Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit db4d46fc authored by Catalin Marinas's avatar Catalin Marinas Committed by Alistair Delva
Browse files

UPSTREAM: arm64: Change the tagged_addr sysctl control semantics to only prevent the opt-in 



(Upstream commit 413235fcedc7f61e925fe9818bc3f5eff8ad2494).

First rename the sysctl control to abi.tagged_addr_disabled and make it
default off (zero). When abi.tagged_addr_disabled == 1, only block the
enabling of the TBI ABI via prctl(PR_SET_TAGGED_ADDR_CTRL, PR_TAGGED_ADDR_ENABLE).
Getting the status of the ABI or disabling it is still allowed.

Acked-by: default avatarAndrey Konovalov <andreyknvl@google.com>
Signed-off-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
Signed-off-by: default avatarWill Deacon <will@kernel.org>
Signed-off-by: default avatarAndrey Konovalov <andreyknvl@google.com>
Bug: 135692346
Change-Id: I80462b93d8cb92b2abd4d1f3ac0f6fbba419590b
parent 75443b70

arch/arm64/kernel/process.c

+10 −7
Original line number Diff line number Diff line
@@ -529,17 +529,22 @@ EXPORT_SYMBOL(stackleak_check_alloca); 
/*

 * Control the relaxed ABI allowing tagged user addresses into the kernel.

 */

static unsigned int tagged_addr_prctl_allowed = 1;

static unsigned int tagged_addr_disabled;



long set_tagged_addr_ctrl(unsigned long arg)

{

	if (!tagged_addr_prctl_allowed)

		return -EINVAL;

	if (is_compat_task())

		return -EINVAL;

	if (arg & ~PR_TAGGED_ADDR_ENABLE)

		return -EINVAL;



	/*

	 * Do not allow the enabling of the tagged address ABI if globally

	 * disabled via sysctl abi.tagged_addr_disabled.

	 */

	if (arg & PR_TAGGED_ADDR_ENABLE && tagged_addr_disabled)

		return -EINVAL;



	update_thread_flag(TIF_TAGGED_ADDR, arg & PR_TAGGED_ADDR_ENABLE);



	return 0;
@@ -547,8 +552,6 @@ long set_tagged_addr_ctrl(unsigned long arg) 


long get_tagged_addr_ctrl(void)

{

	if (!tagged_addr_prctl_allowed)

		return -EINVAL;

	if (is_compat_task())

		return -EINVAL;
@@ -568,9 +571,9 @@ static int one = 1; 


static struct ctl_table tagged_addr_sysctl_table[] = {

	{

		.procname	= "tagged_addr",

		.procname	= "tagged_addr_disabled",

		.mode		= 0644,

		.data		= &tagged_addr_prctl_allowed,

		.data		= &tagged_addr_disabled,

		.maxlen		= sizeof(int),

		.proc_handler	= proc_dointvec_minmax,

		.extra1		= &zero,