On Mon, Aug 12, 2019 at 11:11 PM Knut Omang wrote:
>
> KTF has already been available for a while as a separate git repository with
> means to facilitate use with any kernel version.
>
> KTF can be used both for "pure" unit testing and for more pragmatic
> approaches to component testing. Apart fr
On Mon, Aug 12, 2019 at 11:11 PM Knut Omang wrote:
[...]
> Alan Maguire (3):
> ktf: Implementation of ktf support for overriding function entry and return.
> ktf: A simple debugfs interface to test results
> ktf: Simple coverage support
>
> Knut Omang (16):
> kbuild: Fixes to rules for hos
On Tue, Aug 13, 2019 at 08:09:21AM +0200, Knut Omang wrote:
> From: Alan Maguire
>
> While test results is available via netlink from user space, sometimes
> it may be useful to be able to access the results from the kernel as well,
> for instance due to a crash. Make that possible via debugfs.
>
On Tue, Aug 13, 2019 at 08:09:15AM +0200, Knut Omang wrote:
> and in the making::
>
> kunit/ (kernel only (UML))
You are going to have to integrate this with kunit, to come up with a
superset of both in the end.
And I do not think that kunit is only UML, it's just that s
Add the driver to monitor Inspur Power System power supplies
with hwmon over pmbus.
This driver adds sysfs attributes for additional power supply data,
including vendor, model, part_number, serial number,
firmware revision, hardware revision, and psu mode(active/standby).
Signed-off-by: John Wang
On Mon 12-08-19 10:56:20, Joel Fernandes wrote:
> On Thu, Aug 08, 2019 at 10:00:44AM +0200, Michal Hocko wrote:
> > On Wed 07-08-19 17:31:05, Joel Fernandes wrote:
> > > On Wed, Aug 07, 2019 at 01:58:40PM -0700, Andrew Morton wrote:
> > > > On Wed, 7 Aug 2019 16:45:30 -0400 Joel Fernandes
> > > >
On Tue, 2019-08-13 at 10:23 +0200, Greg Kroah-Hartman wrote:
> On Tue, Aug 13, 2019 at 08:09:15AM +0200, Knut Omang wrote:
> > and in the making::
> >
> > kunit/(kernel only (UML))
>
> You are going to have to integrate this with kunit, to come up with a
> superset of both
On Mon 12-08-19 20:14:38, Jann Horn wrote:
> On Wed, Aug 7, 2019 at 7:16 PM Joel Fernandes (Google)
> wrote:
> > The page_idle tracking feature currently requires looking up the pagemap
> > for a process followed by interacting with /sys/kernel/mm/page_idle.
> > Looking up PFN from pagemap in Andr
Hi Mark,
On Mon, Aug 12, 2019 at 5:31 PM Mark Rutland wrote:
>
> On Tue, Jul 23, 2019 at 09:16:28AM +, Ganapatrao Kulkarni wrote:
> > CCPI2 is a low-latency high-bandwidth serial interface for connecting
> > ThunderX2 processors. This patch adds support to capture CCPI2 perf events.
>
> It wo
On Tue, Aug 13, 2019 at 04:25:15PM +0530, Ganapatrao Kulkarni wrote:
> Hi Mark,
>
> On Mon, Aug 12, 2019 at 5:31 PM Mark Rutland wrote:
> >
> > On Tue, Jul 23, 2019 at 09:16:28AM +, Ganapatrao Kulkarni wrote:
> > > CCPI2 is a low-latency high-bandwidth serial interface for connecting
> > > Th
On Mon, Aug 12, 2019 at 06:36:12PM +0100, Catalin Marinas wrote:
> On Fri, Aug 09, 2019 at 07:10:18AM -0700, Dave Hansen wrote:
> > On 8/8/19 10:27 AM, Catalin Marinas wrote:
> > > On Wed, Aug 07, 2019 at 01:38:16PM -0700, Dave Hansen wrote:
> > >> Also, shouldn't this be converted over to an arch_
On Tue, 2019-08-13 at 01:17 -0700, Brendan Higgins wrote:
> On Mon, Aug 12, 2019 at 11:11 PM Knut Omang wrote:
> [...]
> > Alan Maguire (3):
> > ktf: Implementation of ktf support for overriding function entry and
> > return.
> > ktf: A simple debugfs interface to test results
> > ktf: Simp
On Mon, Aug 12, 2019 at 03:13:17PM -0600, Jonathan Corbet wrote:
> On Mon, 12 Aug 2019 19:06:31 +0300
> Andy Shevchenko wrote:
>
> > In C is a valid construction to have an anonymous enumerator.
> >
> > Though we have now:
> >
> > drivers/pinctrl/intel/pinctrl-intel.c:240: error: Cannot parse
On Tue, Aug 13, 2019 at 03:19:12PM +0300, Andy Shevchenko wrote:
> On Mon, Aug 12, 2019 at 03:13:17PM -0600, Jonathan Corbet wrote:
> > On Mon, 12 Aug 2019 19:06:31 +0300
> > Andy Shevchenko wrote:
> >
> > > In C is a valid construction to have an anonymous enumerator.
> > >
> > > Though we have
On Tue, Aug 13, 2019 at 08:05:40AM +0200, Greg Kroah-Hartman wrote:
> On Mon, Aug 12, 2019 at 05:49:17PM -0400, Joel Fernandes (Google) wrote:
> > Check if lockdep lock checking is disabled. If so, then do not define
> > device_links_read_lock_held(). It is used only from places where lockdep
> > c
On Tue, Aug 13, 2019 at 09:39:05AM -0400, Joel Fernandes wrote:
[snip]
> > > drivers/base/core.c | 4 +++-
> > > 1 file changed, 3 insertions(+), 1 deletion(-)
> > >
> > > diff --git a/drivers/base/core.c b/drivers/base/core.c
> > > index 32cf83d1c744..c22271577c84 100644
> > > --- a/drivers/bas
On Tue, Aug 13, 2019 at 11:14:30AM +0200, Michal Hocko wrote:
> On Mon 12-08-19 10:56:20, Joel Fernandes wrote:
> > On Thu, Aug 08, 2019 at 10:00:44AM +0200, Michal Hocko wrote:
> > > On Wed 07-08-19 17:31:05, Joel Fernandes wrote:
> > > > On Wed, Aug 07, 2019 at 01:58:40PM -0700, Andrew Morton wro
On Tue, Aug 13, 2019 at 3:13 PM Knut Omang wrote:
>
> C++ libraries interfacing to C APIs might sometimes need some glue
> logic more easily written in C.
> Allow a C++ library to also contain 0 or more C objects.
>
> Also fix rules for both C and C++ shared libraries:
> - C++ shared libraries dep
On Tue 13-08-19 09:51:52, Joel Fernandes wrote:
> On Tue, Aug 13, 2019 at 11:14:30AM +0200, Michal Hocko wrote:
> > On Mon 12-08-19 10:56:20, Joel Fernandes wrote:
> > > On Thu, Aug 08, 2019 at 10:00:44AM +0200, Michal Hocko wrote:
> > > > On Wed 07-08-19 17:31:05, Joel Fernandes wrote:
> > > > > O
On Tue, Aug 13, 2019 at 12:08:56PM +0200, Michal Hocko wrote:
> On Mon 12-08-19 20:14:38, Jann Horn wrote:
> > On Wed, Aug 7, 2019 at 7:16 PM Joel Fernandes (Google)
> > wrote:
> > > The page_idle tracking feature currently requires looking up the pagemap
> > > for a process followed by interactin
On Wed, Jun 19, 2019 at 05:19:55PM +0300, Andy Shevchenko wrote:
> After the commit cf65a0f6f6ff
>
> ("dma-mapping: move all DMA mapping code to kernel/dma")
>
> some of the files are referring to outdated information, i.e. old file names
> of DMA mapping sources.
>
> Fix it here.
>
> Note, t
On Tue, Aug 13, 2019 at 04:14:32PM +0200, Michal Hocko wrote:
[snip]
> > > If the API is flawed then this is likely going
> > > to kick us later and will be hard to fix. I am still not convinced about
> > > the swap part of the thing TBH.
