LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Keith Packard <keithpac@amazon.com>
To: linux-kernel@vger.kernel.org
Cc: "Abbott Liu" <liuwenliang@huawei.com>,
	"Alexei Starovoitov" <ast@kernel.org>,
	"Andrew Morton" <akpm@linux-foundation.org>,
	"Andrii Nakryiko" <andrii@kernel.org>,
	"Anshuman Khandual" <anshuman.khandual@arm.com>,
	"Ard Biesheuvel" <ardb@kernel.org>,
	"Arnd Bergmann" <arnd@arndb.de>,
	"Ben Segall" <bsegall@google.com>,
	"Bjorn Andersson" <bjorn.andersson@linaro.org>,
	bpf@vger.kernel.org, "Christoph Lameter" <cl@linux.com>,
	"Daniel Borkmann" <daniel@iogearbox.net>,
	"Daniel Bristot de Oliveira" <bristot@redhat.com>,
	"Dennis Zhou" <dennis@kernel.org>,
	devicetree@vger.kernel.org,
	"Dietmar Eggemann" <dietmar.eggemann@arm.com>,
	"Florian Fainelli" <f.fainelli@gmail.com>,
	"Frank Rowand" <frowand.list@gmail.com>,
	"Geert Uytterhoeven" <geert+renesas@glider.be>,
	"Ingo Molnar" <mingo@redhat.com>,
	"Jason Wang" <jasowang@redhat.com>,
	"Jens Axboe" <axboe@kernel.dk>, "Joe Perches" <joe@perches.com>,
	"John Fastabend" <john.fastabend@gmail.com>,
	"Juri Lelli" <juri.lelli@redhat.com>,
	"Keith Packard" <keithpac@amazon.com>,
	"KP Singh" <kpsingh@kernel.org>,
	kvm@vger.kernel.org, "Linus Walleij" <linus.walleij@linaro.org>,
	linux-arch@vger.kernel.org, linux-arm-kernel@lists.infradead.org,
	linux-mm@kvack.org, "Manivannan Sadhasivam" <mani@kernel.org>,
	"Marc Zyngier" <maz@kernel.org>,
	"Martin KaFai Lau" <kafai@fb.com>, "Mel Gorman" <mgorman@suse.de>,
	"Michael Ellerman" <mpe@ellerman.id.au>,
	"Michael S. Tsirkin" <mst@redhat.com>,
	"Miguel Ojeda" <ojeda@kernel.org>,
	"Mike Rapoport" <rppt@kernel.org>,
	netdev@vger.kernel.org,
	"Nick Desaulniers" <ndesaulniers@google.com>,
	"Nick Desaulniers" <ndesaulniers@gooogle.com>,
	"Nicolas Pitre" <nico@fluxnic.net>,
	"Peter Zijlstra" <peterz@infradead.org>,
	"Rob Herring" <robh+dt@kernel.org>,
	"Russell King" <linux@armlinux.org.uk>,
	"Song Liu" <songliubraving@fb.com>,
	"Srikar Dronamraju" <srikar@linux.vnet.ibm.com>,
	"Steven Rostedt" <rostedt@goodmis.org>,
	"Tejun Heo" <tj@kernel.org>,
	"Thomas Gleixner" <tglx@linutronix.de>,
	"Uwe Kleine-König" <u.kleine-koenig@pengutronix.de>,
	"Valentin Schneider" <valentin.schneider@arm.com>,
	"Vincent Guittot" <vincent.guittot@linaro.org>,
	virtualization@lists.linux-foundation.org,
	"Wolfram Sang (Renesas)" <wsa+renesas@sang-engineering.com>,
	"YiFei Zhu" <yifeifz2@illinois.edu>, "Yonghong Song" <yhs@fb.com>
Subject: [PATCH v4 7/7] ARM: Move thread_info into task_struct (v7 only)
Date: Wed,  8 Sep 2021 12:06:05 -0700	[thread overview]
Message-ID: <20210908190605.419064-8-keithpac@amazon.com> (raw)
In-Reply-To: <20210908190605.419064-1-keithpac@amazon.com>

This avoids many stack overflow attacks which modified the thread_info
structure by moving that into the task_struct as is done is almost all
other architectures.

This also involved removing the 'cpu' member from the thread_info
struct and using the one added to the task_struct instead by the
THREAD_INFO_IN_TASK code.

This code is currently enabled only for v7 hardware as most other ARM
architectures do not have the TPIDRPRW register that is used to
store the current value. It could probably be enabled for v6k
architectures as well, but I haven't tested that.

With the TPIDRPRW register, the kernel can identify the current
cpu. Without that register, there's a circular dependency between the
current cpu and 'current' — know one and you can find the
other. Leaving the thread_info in the kernel stack lets you find the
cpu number independently.

Signed-off-by: Keith Packard <keithpac@amazon.com>
---
 arch/arm/Kconfig                   |  1 +
 arch/arm/include/asm/assembler.h   |  4 ++++
 arch/arm/include/asm/smp.h         |  4 ++++
 arch/arm/include/asm/thread_info.h | 12 +++++++++++-
 arch/arm/kernel/asm-offsets.c      |  4 ++++
 arch/arm/kernel/entry-armv.S       |  4 ++++
 arch/arm/vfp/vfpmodule.c           |  9 +++++++++
 7 files changed, 37 insertions(+), 1 deletion(-)

diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
index 414fe23fd5ac..5846b4f5444b 100644
--- a/arch/arm/Kconfig
+++ b/arch/arm/Kconfig
@@ -128,6 +128,7 @@ config ARM
 	select RTC_LIB
 	select SET_FS
 	select SYS_SUPPORTS_APM_EMULATION
+	select THREAD_INFO_IN_TASK if CURRENT_POINTER_IN_TPIDRPRW
 	# Above selects are sorted alphabetically; please add new ones
 	# according to that.  Thanks.
 	help
diff --git a/arch/arm/include/asm/assembler.h b/arch/arm/include/asm/assembler.h
index ea12fe3bb589..b23d2b87184a 100644
--- a/arch/arm/include/asm/assembler.h
+++ b/arch/arm/include/asm/assembler.h
@@ -203,10 +203,14 @@
  * Get current thread_info.
  */
 	.macro	get_thread_info, rd
+#ifdef CONFIG_THREAD_INFO_IN_TASK
+	mrc	p15, 0, \rd, c13, c0, 4
+#else
  ARM(	mov	\rd, sp, lsr #THREAD_SIZE_ORDER + PAGE_SHIFT	)
  THUMB(	mov	\rd, sp			)
  THUMB(	lsr	\rd, \rd, #THREAD_SIZE_ORDER + PAGE_SHIFT	)
 	mov	\rd, \rd, lsl #THREAD_SIZE_ORDER + PAGE_SHIFT
+#endif
 	.endm
 
 /*
diff --git a/arch/arm/include/asm/smp.h b/arch/arm/include/asm/smp.h
index d43b64635d77..beb3872645d9 100644
--- a/arch/arm/include/asm/smp.h
+++ b/arch/arm/include/asm/smp.h
@@ -15,7 +15,11 @@
 # error "<asm/smp.h> included in non-SMP build"
 #endif
 
+#ifdef CONFIG_THREAD_INFO_IN_TASK
+#define raw_smp_processor_id() (current->cpu)
+#else
 #define raw_smp_processor_id() (current_thread_info()->cpu)
+#endif
 
 struct seq_file;
 
diff --git a/arch/arm/include/asm/thread_info.h b/arch/arm/include/asm/thread_info.h
index 70d4cbc49ae1..6b67703ca16a 100644
--- a/arch/arm/include/asm/thread_info.h
+++ b/arch/arm/include/asm/thread_info.h
@@ -55,8 +55,10 @@ struct thread_info {
 	unsigned long		flags;		/* low level flags */
 	int			preempt_count;	/* 0 => preemptable, <0 => bug */
 	mm_segment_t		addr_limit;	/* address limit */
+#ifndef CONFIG_THREAD_INFO_IN_TASK
 	struct task_struct	*task;		/* main task structure */
 	__u32			cpu;		/* cpu */
+#endif
 	__u32			cpu_domain;	/* cpu domain */
 #ifdef CONFIG_STACKPROTECTOR_PER_TASK
 	unsigned long		stack_canary;
@@ -75,14 +77,21 @@ struct thread_info {
 #endif
 };
 
