subject:"\[v2 7\/7\] x86\: Enable User\-Mode Instruction Prevention"

Re: [v2 7/7] x86: Enable User-Mode Instruction Prevention

2016-12-23 Thread kbuild test robot

Hi Ricardo,

[auto build test WARNING on tip/auto-latest]
[also build test WARNING on next-20161223]
[cannot apply to tip/x86/core v4.9]
[if your patch is applied to the wrong git tree, please drop us a note to help 
improve the system]

url:
https://github.com/0day-ci/linux/commits/Ricardo-Neri/x86-enable-User-Mode-Instruction-Prevention/20161224-094338
config: x86_64-acpi-redef (attached as .config)
compiler: gcc-6 (Debian 6.2.0-3) 6.2.0 20160901
reproduce:
# save the attached .config to linux build tree
make ARCH=x86_64 

All warnings (new ones prefixed by >>):

   arch/x86/kernel/umip.c: In function '__identify_insn':
>> arch/x86/kernel/umip.c:65:1: warning: control reaches end of non-void 
>> function [-Wreturn-type]
}
^

vim +65 arch/x86/kernel/umip.c

78301541 Ricardo Neri 2016-12-23  49return UMIP_SGDT;
78301541 Ricardo Neri 2016-12-23  50case 1:
78301541 Ricardo Neri 2016-12-23  51return UMIP_SIDT;
78301541 Ricardo Neri 2016-12-23  52case 4:
78301541 Ricardo Neri 2016-12-23  53return UMIP_SMSW;
78301541 Ricardo Neri 2016-12-23  54default:
78301541 Ricardo Neri 2016-12-23  55return -EINVAL;
78301541 Ricardo Neri 2016-12-23  56}
78301541 Ricardo Neri 2016-12-23  57} else if (insn->opcode.bytes[1] == 
0x0) {
78301541 Ricardo Neri 2016-12-23  58if 
(X86_MODRM_REG(insn->modrm.value) == 0)
78301541 Ricardo Neri 2016-12-23  59return UMIP_SLDT;
78301541 Ricardo Neri 2016-12-23  60else if 
(X86_MODRM_REG(insn->modrm.value) == 1)
78301541 Ricardo Neri 2016-12-23  61return UMIP_STR;
78301541 Ricardo Neri 2016-12-23  62else
78301541 Ricardo Neri 2016-12-23  63return -EINVAL;
78301541 Ricardo Neri 2016-12-23  64}
78301541 Ricardo Neri 2016-12-23 @65  }
78301541 Ricardo Neri 2016-12-23  66  
78301541 Ricardo Neri 2016-12-23  67  static int __emulate_umip_insn(struct 
insn *insn, enum umip_insn umip_inst,
78301541 Ricardo Neri 2016-12-23  68   unsigned char 
*data, int *data_size)
78301541 Ricardo Neri 2016-12-23  69  {
78301541 Ricardo Neri 2016-12-23  70unsigned long const *dummy_base_addr;
78301541 Ricardo Neri 2016-12-23  71unsigned short dummy_limit = 0;
78301541 Ricardo Neri 2016-12-23  72unsigned short dummy_value = 0;
78301541 Ricardo Neri 2016-12-23  73  

:: The code at line 65 was first introduced by commit
:: 7830154191c35fde49ef59c2b9328f6b32203be4 x86: Add emulation code for 
UMIP instructions

:: TO: Ricardo Neri 
:: CC: 0day robot 

---
0-DAY kernel test infrastructureOpen Source Technology Center
https://lists.01.org/pipermail/kbuild-all   Intel Corporation


.config.gz
Description: application/gzip

Re: [v2 7/7] x86: Enable User-Mode Instruction Prevention

2016-12-23 Thread kbuild test robot

Hi Ricardo,

[auto build test WARNING on tip/auto-latest]
[also build test WARNING on next-20161223]
[cannot apply to tip/x86/core v4.9]
[if your patch is applied to the wrong git tree, please drop us a note to help 
improve the system]

url:
https://github.com/0day-ci/linux/commits/Ricardo-Neri/x86-enable-User-Mode-Instruction-Prevention/20161224-094338
config: x86_64-acpi-redef (attached as .config)
compiler: gcc-6 (Debian 6.2.0-3) 6.2.0 20160901
reproduce:
# save the attached .config to linux build tree
make ARCH=x86_64 

