| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240125062739.1339782-10-debug@rivosinc.com>
Date: Wed, 24 Jan 2024 22:21:34 -0800
From: debug@...osinc.com
To: rick.p.edgecombe@...el.com,
broonie@...nel.org,
Szabolcs.Nagy@....com,
kito.cheng@...ive.com,
keescook@...omium.org,
ajones@...tanamicro.com,
paul.walmsley@...ive.com,
palmer@...belt.com,
conor.dooley@...rochip.com,
cleger@...osinc.com,
atishp@...shpatra.org,
alex@...ti.fr,
bjorn@...osinc.com,
alexghiti@...osinc.com
Cc: corbet@....net,
aou@...s.berkeley.edu,
oleg@...hat.com,
akpm@...ux-foundation.org,
arnd@...db.de,
ebiederm@...ssion.com,
shuah@...nel.org,
brauner@...nel.org,
debug@...osinc.com,
guoren@...nel.org,
samitolvanen@...gle.com,
evan@...osinc.com,
xiao.w.wang@...el.com,
apatel@...tanamicro.com,
mchitale@...tanamicro.com,
waylingii@...il.com,
greentime.hu@...ive.com,
heiko@...ech.de,
jszhang@...nel.org,
shikemeng@...weicloud.com,
david@...hat.com,
charlie@...osinc.com,
panqinglin2020@...as.ac.cn,
willy@...radead.org,
vincent.chen@...ive.com,
andy.chiu@...ive.com,
gerg@...nel.org,
jeeheng.sia@...rfivetech.com,
mason.huo@...rfivetech.com,
ancientmodern4@...il.com,
mathis.salmen@...sal.de,
cuiyunhui@...edance.com,
bhe@...hat.com,
chenjiahao16@...wei.com,
ruscur@...sell.cc,
bgray@...ux.ibm.com,
alx@...nel.org,
baruch@...s.co.il,
zhangqing@...ngson.cn,
catalin.marinas@....com,
revest@...omium.org,
josh@...htriplett.org,
joey.gouly@....com,
shr@...kernel.io,
omosnace@...hat.com,
ojeda@...nel.org,
jhubbard@...dia.com,
linux-doc@...r.kernel.org,
linux-riscv@...ts.infradead.org,
linux-kernel@...r.kernel.org,
linux-mm@...ck.org,
linux-arch@...r.kernel.org,
linux-kselftest@...r.kernel.org
Subject: [RFC PATCH v1 09/28] mm: abstract shadow stack vma behind `arch_is_shadow_stack`
From: Deepak Gupta <debug@...osinc.com>
x86 has used VM_SHADOW_STACK (alias to VM_HIGH_ARCH_5) to encode shadow
stack VMA. VM_SHADOW_STACK is thus not possible on 32bit. Some arches may
need a way to encode shadow stack on 32bit and 64bit both and they may
encode this information differently in VMAs.
This patch changes checks of VM_SHADOW_STACK flag in generic code to call
to a function `arch_is_shadow_stack` which will return true if arch
supports shadow stack and vma is shadow stack else stub returns false.
There was a suggestion to name it as `vma_is_shadow_stack`. I preferred to
keep `arch` prefix in there because it's each arch specific.
Signed-off-by: Deepak Gupta <debug@...osinc.com>
---
include/linux/mm.h | 18 +++++++++++++++++-
mm/gup.c | 5 +++--
mm/internal.h | 2 +-
3 files changed, 21 insertions(+), 4 deletions(-)
diff --git a/include/linux/mm.h b/include/linux/mm.h
index dfe0e8118669..15c70fc677a3 100644
--- a/include/linux/mm.h
+++ b/include/linux/mm.h
@@ -352,6 +352,10 @@ extern unsigned int kobjsize(const void *objp);
* for more details on the guard size.
*/
# define VM_SHADOW_STACK VM_HIGH_ARCH_5
+static inline bool arch_is_shadow_stack(vm_flags_t vm_flags)
+{
+ return (vm_flags & VM_SHADOW_STACK);
+}
#endif
#ifdef CONFIG_RISCV_USER_CFI
@@ -362,10 +366,22 @@ extern unsigned int kobjsize(const void *objp);
* with VM_SHARED.
*/
#define VM_SHADOW_STACK VM_WRITE
+
+static inline bool arch_is_shadow_stack(vm_flags_t vm_flags)
+{
+ return ((vm_flags & (VM_WRITE | VM_READ | VM_EXEC)) == VM_WRITE);
+}
+
#endif
#ifndef VM_SHADOW_STACK
# define VM_SHADOW_STACK VM_NONE
+
+static inline bool arch_is_shadow_stack(vm_flags_t vm_flags)
+{
+ return false;
+}
+
#endif
#if defined(CONFIG_X86)
@@ -3464,7 +3480,7 @@ static inline unsigned long stack_guard_start_gap(struct vm_area_struct *vma)
return stack_guard_gap;
/* See reasoning around the VM_SHADOW_STACK definition */
- if (vma->vm_flags & VM_SHADOW_STACK)
+ if (vma->vm_flags && arch_is_shadow_stack(vma->vm_flags))
return PAGE_SIZE;
return 0;
diff --git a/mm/gup.c b/mm/gup.c
index 231711efa390..45798782ed2c 100644
--- a/mm/gup.c
+++ b/mm/gup.c
@@ -1051,7 +1051,7 @@ static int check_vma_flags(struct vm_area_struct *vma, unsigned long gup_flags)
!writable_file_mapping_allowed(vma, gup_flags))
return -EFAULT;
- if (!(vm_flags & VM_WRITE) || (vm_flags & VM_SHADOW_STACK)) {
+ if (!(vm_flags & VM_WRITE) || arch_is_shadow_stack(vm_flags)) {
if (!(gup_flags & FOLL_FORCE))
return -EFAULT;
/* hugetlb does not support FOLL_FORCE|FOLL_WRITE. */
@@ -1069,7 +1069,8 @@ static int check_vma_flags(struct vm_area_struct *vma, unsigned long gup_flags)
if (!is_cow_mapping(vm_flags))
return -EFAULT;
}
- } else if (!(vm_flags & VM_READ)) {
+ } else if (!(vm_flags & VM_READ) && !arch_is_shadow_stack(vm_flags)) {
+ /* reads allowed if its shadow stack vma */
if (!(gup_flags & FOLL_FORCE))
return -EFAULT;
/*
diff --git a/mm/internal.h b/mm/internal.h
index b61034bd50f5..0abf00c93fe1 100644
--- a/mm/internal.h
+++ b/mm/internal.h
@@ -572,7 +572,7 @@ static inline bool is_exec_mapping(vm_flags_t flags)
*/
static inline bool is_stack_mapping(vm_flags_t flags)
{
- return ((flags & VM_STACK) == VM_STACK) || (flags & VM_SHADOW_STACK);
+ return ((flags & VM_STACK) == VM_STACK) || arch_is_shadow_stack(flags);
}
/*
--
2.43.0
Powered by blists - more mailing lists