From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.4 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6C3D9C433F5 for ; Sat, 18 Sep 2021 08:47:08 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 3263060F93 for ; Sat, 18 Sep 2021 08:47:08 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 3263060F93 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:Cc :To:From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=DHrVanj3bhQfbmvPu6b2VwTxJXYdHAASno9aBQvYdKo=; b=cIdixttvHZRT8y I/+mVAe8g8TYRsLNkX0OkhUIPsoj1WjI+ubjw+u5f2c3Ge6/J75p42CAQsQCfdS5elVloqtO5qG+3 k8q2sPX+qBPnhML4uDhb1MwproO0Moc+Sumeva4qUb+s1gU+OGOwdqea5s7nZiLmtuaNYl9hzqITz aP9ERR8pwIac7C6QtEscE+YVDHWLJLMdJaWI0dT0+RO9/jdNVJW9tjncTz7XXMZ+ysY8SybHtEmmL A/A8CHEeI7owCifMVj0J9skIfu9IZ444m7Z/l1yNbMA2FmmjanhWixr3fZpPq1eGm7yUYMXh36lFn oBkM9DjPy4FvTwntoaBA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1mRVxp-00FdEt-CE; Sat, 18 Sep 2021 08:44:49 +0000 Received: from mail.kernel.org ([198.145.29.99]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1mRVxl-00FdEH-Df for linux-arm-kernel@lists.infradead.org; Sat, 18 Sep 2021 08:44:46 +0000 Received: by mail.kernel.org (Postfix) with ESMTPSA id E322B60FC0; Sat, 18 Sep 2021 08:44:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1631954684; bh=itw/0EhokA8JjcUILKoBrErx/R7IS0rY23bPN6qqZUg=; h=From:To:Cc:Subject:Date:From; b=byEKTltpCY2VLGPagOJFtcGeB4D7lG2cenGXMMYC8tJZ9pjjOqVUaZq+oVgC3xfip r75FQLjEO/lYXIIIGsQD6S7tbGvmH7cNXjbfyKuAOs4U9BsZvPZOJSQLmJsyKkL7bB d9e/aoDS0IBcCLqw/+NLvw7U/5dLcleCKoH+xmwMT+M/pvAOvQcBlFmpqtiasYPvSz uu5HaBbtaZNsBIqPhRRUscVdfRtxgexRizpN1hSaE9ACLqK6Qw6/DhQ6eyehxBHEtq 0vmqBLNSt7Zb/8/PU0jvYqsTHGqHd89jXQGtUGaUDYKq/+HDa/5o3bgeqr6dcFHw7s i2UprrftfSxyQ== From: Ard Biesheuvel To: linux-arm-kernel@lists.infradead.org Cc: Ard Biesheuvel , Keith Packard , Russell King , Kees Cook , Arnd Bergmann , Linus Walleij Subject: [PATCH v5 0/5] ARM: support THREAD_INFO_IN_TASK Date: Sat, 18 Sep 2021 10:44:33 +0200 Message-Id: <20210918084438.3288002-1-ardb@kernel.org> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210918_014445_540312_2F8EC2F0 X-CRM114-Status: GOOD ( 19.80 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Placing thread_info in the kernel stack leaves it vulnerable to stack overflow attacks. This short series addresses that by using the existing THREAD_INFO_IN_TASK infrastructure. Changes since v4: - Pass -mtp=cp15 to the compiler to force the use of the TLS register when __builtin_thread_pointer() is used - this allows us to enable its use on Clang as well. - Tweak the __switch_to() changes not to affect builds that have the feature disabled (as requested by Russell), and to defer update of the TLS register to the point where the stack pointer is updated as well. - Tweak the #ifdef's so we avoid touching the TLS registers on builds that may target v6 systems without HWCAP_TLS. - Use task_cpu() in the final patch to assign thread_info->cpu, so that this series can be carried independently of the series I proposed for moving the CPU field back into thread_info [1]. Changes since v3: - Leave the CPU field in thread_info, and keep it in sync at context switch time. This is by far the easiest and cleanest way to work around the fact that it is infeasible to implement raw_smp_processor_id() in terms of task_struct::cpu (for reasons of header soup). - Drop the VFP changes, they are no longer necessary given the previous point. - Drop the change to pass the CPU number to secondary_start_kernel(). Given that we also need to pass the idle task pointer, which carries the CPU number, passing the CPU number directly is redundant. - Use the TPIDRURO register to carry 'current' while running in the kernel, and keep using TPIDRPRW for the per-CPU offset as before. This way, there is no need to make any changes to the way the per-CPU offsets are programmed. It also avoids the concurrency issues that would result from carrying the 'current' pointer in a per-CPU variable. - Update the per-task stack protector plugin to pull the stack canary value directly from the task struct. Cc: Keith Packard Cc: Russell King Cc: Kees Cook Cc: Arnd Bergmann Cc: Linus Walleij [0] https://lore.kernel.org/all/20210907220038.91021-1-keithpac@amazon.com/ [1] https://lore.kernel.org/all/20210914121036.3975026-1-ardb@kernel.org/ Ard Biesheuvel (4): gcc-plugins: arm-ssp: Prepare for THREAD_INFO_IN_TASK support ARM: smp: Free up the TLS register while running in the kernel ARM: smp: Store current pointer in TPIDRURO register if available ARM: smp: Enable THREAD_INFO_IN_TASK Keith Packard (1): ARM: smp: Pass task to secondary_start_kernel arch/arm/Kconfig | 8 +++- arch/arm/Makefile | 9 ++-- arch/arm/include/asm/assembler.h | 29 ++++++++++++ arch/arm/include/asm/current.h | 50 ++++++++++++++++++++ arch/arm/include/asm/smp.h | 3 +- arch/arm/include/asm/stackprotector.h | 2 - arch/arm/include/asm/switch_to.h | 16 +++++++ arch/arm/include/asm/thread_info.h | 15 ++++-- arch/arm/include/asm/tls.h | 10 ++-- arch/arm/kernel/asm-offsets.c | 6 +-- arch/arm/kernel/entry-armv.S | 5 ++ arch/arm/kernel/entry-common.S | 1 + arch/arm/kernel/entry-header.S | 8 ++++ arch/arm/kernel/head-common.S | 5 ++ arch/arm/kernel/head-nommu.S | 1 + arch/arm/kernel/head.S | 5 +- arch/arm/kernel/process.c | 8 ++-- arch/arm/kernel/smp.c | 13 ++++- arch/arm/mm/proc-macros.S | 3 +- scripts/gcc-plugins/arm_ssp_per_task_plugin.c | 27 +++-------- 20 files changed, 174 insertions(+), 50 deletions(-) create mode 100644 arch/arm/include/asm/current.h -- 2.30.2 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel