Commit bbd99922 authored by Benjamin Gray's avatar Benjamin Gray Committed by Michael Ellerman
Browse files

powerpc/dexcr: Reset DEXCR value across exec 



Inheriting the DEXCR across exec can have security and usability
concerns. If a program is compiled with hash instructions it generally
expects to run with NPHIE enabled. But if the parent process disables
NPHIE then if it's not careful it will be disabled for any children too
and the protection offered by hash checks is basically worthless.

This patch introduces a per-process reset value that new execs in a
particular process tree are initialized with. This enables fine grained
control over what DEXCR value child processes run with by default.
For example, containers running legacy binaries that expect hash
instructions to act as NOPs could configure the reset value of the
container root to control the default reset value for all members of
the container.

Signed-off-by: default avatarBenjamin Gray <bgray@linux.ibm.com>
[mpe: Add missing SPDX tag on dexcr.c]
Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
Link: https://msgid.link/20240417112325.728010-4-bgray@linux.ibm.com
parent 75171f06

arch/powerpc/include/asm/processor.h

+1 −1
Original line number Diff line number Diff line
@@ -261,7 +261,7 @@ struct thread_struct { 
	unsigned long   sier3;

	unsigned long	hashkeyr;

	unsigned long	dexcr;



	unsigned long	dexcr_onexec;	/* Reset value to load on exec */

#endif

};

arch/powerpc/kernel/Makefile

+1 −0
Original line number Diff line number Diff line
@@ -87,6 +87,7 @@ obj-$(CONFIG_HAVE_HW_BREAKPOINT) += hw_breakpoint.o 
obj-$(CONFIG_PPC_DAWR)		+= dawr.o

obj-$(CONFIG_PPC_BOOK3S_64)	+= cpu_setup_ppc970.o cpu_setup_pa6t.o

obj-$(CONFIG_PPC_BOOK3S_64)	+= cpu_setup_power.o

obj-$(CONFIG_PPC_BOOK3S_64)	+= dexcr.o

obj-$(CONFIG_PPC_BOOK3S_64)	+= mce.o mce_power.o

obj-$(CONFIG_PPC_BOOK3E_64)	+= exceptions-64e.o idle_64e.o

obj-$(CONFIG_PPC_BARRIER_NOSPEC) += security.o

arch/powerpc/kernel/dexcr.c

0 → 100644
+23 −0
Original line number Diff line number Diff line 
// SPDX-License-Identifier: GPL-2.0-or-later



#include <linux/capability.h>

#include <linux/cpu.h>

#include <linux/init.h>

#include <linux/prctl.h>

#include <linux/sched.h>



#include <asm/cpu_has_feature.h>

#include <asm/cputable.h>

#include <asm/processor.h>

#include <asm/reg.h>



static int __init init_task_dexcr(void)

{

	if (!early_cpu_has_feature(CPU_FTR_ARCH_31))

		return 0;



	current->thread.dexcr_onexec = mfspr(SPRN_DEXCR);



	return 0;

}

early_initcall(init_task_dexcr)

arch/powerpc/kernel/process.c

+7 −0
Original line number Diff line number Diff line
@@ -1641,6 +1641,13 @@ void arch_setup_new_exec(void) 
	current->thread.regs->amr  = default_amr;

	current->thread.regs->iamr  = default_iamr;

#endif



#ifdef CONFIG_PPC_BOOK3S_64

	if (cpu_has_feature(CPU_FTR_ARCH_31)) {

		current->thread.dexcr = current->thread.dexcr_onexec;

		mtspr(SPRN_DEXCR, current->thread.dexcr);

	}

#endif /* CONFIG_PPC_BOOK3S_64 */

}



#ifdef CONFIG_PPC64