Commit 6a228a8e authored by Tong Tiangen's avatar Tong Tiangen Committed by Ma Wupeng
Browse files

arm64: add machine check safe sysctl interface 

hulk inclusion
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I5GB28


CVE: NA

-------------------------------

Add /proc/sys/kernel/machine_check_safe_enable. Set 1(default value) to
enable machine check safe support. Set 0(default) to disable machine
check safe support.

Signed-off-by: default avatarTong Tiangen <tongtiangen@huawei.com>
parent 396d6972

Documentation/admin-guide/sysctl/kernel.rst

+21 −0
Original line number Diff line number Diff line
@@ -478,6 +478,27 @@ if leaking kernel pointer values to unprivileged users is a concern. 
When ``kptr_restrict`` is set to 2, kernel pointers printed using

%pK will be replaced with 0s regardless of privileges.



machine_check_safe (arm64 only)

================================



Controls the kernel's behaviour when an hardware memory error is

encountered in the following scenarios:



=  ===================

1  cow

2  copy_mc_to_kernel

3  copy_from_user

4  copy_to_user

5  get_user

6  put_user

=  ===================



Correspondence between sysctl value and behavior:



= =======================

0 Kernel panic

1 Kill related processes

= =======================



modprobe

========

arch/arm64/include/asm/processor.h

+2 −0
Original line number Diff line number Diff line
@@ -88,6 +88,8 @@ 
#define STACK_TOP		STACK_TOP_MAX

#endif /* CONFIG_COMPAT */



extern int sysctl_machine_check_safe;



#ifndef CONFIG_ARM64_FORCE_52BIT

#define arch_get_mmap_end(addr) ((addr > DEFAULT_MAP_WINDOW) ? TASK_SIZE :\

				DEFAULT_MAP_WINDOW)

arch/arm64/mm/fault.c

+5 −0
Original line number Diff line number Diff line
@@ -40,6 +40,8 @@ 
#include <asm/tlbflush.h>

#include <asm/traps.h>



int sysctl_machine_check_safe = 1;



struct fault_info {

	int	(*fn)(unsigned long addr, unsigned int esr,

		      struct pt_regs *regs);
@@ -640,6 +642,9 @@ static bool arm64_do_kernel_sea(void __user *addr, unsigned int esr, 
	if (!IS_ENABLED(CONFIG_ARCH_HAS_COPY_MC))

		return false;



	if (!sysctl_machine_check_safe)

		return false;



	if (user_mode(regs))

		return false;

kernel/sysctl.c

+11 −0
Original line number Diff line number Diff line
@@ -3453,6 +3453,17 @@ static struct ctl_table debug_table[] = { 
		.extra1		= SYSCTL_ZERO,

		.extra2		= SYSCTL_ONE,

	},

#endif

#if defined(CONFIG_ARM64) && defined(CONFIG_ARCH_HAS_COPY_MC)

	{

		.procname       = "machine_check_safe",

		.data           = &sysctl_machine_check_safe,

		.maxlen         = sizeof(sysctl_machine_check_safe),

		.mode           = 0644,

		.proc_handler   = proc_dointvec_minmax,

		.extra1         = SYSCTL_ZERO,

		.extra2         = SYSCTL_ONE,

	},

#endif

	{ }

};