From: guoren@kernel.org
To: arnd@arndb.de, guoren@kernel.org, palmer@rivosinc.com,
tglx@linutronix.de, peterz@infradead.org, luto@kernel.org,
conor.dooley@microchip.com, heiko@sntech.de, jszhang@kernel.org,
lazyparser@gmail.com, falcon@tinylab.org, chenhuacai@kernel.org,
apatel@ventanamicro.com, atishp@atishpatra.org,
palmer@dabbelt.com, paul.walmsley@sifive.com,
mark.rutland@arm.com, zouyipeng@huawei.com,
bigeasy@linutronix.de, David.Laight@aculab.com
Cc: linux-arch@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-riscv@lists.infradead.org, Dao Lu <daolu@rivosinc.com>,
Xianting Tian <xianting.tian@linux.alibaba.com>,
Conor Dooley <Conor.Dooley@microchip.com>
Subject: [PATCH V5 11/11] riscv: Add support for STACKLEAK gcc plugin
Date: Sun, 18 Sep 2022 11:52:46 -0400 [thread overview]
Message-ID: <20220918155246.1203293-12-guoren@kernel.org> (raw)
In-Reply-To: <20220918155246.1203293-1-guoren@kernel.org>
From: Dao Lu <daolu@rivosinc.com>
Add support for STACKLEAK gcc plugin to riscv by implementing
stackleak_check_alloca, based heavily on the arm64 version, and
modifying the entry.S. Additionally, this disables the plugin for EFI
stub code for riscv. All modifications base on generic_entry.
Link: https://lore.kernel.org/linux-riscv/20220615213834.3116135-1-daolu@rivosinc.com/
Signed-off-by: Dao Lu <daolu@rivosinc.com>
Co-developed-by: Xianting Tian <xianting.tian@linux.alibaba.com>
Signed-off-by: Xianting Tian <xianting.tian@linux.alibaba.com>
Co-developed-by: Guo Ren <guoren@kernel.org>
Signed-off-by: Guo Ren <guoren@kernel.org>
Cc: Conor Dooley <Conor.Dooley@microchip.com>
Cc: Mark Rutland <mark.rutland@arm.com>
---
arch/riscv/Kconfig | 1 +
arch/riscv/kernel/entry.S | 8 +++++++-
drivers/firmware/efi/libstub/Makefile | 2 +-
3 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig
index 8241b12399d7..b4476f17fed6 100644
--- a/arch/riscv/Kconfig
+++ b/arch/riscv/Kconfig
@@ -81,6 +81,7 @@ config RISCV
select HAVE_ARCH_MMAP_RND_BITS if MMU
select HAVE_ARCH_MMAP_RND_COMPAT_BITS if COMPAT
select HAVE_ARCH_SECCOMP_FILTER
+ select HAVE_ARCH_STACKLEAK
select HAVE_ARCH_TRACEHOOK
select HAVE_ARCH_TRANSPARENT_HUGEPAGE if 64BIT && MMU
select ARCH_ENABLE_THP_MIGRATION if TRANSPARENT_HUGEPAGE
diff --git a/arch/riscv/kernel/entry.S b/arch/riscv/kernel/entry.S
index 426529b84db0..2207cf44a3bc 100644
--- a/arch/riscv/kernel/entry.S
+++ b/arch/riscv/kernel/entry.S
@@ -130,7 +130,6 @@ END(handle_exception)
ENTRY(ret_from_exception)
REG_L s0, PT_STATUS(sp)
- csrc CSR_STATUS, SR_IE
#ifdef CONFIG_RISCV_M_MODE
/* the MPP value is too large to be used as an immediate arg for addi */
li t0, SR_MPP
@@ -139,6 +138,9 @@ ENTRY(ret_from_exception)
andi s0, s0, SR_SPP
#endif
bnez s0, 1f
+#ifdef CONFIG_GCC_PLUGIN_STACKLEAK
+ call stackleak_erase
+#endif
/* Save unwound kernel stack pointer in thread_info */
addi s0, sp, PT_SIZE_ON_STACK
@@ -148,8 +150,12 @@ ENTRY(ret_from_exception)
* Save TP into the scratch register , so we can find the kernel data
* structures again.
*/
+ csrc CSR_STATUS, SR_IE
csrw CSR_SCRATCH, tp
+ j 2f
1:
+ csrc CSR_STATUS, SR_IE
+2:
/*
* The current load reservation is effectively part of the processor's
* state, in the sense that load reservations cannot be shared between
diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile
index d0537573501e..5e1fc4f82883 100644
--- a/drivers/firmware/efi/libstub/Makefile
+++ b/drivers/firmware/efi/libstub/Makefile
@@ -25,7 +25,7 @@ cflags-$(CONFIG_ARM) := $(subst $(CC_FLAGS_FTRACE),,$(KBUILD_CFLAGS)) \
-fno-builtin -fpic \
$(call cc-option,-mno-single-pic-base)
cflags-$(CONFIG_RISCV) := $(subst $(CC_FLAGS_FTRACE),,$(KBUILD_CFLAGS)) \
- -fpic
+ -fpic $(DISABLE_STACKLEAK_PLUGIN)
cflags-$(CONFIG_EFI_GENERIC_STUB) += -I$(srctree)/scripts/dtc/libfdt
--
2.36.1
_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv
WARNING: multiple messages have this Message-ID (diff)
From: guoren@kernel.org
To: arnd@arndb.de, guoren@kernel.org, palmer@rivosinc.com,
tglx@linutronix.de, peterz@infradead.org, luto@kernel.org,
conor.dooley@microchip.com, heiko@sntech.de, jszhang@kernel.org,
lazyparser@gmail.com, falcon@tinylab.org, chenhuacai@kernel.org,
apatel@ventanamicro.com, atishp@atishpatra.org,
palmer@dabbelt.com, paul.walmsley@sifive.com,
mark.rutland@arm.com, zouyipeng@huawei.com,
bigeasy@linutronix.de, David.Laight@aculab.com
Cc: linux-arch@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-riscv@lists.infradead.org, Dao Lu <daolu@rivosinc.com>,
Xianting Tian <xianting.tian@linux.alibaba.com>,
Conor Dooley <Conor.Dooley@microchip.com>
Subject: [PATCH V5 11/11] riscv: Add support for STACKLEAK gcc plugin
Date: Sun, 18 Sep 2022 11:52:46 -0400 [thread overview]
Message-ID: <20220918155246.1203293-12-guoren@kernel.org> (raw)
In-Reply-To: <20220918155246.1203293-1-guoren@kernel.org>
From: Dao Lu <daolu@rivosinc.com>
Add support for STACKLEAK gcc plugin to riscv by implementing
stackleak_check_alloca, based heavily on the arm64 version, and
modifying the entry.S. Additionally, this disables the plugin for EFI
stub code for riscv. All modifications base on generic_entry.
