The NetBSD Project

CVS log for src/sys/arch/aarch64/include/asm.h

[BACK] Up to [cvs.NetBSD.org] / src / sys / arch / aarch64 / include

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.9 / (download) - annotate - [select for diffs], Sun Aug 2 06:58:16 2020 UTC (3 years, 8 months ago) by maxv
Branch: MAIN
CVS Tags: thorpej-ifq-base, thorpej-ifq, thorpej-i2c-spi-conf2-base, thorpej-i2c-spi-conf2, thorpej-i2c-spi-conf-base, thorpej-i2c-spi-conf, thorpej-futex2-base, thorpej-futex2, thorpej-futex-base, thorpej-futex, thorpej-cfargs2-base, thorpej-cfargs2, thorpej-cfargs-base, thorpej-cfargs, thorpej-altq-separation-base, thorpej-altq-separation, netbsd-10-base, netbsd-10-0-RELEASE, netbsd-10-0-RC6, netbsd-10-0-RC5, netbsd-10-0-RC4, netbsd-10-0-RC3, netbsd-10-0-RC2, netbsd-10-0-RC1, netbsd-10, cjep_sun2x-base1, cjep_sun2x-base, cjep_sun2x, cjep_staticlib_x-base1, cjep_staticlib_x-base, cjep_staticlib_x, bouyer-sunxi-drm-base, bouyer-sunxi-drm, HEAD
Changes since 1.8: +7 -3 lines
Diff to previous 1.8 (colored)

Add support for Privileged Access Never (ARMv8.1-PAN).

PAN provides the same functionality as SMAP on x86: it forbids kernel
access to userland pages when PSTATE.PAN=1, and allows such accesses when
PSTATE.PAN=0.

We clear SCTLR_SPAN, to guarantee that PAN=1 each time the kernel is
entered. We catch PAN faults and panic right away without further
processing. In copyin, copyout, etc, we temporarily authorize access to
userland pages.

PAN is a very useful exploit mitigation. Reviewed by ryo@, thanks. Tested
on Qemu. Enabled by default.

Revision 1.8 / (download) - annotate - [select for diffs], Mon May 11 03:00:57 2020 UTC (3 years, 11 months ago) by ryo
Branch: MAIN
Changes since 1.7: +2 -2 lines
Diff to previous 1.7 (colored)

"options ARMV83_PAC" is now supported for gcc as well.

- add "-msign-return-address=all" to CFLAGS for gcc when specified options ARMV83_PAC
- AARCH64REG_{READ,WRITE}_INLINE3 macro can now use the APIAKey registers in both gcc and llvm.
  llvm requires asm(".arch armv8.3-a"), whereas gcc requires __attribute__((target("arch=armv8.3-a"))).
- use ".arch armv8.3-a" rather than ".arch armv8.3-a+pac" in *.S for llvm.

Revision 1.2.2.3 / (download) - annotate - [select for diffs], Tue Apr 21 18:42:02 2020 UTC (3 years, 11 months ago) by martin
Branch: phil-wifi
Changes since 1.2.2.2: +18 -0 lines
Diff to previous 1.2.2.2 (colored) to branchpoint 1.2 (colored) next main 1.3 (colored)

Sync with HEAD

Revision 1.6.4.1 / (download) - annotate - [select for diffs], Mon Apr 20 11:28:51 2020 UTC (3 years, 11 months ago) by bouyer
Branch: bouyer-xenpvh
Changes since 1.6: +19 -1 lines
Diff to previous 1.6 (colored) next main 1.7 (colored)

Sync with HEAD

Revision 1.2.2.2 / (download) - annotate - [select for diffs], Mon Apr 13 08:03:27 2020 UTC (4 years ago) by martin
Branch: phil-wifi
Changes since 1.2.2.1: +20 -1 lines
Diff to previous 1.2.2.1 (colored) to branchpoint 1.2 (colored)

Mostly merge changes from HEAD upto 20200411

Revision 1.7 / (download) - annotate - [select for diffs], Sun Apr 12 07:49:58 2020 UTC (4 years ago) by maxv
Branch: MAIN
CVS Tags: phil-wifi-20200421, bouyer-xenpvh-base2, bouyer-xenpvh-base1
Changes since 1.6: +19 -1 lines
Diff to previous 1.6 (colored)

Add support for Pointer Authentication (PAC).

We use the "pac-ret" option, to sign the return instruction pointer on
function entry, and authenticate it on function exit. This acts as a
mitigation against ROP.

The authentication uses a per-lwp (secret) I-A key stored in the 128bit
APIAKey register and part of the lwp context. During lwp creation, the
kernel generates a random key, and during context switches, it installs
the key of the target lwp on the CPU.