> >
> > Ok, then let us discuss it. As I mentioned before,
On Tue, Aug 13, 2019 at 05:42:22PM +0300, Andy Shevchenko wrote:
> On Wed, Jun 19, 2019 at 05:19:55PM +0300, Andy Shevchenko wrote:
> > After the commit cf65a0f6f6ff
> >
> > ("dma-mapping: move all DMA mapping code to kernel/dma")
> >
> > some of the files are referring to outdated information,
On Tue 13-08-19 10:45:17, Joel Fernandes wrote:
> On Tue, Aug 13, 2019 at 04:14:32PM +0200, Michal Hocko wrote:
> [snip]
> > > > If the API is flawed then this is likely going
> > > > to kick us later and will be hard to fix. I am still not convinced about
> > > > the swap part of the thing TBH.
>
On Wed 07-08-19 13:15:55, Joel Fernandes (Google) wrote:
> Idle page tracking currently does not work well in the following
> scenario:
> 1. mark page-A idle which was present at that time.
> 2. run workload
> 3. page-A is not touched by workload
> 4. *sudden* memory pressure happen so finally
On Tue, Aug 13, 2019 at 4:25 PM Joel Fernandes wrote:
> On Tue, Aug 13, 2019 at 12:08:56PM +0200, Michal Hocko wrote:
> > On Mon 12-08-19 20:14:38, Jann Horn wrote:
> > > On Wed, Aug 7, 2019 at 7:16 PM Joel Fernandes (Google)
> > > wrote:
> > > > The page_idle tracking feature currently requires
On Tue, Aug 13, 2019 at 09:40:14AM -0400, Joel Fernandes wrote:
> On Tue, Aug 13, 2019 at 09:39:05AM -0400, Joel Fernandes wrote:
> [snip]
> > > > drivers/base/core.c | 4 +++-
> > > > 1 file changed, 3 insertions(+), 1 deletion(-)
> > > >
> > > > diff --git a/drivers/base/core.c b/drivers/base/
On Tue, Aug 13, 2019 at 12:09 PM Michal Hocko wrote:
> On Mon 12-08-19 20:14:38, Jann Horn wrote:
> > On Wed, Aug 7, 2019 at 7:16 PM Joel Fernandes (Google)
> > wrote:
> > > The page_idle tracking feature currently requires looking up the pagemap
> > > for a process followed by interacting with /
On Mon, Aug 12, 2019 at 08:14:38PM +0200, Jann Horn wrote:
[snip]
> > +/* Helper to get the start and end frame given a pos and count */
> > +static int page_idle_get_frames(loff_t pos, size_t count, struct mm_struct
> > *mm,
> > + unsigned long *start, unsigned long
On Tue, Aug 13, 2019 at 05:04:50PM +0200, Michal Hocko wrote:
> On Wed 07-08-19 13:15:55, Joel Fernandes (Google) wrote:
> > Idle page tracking currently does not work well in the following
> > scenario:
> > 1. mark page-A idle which was present at that time.
> > 2. run workload
> > 3. page-A is
On 8/13/19 5:29 PM, Jann Horn wrote:
> On Tue, Aug 13, 2019 at 12:09 PM Michal Hocko wrote:
>> On Mon 12-08-19 20:14:38, Jann Horn wrote:
>>> On Wed, Aug 7, 2019 at 7:16 PM Joel Fernandes (Google)
>>> wrote:
The page_idle tracking feature currently requires looking up the pagemap
for a
On Tue, Aug 13, 2019 at 5:30 PM Joel Fernandes wrote:
> On Mon, Aug 12, 2019 at 08:14:38PM +0200, Jann Horn wrote:
> [snip]
> > > +/* Helper to get the start and end frame given a pos and count */
> > > +static int page_idle_get_frames(loff_t pos, size_t count, struct
> > > mm_struct *mm,
> > > +
On Tue, 2019-08-13 at 23:01 +0900, Masahiro Yamada wrote:
> On Tue, Aug 13, 2019 at 3:13 PM Knut Omang wrote:
> >
> > C++ libraries interfacing to C APIs might sometimes need some glue
> > logic more easily written in C.
> > Allow a C++ library to also contain 0 or more C objects.
> >
> > Also fix
Recently a discussion about stability and performance of a system
involving a high rate of kfree_rcu() calls surfaced on the list [1]
which led to another discussion how to prepare for this situation.
This patch adds basic batching support for kfree_rcu(). It is "basic"
because we do none of the s
This test runs kfree_rcu in a loop to measure performance of the new
kfree_rcu batching functionality.
