From: guoren@kernel.org To: arnd@arndb.de, guoren@kernel.org, palmer@rivosinc.com, tglx@linutronix.de, peterz@infradead.org, luto@kernel.org, conor.dooley@microchip.com, heiko@sntech.de, jszhang@kernel.org, lazyparser@gmail.com, falcon@tinylab.org, chenhuacai@kernel.org, apatel@ventanamicro.com, atishp@atishpatra.org, palmer@dabbelt.com, paul.walmsley@sifive.com, mark.rutland@arm.com, zouyipeng@huawei.com, bigeasy@linutronix.de, David.Laight@aculab.com Cc: linux-arch@vger.kernel.org, linux-kernel@vger.kernel.org, linux-riscv@lists.infradead.org, Dao Lu <daolu@rivosinc.com>, Xianting Tian <xianting.tian@linux.alibaba.com>, Conor Dooley <Conor.Dooley@microchip.com> Subject: [PATCH V5 11/11] riscv: Add support for STACKLEAK gcc plugin Date: Sun, 18 Sep 2022 11:52:46 -0400 [thread overview] Message-ID: <20220918155246.1203293-12-guoren@kernel.org> (raw) In-Reply-To: <20220918155246.1203293-1-guoren@kernel.org> From: Dao Lu <daolu@rivosinc.com> Add support for STACKLEAK gcc plugin to riscv by implementing stackleak_check_alloca, based heavily on the arm64 version, and modifying the entry.S. Additionally, this disables the plugin for EFI stub code for riscv. All modifications base on generic_entry. Link: https://lore.kernel.org/linux-riscv/20220615213834.3116135-1-daolu@rivosinc.com/ Signed-off-by: Dao Lu <daolu@rivosinc.com> Co-developed-by: Xianting Tian <xianting.tian@linux.alibaba.com> Signed-off-by: Xianting Tian <xianting.tian@linux.alibaba.com> Co-developed-by: Guo Ren <guoren@kernel.org> Signed-off-by: Guo Ren <guoren@kernel.org> Cc: Conor Dooley <Conor.Dooley@microchip.com> Cc: Mark Rutland <mark.rutland@arm.com> --- arch/riscv/Kconfig | 1 + arch/riscv/kernel/entry.S | 8 +++++++- drivers/firmware/efi/libstub/Makefile | 2 +- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig index 8241b12399d7..b4476f17fed6 100644 --- a/arch/riscv/Kconfig +++ b/arch/riscv/Kconfig @@ -81,6 +81,7 @@ config RISCV select HAVE_ARCH_MMAP_RND_BITS if MMU select HAVE_ARCH_MMAP_RND_COMPAT_BITS if COMPAT select HAVE_ARCH_SECCOMP_FILTER + select HAVE_ARCH_STACKLEAK select HAVE_ARCH_TRACEHOOK select HAVE_ARCH_TRANSPARENT_HUGEPAGE if 64BIT && MMU select ARCH_ENABLE_THP_MIGRATION if TRANSPARENT_HUGEPAGE diff --git a/arch/riscv/kernel/entry.S b/arch/riscv/kernel/entry.S index 426529b84db0..2207cf44a3bc 100644 --- a/arch/riscv/kernel/entry.S +++ b/arch/riscv/kernel/entry.S @@ -130,7 +130,6 @@ END(handle_exception) ENTRY(ret_from_exception) REG_L s0, PT_STATUS(sp) - csrc CSR_STATUS, SR_IE #ifdef CONFIG_RISCV_M_MODE /* the MPP value is too large to be used as an immediate arg for addi */ li t0, SR_MPP @@ -139,6 +138,9 @@ ENTRY(ret_from_exception) andi s0, s0, SR_SPP #endif bnez s0, 1f +#ifdef CONFIG_GCC_PLUGIN_STACKLEAK + call stackleak_erase +#endif /* Save unwound kernel stack pointer in thread_info */ addi s0, sp, PT_SIZE_ON_STACK @@ -148,8 +150,12 @@ ENTRY(ret_from_exception) * Save TP into the scratch register , so we can find the kernel data * structures again. */ + csrc CSR_STATUS, SR_IE csrw CSR_SCRATCH, tp + j 2f 1: + csrc CSR_STATUS, SR_IE +2: /* * The current load reservation is effectively part of the processor's * state, in the sense that load reservations cannot be shared between diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile index d0537573501e..5e1fc4f82883 100644 --- a/drivers/firmware/efi/libstub/Makefile +++ b/drivers/firmware/efi/libstub/Makefile @@ -25,7 +25,7 @@ cflags-$(CONFIG_ARM) := $(subst $(CC_FLAGS_FTRACE),,$(KBUILD_CFLAGS)) \ -fno-builtin -fpic \ $(call cc-option,-mno-single-pic-base) cflags-$(CONFIG_RISCV) := $(subst $(CC_FLAGS_FTRACE),,$(KBUILD_CFLAGS)) \ - -fpic + -fpic $(DISABLE_STACKLEAK_PLUGIN) cflags-$(CONFIG_EFI_GENERIC_STUB) += -I$(srctree)/scripts/dtc/libfdt -- 2.36.1 _______________________________________________ linux-riscv mailing list linux-riscv@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-riscv
WARNING: multiple messages have this Message-ID (diff)
From: guoren@kernel.org To: arnd@arndb.de, guoren@kernel.org, palmer@rivosinc.com, tglx@linutronix.de, peterz@infradead.org, luto@kernel.org, conor.dooley@microchip.com, heiko@sntech.de, jszhang@kernel.org, lazyparser@gmail.com, falcon@tinylab.org, chenhuacai@kernel.org, apatel@ventanamicro.com, atishp@atishpatra.org, palmer@dabbelt.com, paul.walmsley@sifive.com, mark.rutland@arm.com, zouyipeng@huawei.com, bigeasy@linutronix.de, David.Laight@aculab.com Cc: linux-arch@vger.kernel.org, linux-kernel@vger.kernel.org, linux-riscv@lists.infradead.org, Dao Lu <daolu@rivosinc.com>, Xianting Tian <xianting.tian@linux.alibaba.com>, Conor Dooley <Conor.Dooley@microchip.com> Subject: [PATCH V5 11/11] riscv: Add support for STACKLEAK gcc plugin Date: Sun, 18 Sep 2022 11:52:46 -0400 [thread overview] Message-ID: <20220918155246.1203293-12-guoren@kernel.org> (raw) In-Reply-To: <20220918155246.1203293-1-guoren@kernel.org> From: Dao Lu <daolu@rivosinc.com> Add support for STACKLEAK gcc plugin to riscv by implementing stackleak_check_alloca, based heavily on the arm64 version, and modifying the entry.S. Additionally, this disables the plugin for EFI stub code for riscv. All modifications base on generic_entry. Link: https://lore.kernel.org/linux-riscv/20220615213834.3116135-1-daolu@rivosinc.com/ Signed-off-by: Dao Lu <daolu@rivosinc.com> Co-developed-by: Xianting Tian <xianting.tian@linux.alibaba.com> Signed-off-by: Xianting Tian <xianting.tian@linux.alibaba.com> Co-developed-by: Guo Ren <guoren@kernel.org> Signed-off-by: Guo Ren <guoren@kernel.org> Cc: Conor Dooley <Conor.Dooley@microchip.com> Cc: Mark Rutland <mark.rutland@arm.com> --- arch/riscv/Kconfig | 1 + arch/riscv/kernel/entry.S | 8 +++++++- drivers/firmware/efi/libstub/Makefile | 2 +- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig index 8241b12399d7..b4476f17fed6 100644 --- a/arch/riscv/Kconfig +++ b/arch/riscv/Kconfig @@ -81,6 +81,7 @@ config RISCV select HAVE_ARCH_MMAP_RND_BITS if MMU select HAVE_ARCH_MMAP_RND_COMPAT_BITS if COMPAT select HAVE_ARCH_SECCOMP_FILTER + select HAVE_ARCH_STACKLEAK select HAVE_ARCH_TRACEHOOK select HAVE_ARCH_TRANSPARENT_HUGEPAGE if 64BIT && MMU select ARCH_ENABLE_THP_MIGRATION if TRANSPARENT_HUGEPAGE diff --git a/arch/riscv/kernel/entry.S b/arch/riscv/kernel/entry.S index 426529b84db0..2207cf44a3bc 100644 --- a/arch/riscv/kernel/entry.S +++ b/arch/riscv/kernel/entry.S @@ -130,7 +130,6 @@ END(handle_exception) ENTRY(ret_from_exception) REG_L s0, PT_STATUS(sp) - csrc CSR_STATUS, SR_IE #ifdef CONFIG_RISCV_M_MODE /* the MPP value is too large to be used as an immediate arg for addi */ li t0, SR_MPP @@ -139,6 +138,9 @@ ENTRY(ret_from_exception) andi s0, s0, SR_SPP #endif bnez s0, 1f +#ifdef CONFIG_GCC_PLUGIN_STACKLEAK + call stackleak_erase +#endif /* Save unwound kernel stack pointer in thread_info */ addi s0, sp, PT_SIZE_ON_STACK @@ -148,8 +150,12 @@ ENTRY(ret_from_exception) * Save TP into the scratch register , so we can find the kernel data * structures again. */ + csrc CSR_STATUS, SR_IE csrw CSR_SCRATCH, tp + j 2f 1: + csrc CSR_STATUS, SR_IE +2: /* * The current load reservation is effectively part of the processor's * state, in the sense that load reservations cannot be shared between diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile index d0537573501e..5e1fc4f82883 100644 --- a/drivers/firmware/efi/libstub/Makefile +++ b/drivers/firmware/efi/libstub/Makefile @@ -25,7 +25,7 @@ cflags-$(CONFIG_ARM) := $(subst $(CC_FLAGS_FTRACE),,$(KBUILD_CFLAGS)) \ -fno-builtin -fpic \ $(call cc-option,-mno-single-pic-base) cflags-$(CONFIG_RISCV) := $(subst $(CC_FLAGS_FTRACE),,$(KBUILD_CFLAGS)) \ - -fpic + -fpic $(DISABLE_STACKLEAK_PLUGIN) cflags-$(CONFIG_EFI_GENERIC_STUB) += -I$(srctree)/scripts/dtc/libfdt -- 2.36.1
next prev parent reply other threads:[~2022-09-18 15:54 UTC|newest] Thread overview: 58+ messages / expand[flat|nested] mbox.gz Atom feed top 2022-09-18 15:52 [PATCH V5 00/11] riscv: Add GENERIC_ENTRY support and related features guoren 2022-09-18 15:52 ` guoren 2022-09-18 15:52 ` [PATCH V5 01/11] riscv: elf_kexec: Fixup compile warning guoren 2022-09-18 15:52 ` guoren 2022-09-18 15:52 ` [PATCH V5 02/11] riscv: compat_syscall_table: " guoren 2022-09-18 15:52 ` guoren 2022-09-18 15:52 ` [PATCH V5 03/11] riscv: ptrace: Remove duplicate operation guoren 2022-09-18 15:52 ` guoren 2022-09-18 