Userland cannot read the APIAKey register directly. However, it can sign
its pointers with it, because the register is architecturally shared
between userland and the kernel. Although part of the CPU design, it is
a bit of an undesired behavior, because it allows to forge valid kernel
pointers from userland. To avoid that, we don't share the key with
userland, and rather switch it in EL0<->EL1 transitions. This means that
when userland executes, a different key is loaded in APIAKey than the one
the kernel uses. For now the userland key is a fixed 128bit zero value.

The DDB stack unwinder is changed to strip the authentication code from
the pointers in lr.

Two problems are known:

 * Currently the idlelwps' keys are not really secret. This is because
   the RNG is not yet available when we spawn these lwps. Not overly
   important, but would be nice to fix with UEFI RNG.
 * The key switching in EL0<->EL1 transitions is not the most optimized
   code on the planet. Instead of checking aarch64_pac_enabled, it would
   be better to hot-patch the code at boot time, but there currently is
   no hot-patch support on aarch64.

Tested on Qemu.

Revision 1.5.2.1 / (download) - annotate - [select for diffs], Sat Jan 25 22:38:36 2020 UTC (4 years, 2 months ago) by ad
Branch: ad-namecache
Changes since 1.5: +9 -1 lines
Diff to previous 1.5 (colored) next main 1.6 (colored)

Sync with head.

Revision 1.6 / (download) - annotate - [select for diffs], Sun Jan 19 16:12:56 2020 UTC (4 years, 2 months ago) by skrll
Branch: MAIN
CVS Tags: phil-wifi-20200411, phil-wifi-20200406, is-mlppp-base, is-mlppp, bouyer-xenpvh-base, ad-namecache-base3, ad-namecache-base2
Branch point for: bouyer-xenpvh
Changes since 1.5: +9 -1 lines
Diff to previous 1.5 (colored)

Replace the two copies of the ADDR macro with a centralised adrl macro.
The adrl name matches the one used by armasm.

Revision 1.3.4.1 / (download) - annotate - [select for diffs], Tue Dec 24 17:30:28 2019 UTC (4 years, 3 months ago) by martin
Branch: netbsd-9
CVS Tags: netbsd-9-3-RELEASE, netbsd-9-2-RELEASE, netbsd-9-1-RELEASE, netbsd-9-0-RELEASE, netbsd-9-0-RC2
Changes since 1.3: +9 -1 lines
Diff to previous 1.3 (colored) next main 1.4 (colored)

Pull up following revision(s) (requested by ryo in ticket #574):

	sys/arch/aarch64/include/asm.h: revision 1.5
	sys/arch/aarch64/aarch64/cpuswitch.S: revision 1.13

Add a speculation barrier after the 'eret'.

Some aarch64 cpus speculatively execute instructions after 'eret',
and this potentiates side-channel attack.

from
 https://github.com/torvalds/linux/commit/679db70801da9fda91d26caf13bf5b5ccc74e8e8

Revision 1.5 / (download) - annotate - [select for diffs], Fri Dec 20 07:16:43 2019 UTC (4 years, 3 months ago) by ryo
Branch: MAIN
CVS Tags: ad-namecache-base1, ad-namecache-base
Branch point for: ad-namecache
Changes since 1.4: +10 -1 lines
Diff to previous 1.4 (colored)

Add a speculation barrier after the 'eret'.

Some aarch64 cpus speculatively execute instructions after 'eret',
and this potentiates side-channel attack.

from
 https://github.com/torvalds/linux/commit/679db70801da9fda91d26caf13bf5b5ccc74e8e8

Revision 1.4 / (download) - annotate - [select for diffs], Mon Aug 5 16:24:48 2019 UTC (4 years, 8 months ago) by joerg
Branch: MAIN
CVS Tags: phil-wifi-20191119
Changes since 1.3: +3 -1 lines
Diff to previous 1.3 (colored)

Don't define register replacements when targetting 32bit ARM.

Revision 1.2.2.1 / (download) - annotate - [select for diffs], Mon Jun 10 22:05:43 2019 UTC (4 years, 10 months ago) by christos
Branch: phil-wifi
Changes since 1.2: +4 -1 lines
Diff to previous 1.2 (colored)

Sync with HEAD

Revision 1.1.28.2 / (download) - annotate - [select for diffs], Sat Jul 28 04:37:26 2018 UTC (5 years, 8 months ago) by pgoyette
Branch: pgoyette-compat
CVS Tags: pgoyette-compat-merge-20190127
Changes since 1.1.28.1: +4 -1 lines
Diff to previous 1.1.28.1 (colored) to branchpoint 1.1 (colored) next main 1.2 (colored)

