From patchwork Mon Aug 26 15:01:19 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yuxuan Luo X-Patchwork-Id: 1976874 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=185.125.189.65; helo=lists.ubuntu.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=patchwork.ozlabs.org) Received: from lists.ubuntu.com (lists.ubuntu.com [185.125.189.65]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Wsv5x25FTz1yZd for ; Tue, 27 Aug 2024 01:01:57 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=lists.ubuntu.com) by lists.ubuntu.com with esmtp (Exim 4.86_2) (envelope-from ) id 1sibE4-00028x-Dx; Mon, 26 Aug 2024 15:01:48 +0000 Received: from smtp-relay-internal-1.internal ([10.131.114.114] helo=smtp-relay-internal-1.canonical.com) by lists.ubuntu.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1sibE1-00027i-GW for kernel-team@lists.ubuntu.com; Mon, 26 Aug 2024 15:01:45 +0000 Received: from mail-pl1-f199.google.com (mail-pl1-f199.google.com [209.85.214.199]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id CE0713F453 for ; Mon, 26 Aug 2024 15:01:44 +0000 (UTC) Received: by mail-pl1-f199.google.com with SMTP id d9443c01a7336-201f464e3e8so46768055ad.3 for ; Mon, 26 Aug 2024 08:01:44 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724684502; x=1725289302; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=5zrYeyYzZiVJKRpQCsluhQotfktaDC5YkgAsBgsGuuM=; b=VcxVwWy8QQKO1K5YTD/h/pBCxLrmwNn8ZOcDA51sqjEM0TyKhBwkmjNJoYyOfCzEBo 5CGYiP6ox/bGUW6NnkhJvuinb0IDwlZNpNEVGPI6Y7ABUvz7Ar6kkJUvc9uef2Z0zKnj B6ph/jxEk+k75HJZfnU5QqLtjaYzRyR6IvwOhoULdg75Dc9U3nodGahphH6J9/Eepuf/ w7NHeIVEKZBL2LgzZxem/jsGTq7nC1XTQnbZINUi/K0Oig3HNpHU1OPfbC63Kp9XCln7 AXETxTwxOqw3ONAfxsxnKEhbFjol1uSZ3uvqwevPlLpN2zPWtspk2z2Y+/4i+We0Qj1g nMRQ== X-Gm-Message-State: AOJu0YzBATtkQ+qsPdn//Af+xm9jpoVbK+qaJjL1qs+ja2eAeGrglt/u It33Pir/bq+EbSa+8yvNM7mgNYNIgAoeKuiDirRtKjJ3XOCNBTPBacgIBON9InX2m794RRZ9+0C ghfbdTPxvQ0PhXGD0CfH2aIB1e+CTesZp1spZkA24yL5mQO0PbSCEhm9ILST9XUg1EWS+I35gUB IfxijYxK9tKtfS X-Received: by 2002:a17:902:ecc6:b0:202:671:e5bc with SMTP id d9443c01a7336-2039e4ef402mr113822275ad.42.1724684501896; Mon, 26 Aug 2024 08:01:41 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEVEgdAXNpKwaTE1IBCmVOpFSqdT7HB2lrJ3j2pnR/5DRX4ZETR1t1sFbSpl9iflHWJ3O3o4g== X-Received: by 2002:a17:902:ecc6:b0:202:671:e5bc with SMTP id d9443c01a7336-2039e4ef402mr113821805ad.42.1724684501426; Mon, 26 Aug 2024 08:01:41 -0700 (PDT) Received: from cache-ubuntu.hsd1.nj.comcast.net ([2001:67c:1562:8007::aac:4795]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2038556667bsm68731295ad.7.2024.08.26.08.01.38 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 26 Aug 2024 08:01:39 -0700 (PDT) From: Yuxuan Luo To: kernel-team@lists.ubuntu.com Subject: [PATCH 2/8] x86: Introduce ia32_enabled() Date: Mon, 26 Aug 2024 11:01:19 -0400 Message-Id: <20240826150125.1347359-3-yuxuan.luo@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240826150125.1347359-1-yuxuan.luo@canonical.com> References: <20240826150125.1347359-1-yuxuan.luo@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Nikolay Borisov IA32 support on 64bit kernels depends on whether CONFIG_IA32_EMULATION is selected or not. As it is a compile time option it doesn't provide the flexibility to have distributions set their own policy for IA32 support and give the user the flexibility to override it. As a first step introduce ia32_enabled() which abstracts whether IA32 compat is turned on or off. Upcoming patches will implement the ability to set IA32 compat state at boot time. Signed-off-by: Nikolay Borisov Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/r/20230623111409.3047467-2-nik.borisov@suse.com (cherry picked from commit 1da5c9bc119d3a749b519596b93f9b2667e93c4a) CVE-2024-25744 Signed-off-by: Yuxuan Luo --- arch/x86/entry/common.c | 4 ++++ arch/x86/include/asm/ia32.h | 16 +++++++++++++++- 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/arch/x86/entry/common.c b/arch/x86/entry/common.c index e160f502d1dcf..3ea32cbca6513 100644 --- a/arch/x86/entry/common.c +++ b/arch/x86/entry/common.c @@ -96,6 +96,10 @@ static __always_inline int syscall_32_enter(struct pt_regs *regs) return (int)regs->orig_ax; } +#ifdef CONFIG_IA32_EMULATION +bool __ia32_enabled __ro_after_init = true; +#endif + /* * Invoke a 32-bit syscall. Called with IRQs on in CONTEXT_KERNEL. */ diff --git a/arch/x86/include/asm/ia32.h b/arch/x86/include/asm/ia32.h index fada857f0a1ed..5a2ae24b1204f 100644 --- a/arch/x86/include/asm/ia32.h +++ b/arch/x86/include/asm/ia32.h @@ -68,6 +68,20 @@ extern void ia32_pick_mmap_layout(struct mm_struct *mm); #endif -#endif /* CONFIG_IA32_EMULATION */ +extern bool __ia32_enabled; + +static inline bool ia32_enabled(void) +{ + return __ia32_enabled; +} + +#else /* !CONFIG_IA32_EMULATION */ + +static inline bool ia32_enabled(void) +{ + return IS_ENABLED(CONFIG_X86_32); +} + +#endif #endif /* _ASM_X86_IA32_H */