From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9236DC433F5 for ; Mon, 15 Nov 2021 11:20:47 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 6135D61C48 for ; Mon, 15 Nov 2021 11:20:47 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 6135D61C48 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:Cc :To:From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=ocK1kjPowh7mYn4V0GBZ3DKmS3y3Glvxlj4I04Q5E9A=; b=LLhyzV4zIICeAd 8rVO4kirNNVLTCibYUoEMy2JvpK7mnZ3EcBRlH9QMJv8Mrgvlye5U8+K0vGWNBeVtKvE18a50Crcv jhR00FZZfsyD09xZVdBfv7zTl+1heBX65hcuwaGPkfXY+aLDd7052QGuMZB+n63EiixdVsIaEG4bT dFukSnCjGp9gsRvvVVsWnGjLHOAPeYQu29JOaYLBLUMza1Ilmb/ldpNJ42AsnhdHC3Y038Qxv8rwV AeL+TDR7akU3VIgJ+X8lY8fVba6rNKKBGg/q1Cnmdnfjyy7Ph8kg0bLEMfz50Xx5Bstbh5kF/qU3d t1tIUq8mY61S286M6k5g==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1mma0M-00FK8f-9W; Mon, 15 Nov 2021 11:18:30 +0000 Received: from mail.kernel.org ([198.145.29.99]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1mma0J-00FK89-9a for linux-arm-kernel@lists.infradead.org; Mon, 15 Nov 2021 11:18:28 +0000 Received: by mail.kernel.org (Postfix) with ESMTPSA id 86DB961C15; Mon, 15 Nov 2021 11:18:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1636975106; bh=jk3TUdsrHGPmPVDS2nwjezOZqzF9AjmCc/PAfgr4f8c=; h=From:To:Cc:Subject:Date:From; b=r3p/ak3tXiy8fsMWnE2zqDMMBSRk9+S5CdOt99G/Wm6CwFm4Q8rpv0EorgPV7WEn4 lvcC7DHLIVlY4cnchbXzGGlaooMXClqPJgbKn8K/nCYTWtmTF+pLpG31KBc82UvxcQ PtRre23fkZRWs4o4LKOl6hkJy7Kksm3IxvdI8J0zaDV9xL29M7KUX90wlOCvM6jo3j 0b+dR+tZlM301W2q9/r6YPxaeozIZQxjdm3QcmvbPisHcbATrfcEaR2Qtu4awlTTcd IMd55bpZSc14o2YdxJsvRpukfz+U+pFeEYzfXwiIMC/fmGXuc1YUBBifjNpEAaFujA bhh3H8ZwY9m2w== From: Ard Biesheuvel To: linux-arm-kernel@lists.infradead.org Cc: Ard Biesheuvel , Russell King , Nicolas Pitre , Arnd Bergmann , Kees Cook , Keith Packard , Linus Walleij , Nick Desaulniers Subject: [PATCH v3 0/7] ARM: add vmap'ed stack support Date: Mon, 15 Nov 2021 12:18:09 +0100 Message-Id: <20211115111816.3911213-1-ardb@kernel.org> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=3823; h=from:subject; bh=jk3TUdsrHGPmPVDS2nwjezOZqzF9AjmCc/PAfgr4f8c=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBhkkHqHIssq/tlL5e39ehQtIRzcfgolDPItn6ssSZg Zx02dwGJAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCYZJB6gAKCRDDTyI5ktmPJKrcDA CLt0IFiy23k20V+tuu9Kyo+yDvLV1/YIpGTXDUJIIS9om5IXYQE63xznN/nthQGOekiqM0qu2IctGl NKVJc7mRtrHE4U+9/UHWOtO7Pt0d9aCaf91hdTek450aJQCpW7Jc0Uj5yZtcHhhfXhdmkTbDcfo9hL EujE3JZhYwRflIITbdnrxt+q0kGbpb/j+6InuZeey3ryj+tltRZOKFjg6MBq6wFEuRDXFZ0NFWNVjS 2wxPvTQwn5kyx48SdDH4scu0ZT1RbEnXT7F8AoDL4j8YyfT12V0YG7YB6kRykPaBGRWWIVyKnm5zBB iZU1kt5LXr+ufwBV11jIHtjrQYkkB0BvaQaKY3FmfK8jIw1cGtVSjDhTJVxtxEgQER49pUqgxn/fxa w8qS2GDKgPdW70mEBnpIPBKKgdXvSduYQXuNPotunusW2btNp/8yJimJ5reGvLaGbN98N07xU0b4ky wn0E99lnTXMzBXC9X5R6QCMdL4SS1p8x5/vMSJUhmJymk= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20211115_031827_394693_55AD3466 X-CRM114-Status: GOOD ( 17.81 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org This series enables support on ARM for vmap'ed task and IRQ stacks in the kernel. This is an important hardening feature that terminates tasks on inadvertent or deliberate accesses past the stack pointer, which might otherwise go completely unnoticed. Since having an accurate backtrace is especially important in such cases, this series includes some enhancements to the unwinder and to some hand rolled unwind info to increase the likelihood that a backtrace can be generated when relying on the ARM unwinder. The frame pointer unwinder turns out to be rather bullet proof in this context, and does not need any such enhancements. According to a quick survey I did, compiler generated code puts a single stack push as the first instruction in about 2/3 of the cases, which the unwinder can deal with after applying patch #4, even if this push faulted because of a stack overflow. In the remaining cases, the compiler tends to fall back to R11 or R7 as the frame pointer (on ARM or Thumb-2, respectively), or emit partial unwind frames for the part of the function that runs before the stack frame is set up, and the part that runs inside the stack frame. In either case, the unwinder can deal with such occurrences as they don't rely on the stack pointer directly. Changes since v2: - rebase onto v5.16-rc1 - incorporate Nico's review feedback Changes since v1: - handle a missed corner case in svc_entry code, and while at it, streamline it a bit, especially for Thumb-2, which no longer needs to move SP into R0 twice to do the overflow check and the alignment check, - improve the memcpy patch so that we no longer need to push the frame pointer separately, - add Keith's tested-by Patches #1, #2 and #3 update the ARM asm string routines to align more closely with the compiler's approach in terms of unwind tables, increasing the likelihood that we can unwind them in case of a stack overflow. Patches #5 and #6 do some preparatory refactoring for the entry and switch_to code, to reduce clutter in patch #7. Patch #7 wires up the generic support, and adds the entry code to detect and deal with stack overflows. This series applies onto my IRQ stacks series sent out earlier: https://lore.kernel.org/linux-arm-kernel/20211115084732.3704393-1-ardb@kernel.org/ Cc: Russell King Cc: Nicolas Pitre Cc: Arnd Bergmann Cc: Kees Cook Cc: Keith Packard Cc: Linus Walleij Cc: Nick Desaulniers Ard Biesheuvel (7): ARM: memcpy: use frame pointer as unwind anchor ARM: memmove: use frame pointer as unwind anchor ARM: memset: clean up unwind annotations ARM: unwind: disregard unwind info before stack frame is set up ARM: switch_to: clean up Thumb2 code path ARM: entry: rework stack realignment code in svc_entry ARM: implement support for vmap'ed stacks arch/arm/Kconfig | 1 + arch/arm/include/asm/page.h | 4 + arch/arm/include/asm/thread_info.h | 8 ++ arch/arm/kernel/entry-armv.S | 121 +++++++++++++++++--- arch/arm/kernel/entry-header.S | 57 +++++++++ arch/arm/kernel/irq.c | 9 +- arch/arm/kernel/traps.c | 65 ++++++++++- arch/arm/kernel/unwind.c | 19 ++- arch/arm/kernel/vmlinux.lds.S | 4 +- arch/arm/lib/copy_from_user.S | 13 +-- arch/arm/lib/copy_template.S | 67 ++++------- arch/arm/lib/copy_to_user.S | 13 +-- arch/arm/lib/memcpy.S | 13 +-- arch/arm/lib/memmove.S | 60 ++++------ arch/arm/lib/memset.S | 7 +- 15 files changed, 324 insertions(+), 137 deletions(-) -- 2.30.2 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel