| Message ID | 20211208044808.872554-5-pcc@google.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | kernel: introduce uaccess logging | expand |
On Wed, 8 Dec 2021 at 05:48, Peter Collingbourne <pcc@google.com> wrote: > > Add uaccess logging support on architectures that use > CONFIG_GENERIC_ENTRY (currently only s390 and x86). > > Link: https://linux-review.googlesource.com/id/I3c5eb19a7e4a1dbe6095f6971f7826c4b0663f7d > Signed-off-by: Peter Collingbourne <pcc@google.com> Acked-by: Dmitry Vyukov <dvyukov@google.com> > --- > arch/Kconfig | 6 ++++++ > include/linux/entry-common.h | 2 ++ > include/linux/thread_info.h | 4 ++++ > kernel/entry/common.c | 10 ++++++++++ > 4 files changed, 22 insertions(+) > > diff --git a/arch/Kconfig b/arch/Kconfig > index d3c4ab249e9c..c4dcab5279ac 100644 > --- a/arch/Kconfig > +++ b/arch/Kconfig > @@ -31,6 +31,7 @@ config HOTPLUG_SMT > bool > > config GENERIC_ENTRY > + select HAVE_ARCH_UACCESS_BUFFER > bool > > config KPROBES > @@ -1312,6 +1313,11 @@ config ARCH_HAS_PARANOID_L1D_FLUSH > config DYNAMIC_SIGFRAME > bool > > +config HAVE_ARCH_UACCESS_BUFFER > + bool > + help > + Select if the architecture's syscall entry/exit code supports uaccess buffers. > + > source "kernel/gcov/Kconfig" > > source "scripts/gcc-plugins/Kconfig" > diff --git a/include/linux/entry-common.h b/include/linux/entry-common.h > index 2e2b8d6140ed..973fcd1d48a3 100644 > --- a/include/linux/entry-common.h > +++ b/include/linux/entry-common.h > @@ -42,12 +42,14 @@ > SYSCALL_WORK_SYSCALL_EMU | \ > SYSCALL_WORK_SYSCALL_AUDIT | \ > SYSCALL_WORK_SYSCALL_USER_DISPATCH | \ > + SYSCALL_WORK_UACCESS_BUFFER_ENTRY | \ > ARCH_SYSCALL_WORK_ENTER) > #define SYSCALL_WORK_EXIT (SYSCALL_WORK_SYSCALL_TRACEPOINT | \ > SYSCALL_WORK_SYSCALL_TRACE | \ > SYSCALL_WORK_SYSCALL_AUDIT | \ > SYSCALL_WORK_SYSCALL_USER_DISPATCH | \ > SYSCALL_WORK_SYSCALL_EXIT_TRAP | \ > + SYSCALL_WORK_UACCESS_BUFFER_EXIT | \ > ARCH_SYSCALL_WORK_EXIT) > > /* > diff --git a/include/linux/thread_info.h b/include/linux/thread_info.h > index ad0c4e041030..b0f8ea86967f 100644 > --- a/include/linux/thread_info.h > +++ b/include/linux/thread_info.h > @@ -46,6 +46,8 @@ enum syscall_work_bit { > SYSCALL_WORK_BIT_SYSCALL_AUDIT, > SYSCALL_WORK_BIT_SYSCALL_USER_DISPATCH, > SYSCALL_WORK_BIT_SYSCALL_EXIT_TRAP, > + SYSCALL_WORK_BIT_UACCESS_BUFFER_ENTRY, > + SYSCALL_WORK_BIT_UACCESS_BUFFER_EXIT, > }; > > #define SYSCALL_WORK_SECCOMP BIT(SYSCALL_WORK_BIT_SECCOMP) > @@ -55,6 +57,8 @@ enum syscall_work_bit { > #define SYSCALL_WORK_SYSCALL_AUDIT BIT(SYSCALL_WORK_BIT_SYSCALL_AUDIT) > #define SYSCALL_WORK_SYSCALL_USER_DISPATCH BIT(SYSCALL_WORK_BIT_SYSCALL_USER_DISPATCH) > #define SYSCALL_WORK_SYSCALL_EXIT_TRAP BIT(SYSCALL_WORK_BIT_SYSCALL_EXIT_TRAP) > +#define SYSCALL_WORK_UACCESS_BUFFER_ENTRY BIT(SYSCALL_WORK_BIT_UACCESS_BUFFER_ENTRY) > +#define SYSCALL_WORK_UACCESS_BUFFER_EXIT BIT(SYSCALL_WORK_BIT_UACCESS_BUFFER_EXIT) > #endif > > #include <asm/thread_info.h> > diff --git a/kernel/entry/common.c b/kernel/entry/common.c > index d5a61d565ad5..57c4bb01a554 100644 > --- a/kernel/entry/common.c > +++ b/kernel/entry/common.c > @@ -6,6 +6,7 @@ > #include <linux/livepatch.h> > #include <linux/audit.h> > #include <linux/tick.h> > +#include <linux/uaccess-buffer.h> > > #include "common.h" > > @@ -70,6 +71,9 @@ static long syscall_trace_enter(struct pt_regs *regs, long syscall, > return ret; > } > > + if (work & SYSCALL_WORK_UACCESS_BUFFER_ENTRY) > + uaccess_buffer_syscall_entry(); > + > /* Either of the above might have changed the syscall number */ > syscall = syscall_get_nr(current, regs); > > @@ -197,14 +201,17 @@ static unsigned long exit_to_user_mode_loop(struct pt_regs *regs, > static void exit_to_user_mode_prepare(struct pt_regs *regs) > { > unsigned long ti_work = READ_ONCE(current_thread_info()->flags); > + bool uaccess_buffer_pending; > > lockdep_assert_irqs_disabled(); > > /* Flush pending rcuog wakeup before the last need_resched() check */ > tick_nohz_user_enter_prepare(); > > + uaccess_buffer_pending = uaccess_buffer_pre_exit_loop(); > if (unlikely(ti_work & EXIT_TO_USER_MODE_WORK)) > ti_work = exit_to_user_mode_loop(regs, ti_work); > + uaccess_buffer_post_exit_loop(uaccess_buffer_pending); > > arch_exit_to_user_mode_prepare(regs, ti_work); > > @@ -247,6 +254,9 @@ static void syscall_exit_work(struct pt_regs *regs, unsigned long work) > > audit_syscall_exit(regs); > > + if (work & SYSCALL_WORK_UACCESS_BUFFER_EXIT) > + uaccess_buffer_syscall_exit(); > + > if (work & SYSCALL_WORK_SYSCALL_TRACEPOINT) > trace_sys_exit(regs, syscall_get_return_value(current, regs)); > > -- > 2.34.1.173.g76aa8bc2d0-goog >
diff --git a/arch/Kconfig b/arch/Kconfig index d3c4ab249e9c..c4dcab5279ac 100644 --- a/arch/Kconfig +++ b/arch/Kconfig @@ -31,6 +31,7 @@ config HOTPLUG_SMT bool config GENERIC_ENTRY + select HAVE_ARCH_UACCESS_BUFFER bool config KPROBES @@ -1312,6 +1313,11 @@ config ARCH_HAS_PARANOID_L1D_FLUSH config DYNAMIC_SIGFRAME bool +config HAVE_ARCH_UACCESS_BUFFER + bool + help + Select if the architecture's syscall entry/exit code supports uaccess buffers. + source "kernel/gcov/Kconfig" source "scripts/gcc-plugins/Kconfig" diff --git a/include/linux/entry-common.h b/include/linux/entry-common.h index 2e2b8d6140ed..973fcd1d48a3 100644 --- a/include/linux/entry-common.h +++ b/include/linux/entry-common.h @@ -42,12 +42,14 @@ SYSCALL_WORK_SYSCALL_EMU | \ SYSCALL_WORK_SYSCALL_AUDIT | \ SYSCALL_WORK_SYSCALL_USER_DISPATCH | \ + SYSCALL_WORK_UACCESS_BUFFER_ENTRY | \ ARCH_SYSCALL_WORK_ENTER) #define SYSCALL_WORK_EXIT (SYSCALL_WORK_SYSCALL_TRACEPOINT | \ SYSCALL_WORK_SYSCALL_TRACE | \ SYSCALL_WORK_SYSCALL_AUDIT | \ SYSCALL_WORK_SYSCALL_USER_DISPATCH | \ SYSCALL_WORK_SYSCALL_EXIT_TRAP | \ + SYSCALL_WORK_UACCESS_BUFFER_EXIT | \ ARCH_SYSCALL_WORK_EXIT) /* diff --git