| Message ID | 20210702045422.3527469-1-tongtiangen@huawei.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [-next] riscv: Implement thread_struct whitelist for hardened usercopy | expand |
On Thu, 01 Jul 2021 21:54:21 PDT (-0700), tongtiangen@huawei.com wrote: > This whitelists the FPU register state portion of the thread_struct for > copying to userspace, instead of the default entire struct. > > Signed-off-by: Tong Tiangen <tongtiangen@huawei.com> > --- > arch/riscv/Kconfig | 1 + > arch/riscv/include/asm/processor.h | 8 ++++++++ > 2 files changed, 9 insertions(+) > > diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig > index 821081bdb8b8..5c26c0726944 100644 > --- a/arch/riscv/Kconfig > +++ b/arch/riscv/Kconfig > @@ -70,6 +70,7 @@ config RISCV > select HAVE_ARCH_MMAP_RND_BITS if MMU > select HAVE_ARCH_SECCOMP_FILTER > select HAVE_ARCH_TRACEHOOK > + select HAVE_ARCH_THREAD_STRUCT_WHITELIST > select HAVE_ASM_MODVERSIONS > select HAVE_CONTEXT_TRACKING > select HAVE_DEBUG_KMEMLEAK > diff --git a/arch/riscv/include/asm/processor.h b/arch/riscv/include/asm/processor.h > index 021ed64ee608..46b492c78cbb 100644 > --- a/arch/riscv/include/asm/processor.h > +++ b/arch/riscv/include/asm/processor.h > @@ -37,6 +37,14 @@ struct thread_struct { > unsigned long bad_cause; > }; > > +/* Whitelist the fstate from the task_struct for hardened usercopy */ > +static inline void arch_thread_struct_whitelist(unsigned long *offset, > + unsigned long *size) > +{ > + *offset = offsetof(struct thread_struct, fstate); > + *size = sizeof_field(struct thread_struct, fstate); > +} > + > #define INIT_THREAD { \ > .sp = sizeof(init_stack) + (long)&init_stack, \ > } Thanks, this is on for-next.
diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig index 821081bdb8b8..5c26c0726944 100644 --- a/arch/riscv/Kconfig +++ b/arch/riscv/Kconfig @@ -70,6 +70,7 @@ config RISCV select HAVE_ARCH_MMAP_RND_BITS if MMU select HAVE_ARCH_SECCOMP_FILTER select HAVE_ARCH_TRACEHOOK + select HAVE_ARCH_THREAD_STRUCT_WHITELIST select HAVE_ASM_MODVERSIONS select HAVE_CONTEXT_TRACKING select HAVE_DEBUG_KMEMLEAK diff --git a/arch/riscv/include/asm/processor.h b/arch/riscv/include/asm/processor.h index 021ed64ee608..46b492c78cbb 100644 --- a/arch/riscv/include/asm/processor.h +++ b/arch/riscv/include/asm/processor.h @@ -37,6 +37,14 @@ struct thread_struct { unsigned long bad_cause; }; +/* Whitelist the fstate from the task_struct for hardened usercopy */ +static inline void arch_thread_struct_whitelist(unsigned long *offset, + unsigned long *size) +{ + *offset = offsetof(struct thread_struct, fstate); + *size = sizeof_field(struct thread_struct, fstate); +} + #define INIT_THREAD { \ .sp = sizeof(init_stack) + (long)&init_stack, \ }
This whitelists the FPU register state portion of the thread_struct for copying to userspace, instead of the default entire struct. Signed-off-by: Tong Tiangen <tongtiangen@huawei.com> --- arch/riscv/Kconfig | 1 + arch/riscv/include/asm/processor.h | 8 ++++++++ 2 files changed, 9 insertions(+)