arm64: sync kernel APIAKey when installing

mrutland-arm · ctmarinas · commit 3fabb43818c9 · 2020-04-21T15:52:56.000+01:00
A direct write to a APxxKey_EL1 register requires a context synchronization event to ensure that indirect reads made by subsequent instructions (e.g. AUTIASP, PACIASP) observe the new value. When we initialize the boot task's APIAKey in boot_init_stack_canary() via ptrauth_keys_switch_kernel() we miss the necessary ISB, and so there is a window where instructions are not guaranteed to use the new APIAKey value. This has been observed to result in boot-time crashes where PACIASP and AUTIASP within a function used a mixture of the old and new key values. Fix this by having ptrauth_keys_switch_kernel() synchronize the new key value with an ISB. At the same time, __ptrauth_key_install() is renamed to __ptrauth_key_install_nosync() so that it is obvious that this performs no synchronization itself. Fixes: 2832158 ("arm64: initialize ptrauth keys for kernel booting task") Signed-off-by: Mark Rutland <mark.rutland@arm.com> Reported-by: Will Deacon <will@kernel.org> Cc: Amit Daniel Kachhap <amit.kachhap@arm.com> Cc: Marc Zyngier <maz@kernel.org> Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> Tested-by: Will Deacon <will@kernel.org>
diff --git a/arch/arm64/include/asm/pointer_auth.h b/arch/arm64/include/asm/pointer_auth.h
@@ -47,7 +47,7 @@ static inline void ptrauth_keys_init_user(struct ptrauth_keys_user *keys)
 		get_random_bytes(&keys->apga, sizeof(keys->apga));
 }
 
-#define __ptrauth_key_install(k, v)				\
+#define __ptrauth_key_install_nosync(k, v)			\
 do {								\
 	struct ptrauth_key __pki_v = (v);			\
 	write_sysreg_s(__pki_v.lo, SYS_ ## k ## KEYLO_EL1);	\
@@ -62,8 +62,11 @@ static __always_inline void ptrauth_keys_init_kernel(struct ptrauth_keys_kernel
 
 static __always_inline void ptrauth_keys_switch_kernel(struct ptrauth_keys_kernel *keys)
 {
-	if (system_supports_address_auth())
-		__ptrauth_key_install(APIA, keys->apia);
+	if (!system_supports_address_auth())
+		return;
+
+	__ptrauth_key_install_nosync(APIA, keys->apia);
+	isb();
 }
 
 extern int ptrauth_prctl_reset_keys(struct task_struct *tsk, unsigned long arg);

Original file line number	Diff line number	Diff line change
`@@ -47,7 +47,7 @@ static inline void ptrauth_keys_init_user(struct ptrauth_keys_user *keys)`
`47`	`47`	`get_random_bytes(&keys->apga, sizeof(keys->apga));`
`48`	`48`	`}`
`49`	`49`
`50`		`-#define __ptrauth_key_install(k, v) \`
	`50`	`+#define __ptrauth_key_install_nosync(k, v) \`
`51`	`51`	`do { \`
`52`	`52`	`struct ptrauth_key __pki_v = (v); \`
`53`	`53`	`write_sysreg_s(__pki_v.lo, SYS_ ## k ## KEYLO_EL1); \`
`@@ -62,8 +62,11 @@ static __always_inline void ptrauth_keys_init_kernel(struct ptrauth_keys_kernel`
`62`	`62`
`63`	`63`	`static __always_inline void ptrauth_keys_switch_kernel(struct ptrauth_keys_kernel *keys)`
`64`	`64`	`{`
`65`		`- if (system_supports_address_auth())`
`66`		`- __ptrauth_key_install(APIA, keys->apia);`
	`65`	`+ if (!system_supports_address_auth())`
	`66`	`+ return;`
	`67`	`+`
	`68`	`+ __ptrauth_key_install_nosync(APIA, keys->apia);`
	`69`	`+ isb();`
`67`	`70`	`}`
`68`	`71`
`69`	`72`	`extern int ptrauth_prctl_reset_keys(struct task_struct *tsk, unsigned long arg);`