15:52 ` [PATCH V5 04/11] compiler_types.h: Add __noinstr_section() for noinstr guoren 2022-09-18 15:52 ` guoren 2022-09-18 15:52 ` [PATCH V5 05/11] riscv: traps: Add noinstr to prevent instrumentation inserted guoren 2022-09-18 15:52 ` guoren 2022-09-18 15:52 ` [PATCH V5 06/11] entry: Prevent DEBUG_PREEMPT warning guoren 2022-09-18 15:52 ` guoren 2022-09-19 11:58 ` Peter Zijlstra 2022-09-19 11:58 ` Peter Zijlstra 2022-09-20 1:45 ` Guo Ren 2022-09-20 1:45 ` Guo Ren 2022-09-30 12:27 ` Guo Ren 2022-09-30 12:27 ` Guo Ren 2022-09-18 15:52 ` [PATCH V5 07/11] riscv: convert to generic entry guoren 2022-09-18 15:52 ` guoren 2022-09-19 13:34 ` Peter Zijlstra 2022-09-19 13:34 ` Peter Zijlstra 2022-09-20 6:36 ` Guo Ren 2022-09-20 6:36 ` Guo Ren 2022-09-20 7:22 ` Peter Zijlstra 2022-09-20 7:22 ` Peter Zijlstra 2022-09-30 11:28 ` Guo Ren 2022-09-30 11:28 ` Guo Ren 2022-09-18 15:52 ` [PATCH V5 08/11] riscv: Support HAVE_IRQ_EXIT_ON_IRQ_STACK guoren 2022-09-18 15:52 ` guoren 2022-09-19 13:45 ` Peter Zijlstra 2022-09-19 13:45 ` Peter Zijlstra 2022-09-20 6:08 ` Guo Ren 2022-09-20 6:08 ` Guo Ren 2022-09-20 7:27 ` Peter Zijlstra 2022-09-20 7:27 ` Peter Zijlstra 2022-09-20 7:34 ` Peter Zijlstra 2022-09-20 7:34 ` Peter Zijlstra 2022-09-21 6:16 ` Guo Ren 2022-09-21 6:16 ` Guo Ren 2022-09-21 8:34 ` Chen Zhongjin 2022-09-21 8:34 ` Chen Zhongjin 2022-09-21 9:53 ` Guo Ren 2022-09-21 9:53 ` Guo Ren 2022-09-21 11:56 ` Chen Zhongjin 2022-09-21 11:56 ` Chen Zhongjin 2022-09-22 1:26 ` Guo Ren 2022-09-22 1:26 ` Guo Ren 2022-09-18 15:52 ` [PATCH V5 09/11] riscv: Support HAVE_SOFTIRQ_ON_OWN_STACK guoren 2022-09-18 15:52 ` guoren 2022-09-20 0:11 ` Guo Ren 2022-09-20 0:11 ` Guo Ren 2022-09-18 15:52 ` [PATCH V5 10/11] riscv: Add config of thread stack size guoren 2022-09-18 15:52 ` guoren 2022-09-18 15:52 ` guoren [this message] 2022-09-18 15:52 ` [PATCH V5 11/11] riscv: Add support for STACKLEAK gcc plugin guoren
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20220918155246.1203293-12-guoren@kernel.org \ --to=guoren@kernel.org \ --cc=David.Laight@aculab.com \ --cc=apatel@ventanamicro.com \ --cc=arnd@arndb.de \ --cc=atishp@atishpatra.org \ --cc=bigeasy@linutronix.de \ --cc=chenhuacai@kernel.org \ --cc=conor.dooley@microchip.com \ --cc=daolu@rivosinc.com \ --cc=falcon@tinylab.org \ --cc=heiko@sntech.de \ --cc=jszhang@kernel.org \ --cc=lazyparser@gmail.com \ --cc=linux-arch@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-riscv@lists.infradead.org \ --cc=luto@kernel.org \ --cc=mark.rutland@arm.com \ --cc=palmer@dabbelt.com \ --cc=palmer@rivosinc.com \ --cc=paul.walmsley@sifive.com \ --cc=peterz@infradead.org \ --cc=tglx@linutronix.de \ --cc=xianting.tian@linux.alibaba.com \ --cc=zouyipeng@huawei.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.