The following table shows results when booting with arguments:
rcuperf.kfree_loops=20 rcuperf.kfree_alloc_num=1000 rcuperf.kfree_rcu_test=1
In addition, rcuperf.kfree_no_batch is used to tog
On Tue, Aug 13, 2019 at 2:51 AM Knut Omang wrote:
>
> On Tue, 2019-08-13 at 10:23 +0200, Greg Kroah-Hartman wrote:
> > On Tue, Aug 13, 2019 at 08:09:15AM +0200, Knut Omang wrote:
> > > and in the making::
> > >
> > > kunit/(kernel only (UML))
> >
> > You are going to have t
On Tue, Aug 13, 2019 at 4:29 AM Knut Omang wrote:
>
> On Tue, 2019-08-13 at 01:17 -0700, Brendan Higgins wrote:
> > On Mon, Aug 12, 2019 at 11:11 PM Knut Omang wrote:
> > [...]
> > > Alan Maguire (3):
> > > ktf: Implementation of ktf support for overriding function entry and
> > > return.
> >
It wasn't obvious that this was a command to run based on 'make help',
so add it to the top-level help for devicetree builds. Also, add an
example to the documentation to show that db_binding_check can be run
with DT_SCHEMA_FILES= to only check one schema file instead of all of
them.
Cc: Masahiro
On Tue, Aug 13, 2019 at 01:00:45PM -0400, Joel Fernandes (Google) wrote:
> Recently a discussion about stability and performance of a system
> involving a high rate of kfree_rcu() calls surfaced on the list [1]
> which led to another discussion how to prepare for this situation.
Looks much improve
On Tue, Aug 13, 2019 at 05:34:16PM +0200, Daniel Gruss wrote:
> On 8/13/19 5:29 PM, Jann Horn wrote:
> > On Tue, Aug 13, 2019 at 12:09 PM Michal Hocko wrote:
> >> On Mon 12-08-19 20:14:38, Jann Horn wrote:
> >>> On Wed, Aug 7, 2019 at 7:16 PM Joel Fernandes (Google)
> >>> wrote:
> The page_i
On Tue, Aug 13, 2019 at 6:37 PM Joel Fernandes wrote:
>
> On Tue, Aug 13, 2019 at 05:04:50PM +0200, Michal Hocko wrote:
> > On Wed 07-08-19 13:15:55, Joel Fernandes (Google) wrote:
> > > Idle page tracking currently does not work well in the following
> > > scenario:
> > > 1. mark page-A idle whi
Intel has published Control-flow Enforcement (CET) in the Architecture
Instruction Set Extensions Programming Reference:
https://software.intel.com/en-us/download/intel-architecture-instruction-set-
extensions-programming-reference
The previous version (v7) of CET Shadow Stack patches is here
The shadow stack for clone/fork is handled as the following:
(1) If ((clone_flags & (CLONE_VFORK | CLONE_VM)) == CLONE_VM),
the kernel allocates (and frees on thread exit) a new SHSTK
for the child.
It is possible for the kernel to complete the clone syscall
and set the child's SH
WRUSS is a new kernel-mode instruction but writes directly to user
shadow stack memory. This is used to construct a return address on
the shadow stack for the signal handler.
This instruction can fault if the user shadow stack is invalid shadow
stack memory. In that case, the kernel does a fixup
A control protection exception is triggered when a control flow transfer
attempt violated shadow stack or indirect branch tracking constraints.
For example, the return address for a RET instruction differs from the
safe copy on the shadow stack; or a JMP instruction arrives at a non-
ENDBR instruct
VM_SHSTK indicates a shadow stack memory area.
The shadow stack is implemented only for the 64-bit kernel.
Signed-off-by: Yu-cheng Yu
---
fs/proc/task_mmu.c | 3 +++
include/linux/mm.h | 8
2 files changed, 11 insertions(+)
diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c
index 731
If a page fault is triggered by a shadow stack access (e.g. call/ret)
or shadow stack management instructions (e.g. wrussq), then bit[6] of
the page fault error code is set.
In access_error(), verify a shadow stack page fault is within a
shadow stack memory area. It is always an error otherwise.
Control-flow Enforcement (CET) MSR contents are XSAVES system states.
To support CET, introduce XSAVES system states first.