Link: https://lore.kernel.org/linux-riscv/20220615213834.3116135-1-daolu@rivosinc.com/
Signed-off-by: Dao Lu <daolu@rivosinc.com>
Co-developed-by: Xianting Tian <xianting.tian@linux.alibaba.com>
Signed-off-by: Xianting Tian <xianting.tian@linux.alibaba.com>
Co-developed-by: Guo Ren <guoren@kernel.org>
Signed-off-by: Guo Ren <guoren@kernel.org>
Cc: Conor Dooley <Conor.Dooley@microchip.com>
Cc: Mark Rutland <mark.rutland@arm.com>
---
arch/riscv/Kconfig | 1 +
arch/riscv/kernel/entry.S | 8 +++++++-
drivers/firmware/efi/libstub/Makefile | 2 +-
3 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig
index 8241b12399d7..b4476f17fed6 100644
--- a/arch/riscv/Kconfig
+++ b/arch/riscv/Kconfig
@@ -81,6 +81,7 @@ config RISCV
select HAVE_ARCH_MMAP_RND_BITS if MMU
select HAVE_ARCH_MMAP_RND_COMPAT_BITS if COMPAT
select HAVE_ARCH_SECCOMP_FILTER
+ select HAVE_ARCH_STACKLEAK
select HAVE_ARCH_TRACEHOOK
select HAVE_ARCH_TRANSPARENT_HUGEPAGE if 64BIT && MMU
select ARCH_ENABLE_THP_MIGRATION if TRANSPARENT_HUGEPAGE
diff --git a/arch/riscv/kernel/entry.S b/arch/riscv/kernel/entry.S
index 426529b84db0..2207cf44a3bc 100644
--- a/arch/riscv/kernel/entry.S
+++ b/arch/riscv/kernel/entry.S
@@ -130,7 +130,6 @@ END(handle_exception)
ENTRY(ret_from_exception)
REG_L s0, PT_STATUS(sp)
- csrc CSR_STATUS, SR_IE
#ifdef CONFIG_RISCV_M_MODE
/* the MPP value is too large to be used as an immediate arg for addi */
li t0, SR_MPP
@@ -139,6 +138,9 @@ ENTRY(ret_from_exception)
andi s0, s0, SR_SPP
#endif
bnez s0, 1f
+#ifdef CONFIG_GCC_PLUGIN_STACKLEAK
+ call stackleak_erase
+#endif
/* Save unwound kernel stack pointer in thread_info */
addi s0, sp, PT_SIZE_ON_STACK
@@ -148,8 +150,12 @@ ENTRY(ret_from_exception)
* Save TP into the scratch register , so we can find the kernel data
* structures again.
*/
+ csrc CSR_STATUS, SR_IE
csrw CSR_SCRATCH, tp
+ j 2f
1:
+ csrc CSR_STATUS, SR_IE
+2:
/*
* The current load reservation is effectively part of the processor's
* state, in the sense that load reservations cannot be shared between
diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile
index d0537573501e..5e1fc4f82883 100644
--- a/drivers/firmware/efi/libstub/Makefile
+++ b/drivers/firmware/efi/libstub/Makefile
@@ -25,7 +25,7 @@ cflags-$(CONFIG_ARM) := $(subst $(CC_FLAGS_FTRACE),,$(KBUILD_CFLAGS)) \
-fno-builtin -fpic \
$(call cc-option,-mno-single-pic-base)
cflags-$(CONFIG_RISCV) := $(subst $(CC_FLAGS_FTRACE),,$(KBUILD_CFLAGS)) \
- -fpic
+ -fpic $(DISABLE_STACKLEAK_PLUGIN)
cflags-$(CONFIG_EFI_GENERIC_STUB) += -I$(srctree)/scripts/dtc/libfdt
--
2.36.1
next prev parent reply other threads:[~2022-09-18 15:54 UTC|newest]
Thread overview: 58+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-18 15:52 [PATCH V5 00/11] riscv: Add GENERIC_ENTRY support and related features guoren
2022-09-18 15:52 ` guoren
2022-09-18 15:52 ` [PATCH V5 01/11] riscv: elf_kexec: Fixup compile warning guoren
2022-09-18 15:52 ` guoren
