From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id BB8D8C433F5 for ; Mon, 3 Oct 2022 22:46:18 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 55E586B0071; Mon, 3 Oct 2022 18:46:18 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 4E8736B0073; Mon, 3 Oct 2022 18:46:18 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 33C066B0074; Mon, 3 Oct 2022 18:46:18 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 194D36B0071 for ; Mon, 3 Oct 2022 18:46:18 -0400 (EDT) Received: from smtpin06.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id DF496A1EE2 for ; Mon, 3 Oct 2022 22:46:17 +0000 (UTC) X-FDA: 79981123194.06.3E96E63 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by imf03.hostedemail.com (Postfix) with ESMTP id 786C920007 for ; Mon, 3 Oct 2022 22:46:17 +0000 (UTC) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id AA14C61213; Mon, 3 Oct 2022 22:46:16 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id C80B5C433D7; Mon, 3 Oct 2022 22:46:14 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1664837176; bh=GNpI8alyczsGJm34nf0Ut1uPwaRQOXVFL9dF4cNtZQk=; h=In-Reply-To:References:Date:From:To:Cc:Subject:From; b=l5NrlOjA+xnJQvJdHfqNQtithtntGXyAPYfV3GG/kEUPwiYoqsUxCrVI8EnM7uOSV y+uJXh6HzaSsasiix5wDQ3eKm17CWZDkmAIPFun+vuyX71NEX7IID3ZI2NDAvu8t0i V7TrPBva9V8VVA/6kQavONictQcVM+GtvZ0D2KyvRNOMh9lICAMTOuMhN/4hh29Fw0 cyaUBvZzwNy3hCBib7cUUW3RvfxoBqif7iROJ1aXMyzAn5MlOItZWnZ+Mg9zgADBZG 0BMjzGGKPbBT7liCtrLGFC4A/o2norD2d0SakTgBQjQy+F4464KVPaoqDJRSU7mH+i JReRf4jdZeSuw== Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailauth.nyi.internal (Postfix) with ESMTP id 9AB8827C0054; Mon, 3 Oct 2022 18:46:13 -0400 (EDT) Received: from imap48 ([10.202.2.98]) by compute2.internal (MEProxy); Mon, 03 Oct 2022 18:46:13 -0400 X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrfeeitddgudegucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepofgfggfkjghffffhvfevufgtsehttdertderredtnecuhfhrohhmpedftehn ugihucfnuhhtohhmihhrshhkihdfuceolhhuthhosehkvghrnhgvlhdrohhrgheqnecugg ftrfgrthhtvghrnhepveffgfevhfeiteduueetgeevvdevudevteefveffudeiveefuddt leeitdeludfgnecuffhomhgrihhnpehkvghrnhgvlhdrohhrghenucevlhhushhtvghruf hiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpegrnhguhidomhgvshhmthhprghu thhhphgvrhhsohhnrghlihhthidqudduiedukeehieefvddqvdeifeduieeitdekqdhluh htoheppehkvghrnhgvlhdrohhrgheslhhinhhugidrlhhuthhordhush X-ME-Proxy: Feedback-ID: ieff94742:Fastmail Received: by mailuser.nyi.internal (Postfix, from userid 501) id 1F2B531A0063; Mon, 3 Oct 2022 18:46:12 -0400 (EDT) X-Mailer: MessagingEngine.com Webmail Interface User-Agent: Cyrus-JMAP/3.7.0-alpha0-1015-gaf7d526680-fm-20220929.001-gaf7d5266 Mime-Version: 1.0 Message-Id: In-Reply-To: <202210031530.9CFB62B39F@keescook> References: <20220929222936.14584-1-rick.p.edgecombe@intel.com> <20220929222936.14584-31-rick.p.edgecombe@intel.com> <202210031530.9CFB62B39F@keescook> Date: Mon, 03 Oct 2022 15:45:50 -0700 From: "Andy Lutomirski" To: "Kees Cook" , "Rick P Edgecombe" Cc: "the arch/x86 maintainers" , "H. Peter Anvin" , "Thomas Gleixner" , "Ingo Molnar" , "Linux Kernel Mailing List" , linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, "Linux API" , "Arnd Bergmann" , "Balbir Singh" , "Borislav Petkov" , "Cyrill Gorcunov" , "Dave Hansen" , "Eugene Syromiatnikov" , "Florian Weimer" , "H.J. Lu" , "Jann Horn" , "Jonathan Corbet" , "Mike Kravetz" , "Nadav Amit" , "Oleg Nesterov" , "Pavel Machek" , "Peter Zijlstra (Intel)" , "Randy Dunlap" , "Shankar, Ravi V" , "Weijiang Yang" , "Kirill A. Shutemov" , "Moreira, Joao" , "john.allen@amd.com" , "kcc@google.com" , "Eranian, Stephane" , "Mike Rapoport" , jamorris@linux.microsoft.com, dethoma@microsoft.com Subject: Re: [PATCH v2 30/39] x86: Expose thread features status in /proc/$PID/arch_status Content-Type: text/plain ARC-Authentication-Results: i=1; imf03.