XSAVES is a "supervisor" instruction and, comparing to XSAVE, saves
additional "supervisor" states that can be modified only from CPL 0.
However, these states are per-task an
Explain how CET works and the no_cet_shstk/no_cet_ibt kernel
parameters.
Signed-off-by: Yu-cheng Yu
---
.../admin-guide/kernel-parameters.txt | 6 +
Documentation/x86/index.rst | 1 +
Documentation/x86/intel_cet.rst | 269 ++
3 files ch
arch_prctl(ARCH_X86_CET_STATUS, unsigned long *addr)
Return CET feature status.
The parameter 'addr' is a pointer to a user buffer.
On returning to the caller, the kernel fills the following
information:
*addr = SHSTK/IBT status
*(addr + 1) = SHSTK base address
*(addr
This patch adds basic shadow stack enabling/disabling routines.
A task's shadow stack is allocated from memory with VM_SHSTK flag set
and read-only protection. It has a fixed size of RLIMIT_STACK.
Signed-off-by: Yu-cheng Yu
---
arch/x86/include/asm/cet.h| 34 +
arch/x86
When a task does fork(), its shadow stack (SHSTK) must be duplicated
for the child. This patch implements a flow similar to copy-on-write
of an anonymous page, but for SHSTK.
A SHSTK PTE must be RO and dirty. This dirty bit requirement is used
to effect the copying. In copy_one_pte(), clear the
can_follow_write_pte/pmd look for the (RO & DIRTY) PTE/PMD to
verify an exclusive RO page still exists after a broken COW.
A shadow stack PTE is RO & PAGE_DIRTY_SW when it is shared,
otherwise RO & PAGE_DIRTY_HW.
Introduce pte_exclusive() and pmd_exclusive() to also verify a
shadow stack PTE is e
This patch implements THP shadow stack (SHSTK) copying in the same
way as in the previous patch for regular PTE.
In copy_huge_pmd(), clear the dirty bit from the PMD to cause a page
fault upon the next SHSTK access to the PMD. At that time, fix the
PMD and copy/re-use the page.
Signed-off-by: Yu
An ELF file's .note.gnu.property indicates features the executable file
can support. For example, the property GNU_PROPERTY_X86_FEATURE_1_AND
indicates the file supports GNU_PROPERTY_X86_FEATURE_1_IBT and/or
GNU_PROPERTY_X86_FEATURE_1_SHSTK.
With this patch, if an arch needs to setup features fro
When CET Indirect Branch Tracking (IBT) is enabled, the processor expects
every branch target is an ENDBR instruction, or the target's address is
marked as legacy in the legacy code bitmap. The bitmap covers the whole
user-mode address space (TASK_SIZE_MAX for 64-bit, TASK_SIZE for IA32),
and each
From: "H.J. Lu"
Add ENDBR32 to __kernel_vsyscall entry point.
Acked-by: Andy Lutomirski
Signed-off-by: H.J. Lu
Signed-off-by: Yu-cheng Yu
---
arch/x86/entry/vdso/vdso32/system_call.S | 3 +++
1 file changed, 3 insertions(+)
diff --git a/arch/x86/entry/vdso/vdso32/system_call.S
b/arch/x86/e
The indirect branch tracking legacy bitmap takes a large address
space. This causes may_expand_vm() failure on the address limit
check. For a IBT-enabled task, add the bitmap size to the
address limit.
Signed-off-by: Yu-cheng Yu
---
arch/x86/include/asm/mmu_context.h | 10 ++
mm/mmap.c
Look in .note.gnu.property of an ELF file and check if Shadow Stack needs
to be enabled for the task.
Signed-off-by: Yu-cheng Yu
---
arch/x86/Kconfig | 2 ++
arch/x86/include/asm/elf.h | 13 +
arch/x86/kernel/process_64.c | 34 ++
3 file
From: "H.J. Lu"
Add ENDBR64 to vsyscall entry points.
Acked-by: Andy Lutomirski
Signed-off-by: H.J. Lu
Signed-off-by: Yu-cheng Yu
---
arch/x86/entry/vsyscall/vsyscall_emu_64.S | 9 +
1 file changed, 9 insertions(+)
diff --git a/arch/x86/entry/vsyscall/vsyscall_emu_64.S
b/arch/x86/e
Add shadow stack pages to memory accounting.