+#ifdef CONFIG_THREAD_INFO_IN_TASK
+#define INIT_THREAD_INFO_TASK(tsk)
+#else
+#define INIT_THREAD_INFO_TASK(tsk) .task = &tsk,
+#endif
+
 #define INIT_THREAD_INFO(tsk)						\
 {									\
-	.task		= &tsk,						\
+	INIT_THREAD_INFO_TASK(tsk)					\
 	.flags		= 0,						\
 	.preempt_count	= INIT_PREEMPT_COUNT,				\
 	.addr_limit	= KERNEL_DS,					\
 }
 
+#ifndef CONFIG_THREAD_INFO_IN_TASK
 /*
  * how to get the thread information struct from C
  */
@@ -93,6 +102,7 @@ static inline struct thread_info *current_thread_info(void)
 	return (struct thread_info *)
 		(current_stack_pointer & ~(THREAD_SIZE - 1));
 }
+#endif
 
 #define thread_saved_pc(tsk)	\
 	((unsigned long)(task_thread_info(tsk)->cpu_context.pc))
diff --git a/arch/arm/kernel/asm-offsets.c b/arch/arm/kernel/asm-offsets.c
index 70993af22d80..2a6745f7423e 100644
--- a/arch/arm/kernel/asm-offsets.c
+++ b/arch/arm/kernel/asm-offsets.c
@@ -44,8 +44,12 @@ int main(void)
   DEFINE(TI_FLAGS,		offsetof(struct thread_info, flags));
   DEFINE(TI_PREEMPT,		offsetof(struct thread_info, preempt_count));
   DEFINE(TI_ADDR_LIMIT,		offsetof(struct thread_info, addr_limit));
+#ifdef CONFIG_THREAD_INFO_IN_TASK
+  DEFINE(TI_CPU,		offsetof(struct task_struct, cpu));
+#else
   DEFINE(TI_TASK,		offsetof(struct thread_info, task));
   DEFINE(TI_CPU,		offsetof(struct thread_info, cpu));
+#endif
   DEFINE(TI_CPU_DOMAIN,		offsetof(struct thread_info, cpu_domain));
   DEFINE(TI_CPU_SAVE,		offsetof(struct thread_info, cpu_context));
   DEFINE(TI_USED_CP,		offsetof(struct thread_info, used_cp));
diff --git a/arch/arm/kernel/entry-armv.S b/arch/arm/kernel/entry-armv.S
index db3947ee9c3e..5ae687c8c7b8 100644
--- a/arch/arm/kernel/entry-armv.S
+++ b/arch/arm/kernel/entry-armv.S
@@ -762,9 +762,13 @@ ENTRY(__switch_to)
 #endif
 	switch_tls r1, r4, r5, r3, r7
 #ifdef CONFIG_CURRENT_POINTER_IN_TPIDRPRW
+#ifdef CONFIG_THREAD_INFO_IN_TASK
+	set_current r2
+#else
 	ldr	r7, [r2, #TI_TASK]
 	set_current r7
 #endif
+#endif
 #if defined(CONFIG_STACKPROTECTOR) && !defined(CONFIG_SMP)
 	ldr	r7, [r2, #TI_TASK]
 	ldr	r8, =__stack_chk_guard
diff --git a/arch/arm/vfp/vfpmodule.c b/arch/arm/vfp/vfpmodule.c
index d7a3818da671..84a691da59fa 100644
--- a/arch/arm/vfp/vfpmodule.c
+++ b/arch/arm/vfp/vfpmodule.c
@@ -158,7 +158,12 @@ static void vfp_thread_copy(struct thread_info *thread)
  */
 static int vfp_notifier(struct notifier_block *self, unsigned long cmd, void *v)
 {
+#ifdef CONFIG_THREAD_INFO_IN_TASK
+	struct task_struct *tsk = v;
+	struct thread_info *thread = &tsk->thread_info;
+#else
 	struct thread_info *thread = v;
+#endif
 	u32 fpexc;
 #ifdef CONFIG_SMP
 	unsigned int cpu;
@@ -169,7 +174,11 @@ static int vfp_notifier(struct notifier_block *self, unsigned long cmd, void *v)
 		fpexc = fmrx(FPEXC);
 
