[PATCH 00/13] arm64: remove set_fs() and friends

Mark Rutland mark.rutland at arm.com
Mon Sep 28 05:18:58 EDT 2020 

On Mon, Sep 28, 2020 at 09:23:15AM +0200, Christoph Hellwig wrote:
> On Mon, Sep 28, 2020 at 09:16:01AM +0200, Christoph Hellwig wrote:
> > On Fri, Sep 25, 2020 at 05:07:09PM +0100, Mark Rutland wrote:
> > I'm not a an arm64 experts, but this looks reasonable to me.
> > 
> > Also can't we remove all the remaining UAO handling as in the patch
> > below or did I totally misunderstood how uaccess works for arm64?

The bits in copy_thread() can go, but I'd like to keep the bits in
print_pstate() since that's only dumping HW state rather than modifying
it and is still useful for diagnosing issues.

The rest is indirectly required by SDEI, and I would also prefer to
remove it, so I'll see about reworking the SDEI entry to handle this
explicitly given SDEI is the special case.

Thanks,
Mark.

> 
> Actually the patch was incomplete, here is the full one:
> 
> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
> index 6d232837cbeee8..dd3c8f8a34dae2 100644
> --- a/arch/arm64/Kconfig
> +++ b/arch/arm64/Kconfig
> @@ -1434,27 +1434,6 @@ endmenu
>  
>  menu "ARMv8.2 architectural features"
>  
> -config ARM64_UAO
> -	bool "Enable support for User Access Override (UAO)"
> -	default y
> -	help
> -	  User Access Override (UAO; part of the ARMv8.2 Extensions)
> -	  causes the 'unprivileged' variant of the load/store instructions to
> -	  be overridden to be privileged.
> -
> -	  This option changes get_user() and friends to use the 'unprivileged'
> -	  variant of the load/store instructions. This ensures that user-space
> -	  really did have access to the supplied memory. When addr_limit is
> -	  set to kernel memory the UAO bit will be set, allowing privileged
> -	  access to kernel memory.
> -
> -	  Choosing this option will cause copy_to_user() et al to use user-space
> -	  memory permissions.
> -
> -	  The feature is detected at runtime, the kernel will use the
> -	  regular load/store instructions if the cpu does not implement the
> -	  feature.
> -
>  config ARM64_PMEM
>  	bool "Enable support for persistent memory"
>  	select ARCH_HAS_PMEM_API
> diff --git a/arch/arm64/include/asm/uaccess.h b/arch/arm64/include/asm/uaccess.h
> index ef2d5a90e1815f..1c16e43f035a7a 100644
> --- a/arch/arm64/include/asm/uaccess.h
> +++ b/arch/arm64/include/asm/uaccess.h
> @@ -29,7 +29,6 @@
>  static inline void init_hw_uaccess_state(void)
>  {
>  	asm(ALTERNATIVE("nop", SET_PSTATE_PAN(1), ARM64_HAS_PAN));
> -	asm(ALTERNATIVE("nop", SET_PSTATE_UAO(0), ARM64_HAS_UAO));
>  }
>  
>  /*
> diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
> index 9ca8144f1e6a45..c460cd15dc49b3 100644
> --- a/arch/arm64/kernel/cpufeature.c
> +++ b/arch/arm64/kernel/cpufeature.c
> @@ -153,9 +153,6 @@ EXPORT_SYMBOL(cpu_hwcap_keys);
>  	}
>  
>  /* meta feature for alternatives */
> -static bool __maybe_unused
> -cpufeature_pan_not_uao(const struct arm64_cpu_capabilities *entry, int __unused);
> -
>  static void cpu_enable_cnp(struct arm64_cpu_capabilities const *cap);
>  
>  static bool __system_matches_cap(unsigned int n);
> @@ -1763,17 +1760,6 @@ static const struct arm64_cpu_capabilities arm64_features[] = {
>  		.type = ARM64_CPUCAP_WEAK_LOCAL_CPU_FEATURE,
>  		.matches = has_no_hw_prefetch,
>  	},
> -#ifdef CONFIG_ARM64_UAO
> -	{
> -		.desc = "User Access Override",
> -		.capability = ARM64_HAS_UAO,
> -		.type = ARM64_CPUCAP_SYSTEM_FEATURE,
> -		.matches = has_cpuid_feature,
> -		.sys_reg = SYS_ID_AA64MMFR2_EL1,
> -		.field_pos = ID_AA64MMFR2_UAO_SHIFT,
> -		.min_field_value = 1,
> -	},
> -#endif /* CONFIG_ARM64_UAO */
>  #ifdef CONFIG_ARM64_VHE
>  	{
>  		.desc = "Virtualization Host Extensions",
> @@ -2701,12 +2687,6 @@ void __init setup_cpu_features(void)
>  			ARCH_DMA_MINALIGN);
>  }
>  
> -static bool __maybe_unused
> -cpufeature_pan_not_uao(const struct arm64_cpu_capabilities *entry, int __unused)
> -{
> -	return (__system_matches_cap(ARM64_HAS_PAN) && !__system_matches_cap(ARM64_HAS_UAO));
> -}
> -
>  static void __maybe_unused cpu_enable_cnp(struct arm64_cpu_capabilities const *cap)
>  {
>  	cpu_replace_ttbr1(lm_alias(swapper_pg_dir));
> diff --git a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c
> index 6ec12f4cb546f4..f223d27d991b3c 100644
> --- a/arch/arm64/kernel/process.c
> +++ b/arch/arm64/kernel/process.c
> @@ -239,7 +239,7 @@ static void print_pstate(struct pt_regs *regs)
>  		const char *btype_str = btypes[(pstate & PSR_BTYPE_MASK) >>
>  					       PSR_BTYPE_SHIFT];
>  
> -		printk("pstate: %08llx (%c%c%c%c %c%c%c%c %cPAN %cUAO BTYPE=%s)\n",
> +		printk("pstate: %08llx (%c%c%c%c %c%c%c%c %cPAN BTYPE=%s)\n",
>  			pstate,
>  			pstate & PSR_N_BIT ? 'N' : 'n',
>  			pstate & PSR_Z_BIT ? 'Z' : 'z',
> @@ -250,7 +250,6 @@ static void print_pstate(struct pt_regs *regs)
>  			pstate & PSR_I_BIT ? 'I' : 'i',
>  			pstate & PSR_F_BIT ? 'F' : 'f',
>  			pstate & PSR_PAN_BIT ? '+' : '-',
> -			pstate & PSR_UAO_BIT ? '+' : '-',
>  			btype_str);
>  	}
>  }
> @@ -417,10 +416,6 @@ int copy_thread(unsigned long clone_flags, unsigned long stack_start,
>  	} else {
>  		memset(childregs, 0, sizeof(struct pt_regs));
>  		childregs->pstate = PSR_MODE_EL1h;
> -		if (IS_ENABLED(CONFIG_ARM64_UAO) &&
> -		    cpus_have_const_cap(ARM64_HAS_UAO))
> -			childregs->pstate |= PSR_UAO_BIT;
> -
>  		if (arm64_get_ssbd_state() == ARM64_SSBD_FORCE_DISABLE)
>  			set_ssbs_bit(childregs);
>

More information about the linux-arm-kernel mailing list