Signed-off-by: Yu-cheng Yu
---
mm/mmap.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/mm/mmap.c b/mm/mmap.c
index b1a921c0de63..1acded00f003 100644
--- a/mm/mmap.c
+++ b/mm/mmap.c
@@ -1703,6 +1703,9 @@ static inline int accountable_mapping
Add the following shadow stack management instructions.
INCSSP:
Increment shadow stack pointer by the steps specified.
RDSSP:
Read SSP register into a GPR.
SAVEPREVSSP:
Use "prev ssp" token at top of current shadow stack to
create a "restore token" on previous shadow stack.
RSTO
When setting up a signal, the kernel creates a shadow stack restore
token at the current SHSTK address and then stores the token's
address in the signal frame, right after the FPU state. Before
restoring a signal, the kernel verifies and then uses the restore
token to set the SHSTK pointer.
Signe
Add user-mode indirect branch tracking enabling/disabling and
supporting routines.
Signed-off-by: Yu-cheng Yu
---
arch/x86/include/asm/cet.h| 6
arch/x86/include/asm/disabled-features.h | 8 -
arch/x86/kernel/cet.c | 36
From: "H.J. Lu"
When Intel indirect branch tracking is enabled, functions in vDSO which
may be called indirectly must have endbr32 or endbr64 as the first
instruction. Compiler must support -fcf-protection=branch so that it
can be used to compile vDSO.
Acked-by: Andy Lutomirski
Signed-off-by:
From: "H.J. Lu"
With the command-line option, -mx86-used-note=yes, the x86 assembler
in binutils 2.32 and above generates a program property note in a note
section, .note.gnu.property, to encode used x86 ISAs and features.
To exclude .note.gnu.property sections from NOTE segment in x86 kernel
lin
Add REGSET_CET64/REGSET_CET32 to get/set CET MSRs:
IA32_U_CET (user-mode CET settings) and
IA32_PL3_SSP (user-mode shadow stack)
Signed-off-by: Yu-cheng Yu
---
arch/x86/include/asm/fpu/regset.h | 7 +++---
arch/x86/kernel/fpu/regset.c | 41 +++
arch/x86
When emulating a RET, also unwind the task's shadow stack and cancel
the current branch tracking status.
Signed-off-by: Yu-cheng Yu
---
arch/x86/entry/vsyscall/vsyscall_64.c| 29
arch/x86/entry/vsyscall/vsyscall_trace.h | 1 +
2 files changed, 30 insertions(+)
diff
Look in .note.gnu.property of an ELF file and check if Indirect
Branch Tracking needs to be enabled for the task.
Signed-off-by: Yu-cheng Yu
---
arch/x86/Kconfig | 1 +
arch/x86/kernel/process_64.c | 5 +
2 files changed, 6 insertions(+)
diff --git a/arch/x86/Kconfig b/arch/x86/
Add control transfer terminating instructions:
ENDBR64/ENDBR32:
Mark a valid 64/32-bit control transfer endpoint.
Signed-off-by: Yu-cheng Yu
---
arch/x86/lib/x86-opcode-map.txt | 13 +++--
tools/objtool/arch/x86/lib/x86-opcode-map.txt | 13 +++--
2 files change
Restore end branch tracking setting from thread header.
Signed-off-by: Yu-cheng Yu
---
arch/x86/kernel/cet.c | 18 ++
1 file changed, 18 insertions(+)
diff --git a/arch/x86/kernel/cet.c b/arch/x86/kernel/cet.c
index 505a69f476e1..db542bd423cc 100644
--- a/arch/x86/kernel/cet.c
+
From: "H.J. Lu"
Update ARCH_X86_CET_STATUS and ARCH_X86_CET_DISABLE to include
Indirect Branch Tracking features.
Signed-off-by: H.J. Lu
Signed-off-by: Yu-cheng Yu
---
arch/x86/include/uapi/asm/prctl.h | 2 ++
arch/x86/kernel/cet_prctl.c | 4
2 files changed, 6 insertions(+)
diff
The previous version of CET Branch Tracking/PTRACE patches is here:
https://lkml.org/lkml/2019/6/6/1030
Summary of changes from v7:
Change legacy bitmap to a special mapping (patch #14).