Sync with HEAD

Revision 1.3 / (download) - annotate - [select for diffs], Tue Jul 17 18:08:37 2018 UTC (5 years, 9 months ago) by christos
Branch: MAIN
CVS Tags: phil-wifi-20190609, pgoyette-compat-20190127, pgoyette-compat-20190118, pgoyette-compat-1226, pgoyette-compat-1126, pgoyette-compat-1020, pgoyette-compat-0930, pgoyette-compat-0906, pgoyette-compat-0728, netbsd-9-base, netbsd-9-0-RC1, isaki-audio2-base, isaki-audio2
Branch point for: netbsd-9
Changes since 1.2: +4 -1 lines
Diff to previous 1.2 (colored)

centralize fp,lr definitions

Revision 1.1.28.1 / (download) - annotate - [select for diffs], Sat Apr 7 04:12:11 2018 UTC (6 years ago) by pgoyette
Branch: pgoyette-compat
Changes since 1.1: +1 -101 lines
Diff to previous 1.1 (colored)

Sync with HEAD.  77 conflicts resolved - all of them $NetBSD$

Revision 1.2 / (download) - annotate - [select for diffs], Sun Apr 1 04:35:03 2018 UTC (6 years ago) by ryo
Branch: MAIN
CVS Tags: phil-wifi-base, pgoyette-compat-0625, pgoyette-compat-0521, pgoyette-compat-0502, pgoyette-compat-0422, pgoyette-compat-0415, pgoyette-compat-0407
Branch point for: phil-wifi
Changes since 1.1: +1 -101 lines
Diff to previous 1.1 (colored)

Add initial support for ARMv8 (AARCH64) (by nisimura@ and ryo@)

- sys/arch/evbarm64 is gone and integrated into sys/arch/evbarm. (by skrll@)
- add support fdt. evbarm/conf/GENERIC64 fdt (bcm2837,sunxi,tegra) based generic 64bit kernel config. (by skrll@, jmcneill@)

Revision 1.1.4.2 / (download) - annotate - [select for diffs], Wed Aug 20 00:02:39 2014 UTC (9 years, 8 months ago) by tls
Branch: tls-maxphys
Changes since 1.1.4.1: +108 -0 lines
Diff to previous 1.1.4.1 (colored) to branchpoint 1.1 (colored) next main 1.2 (colored)

Rebase to HEAD as of a few days ago.

Revision 1.1.4.1, Sun Aug 10 05:47:37 2014 UTC (9 years, 8 months ago) by tls
Branch: tls-maxphys
Changes since 1.1: +0 -108 lines
FILE REMOVED

file asm.h was added on branch tls-maxphys on 2014-08-20 00:02:39 +0000

Revision 1.1 / (download) - annotate - [select for diffs], Sun Aug 10 05:47:37 2014 UTC (9 years, 8 months ago) by matt
Branch: MAIN
CVS Tags: tls-maxphys-base-20171202, tls-maxphys-base, prg-localcount2-base3, prg-localcount2-base2, prg-localcount2-base1, prg-localcount2-base, prg-localcount2, pgoyette-localcount-base, pgoyette-localcount-20170426, pgoyette-localcount-20170320, pgoyette-localcount-20170107, pgoyette-localcount-20161104, pgoyette-localcount-20160806, pgoyette-localcount-20160726, pgoyette-localcount, pgoyette-compat-base, pgoyette-compat-0330, pgoyette-compat-0322, pgoyette-compat-0315, perseant-stdc-iso10646-base, perseant-stdc-iso10646, nick-nhusb-base-20170825, nick-nhusb-base-20170204, nick-nhusb-base-20161204, nick-nhusb-base-20161004, nick-nhusb-base-20160907, nick-nhusb-base-20160529, nick-nhusb-base-20160422, nick-nhusb-base-20160319, nick-nhusb-base-20151226, nick-nhusb-base-20150921, nick-nhusb-base-20150606, nick-nhusb-base-20150406, nick-nhusb-base, nick-nhusb, netbsd-8-base, netbsd-8-2-RELEASE, netbsd-8-1-RELEASE, netbsd-8-1-RC1, netbsd-8-0-RELEASE, netbsd-8-0-RC2, netbsd-8-0-RC1, netbsd-8, netbsd-7-nhusb-base-20170116, netbsd-7-nhusb-base, netbsd-7-nhusb, netbsd-7-base, netbsd-7-2-RELEASE, netbsd-7-1-RELEASE, netbsd-7-1-RC2, netbsd-7-1-RC1, netbsd-7-1-2-RELEASE, netbsd-7-1-1-RELEASE, netbsd-7-1, netbsd-7-0-RELEASE, netbsd-7-0-RC3, netbsd-7-0-RC2, netbsd-7-0-RC1, netbsd-7-0-2-RELEASE, netbsd-7-0-1-RELEASE, netbsd-7-0, netbsd-7, matt-nb8-mediatek-base, matt-nb8-mediatek, localcount-20160914, jdolecek-ncq-base, jdolecek-ncq, bouyer-socketcan-base1, bouyer-socketcan-base, bouyer-socketcan
Branch point for: tls-maxphys, pgoyette-compat

Preliminary files for AARCH64 (64-bit ARM) support.
Enough for a distribution build.

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>