All warnings (new ones prefixed by >>):

   arch/x86/kernel/umip.c: In function '__identify_insn':
>> arch/x86/kernel/umip.c:65:1: warning: control reaches end of non-void 
>> function [-Wreturn-type]
}
^

vim +65 arch/x86/kernel/umip.c

78301541 Ricardo Neri 2016-12-23  49return UMIP_SGDT;
78301541 Ricardo Neri 2016-12-23  50case 1:
78301541 Ricardo Neri 2016-12-23  51return UMIP_SIDT;
78301541 Ricardo Neri 2016-12-23  52case 4:
78301541 Ricardo Neri 2016-12-23  53return UMIP_SMSW;
78301541 Ricardo Neri 2016-12-23  54default:
78301541 Ricardo Neri 2016-12-23  55return -EINVAL;
78301541 Ricardo Neri 2016-12-23  56}
78301541 Ricardo Neri 2016-12-23  57} else if (insn->opcode.bytes[1] == 
0x0) {
78301541 Ricardo Neri 2016-12-23  58if 
(X86_MODRM_REG(insn->modrm.value) == 0)
78301541 Ricardo Neri 2016-12-23  59return UMIP_SLDT;
78301541 Ricardo Neri 2016-12-23  60else if 
(X86_MODRM_REG(insn->modrm.value) == 1)
78301541 Ricardo Neri 2016-12-23  61return UMIP_STR;
78301541 Ricardo Neri 2016-12-23  62else
78301541 Ricardo Neri 2016-12-23  63return -EINVAL;
78301541 Ricardo Neri 2016-12-23  64}
78301541 Ricardo Neri 2016-12-23 @65  }
78301541 Ricardo Neri 2016-12-23  66  
78301541 Ricardo Neri 2016-12-23  67  static int __emulate_umip_insn(struct 
insn *insn, enum umip_insn umip_inst,
78301541 Ricardo Neri 2016-12-23  68   unsigned char 
*data, int *data_size)
78301541 Ricardo Neri 2016-12-23  69  {
78301541 Ricardo Neri 2016-12-23  70unsigned long const *dummy_base_addr;
78301541 Ricardo Neri 2016-12-23  71unsigned short dummy_limit = 0;
78301541 Ricardo Neri 2016-12-23  72unsigned short dummy_value = 0;
78301541 Ricardo Neri 2016-12-23  73  

:: The code at line 65 was first introduced by commit
:: 7830154191c35fde49ef59c2b9328f6b32203be4 x86: Add emulation code for 
UMIP instructions

:: TO: Ricardo Neri 
:: CC: 0day robot 

---
0-DAY kernel test infrastructureOpen Source Technology Center
https://lists.01.org/pipermail/kbuild-all   Intel Corporation


.config.gz
Description: application/gzip

[v2 7/7] x86: Enable User-Mode Instruction Prevention

2016-12-23 Thread Ricardo Neri

User_mode Instruction Prevention (UMIP) is enabled by setting/clearing a
bit in %cr4.

It makes sense to enable UMIP at some point while booting, before user
spaces come up. Like SMAP and SMEP, is not critical to have it enabled
very early during boot. This is because UMIP is relevant only when there is
a userspace to be protected from. Given the similarities in relevance, it
makes sense to enable UMIP along with SMAP and SMEP.

UMIP is enabled by default. It can be disabled by adding clearcpuid=514
to the kernel parameters.

Cc: Andy Lutomirski 
Cc: Andrew Morton 
Cc: H. Peter Anvin 
Cc: Borislav Petkov 
Cc: Brian Gerst 
Cc: Chen Yucong 
Cc: Chris Metcalf 
Cc: Dave Hansen 
Cc: Fenghua Yu 
Cc: Huang Rui 
Cc: Jiri Slaby 
Cc: Jonathan Corbet 
Cc: Michael S. Tsirkin 
Cc: Paul Gortmaker 
Cc: Peter Zijlstra 
Cc: Ravi V. Shankar 
Cc: Shuah Khan 
Cc: Vlastimil Babka 
Cc: Tony Luck 
Cc: Paolo Bonzini 
Cc: Liang Z. Li 
Cc: Alexandre Julliard 
Cc: Stas Sergeev 
Cc: x...@kernel.org
Cc: linux-ms...@vger.kernel.org
Signed-off-by: Ricardo Neri 
---
 arch/x86/Kconfig | 10 ++
 arch/x86/kernel/cpu/common.c | 16 +++-
 2 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index e487493..bae1a8f 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1733,6 +1733,16 @@ config X86_SMAP
 
  If unsure, say Y.
 
+config X86_INTEL_UMIP
+   def_bool y
+   depends on CPU_SUP_INTEL
+   prompt "User Mode Instruction Prevention" if EXPERT
+   ---help---
+ The User Mode Instruction Prevention (UMIP) is a security
+ feature in newer Intel processors. If enabled, a general
+ protection fault is issued if the instructions SGDT, SLDT,
+ SIDT, SMSW and STR are executed in user mode.
+
 config X86_INTEL_MPX
prompt "Intel MPX (Memory Protection Extensions)"
def_bool n
diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index dc1697c..b38a639 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -306,6 +306,19 @@ static __always_inline void setup_smap(struct cpuinfo_x86 
*c)
}
 }
 
+static __always_inline void setup_umip(struct cpuinfo_x86 *c)
+{
+   if (cpu_feature_enabled(X86_FEATURE_UMIP) &&
+   cpu_has(c, X86_FEATURE_UMIP))
+   cr4_set_bits(X86_CR4_UMIP);
+   else
+   /*
+* Make sure UMIP is disabled in case it was enabled in a
+* previous boot (e.g., via kexec).
+*/
+   cr4_clear_bits(X86_CR4_UMIP);
+}
+
 /*
  * Protection Keys are not available in 32-bit mode.
  */
@@ -1059,9 +1072,10 @@ static void identify_cpu(struct cpuinfo_x86 *c)
/* Disable the PN if appropriate */
squash_the_stupid_serial_number(c);
 
-   /* Set up SMEP/SMAP */
+   /* Set up SMEP/SMAP/UMIP */
setup_smep(c);
setup_smap(c);
+   setup_umip(c);
 
/*
 * The vendor-specific functions might have changed features.
-- 
2.9.3

[v2 7/7] x86: Enable User-Mode Instruction Prevention

2016-12-23 Thread Ricardo Neri

User_mode Instruction Prevention (UMIP) is enabled by setting/clearing a
bit in %cr4.

It makes sense to enable UMIP at some point while booting, before user
spaces come up. Like SMAP and SMEP, is not critical to have it enabled
very early during boot. This is because UMIP is relevant only when there is
a userspace to be protected from. Given the similarities in relevance, it
makes sense to enable UMIP along with SMAP and SMEP.

UMIP is enabled by default. It can be disabled by adding clearcpuid=514
to the kernel parameters.

Cc: Andy Lutomirski 
Cc: Andrew Morton 
Cc: H. Peter Anvin 
Cc: Borislav Petkov 
Cc: Brian Gerst 
Cc: Chen Yucong 
Cc: Chris Metcalf 
Cc: Dave Hansen 
Cc: Fenghua Yu 
Cc: Huang Rui 
Cc: Jiri Slaby 
Cc: Jonathan Corbet 
Cc: Michael S. Tsirkin 
Cc: Paul Gortmaker 
Cc: Peter Zijlstra 
Cc: Ravi V. Shankar 
Cc: Shuah Khan 
Cc: Vlastimil Babka 
Cc: Tony Luck 
Cc: Paolo Bonzini 
Cc: Liang Z. Li 
Cc: Alexandre Julliard 
Cc: Stas Sergeev 
Cc: x...@kernel.org
Cc: linux-ms...@vger.kernel.org
Signed-off-by: Ricardo Neri 
---
 arch/x86/Kconfig | 10 ++
 arch/x86/kernel/cpu/common.c | 16 +++-
 2 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index e487493..bae1a8f 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1733,6 +1733,16 @@ config X86_SMAP
 
  If unsure, say Y.
 
+config X86_INTEL_UMIP
+   def_bool y
+   depends on CPU_SUP_INTEL
+   prompt "User Mode Instruction Prevention" if EXPERT
+   ---help---
+ The User Mode Instruction Prevention (UMIP) is a security
+ feature in newer Intel processors. If enabled, a general
+ protection fault is issued if the instructions SGDT, SLDT,
+ SIDT, SMSW and STR are executed in user mode.
+
 config X86_INTEL_MPX
prompt "Intel MPX (Memory Protection Extensions)"
def_bool n
diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index dc1697c..b38a639 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -306,6 +306,19 @@ static __always_inline void setup_smap(struct cpuinfo_x86 
*c)
}
 }
 
+static __always_inline void setup_umip(struct cpuinfo_x86 *c)
+{
+   if (cpu_feature_enabled(X86_FEATURE_UMIP) &&
+   cpu_has(c, X86_FEATURE_UMIP))
+   cr4_set_bits(X86_CR4_UMIP);
+   else
+   /*
+* Make sure UMIP is disabled in case it was enabled in a
+* previous boot (e.g., via kexec).
+*/
+   cr4_clear_bits(X86_CR4_UMIP);
+}
+
 /*
  * Protection Keys are not available in 32-bit mode.
  */
@@ -1059,9 +1072,10 @@ static void identify_cpu(struct cpuinfo_x86 *c)
/* Disable the PN if appropriate */
squash_the_stupid_serial_number(c);
 
-   /* Set up SMEP/SMAP */
+   /* Set up SMEP/SMAP/UMIP */
setup_smep(c);
setup_smap(c);
+   setup_umip(c);
 
/*
 * The vendor-specific functions might have changed features.
-- 
2.9.3

Re: [v2 7/7] x86: Enable User-Mode Instruction Prevention

Re: [v2 7/7] x86: Enable User-Mode Instruction Prevention

[v2 7/7] x86: Enable User-Mode Instruction Prevention

[v2 7/7] x86: Enable User-Mode Instruction Prevention

4 matches

Site Navigation

Mail list logo

Footer information