Rebase to v5.3-rc4.
Small fixes in response to comments.
H.J. Lu (5):
x86/cet/ibt: Add arch_prctl
The user-mode indirect branch tracking support is done mostly by GCC
to insert ENDBR64/ENDBR32 instructions at branch targets. The kernel
provides CPUID enumeration and feature setup.
Signed-off-by: Yu-cheng Yu
---
arch/x86/Kconfig | 16
arch/x86/Makefile | 7 +++
2 files
When Shadow Stack is enabled, the [R/O + PAGE_DIRTY_HW] setting is
reserved only for the Shadow Stack. Non-Shadow Stack R/O PTEs use
[R/O + PAGE_DIRTY_SW].
When a PTE goes from [R/W + PAGE_DIRTY_HW] to [R/O + PAGE_DIRTY_SW],
it could become a transient Shadow Stack PTE in two cases.
The first ca
There are a few places that need do_mmap() with mm->mmap_sem held.
Create an in-line function for that.
Signed-off-by: Yu-cheng Yu
---
include/linux/mm.h | 18 ++
1 file changed, 18 insertions(+)
diff --git a/include/linux/mm.h b/include/linux/mm.h
index bc58585014c9..275c385f53
Update _PAGE_DIRTY to _PAGE_DIRTY_BITS in split_2MB_gtt_entry().
In order to support Control-flow Enforcement (CET), _PAGE_DIRTY is
now _PAGE_DIRTY_HW or _PAGE_DIRTY_SW.
Signed-off-by: Yu-cheng Yu
---
drivers/gpu/drm/i915/gvt/gtt.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --g
A RO and dirty PTE exists in the following cases:
(a) A page is modified and then shared with a fork()'ed child;
(b) A R/O page that has been COW'ed;
(c) A SHSTK page.
The processor does not read the dirty bit for (a) and (b), but
checks the dirty bit for (c). To prevent the use of non-SHSTK
mem
Introduce Kconfig option X86_INTEL_SHADOW_STACK_USER.
An application has shadow stack protection when all the following are
true:
(1) The kernel has X86_INTEL_SHADOW_STACK_USER enabled,
(2) The running processor supports the shadow stack,
(3) The application is built with shadow stack enabl
Control-flow Enforcement (CET) MSR contents are XSAVES system states.
To support CET, introduce XSAVES system states first.
Signed-off-by: Yu-cheng Yu
---
arch/x86/include/asm/fpu/internal.h | 23 +++-
arch/x86/include/asm/fpu/xstate.h | 4 +-
arch/x86/kernel/fpu/core.c | 26
Intel Control-flow Enforcement Technology (CET) introduces the
following MSRs.
MSR_IA32_U_CET (user-mode CET settings),
MSR_IA32_PL3_SSP (user-mode shadow stack),
MSR_IA32_PL0_SSP (kernel-mode shadow stack),
MSR_IA32_PL1_SSP (Privilege Level 1 shadow stack),
MSR_IA32_PL2_SSP (P
To prevent function call/return spills into the next shadow stack
area, do not merge shadow stack areas.
Signed-off-by: Yu-cheng Yu
---
mm/mmap.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/mm/mmap.c b/mm/mmap.c
index 7e8c3e8ae75f..b1a921c0de63 100644
--- a/mm/mmap.c
+++ b/mm/mmap.
Add CPU feature flags for Control-flow Enforcement Technology (CET).
CPUID.(EAX=7,ECX=0):ECX[bit 7] Shadow stack
CPUID.(EAX=7,ECX=0):EDX[bit 20] Indirect branch tracking
Reviewed-by: Borislav Petkov
Signed-off-by: Yu-cheng Yu
---
arch/x86/include/asm/cpufeatures.h | 2 ++
arch/x86/kernel/cpu/c
Before introducing _PAGE_DIRTY_SW for non-hardware, memory management
purposes in the next patch, rename _PAGE_DIRTY to _PAGE_DIRTY_HW and
_PAGE_BIT_DIRTY to _PAGE_BIT_DIRTY_HW to make these PTE dirty bits
more clear. There are no functional changes in this patch.
