELF64
 int
@@ -97,11 +100,46 @@
 #endif
 
 void
+aarch64_setregs_ptrauth(struct lwp *l, bool randomize)
+{
+#ifdef ARMV83_PAC
+       if (!aarch64_pac_enabled)
+               return;
+
+       if (randomize) {
+               cprng_strong(kern_cprng, l->l_md.md_ia_user,
+                   sizeof(l->l_md.md_ia_user), 0);
+               cprng_strong(kern_cprng, l->l_md.md_ib_user,
+                   sizeof(l->l_md.md_ib_user), 0);
+               cprng_strong(kern_cprng, l->l_md.md_da_user,
+                   sizeof(l->l_md.md_da_user), 0);
+               cprng_strong(kern_cprng, l->l_md.md_db_user,
+                   sizeof(l->l_md.md_db_user), 0);
+               cprng_strong(kern_cprng, l->l_md.md_ga_user,
+                   sizeof(l->l_md.md_ga_user), 0);
+       } else {
+               memset(l->l_md.md_ia_user, 0,
+                   sizeof(l->l_md.md_ia_user));
+               memset(l->l_md.md_ib_user, 0,
+                   sizeof(l->l_md.md_ib_user));
+               memset(l->l_md.md_da_user, 0,
+                   sizeof(l->l_md.md_da_user));
+               memset(l->l_md.md_db_user, 0,
+                   sizeof(l->l_md.md_db_user));
+               memset(l->l_md.md_ga_user, 0,
+                   sizeof(l->l_md.md_ga_user));
+       }
+#endif
+}
+
+void
 setregs(struct lwp *l, struct exec_package *pack, vaddr_t stack)
 {
        struct proc * const p = l->l_proc;
        struct trapframe * const tf = l->l_md.md_utf;
 
+       aarch64_setregs_ptrauth(l, true);
+
        p->p_flag &= ~PK_32;
 
        /*
diff -r b289226b070d -r a80a26b2aee1 sys/arch/aarch64/aarch64/genassym.cf
--- a/sys/arch/aarch64/aarch64/genassym.cf      Sat May 23 17:28:27 2020 +0000
+++ b/sys/arch/aarch64/aarch64/genassym.cf      Sat May 23 18:08:58 2020 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: genassym.cf,v 1.24 2020/05/15 04:55:40 ryo Exp $
+# $NetBSD: genassym.cf,v 1.25 2020/05/23 18:08:59 ryo Exp $
 #-
 # Copyright (c) 2014 The NetBSD Foundation, Inc.
 # All rights reserved.
@@ -144,16 +144,20 @@
 # Important offsets into the lwp and proc structs & associated constants
 define L_PCB                   offsetof(struct lwp, l_addr)
 define L_CPU                   offsetof(struct lwp, l_cpu)
+define L_FLAG                  offsetof(struct lwp, l_flag)
 define L_PROC                  offsetof(struct lwp, l_proc)
 define L_PRIVATE               offsetof(struct lwp, l_private)
 define L_MD_FLAGS              offsetof(struct lwp, l_md.md_flags)
 define L_MD_UTF                offsetof(struct lwp, l_md.md_utf)
 define L_MD_CPACR              offsetof(struct lwp, l_md.md_cpacr)
 define L_MD_ONFAULT            offsetof(struct lwp, l_md.md_onfault)
-define L_MD_IA_KERN_LO         offsetof(struct lwp, l_md.md_ia_kern_lo)
-define L_MD_IA_KERN_HI         offsetof(struct lwp, l_md.md_ia_kern_hi)
-define L_MD_IA_USER_LO         offsetof(struct lwp, l_md.md_ia_user_lo)
-define L_MD_IA_USER_HI         offsetof(struct lwp, l_md.md_ia_user_hi)
+define L_MD_IA_KERN            offsetof(struct lwp, l_md.md_ia_kern)
+define L_MD_IA_USER            offsetof(struct lwp, l_md.md_ia_user)
+define L_MD_IB_USER            offsetof(struct lwp, l_md.md_ib_user)
+define L_MD_DA_USER            offsetof(struct lwp, l_md.md_da_user)
+define L_MD_DB_USER            offsetof(struct lwp, l_md.md_db_user)
+define L_MD_GA_USER            offsetof(struct lwp, l_md.md_ga_user)
+define LW_SYSTEM               LW_SYSTEM
 
 define FB_X19                  FB_X19
 define FB_X20                  FB_X20
diff -r b289226b070d -r a80a26b2aee1 sys/arch/aarch64/aarch64/netbsd32_machdep.c
--- a/sys/arch/aarch64/aarch64/netbsd32_machdep.c       Sat May 23 17:28:27 2020 +0000
+++ b/sys/arch/aarch64/aarch64/netbsd32_machdep.c       Sat May 23 18:08:58 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: netbsd32_machdep.c,v 1.12 2020/04/23 17:21:53 skrll Exp $      */
+/*     $NetBSD: netbsd32_machdep.c,v 1.13 2020/05/23 18:08:59 ryo Exp $        */
 
 /*
  * Copyright (c) 2018 Ryo Shimizu <ryo%nerv.org@localhost>
@@ -27,7 +27,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: netbsd32_machdep.c,v 1.12 2020/04/23 17:21:53 skrll Exp $");
+__KERNEL_RCSID(0, "$NetBSD: netbsd32_machdep.c,v 1.13 2020/05/23 18:08:59 ryo Exp $");
 
 #if defined(_KERNEL_OPT)
 #include "opt_compat_netbsd.h"
@@ -63,6 +63,8 @@
        struct proc * const p = l->l_proc;
        struct trapframe * const tf = l->l_md.md_utf;
 
+       aarch64_setregs_ptrauth(l, false);
+
        p->p_flag |= PK_32;
 
        /*
diff -r b289226b070d -r a80a26b2aee1 sys/arch/aarch64/aarch64/vectors.S
--- a/sys/arch/aarch64/aarch64/vectors.S        Sat May 23 17:28:27 2020 +0000
+++ b/sys/arch/aarch64/aarch64/vectors.S        Sat May 23 18:08:58 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: vectors.S,v 1.16 2020/05/15 09:08:10 ryo Exp $ */
+/*     $NetBSD: vectors.S,v 1.17 2020/05/23 18:08:59 ryo Exp $ */
 
 #include <aarch64/asm.h>
 #include "assym.h"
@@ -91,12 +91,7 @@
        adrl    x4, _C_LABEL(aarch64_pac_enabled)
        ldr     w4, [x4]
        cbz     w4, 1f
-#if L_MD_IA_KERN_LO + 8 == L_MD_IA_KERN_HI
-       ldp     x5, x6, [x1, #L_MD_IA_KERN_LO]
-#else
-       ldr     x5, [x1, #L_MD_IA_KERN_LO]
-       ldr     x6, [x1, #L_MD_IA_KERN_HI]
-#endif
+       ldp     x5, x6, [x1, #L_MD_IA_KERN]



Home | Main Index | Thread Index | Old Index