a/include/linux/thread_info.h b/include/linux/thread_info.h index ad0c4e041030..b0f8ea86967f 100644 --- a/include/linux/thread_info.h +++ b/include/linux/thread_info.h @@ -46,6 +46,8 @@ enum syscall_work_bit { SYSCALL_WORK_BIT_SYSCALL_AUDIT, SYSCALL_WORK_BIT_SYSCALL_USER_DISPATCH, SYSCALL_WORK_BIT_SYSCALL_EXIT_TRAP, + SYSCALL_WORK_BIT_UACCESS_BUFFER_ENTRY, + SYSCALL_WORK_BIT_UACCESS_BUFFER_EXIT, }; #define SYSCALL_WORK_SECCOMP BIT(SYSCALL_WORK_BIT_SECCOMP) @@ -55,6 +57,8 @@ enum syscall_work_bit { #define SYSCALL_WORK_SYSCALL_AUDIT BIT(SYSCALL_WORK_BIT_SYSCALL_AUDIT) #define SYSCALL_WORK_SYSCALL_USER_DISPATCH BIT(SYSCALL_WORK_BIT_SYSCALL_USER_DISPATCH) #define SYSCALL_WORK_SYSCALL_EXIT_TRAP BIT(SYSCALL_WORK_BIT_SYSCALL_EXIT_TRAP) +#define SYSCALL_WORK_UACCESS_BUFFER_ENTRY BIT(SYSCALL_WORK_BIT_UACCESS_BUFFER_ENTRY) +#define SYSCALL_WORK_UACCESS_BUFFER_EXIT BIT(SYSCALL_WORK_BIT_UACCESS_BUFFER_EXIT) #endif #include <asm/thread_info.h> diff --git a/kernel/entry/common.c b/kernel/entry/common.c index d5a61d565ad5..57c4bb01a554 100644 --- a/kernel/entry/common.c +++ b/kernel/entry/common.c @@ -6,6 +6,7 @@ #include <linux/livepatch.h> #include <linux/audit.h> #include <linux/tick.h> +#include <linux/uaccess-buffer.h> #include "common.h" @@ -70,6 +71,9 @@ static long syscall_trace_enter(struct pt_regs *regs, long syscall, return ret; } + if (work & SYSCALL_WORK_UACCESS_BUFFER_ENTRY) + uaccess_buffer_syscall_entry(); + /* Either of the above might have changed the syscall number */ syscall = syscall_get_nr(current, regs); @@ -197,14 +201,17 @@ static unsigned long exit_to_user_mode_loop(struct pt_regs *regs, static void exit_to_user_mode_prepare(struct pt_regs *regs) { unsigned long ti_work = READ_ONCE(current_thread_info()->flags); + bool uaccess_buffer_pending; lockdep_assert_irqs_disabled(); /* Flush pending rcuog wakeup before the last need_resched() check */ tick_nohz_user_enter_prepare(); + uaccess_buffer_pending = uaccess_buffer_pre_exit_loop(); if (unlikely(ti_work & EXIT_TO_USER_MODE_WORK)) ti_work = exit_to_user_mode_loop(regs, ti_work); + uaccess_buffer_post_exit_loop(uaccess_buffer_pending); arch_exit_to_user_mode_prepare(regs, ti_work); @@ -247,6 +254,9 @@ static void syscall_exit_work(struct pt_regs *regs, unsigned long work) audit_syscall_exit(regs); + if (work & SYSCALL_WORK_UACCESS_BUFFER_EXIT) + uaccess_buffer_syscall_exit(); + if (work & SYSCALL_WORK_SYSCALL_TRACEPOINT) trace_sys_exit(regs, syscall_get_return_value(current, regs));
Add uaccess logging support on architectures that use CONFIG_GENERIC_ENTRY (currently only s390 and x86). Link: https://linux-review.googlesource.com/id/I3c5eb19a7e4a1dbe6095f6971f7826c4b0663f7d Signed-off-by: Peter Collingbourne <pcc@google.com> --- arch/Kconfig | 6 ++++++ include/linux/entry-common.h | 2 ++ include/linux/thread_info.h | 4 ++++ kernel/entry/common.c | 10 ++++++++++ 4 files changed, 22 insertions(+)