Signed-off-by: Yu-cheng Yu
---
On Mon, Aug 12, 2019 at 8:07 PM Masahiro Yamada
wrote:
>
> On Tue, Aug 13, 2019 at 2:34 AM Shaun Tancheff wrote:
> >
> > On Mon, Aug 12, 2019 at 10:24 AM Masahiro Yamada
> > wrote:
> > >
> > > On Fri, Aug 9, 2019 at 9:21 AM Shaun Tancheff wrote:
> > > >
> > > > When building a tree of external
On Tue, Aug 13, 2019 at 12:38 PM Stephen Boyd wrote:
>
> It wasn't obvious that this was a command to run based on 'make help',
> so add it to the top-level help for devicetree builds. Also, add an
> example to the documentation to show that db_binding_check can be run
> with DT_SCHEMA_FILES= to o
On 8/13/19 1:52 PM, Yu-cheng Yu wrote:
> To prevent function call/return spills into the next shadow stack
> area, do not merge shadow stack areas.
How does this prevent call/return spills?
Quoting Rob Herring (2019-08-13 15:32:48)
> On Tue, Aug 13, 2019 at 12:38 PM Stephen Boyd wrote:
> >
> > It wasn't obvious that this was a command to run based on 'make help',
> > so add it to the top-level help for devicetree builds. Also, add an
> > example to the documentation to show that db_b
On Tue, Aug 13, 2019 at 2:02 PM Yu-cheng Yu wrote:
>
> When a task does fork(), its shadow stack (SHSTK) must be duplicated
> for the child. This patch implements a flow similar to copy-on-write
> of an anonymous page, but for SHSTK.
>
> A SHSTK PTE must be RO and dirty. This dirty bit requireme
> +#if defined(CONFIG_X86_INTEL_SHADOW_STACK_USER)
> +static inline pte_t pte_move_flags(pte_t pte, pteval_t from, pteval_t to)
> +{
> + if (pte_flags(pte) & from)
> + pte = pte_set_flags(pte_clear_flags(pte, from), to);
> + return pte;
Why is this conditional on the compile op
On Aug 13, 2019, at 4:02 PM, Dave Hansen wrote:
>>
>> static inline pte_t pte_mkwrite(pte_t pte)
>> {
>> +pte = pte_move_flags(pte, _PAGE_DIRTY_SW, _PAGE_DIRTY_HW);
>>return pte_set_flags(pte, _PAGE_RW);
>> }
>
> It also isn't clear to me why this *must* move bits here. Its doubly
>
Hi Knut,
On Wed, Aug 14, 2019 at 1:19 AM Knut Omang wrote:
>
> On Tue, 2019-08-13 at 23:01 +0900, Masahiro Yamada wrote:
> > On Tue, Aug 13, 2019 at 3:13 PM Knut Omang wrote:
> > >
> > > C++ libraries interfacing to C APIs might sometimes need some glue
> > > logic more easily written in C.
> >
On Wed, 2019-08-14 at 11:02 +0900, Masahiro Yamada wrote:
> Hi Knut,
>
> On Wed, Aug 14, 2019 at 1:19 AM Knut Omang wrote:
> > On Tue, 2019-08-13 at 23:01 +0900, Masahiro Yamada wrote:
> > > On Tue, Aug 13, 2019 at 3:13 PM Knut Omang wrote:
> > > > C++ libraries interfacing to C APIs might somet
On Wed, 2019-08-14 at 11:02 +0900, Masahiro Yamada wrote:
> Hi Knut,
>
> On Wed, Aug 14, 2019 at 1:19 AM Knut Omang wrote:
> > On Tue, 2019-08-13 at 23:01 +0900, Masahiro Yamada wrote:
> > > On Tue, Aug 13, 2019 at 3:13 PM Knut Omang wrote:
> > > > C++ libraries interfacing to C APIs might somet
Add support for expectations, which allow properties to be specified and
then verified in tests.
Signed-off-by: Brendan Higgins
Reviewed-by: Greg Kroah-Hartman
Reviewed-by: Logan Gunthorpe
Reviewed-by: Stephen Boyd
---
include/kunit/test.h | 834 ++-
ku
## TL;DR
This revision addresses comments from Stephen and Bjorn Helgaas. Most
changes are pretty minor stuff that doesn't affect the API in anyway.
One significant change, however, is that I added support for freeing
kunit_resource managed resources before the test case is finished via
kunit_reso
96 matches
Mail list logo