2022-09-18 15:52 ` [PATCH V5 02/11] riscv: compat_syscall_table: " guoren
2022-09-18 15:52 ` guoren
2022-09-18 15:52 ` [PATCH V5 03/11] riscv: ptrace: Remove duplicate operation guoren
2022-09-18 15:52 ` guoren
2022-09-18 15:52 ` [PATCH V5 04/11] compiler_types.h: Add __noinstr_section() for noinstr guoren
2022-09-18 15:52 ` guoren
2022-09-18 15:52 ` [PATCH V5 05/11] riscv: traps: Add noinstr to prevent instrumentation inserted guoren
2022-09-18 15:52 ` guoren
2022-09-18 15:52 ` [PATCH V5 06/11] entry: Prevent DEBUG_PREEMPT warning guoren
2022-09-18 15:52 ` guoren
2022-09-19 11:58 ` Peter Zijlstra
2022-09-19 11:58 ` Peter Zijlstra
2022-09-20 1:45 ` Guo Ren
2022-09-20 1:45 ` Guo Ren
2022-09-30 12:27 ` Guo Ren
2022-09-30 12:27 ` Guo Ren
2022-09-18 15:52 ` [PATCH V5 07/11] riscv: convert to generic entry guoren
2022-09-18 15:52 ` guoren
2022-09-19 13:34 ` Peter Zijlstra
2022-09-19 13:34 ` Peter Zijlstra
2022-09-20 6:36 ` Guo Ren
2022-09-20 6:36 ` Guo Ren
2022-09-20 7:22 ` Peter Zijlstra
2022-09-20 7:22 ` Peter Zijlstra
2022-09-30 11:28 ` Guo Ren
2022-09-30 11:28 ` Guo Ren
2022-09-18 15:52 ` [PATCH V5 08/11] riscv: Support HAVE_IRQ_EXIT_ON_IRQ_STACK guoren
2022-09-18 15:52 ` guoren
2022-09-19 13:45 ` Peter Zijlstra
2022-09-19 13:45 ` Peter Zijlstra
2022-09-20 6:08 ` Guo Ren
2022-09-20 6:08 ` Guo Ren
2022-09-20 7:27 ` Peter Zijlstra
2022-09-20 7:27 ` Peter Zijlstra
2022-09-20 7:34 ` Peter Zijlstra
2022-09-20 7:34 ` Peter Zijlstra
2022-09-21 6:16 ` Guo Ren
2022-09-21 6:16 ` Guo Ren
2022-09-21 8:34 ` Chen Zhongjin
2022-09-21 8:34 ` Chen Zhongjin
2022-09-21 9:53 ` Guo Ren
2022-09-21 9:53 ` Guo Ren
2022-09-21 11:56 ` Chen Zhongjin
2022-09-21 11:56 ` Chen Zhongjin
2022-09-22 1:26 ` Guo Ren
2022-09-22 1:26 ` Guo Ren
2022-09-18 15:52 ` [PATCH V5 09/11] riscv: Support HAVE_SOFTIRQ_ON_OWN_STACK guoren
2022-09-18 15:52 ` guoren
2022-09-20 0:11 ` Guo Ren
2022-09-20 0:11 ` Guo Ren
2022-09-18 15:52 ` [PATCH V5 10/11] riscv: Add config of thread stack size guoren
2022-09-18 15:52 ` guoren
2022-09-18 15:52 ` guoren [this message]
2022-09-18 15:52 ` [PATCH V5 11/11] riscv: Add support for STACKLEAK gcc plugin guoren
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220918155246.1203293-12-guoren@kernel.org \
--to=guoren@kernel.org \
--cc=David.Laight@aculab.com \
--cc=apatel@ventanamicro.com \
--cc=arnd@arndb.de \
--cc=atishp@atishpatra.org \
--cc=bigeasy@linutronix.de \
--cc=chenhuacai@kernel.org \
--cc=conor.dooley@microchip.com \
--cc=daolu@rivosinc.com \
--cc=falcon@tinylab.org \
--cc=heiko@sntech.de \
--cc=jszhang@kernel.org \
--cc=lazyparser@gmail.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-riscv@lists.infradead.org \
--cc=luto@kernel.org \
--cc=mark.rutland@arm.com \
--cc=palmer@dabbelt.com \
--cc=palmer@rivosinc.com \
--cc=paul.walmsley@sifive.com \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=xianting.tian@linux.alibaba.com \
--cc=zouyipeng@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.