Unverified Commit 13e47beb authored Jul 02, 2021 by Tong Tiangen Committed by Palmer Dabbelt Aug 03, 2021

riscv: Implement thread_struct whitelist for hardened usercopy



This whitelists the FPU register state portion of the thread_struct for
copying to userspace, instead of the default entire struct.

Signed-off-by: Tong Tiangen <tongtiangen@huawei.com>
Signed-off-by: Palmer Dabbelt <palmerdabbelt@google.com>

parent 67979e92

arch/riscv/Kconfig

+1 −0

Original line number	Diff line number	Diff line
		@@ -72,6 +72,7 @@ config RISCV
		select HAVE_ARCH_SECCOMP_FILTER
		select HAVE_ARCH_TRACEHOOK
		select HAVE_ARCH_TRANSPARENT_HUGEPAGE if 64BIT && MMU
		select HAVE_ARCH_THREAD_STRUCT_WHITELIST
		select HAVE_ARCH_VMAP_STACK if MMU && 64BIT
		select HAVE_ASM_MODVERSIONS
		select HAVE_CONTEXT_TRACKING

arch/riscv/include/asm/processor.h

+8 −0

Original line number	Diff line number	Diff line
		@@ -37,6 +37,14 @@ struct thread_struct {
		unsigned long bad_cause;
		};

		/* Whitelist the fstate from the task_struct for hardened usercopy */
		static inline void arch_thread_struct_whitelist(unsigned long *offset,
		unsigned long *size)
		{
		*offset = offsetof(struct thread_struct, fstate);
		*size = sizeof_field(struct thread_struct, fstate);
		}

		#define INIT_THREAD { \
		.sp = sizeof(init_stack) + (long)&init_stack, \
		}