riscv: Randomize lower bits of stack address

Message ID	20240625030502.68988-1-cuiyunhui@bytedance.com (mailing list archive)
State	Accepted
Commit	048e2906d4caf57018e92f49c9a0f998ebb83f9b
Headers	show Return-Path: <linux-riscv-bounces+linux-riscv=archiver.kernel.org@lists.infradead.org> From: Yunhui Cui <cuiyunhui@bytedance.com> To: paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, cuiyunhui@bytedance.com, andy.chiu@sifive.com, alexghiti@rivosinc.com, conor.dooley@microchip.com, bjorn@rivosinc.com, sorear@fastmail.com, cleger@rivosinc.com, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org Subject: [PATCH] riscv: Randomize lower bits of stack address Date: Tue, 25 Jun 2024 11:05:02 +0800 Message-Id: <20240625030502.68988-1-cuiyunhui@bytedance.com> MIME-Version: 1.0 Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-riscv" <linux-riscv-bounces@lists.infradead.org> Errors-To: linux-riscv-bounces+linux-riscv=archiver.kernel.org@lists.infradead.org
Series	riscv: Randomize lower bits of stack address \| expand riscv: Randomize lower bits of stack address

Context	Check	Description
conchuod/vmtest-for-next-PR	fail	PR summary
conchuod/patch-1-test-1	success	.github/scripts/patches/tests/build_rv32_defconfig.sh
conchuod/patch-1-test-2	fail	.github/scripts/patches/tests/build_rv64_clang_allmodconfig.sh
conchuod/patch-1-test-3	fail	.github/scripts/patches/tests/build_rv64_gcc_allmodconfig.sh
conchuod/patch-1-test-4	success	.github/scripts/patches/tests/build_rv64_nommu_k210_defconfig.sh
conchuod/patch-1-test-5	success	.github/scripts/patches/tests/build_rv64_nommu_virt_defconfig.sh
conchuod/patch-1-test-6	warning	.github/scripts/patches/tests/checkpatch.sh
conchuod/patch-1-test-7	success	.github/scripts/patches/tests/dtb_warn_rv64.sh
conchuod/patch-1-test-8	success	.github/scripts/patches/tests/header_inline.sh
conchuod/patch-1-test-9	success	.github/scripts/patches/tests/kdoc.sh
conchuod/patch-1-test-10	success	.github/scripts/patches/tests/module_param.sh
conchuod/patch-1-test-11	success	.github/scripts/patches/tests/verify_fixes.sh
conchuod/patch-1-test-12	success	.github/scripts/patches/tests/verify_signedoff.sh

Yunhui Cui June 25, 2024, 3:05 a.m. UTC

Implement arch_align_stack() to randomize the lower bits
of the stack address.

Signed-off-by: Yunhui Cui <cuiyunhui@bytedance.com>
---
 arch/riscv/include/asm/exec.h | 8 ++++++++
 arch/riscv/kernel/process.c   | 9 +++++++++
 2 files changed, 17 insertions(+)
 create mode 100644 arch/riscv/include/asm/exec.h

Yunhui Cui July 11, 2024, 6:09 a.m. UTC | #1

Add punit in the loop.


On Tue, Jun 25, 2024 at 11:05 AM Yunhui Cui <cuiyunhui@bytedance.com> wrote:
>
> Implement arch_align_stack() to randomize the lower bits
> of the stack address.
>
> Signed-off-by: Yunhui Cui <cuiyunhui@bytedance.com>
> ---
>  arch/riscv/include/asm/exec.h | 8 ++++++++
>  arch/riscv/kernel/process.c   | 9 +++++++++
>  2 files changed, 17 insertions(+)
>  create mode 100644 arch/riscv/include/asm/exec.h
>
> diff --git a/arch/riscv/include/asm/exec.h b/arch/riscv/include/asm/exec.h
> new file mode 100644
> index 000000000000..07d9942682e0
> --- /dev/null
> +++ b/arch/riscv/include/asm/exec.h
> @@ -0,0 +1,8 @@
> +/* SPDX-License-Identifier: GPL-2.0-only */
> +
> +#ifndef __ASM_EXEC_H
> +#define __ASM_EXEC_H
> +
> +extern unsigned long arch_align_stack(unsigned long sp);
> +
> +#endif /* __ASM_EXEC_H */
> diff --git a/arch/riscv/kernel/process.c b/arch/riscv/kernel/process.c
> index e4bc61c4e58a..e3142d8a6e28 100644
> --- a/arch/riscv/kernel/process.c
> +++ b/arch/riscv/kernel/process.c
> @@ -15,6 +15,7 @@
>  #include <linux/tick.h>
>  #include <linux/ptrace.h>
>  #include <linux/uaccess.h>
> +#include <linux/personality.h>
>
>  #include <asm/unistd.h>
>  #include <asm/processor.h>
> @@ -26,6 +27,7 @@
>  #include <asm/cpuidle.h>
>  #include <asm/vector.h>
>  #include <asm/cpufeature.h>
> +#include <asm/exec.h>
>
>  #if defined(CONFIG_STACKPROTECTOR) && !defined(CONFIG_STACKPROTECTOR_PER_TASK)
>  #include <linux/stackprotector.h>
> @@ -99,6 +101,13 @@ void show_regs(struct pt_regs *regs)
>                 dump_backtrace(regs, NULL, KERN_DEFAULT);
>  }
>
> +unsigned long arch_align_stack(unsigned long sp)
> +{
> +       if (!(current->personality & ADDR_NO_RANDOMIZE) && randomize_va_space)
> +               sp -= get_random_u32_below(PAGE_SIZE);
> +       return sp & ~0xf;
> +}
> +
>  #ifdef CONFIG_COMPAT
>  static bool compat_mode_supported __read_mostly;
>
> --
> 2.20.1
>