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=l5NrlOjA; spf=pass (imf03.hostedemail.com: domain of luto@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=luto@kernel.org; dmarc=pass (policy=none) header.from=kernel.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1664837177; a=rsa-sha256; cv=none; b=JvgsksA93vYZYUV2KzUIbDiAyciX99Hda8ahO8/IpjGyT5N+AXZbPKiAT/OLKcH5kFsQa9 zJ7pEjkVP9wUVFfA8ADEQNPnmi81ohLMkMrnK1Bg1mgMYnciXTmnYH1Fy+lH2BaVfQNRDZ rYDWQ0nVcw4NIikCMUqwEAwDU4b2dko= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1664837177; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=xSEnrF67E/2ltkAiIP5bxj7Ep8FJN75NOAUPFNmVqWg=; b=RZ+2R9JWP5uEcAnA6FJrYoDIhVWpdM3treQRAQLwejUQzNzrpQTroKk2PVL3FHpgAkxD+z 84D16KF05IETh4NDY7Wbkhi3DTQyzazChgrhN4pp9a3vvpJQnt+DaKlRkeQ2myqtLPE/Nv DMLbwB6Tb8VkKThG7HquaFir6w0DUx0= X-Rspamd-Server: rspam02 X-Rspamd-Queue-Id: 786C920007 X-Rspam-User: Authentication-Results: imf03.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=l5NrlOjA; spf=pass (imf03.hostedemail.com: domain of luto@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=luto@kernel.org; dmarc=pass (policy=none) header.from=kernel.org X-Stat-Signature: 3ixhguptd3m6wijy1qyosb5crg7ajsbe X-HE-Tag: 1664837177-48970 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Mon, Oct 3, 2022, at 3:37 PM, Kees Cook wrote: > On Thu, Sep 29, 2022 at 03:29:27PM -0700, Rick Edgecombe wrote: >> From: "Kirill A. Shutemov" >> >> Applications and loaders can have logic to decide whether to enable CET. >> They usually don't report whether CET has been enabled or not, so there >> is no way to verify whether an application actually is protected by CET >> features. >> >> Add two lines in /proc/$PID/arch_status to report enabled and locked >> features. >> >> Signed-off-by: Kirill A. Shutemov >> [Switched to CET, added to commit log] >> Signed-off-by: Rick Edgecombe >> >> --- >> >> v2: >> - New patch >> >> arch/x86/kernel/Makefile | 2 ++ >> arch/x86/kernel/fpu/xstate.c | 47 --------------------------- >> arch/x86/kernel/proc.c | 63 ++++++++++++++++++++++++++++++++++++ >> 3 files changed, 65 insertions(+), 47 deletions(-) >> create mode 100644 arch/x86/kernel/proc.c > > This is two patches: one to create proc.c, the other to add CET support. > > I found where the "arch_status" conversation was: > https://lore.kernel.org/all/CALCETrUjF9PBmkzH1J86vw4ZW785DP7FtcT+gcSrx29=BUnjoQ@mail.gmail.com/ > > Andy, what did you mean "make sure that everything in it is namespaced"? > Everything already has a field name. And arch_status doesn't exactly > solve having compat fields -- it still needs to be handled manually? > Anyway... we have arch_status, so I guess it's fine. I think I meant that, since it's "arch_status" not "x86_status", the fields should have names like "x86.Thread_features". Otherwise if another architecture adds a Thread_features field, then anything running under something like qemu userspace emulation could be confused. Assuming that's what I meant, I think my comment still stands :)