October 2022 - linux-morello - op-lists.linaro.org

by Dmitry Kasatkin

Hi, I think this is a good mailing list to share Cheri linux for risc-v project. -Dmitry ---------------------------------------------------------------------------------------------------------------------------------------- From: Dmitry Kasatkin Sent: Wednesday, September 28, 2022 4:23 PM To: cl-cheribsd-discuss(a)lists.cam.ac.uk; cl-cheri-discuss(a)lists.cam.ac.uk; linux-riscv(a)lists.infradead.org Cc: Wang Kui; Jan Erik Ekberg; Horsch, Julian; Ahlrichs, Vincent; Auer, Lukas Subject: Linux support for RISC-V CHERI Hi, I would like to inform that our work on Linux support for RISC-V CHERI has been open sourced on GitHub: https://github.com/cheri-linux CHERI is an experimental ISA exention providing architectural capabilities for different ISAs including RISC-V and ARM. CHERI is not available in mainstream CPUs and available on certain experimental cores for FPGAs. Information about CHERI can be found here: https://www.cl.cam.ac.uk/research/security/ctsrd/cheri This work dedicated to RISC-V and has been done by Huawei and Fraunhofer with the great support from Cambridge University. BR, Dmitry

1 year, 6 months

1
0
0 0

Fw: Linux support for RISC-V CHERI

by Dmitry Kasatkin

Hi, I think this is a good mailing list to share Cheri linux for risc-v project. -Dmitry ________________________________ From: Dmitry Kasatkin Sent: Wednesday, September 28, 2022 4:23 PM To: cl-cheribsd-discuss(a)lists.cam.ac.uk; cl-cheri-discuss(a)lists.cam.ac.uk; linux-riscv(a)lists.infradead.org Cc: Wang Kui; Jan Erik Ekberg; Horsch, Julian; Ahlrichs, Vincent; Auer, Lukas Subject: Linux support for RISC-V CHERI Hi, I would like to inform that our work on Linux support for RISC-V CHERI has been open sourced on GitHub: https://github.com/cheri-linux CHERI is an experimental ISA exention providing architectural capabilities for different ISAs including RISC-V and ARM. CHERI is not available in mainstream CPUs and available on certain experimental cores for FPGAs. Information about CHERI can be found here: https://www.cl.cam.ac.uk/research/security/ctsrd/cheri This work dedicated to RISC-V and has been done by Huawei and Fraunhofer with the great support from Cambridge University. BR, Dmitry

1 year, 6 months

1
0
0 0

Bounds for argv and envp elements

by Yury Khrustalev

Currently, the PCuABI kernel from the "morello/next" branch doesn't set bounds for the elements of argv and envp. I suppose the bounds should be equal to `round_representable(strlen+1)` and currently they appear as 2^64 - 1. Could this be fixed? Thank you! Kind regards, Yury IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

1 year, 6 months

2
1
0 0

capability in shared memory for posix robust mutex

by Szabolcs Nagy

currently a capability store to shared memory (MAP_SHARED) segfaults, but process shared robust mutex requires this to work. the linux design for robust mutex is that each thread has a list of shared robust mutex objects (see set_robust_list system call) that the kernel can walk on thread exit and wake all other waiters of that mutex (with FUTEX_OWNER_DIED). the list pointer is stored in the mutex object itself which is in shared memory in case of a process shared robust mutex. not sure if we can make this to work on morello. example posix code: #include <pthread.h> #include <sys/mman.h> int main() { pthread_mutex_t *m = mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_ANONYMOUS|MAP_SHARED, -1, 0); pthread_mutexattr_t a; pthread_mutexattr_init(&a); pthread_mutexattr_setrobust(&a, PTHREAD_MUTEX_ROBUST); pthread_mutex_init(m, &a); pthread_mutexattr_destroy(&a); pthread_mutex_lock(m); // segfaults in libc return 0; } IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