Thanks,
Yunhui

Yunhui Cui Aug. 15, 2024, 2:08 a.m. UTC | #2

A gentle ping, Any more comments on this patch?

On Thu, Jul 11, 2024 at 2:09 PM yunhui cui <cuiyunhui@bytedance.com> wrote:
>
> Add punit in the loop.
>
>
> On Tue, Jun 25, 2024 at 11:05 AM Yunhui Cui <cuiyunhui@bytedance.com> wrote:
> >
> > Implement arch_align_stack() to randomize the lower bits
> > of the stack address.
> >
> > Signed-off-by: Yunhui Cui <cuiyunhui@bytedance.com>
> > ---
> >  arch/riscv/include/asm/exec.h | 8 ++++++++
> >  arch/riscv/kernel/process.c   | 9 +++++++++
> >  2 files changed, 17 insertions(+)
> >  create mode 100644 arch/riscv/include/asm/exec.h
> >
> > diff --git a/arch/riscv/include/asm/exec.h b/arch/riscv/include/asm/exec.h
> > new file mode 100644
> > index 000000000000..07d9942682e0
> > --- /dev/null
> > +++ b/arch/riscv/include/asm/exec.h
> > @@ -0,0 +1,8 @@
> > +/* SPDX-License-Identifier: GPL-2.0-only */
> > +
> > +#ifndef __ASM_EXEC_H
> > +#define __ASM_EXEC_H
> > +
> > +extern unsigned long arch_align_stack(unsigned long sp);
> > +
> > +#endif /* __ASM_EXEC_H */
> > diff --git a/arch/riscv/kernel/process.c b/arch/riscv/kernel/process.c
> > index e4bc61c4e58a..e3142d8a6e28 100644
> > --- a/arch/riscv/kernel/process.c
> > +++ b/arch/riscv/kernel/process.c
> > @@ -15,6 +15,7 @@
> >  #include <linux/tick.h>
> >  #include <linux/ptrace.h>
> >  #include <linux/uaccess.h>
> > +#include <linux/personality.h>
> >
> >  #include <asm/unistd.h>
> >  #include <asm/processor.h>
> > @@ -26,6 +27,7 @@
> >  #include <asm/cpuidle.h>
> >  #include <asm/vector.h>
> >  #include <asm/cpufeature.h>
> > +#include <asm/exec.h>
> >
> >  #if defined(CONFIG_STACKPROTECTOR) && !defined(CONFIG_STACKPROTECTOR_PER_TASK)
> >  #include <linux/stackprotector.h>
> > @@ -99,6 +101,13 @@ void show_regs(struct pt_regs *regs)
> >                 dump_backtrace(regs, NULL, KERN_DEFAULT);
> >  }
> >
> > +unsigned long arch_align_stack(unsigned long sp)
> > +{
> > +       if (!(current->personality & ADDR_NO_RANDOMIZE) && randomize_va_space)
> > +               sp -= get_random_u32_below(PAGE_SIZE);
> > +       return sp & ~0xf;
> > +}
> > +
> >  #ifdef CONFIG_COMPAT
> >  static bool compat_mode_supported __read_mostly;
> >
> > --
> > 2.20.1
> >
>
> Thanks,
> Yunhui

Thanks,
Yunhui

Alexandre Ghiti Aug. 15, 2024, 5:37 a.m. UTC | #3

Hi Yunhui,

On Thu, Aug 15, 2024 at 4:08 AM yunhui cui <cuiyunhui@bytedance.com> wrote:
>
> A gentle ping, Any more comments on this patch?