 #ifdef CONFIG_SMP
+#ifdef CONFIG_THREAD_INFO_IN_TASK
+		cpu = tsk->cpu;
+#else
 		cpu = thread->cpu;
+#endif
 
 		/*
 		 * On SMP, if VFP is enabled, save the old state in
-- 
2.33.0


      parent reply	other threads:[~2021-09-08 19:06 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <id:20210907220038.91021-1-keithpac@amazon.com>
2021-09-08 19:05 ` [PATCH v4 0/7] ARM: support THREAD_INFO_IN_TASK Keith Packard
2021-09-08 19:05   ` [PATCH v4 1/7] ARM: Pass cpu number to secondary_start_kernel Keith Packard
2021-09-08 19:06   ` [PATCH v4 2/7] ARM: Pass task " Keith Packard
2021-09-08 19:06   ` [PATCH v4 3/7] ARM: Use smp_processor_id() in vfp_pm_suspend instead of ti->cpu Keith Packard
2021-09-08 19:06   ` [PATCH v4 4/7] Make sure task_struct is available for raw_smp_processor_id Keith Packard
2021-09-10 20:20     ` Rob Herring
2021-09-08 19:06   ` [PATCH v4 5/7] ARM: Stop using TPIDRPRW to hold per_cpu_offset Keith Packard
2021-09-08 19:06   ` [PATCH v4 6/7] ARM: Use TPIDRPRW for current Keith Packard
2021-09-08 19:06   ` Keith Packard [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210908190605.419064-8-keithpac@amazon.com \
    --to=keithpac@amazon.com \
    --cc=akpm@linux-foundation.org \
    --cc=andrii@kernel.org \
    --cc=anshuman.khandual@arm.com \
    --cc=ardb@kernel.org \
    --cc=arnd@arndb.de \
    --cc=ast@kernel.org \
    --cc=axboe@kernel.dk \
    --cc=bjorn.andersson@linaro.org \
    --cc=bpf@vger.kernel.org \
    --cc=bristot@redhat.com \
    --cc=bsegall@google.com \
    --cc=cl@linux.com \
    --cc=daniel@iogearbox.net \
    --cc=dennis@kernel.org \
    --cc=devicetree@vger.kernel.org \
    --cc=dietmar.eggemann@arm.com \
    --cc=f.fainelli@gmail.com \
    --cc=frowand.list@gmail.com \
    --cc=geert+renesas@glider.be \
    --cc=jasowang@redhat.com \
    --cc=joe@perches.com \
    --cc=john.fastabend@gmail.com \
    --cc=juri.lelli@redhat.com \
    --cc=kafai@fb.com \
    --cc=kpsingh@kernel.org \
    --cc=kvm@vger.kernel.org \
    --cc=linus.walleij@linaro.org \
    --cc=linux-arch@vger.kernel.org \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=linux@armlinux.org.uk \
    --cc=liuwenliang@huawei.com \
    --cc=mani@kernel.org \
    --cc=maz@kernel.org \
    --cc=mgorman@suse.de \
    --cc=mingo@redhat.com \
    --cc=mpe@ellerman.id.au \
    --cc=mst@redhat.com \
    --cc=ndesaulniers@google.com \
    --cc=ndesaulniers@gooogle.com \
    --cc=netdev@vger.kernel.org \
    --cc=nico@fluxnic.net \
    --cc=ojeda@kernel.org \
    --cc=peterz@infradead.org \
    --cc=robh+dt@kernel.org \
    --cc=rostedt@goodmis.org \
    --cc=rppt@kernel.org \
    --cc=songliubraving@fb.com \
    --cc=srikar@linux.vnet.ibm.com \
    --cc=tglx@linutronix.de \
    --cc=tj@kernel.org \
    --cc=u.kleine-koenig@pengutronix.de \
    --cc=valentin.schneider@arm.com \
    --cc=vincent.guittot@linaro.org \
    --cc=virtualization@lists.linux-foundation.org \
    --cc=wsa+renesas@sang-engineering.com \
    --cc=yhs@fb.com \
    --cc=yifeifz2@illinois.edu \
    --subject='Re: [PATCH v4 7/7] ARM: Move thread_info into task_struct (v7 only)' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).