1 year, 6 months

2
5
0 0

[PATCH v3 0/5] Restore syscall tracing on Morello

by Beata Michalska

Playing around with syscall framework macros broke the syscall tracing badly, see: commit ("arm64/syscalls: Allow syscalls to return capabilities") and: https://git.morello-project.org/morello/kernel/linux/-/issues/35 for the corresponding bug report. This series in an attempt to remedy that. The first patch does some rather controversial thing, but there is already a precedent for that (as of ARCH_HAS_SYSCALL_MATCH_SYM_NAME), so one could say it can be somehow exonerated. The second one tries to get the SYSCALL_METADATA macro aligned with the changes that caused the issue in the first place and, sadly, it is touching other archs code, though the changes are minimal and safe. Note: checkpatch will complain about few things but those are to be ignored. Tracing selftests seem to be happy with the changes. Also verified with some random syscall events. v3: - further splitting of patches ([PATCH 3/4] from v2) - aligning the order of #ifdef defines v2: - split [PATCH 2/3] into generic and Morello specific changes - added dependency on CONFIG_FTRACE_SYSCALLS for ARCH_HAS_SYSCALL_ADDR - improved (hopefully) commit message for previous PATCH 2-3 - small formatting clean-up Review branch: https://git.morello-project.org/Bea/linux/-/commits/morello/ftrace_syscalls… Beata Michalska (5): tracing/syscalls: Reshape arch_syscall_addr tracing/syscalls: Allow amending metadata macro arguments arm64/syscalls: Fix syscalls tracing arm64: morello: ftrace: Use dedicated arch_syscall_addr tracing/signal: Use explicit conversion instead of vague downcast Documentation/trace/ftrace-design.rst | 5 +++-- arch/arm64/include/asm/ftrace.h | 4 ++++ arch/arm64/include/asm/syscall_wrapper.h | 8 ++++++-- arch/arm64/kernel/syscall.c | 12 ++++++++++++ arch/mips/include/asm/ftrace.h | 4 ++++ arch/s390/include/asm/syscall_wrapper.h | 6 +++--- arch/x86/include/asm/syscall_wrapper.h | 2 +- include/linux/syscalls.h | 13 +++++++++---- include/trace/events/signal.h | 4 ++-- kernel/trace/trace_syscalls.c | 4 +++- 10 files changed, 47 insertions(+), 15 deletions(-) -- 2.25.1

1 year, 6 months

3
9
0 0

[PATCH] arm64: entry-ftrace.S: Fix build when CONFIG_ARM64_MORELLO=y

by Kevin Brodsky

When Morello support is enabled, the size of struct pt_regs increases drastically (to make space for capability registers). As a result, PT_REGS_SIZE can unfortunately no longer be used as an immediate for LDP/STP. Use an explicit ADD instead. This fixes the build when CONFIG_ARM64_MORELLO and CONFIG_FUNCTION_TRACER are both selected. Reported-by: Ruben Ayrapetyan <ruben.ayrapetyan(a)arm.com> Signed-off-by: Kevin Brodsky <kevin.brodsky(a)arm.com> --- arch/arm64/kernel/entry-ftrace.S | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/arch/arm64/kernel/entry-ftrace.S b/arch/arm64/kernel/entry-ftrace.S index e535480a4069..66f75e2b2637 100644 --- a/arch/arm64/kernel/entry-ftrace.S +++ b/arch/arm64/kernel/entry-ftrace.S @@ -68,8 +68,9 @@ str x30, [sp, #S_PC] /* Create a frame record for the callsite above pt_regs */ - stp x29, x9, [sp, #PT_REGS_SIZE] - add x29, sp, #PT_REGS_SIZE + add x10, sp, #PT_REGS_SIZE + stp x29, x9, [x10] + mov x29, x10 /* Create our frame record within pt_regs. */ stp x29, x30, [sp, #S_STACKFRAME] -- 2.34.1

1 year, 6 months

3
5
0 0

[PATCH] mm/mmap: disable brk in purecap

by Teo Couprie Diaz

brk should not be implemented in purecap, return -ENOSYS when not in compat. Co-authored-by: Tudor Cretu <tudor.cretu(a)arm.com> Signed-off-by: Teo Couprie Diaz <teo.coupriediaz(a)arm.com> --- Thanks Tudor for providing the code snippet, making it much more clear than my original ideas. mm/mmap.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/mm/mmap.c b/mm/mmap.c index ce282f9d9f8e..1048c358b872 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -194,6 +194,11 @@ static int do_brk_flags(unsigned long addr, unsigned long request, unsigned long struct list_head *uf); SYSCALL_DEFINE1(brk, unsigned long, brk) { +#ifdef CONFIG_CHERI_PURECAP_UABI + if (!in_compat_syscall()) { + return -ENOSYS; + } +#endif unsigned long newbrk, oldbrk, origbrk; struct mm_struct *mm = current->mm; struct vm_area_struct *next; -- 2.25.1