I'm adding @Kees Cook  in cc in case he has any.

Thanks,

Alex

>
> On Thu, Jul 11, 2024 at 2:09 PM yunhui cui <cuiyunhui@bytedance.com> wrote:
> >
> > Add punit in the loop.
> >
> >
> > On Tue, Jun 25, 2024 at 11:05 AM Yunhui Cui <cuiyunhui@bytedance.com> wrote:
> > >
> > > Implement arch_align_stack() to randomize the lower bits
> > > of the stack address.
> > >
> > > Signed-off-by: Yunhui Cui <cuiyunhui@bytedance.com>
> > > ---
> > >  arch/riscv/include/asm/exec.h | 8 ++++++++
> > >  arch/riscv/kernel/process.c   | 9 +++++++++
> > >  2 files changed, 17 insertions(+)
> > >  create mode 100644 arch/riscv/include/asm/exec.h
> > >
> > > diff --git a/arch/riscv/include/asm/exec.h b/arch/riscv/include/asm/exec.h
> > > new file mode 100644
> > > index 000000000000..07d9942682e0
> > > --- /dev/null
> > > +++ b/arch/riscv/include/asm/exec.h
> > > @@ -0,0 +1,8 @@
> > > +/* SPDX-License-Identifier: GPL-2.0-only */
> > > +
> > > +#ifndef __ASM_EXEC_H
> > > +#define __ASM_EXEC_H
> > > +
> > > +extern unsigned long arch_align_stack(unsigned long sp);
> > > +
> > > +#endif /* __ASM_EXEC_H */
> > > diff --git a/arch/riscv/kernel/process.c b/arch/riscv/kernel/process.c
> > > index e4bc61c4e58a..e3142d8a6e28 100644
> > > --- a/arch/riscv/kernel/process.c
> > > +++ b/arch/riscv/kernel/process.c
> > > @@ -15,6 +15,7 @@
> > >  #include <linux/tick.h>
> > >  #include <linux/ptrace.h>
> > >  #include <linux/uaccess.h>
> > > +#include <linux/personality.h>
> > >
> > >  #include <asm/unistd.h>
> > >  #include <asm/processor.h>
> > > @@ -26,6 +27,7 @@
> > >  #include <asm/cpuidle.h>
> > >  #include <asm/vector.h>
> > >  #include <asm/cpufeature.h>
> > > +#include <asm/exec.h>
> > >
> > >  #if defined(CONFIG_STACKPROTECTOR) && !defined(CONFIG_STACKPROTECTOR_PER_TASK)
> > >  #include <linux/stackprotector.h>
> > > @@ -99,6 +101,13 @@ void show_regs(struct pt_regs *regs)
> > >                 dump_backtrace(regs, NULL, KERN_DEFAULT);
> > >  }
> > >
> > > +unsigned long arch_align_stack(unsigned long sp)
> > > +{
> > > +       if (!(current->personality & ADDR_NO_RANDOMIZE) && randomize_va_space)
> > > +               sp -= get_random_u32_below(PAGE_SIZE);
> > > +       return sp & ~0xf;
> > > +}
> > > +
> > >  #ifdef CONFIG_COMPAT
> > >  static bool compat_mode_supported __read_mostly;
> > >
> > > --
> > > 2.20.1
> > >
> >
> > Thanks,
> > Yunhui
>
> Thanks,
> Yunhui

patchwork-bot+linux-riscv@kernel.org Sept. 17, 2024, 4:30 p.m. UTC | #4

Hello:

This patch was applied to riscv/linux.git (for-next)
by Palmer Dabbelt <palmer@rivosinc.com>:

On Tue, 25 Jun 2024 11:05:02 +0800 you wrote:
> Implement arch_align_stack() to randomize the lower bits
> of the stack address.
> 
> Signed-off-by: Yunhui Cui <cuiyunhui@bytedance.com>
> ---
>  arch/riscv/include/asm/exec.h | 8 ++++++++
>  arch/riscv/kernel/process.c   | 9 +++++++++
>  2 files changed, 17 insertions(+)
>  create mode 100644 arch/riscv/include/asm/exec.h

Here is the summary with links:
  - riscv: Randomize lower bits of stack address
    https://git.kernel.org/riscv/c/048e2906d4ca

You are awesome, thank you!

riscv: Randomize lower bits of stack address

Checks

Commit Message

Comments

Patch