[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v3 0/3] target/arm: Implement an IMPDEF pauth algorithm
|
From: |
Mark Rutland |
|
Subject: |
Re: [PATCH v3 0/3] target/arm: Implement an IMPDEF pauth algorithm |
|
Date: |
Mon, 19 Oct 2020 15:28:14 +0100 |
Hi Richard,
Thanks again for this, and sorry for the radiosilence -- I broke my arm
the weekend this was sent, and once I had recovered enough to use a
computer again this had slipped off my TODO list.
I've just given this a go, applied atop of this morning's HEAD commit
(ba2a9a9e6318bfd93a2306dec40137e198205b86), which only had trivial
diff conflicts.
With a somewhat instrumented kernel booted under TCG with cpu=max, I see:
* pauth=off
takes ~20s real time to boot to a prompt
* pauth=on
takes ~250s real time to boot to a prompt
* pauth=on,pauth-impdef=true
takes ~35s real time to boot to a prompt
... which is a significant improvement, and makes this usable for
my testing setup!
I also checked that this caught pointer modification, which it does:
| # echo CORRUPT_PAC > /sys/kernel/debug/provoke-crash/DIRECT
| [ 92.897446] lkdtm: Performing direct entry CORRUPT_PAC
| [ 92.899007] lkdtm: changing PAC parameters to force function return
failure...
| [ 92.901989] Unable to handle kernel paging request at virtual address
bfffbe2dc161abac
| [ 92.904137] Mem abort info:
| [ 92.905480] ESR = 0x86000004
| [ 92.906613] EC = 0x21: IABT (current EL), IL = 32 bits
| [ 92.908480] SET = 0, FnV = 0
| [ 92.909381] EA = 0, S1PTW = 0
| [ 92.910566] [bfffbe2dc161abac] address between user and kernel address
ranges
| [ 92.913238] Internal error: Oops: 86000004 [#1] PREEMPT SMP
| [ 92.915670] CPU: 1 PID: 244 Comm: bash Not tainted
5.9.0-rc3-00106-g2634241baafc #6
| [ 92.917251] Hardware name: linux,dummy-virt (DT)
| [ 92.919361] pstate: 80400005 (Nzcv daif +PAN -UAO BTYPE=--)
| [ 92.921284] pc : 0xbfffbe2dc161abac
| [ 92.923882] lr : lkdtm_CORRUPT_PAC+0x84/0xc4
| [ 92.925219] sp : ffff800010583c80
| [ 92.926372] x29: ffff800010583c80 x28: ffff0001f5fac600
| [ 92.928594] x27: 0000000000000000 x26: ffffbe2dc2b6e648
| [ 92.930249] x25: ffff800010583df0 x24: 000000000000000c
| [ 92.932146] x23: ffff0001f15fb000 x22: ffffbe2dc31dfdc0
| [ 92.933807] x21: ffffbe2dc2b6e728 x20: 000000000000000c
| [ 92.935812] x19: 0000000000000001 x18: 0080000000000000
| [ 92.937663] x17: 0000000000000000 x16: 0000000000000000
| [ 92.939341] x15: 0000000000000001 x14: ffffbe2dc3e42810
| [ 92.940959] x13: 0000000000000001 x12: 0000000000000000
| [ 92.942679] x11: ffffbe2dc2e0f4c8 x10: ffffbe2dc2817530
| [ 92.944855] x9 : 6b20657479622d32 x8 : 3320646e61707865
| [ 92.946847] x7 : 00000000beb3692b x6 : ffff0001f5fad3d8
| [ 92.948936] x5 : ffff0001f5fac600 x4 : 0000000000000000
| [ 92.950721] x3 : ffffbe2dc0600000 x2 : ffffbe2dc2840000
| [ 92.952615] x1 : ffff0001f5fac600 x0 : 0000000000000000
| [ 92.954758] Call trace:
| [ 92.956237] 0xbfffbe2dc161abac
| [ 92.957753] lkdtm_do_action+0x3c/0x50
| [ 92.959378] direct_entry+0x1a4/0x268
| [ 92.961202] full_proxy_write+0x94/0xd8
| [ 92.962779] vfs_write+0x138/0x350
| [ 92.964500] ksys_write+0x98/0x168
| [ 92.965930] __arm64_sys_write+0x24/0x38
| [ 92.967731] el0_svc_common.constprop.3+0xe8/0x258
| [ 92.969384] do_el0_svc+0xb4/0xf8
| [ 92.970696] el0_sync_handler+0x1a8/0x218
| [ 92.972497] el0_sync+0x158/0x180
| [ 92.974560] Code: bad PC value
| [ 92.976782] ---[ end trace 434c9ef9ca3d6114 ]---
... so this all looks good to me, and it would be nice to see merged!
Feel free to add:
Tested-by: Mark Rutland <mark.rutland@arm.com>
Thanks,
Mark.