1 year, 6 months

4
6
0 0

[PATCH 0/2] syscalls/brk: Update for purecap and pass in compat64

by Teo Couprie Diaz

This series updates the brk LTP tests to use direct syscalls which makes the compat tests pass on our musl-based distribution. Add a simple sanity check for purecap that will fail if brk is not disabled. Depends on merging the corresponding Linux patch disabling brk : https://op-lists.linaro.org/archives/list/linux-morello@op-lists.linaro.org… Teo Couprie Diaz (2): syscalls/brk: use direct syscall syscalls/brk: add a sanity check for purecap testcases/kernel/syscalls/brk/brk01.c | 35 ++++++++++++++++++++++++--- testcases/kernel/syscalls/brk/brk02.c | 17 +++++++------ 2 files changed, 41 insertions(+), 11 deletions(-) -- 2.25.1

1 year, 6 months

2
4
0 0

[PATCH] arm64: signal: Re-setup morello signal return in rt_sigreturn

by Tudor Cretu

If a signal handler is installed using the sigaction(2) SA_SIGINFO flag, then the signal-related context is accessible to the userspace via the ucontext_t object. This object contains: + the program counter register (i.e., the address of the next instruction in the main program that should be executed when the signal handler returns); + architecture-specific register state required for resuming the interrupted program; + the thread's current signal mask; + the thread's alternate signal stack settings. Therefore, the signal handler can alter the PC and PSTATE. If Morello is supported, ensure that PC's LSB is cleared and PSTATE.C64 is set if the PC was set using C64 ISA. Cc: Harry Ramsey <harry.ramsey(a)arm.com> Signed-off-by: Tudor Cretu <tudor.cretu(a)arm.com> --- Many thanks to Harry (CC'ed) for finding an use case where sigreturn didn't behave as expected. Tested with Musl signal tests. Unfortunetaly, these is no LTP test that touches this functionality. Review branch: https://git.morello-project.org/tudcre01/linux/-/commits/sigreturn_fix_v1 --- arch/arm64/kernel/signal.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/arm64/kernel/signal.c b/arch/arm64/kernel/signal.c index 1dd040c72630..e2527df334a9 100644 --- a/arch/arm64/kernel/signal.c +++ b/arch/arm64/kernel/signal.c @@ -669,6 +669,9 @@ COMPAT_SYSCALL_DEFINE0(rt_sigreturn) if (restore_altstack(&frame->uc.uc_stack)) goto badframe; + if (system_supports_morello()) + morello_setup_signal_return(regs); + #if defined(CONFIG_CHERI_PURECAP_UABI) && !defined(SIGNAL_COMPAT64) return regs->cregs[0]; #else -- 2.25.1

1 year, 6 months

2
2
0 0

[PATCH v2 0/4] Restore syscall tracing on Morello

by Beata Michalska

Playing around with syscall framework macros broke the syscall tracing badly, see: commit bb3fbc44e783 ("arm64/syscalls: Allow syscalls to return capabilities") and: https://git.morello-project.org/morello/kernel/linux/-/issues/35 for the corresponding bug report. This series in an attempt to remedy that. The first patch does some rather controversial thing, but there is already a precedent for that (as of ARCH_HAS_SYSCALL_MATCH_SYM_NAME), so one could say it can be somehow exonerated. The second one tries to get the SYSCALL_METADATA macro aligned with the changes that caused the issue in the first place and, sadly, it is touching other archs code, though the changes are minimal and safe. Note: checkpatch will complain about few things but those are to be ignored. Tracing selftests seem to be happy with the changes. Also verified with some random syscall events. v2: - split [PATCH 2/3] into generic and Morello specific changes - added dependency on CONFIG_FTRACE_SYSCALLS for ARCH_HAS_SYSCALL_ADDR - improved (hopefully) commit message for previous PATCH 2-3 - small formatting clean-up Review branch: https://git.morello-project.org/Bea/linux/-/commits/morello/ftrace_syscalls/ Beata Michalska (4): tracing/syscalls: Reshape arch_syscall_addr tracing/syscalls: Allow amending metadata macro arguments arm64:morello: Get a grip on syscall tracing tracing/signal: Use explicit conversion instead of vague downcast Documentation/trace/ftrace-design.rst | 5 +++-- arch/arm64/include/asm/ftrace.h | 4 ++++ arch/arm64/include/asm/syscall_wrapper.h | 9 ++++++--- arch/arm64/kernel/syscall.c | 12 ++++++++++++ arch/mips/include/asm/ftrace.h | 4 ++++ arch/s390/include/asm/syscall_wrapper.h | 6 +++--- arch/x86/include/asm/syscall_wrapper.h | 2 +- include/linux/syscalls.h | 13 +++++++++---- include/trace/events/signal.h | 4 ++-- kernel/trace/trace_syscalls.c | 4 +++- 10 files changed, 47 insertions(+), 16 deletions(-) -- 2.25.1

1 year, 6 months

2
7
0 0

2024

2023

2022

linux-morello October 2022