[PATCHv4 07/17] arm64: sdei: explicitly simulate PAN/UAO entry

James Morse james.morse at arm.com
Thu Nov 26 13:42:46 EST 2020 

Hi Mark,

On 13/11/2020 12:49, Mark Rutland wrote:
> SDEI enters the kernel with a non-architectural exception which does not
> manipulate PSTATE bits (e.g. PAN, UAO) in the same way as architectural
> exceptions. We currently fix this up with a combination of
> __uaccess_enable_hw_pan() and force_uaccess_access_begin(), but this has
> a few problems:
> 
> * When set_fs() is removed, force_uaccess_begin() will have no HW
>   side-effects, and UAO will need to be reset elsewhere.
> 
> * Kernels built without support for PAN or UAO will not reset these bits
>   upon SDEI entry, and may inherit the values used by a VM, leading to
>   unexpected behaviour.
> 
> * Kernels built *with* support for PAN or UAO, when run on systems with
>   mismatched support across CPUs, will not reset these bits upon SDEI
>   entry, and may inherit the values used by a VM, leading to unexpected
>   behaviour.

> To deal with all of these, let's always explicitly reset the PAN and UAO
> bits when an SDEI event is delivered to the kernel. As above, we must do
> so even when the kernel has chosen to not use PAN/UAO, or was not built
> with support for PAN/UAO generally.
> 
> The existing system_uses_ttbr0_pan() is redefined in terms of
> system_uses_hw_pan() both for clarity and as a minor optimization when
> HW PAN is not selected.

Reviewed-by: James Morse <james.morse at arm.com>


> diff --git a/arch/arm64/kernel/sdei.c b/arch/arm64/kernel/sdei.c
> index 4a5f24602aa0..908d7be70eac 100644
> --- a/arch/arm64/kernel/sdei.c
> +++ b/arch/arm64/kernel/sdei.c
> @@ -224,12 +234,11 @@ __sdei_handler(struct pt_regs *regs, struct sdei_registered_event *arg)
>  	mm_segment_t orig_addr_limit;
>  
>  	/*
> -	 * We didn't take an exception to get here, so the HW hasn't set PAN or
> -	 * cleared UAO, and the exception entry code hasn't reset addr_limit.
> -	 * Set PAN, then use force_uaccess_begin() to clear UAO and reset
> -	 * addr_limit.
> +	 * We didn't take an exception to get here, so the HW hasn't
> +	 * set/cleared bits in PSTATE that we may rely on. Intialize PAN/UAO,

(Initialize)

> +	 * then use force_uaccess_begin() to reset addr_limit.
>  	 */
> -	__uaccess_enable_hw_pan();
> +	__sdei_pstate_entry();
>  	orig_addr_limit = force_uaccess_begin();
>  
>  	nmi_enter();
> 


Thanks,

James

More information about the linux-arm-kernel mailing list