From patchwork Wed Nov 30 03:40:56 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Guo Ren X-Patchwork-Id: 27585 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp711347wrr; Tue, 29 Nov 2022 19:46:26 -0800 (PST) X-Google-Smtp-Source: AA0mqf4LiCoN4vgbDNrWwoH5U+pht4ftuzYtdEBxhBAEt6Wqyk2uVyaQO729/4B03ozkwjKIe66O X-Received: by 2002:a05:6402:28cb:b0:463:b0de:c210 with SMTP id ef11-20020a05640228cb00b00463b0dec210mr54884782edb.10.1669779986822; Tue, 29 Nov 2022 19:46:26 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1669779986; cv=none; d=google.com; s=arc-20160816; b=UzqvZMTI5tvKxlN8OspXAn/RqRq+0VZDbaGyXt+7LJT14UhgDCoqZ3fN/YfY72NK6V kFyV4fRUKgc0T6L3ciBq6c7Y53VkPIURByNVXo8CymaroQGM2dPMXSr6gAU3kpxBwK+0 E6tSVKVuUj/L+AgMvCK6phHQhZabadVxTTPMsw19U6tmWeF7zo/3TT09N5iESDn7fE3W OxS2o/VA1yKadF3zmjSwdXSyC95hAUQy1a7zV3NPKy3VjMmc13dFiEO6hj3/3itERWWD 4vtKFB7ALijfidQzsU2d2orn8UdFMeUF6jIIP6h4keHNxXx1pjhxkuCWpdZcrKaO4kPb 4P/Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=tk5uaabQE1C5h2WEAHCefSY4U+5LkFt/fcK8bYyUia4=; b=QGI5QooC5fopTpDApUJlnmvPwOx3+czhYIsWNbVtGJpUFn8g8kkjzVjODsexFshkyP EOkjDB5FcNqUZRpeO06rHFz0arWktCkIwzAyF4Pnb0gnCMwozhJfnDOFHV/9c8bHm32M mQDjiwuwslJmD/4HFm2Oigaxo/UrMgtFQwClYUPTOzTpU7Wy2kv91GSwhvPnYUVItX+C MlbuW0IuckEqNWRUeExLi8/A7uxvVByEAOGN2fVL1wPpMq9+Wfuy3yMZkVPRAqB7Rqst +W62WPOn746ejILQi71hzCgLBRpMfmVIZ3A49TFLU9aUHbdxQVpXR3CaEbCb8OxMC1iI XhGw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=NZwnT0m2; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id dn14-20020a17090794ce00b007c0999c0e31si429135ejc.257.2022.11.29.19.46.03; Tue, 29 Nov 2022 19:46:26 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=NZwnT0m2; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232297AbiK3Dom (ORCPT + 99 others); Tue, 29 Nov 2022 22:44:42 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59826 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232931AbiK3DoO (ORCPT ); Tue, 29 Nov 2022 22:44:14 -0500 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8C41776175; Tue, 29 Nov 2022 19:43:28 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 2B7DF6190D; Wed, 30 Nov 2022 03:43:28 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 92625C433B5; Wed, 30 Nov 2022 03:43:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1669779807; bh=ZDyU4TTOJsyVKdnctf0t8XpryX5dMXPuOjIV8A9Fjb8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=NZwnT0m2d3IK0C8nylUmtgnnbbhi7Ly+qczv0bnk9ieSYucysDPDqW4Hk2vOmiVsR 4agpwBTCQxrpVP1TruVfjGdvoMPim4X1uKG22KwmCh5TShQI44QAcLE+hFOn1Tx8ru cwT/qTlttm22xF8vXfj2O7TD5OI5ldR0gkiKnnRbsE8DZVC3NE5mn+SI467HCxTpV5 TNx8c/hzlJxcsdf869+hQLsVn1HHU6NLWQFbuqLUDQTPYSaAnackto5fahOeD1gymg TwdkWedfA/VTaYXQB4knI7fmsSjSvoAt+p3xxFcjO0H6MnZvoKLkm+rxExlnPRw1Sy DJEGXl/JTbKXw== From: guoren@kernel.org To: arnd@arndb.de, guoren@kernel.org, palmer@rivosinc.com, tglx@linutronix.de, peterz@infradead.org, luto@kernel.org, conor.dooley@microchip.com, heiko@sntech.de, jszhang@kernel.org, lazyparser@gmail.com, falcon@tinylab.org, chenhuacai@kernel.org, apatel@ventanamicro.com, atishp@atishpatra.org, palmer@dabbelt.com, paul.walmsley@sifive.com, mark.rutland@arm.com, zouyipeng@huawei.com, bigeasy@linutronix.de, David.Laight@aculab.com, chenzhongjin@huawei.com, greentime.hu@sifive.com, andy.chiu@sifive.com, ben@decadent.org.uk Cc: linux-arch@vger.kernel.org, linux-kernel@vger.kernel.org, linux-riscv@lists.infradead.org, Dao Lu , Xianting Tian , Conor Dooley Subject: [PATCH -next V9 11/14] riscv: Add support for STACKLEAK gcc plugin Date: Tue, 29 Nov 2022 22:40:56 -0500 Message-Id: <20221130034059.826599-12-guoren@kernel.org> X-Mailer: git-send-email 2.36.1 In-Reply-To: <20221130034059.826599-1-guoren@kernel.org> References: <20221130034059.826599-1-guoren@kernel.org> MIME-Version: 1.0 X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1750891219581148822?= X-GMAIL-MSGID: =?utf-8?q?1750891219581148822?= From: Dao Lu Add support for STACKLEAK gcc plugin to riscv based heavily on the arm64 version, and modifying the entry.S. Additionally, this disables the plugin for EFI stub code for riscv. All modifications base on generic_entry. The stackleak_erase_on_task_stack() is called in irq disabled context before return to user space. Here is the test result with LKDTM: echo STACKLEAK_ERASING > /sys/kernel/debug/provoke-crash/DIRECT [ 53.110405] lkdtm: Performing direct entry STACKLEAK_ERASING [ 53.111630] lkdtm: stackleak stack usage: [ 53.111630] high offset: 288 bytes [ 53.111630] current: 592 bytes [ 53.111630] lowest: 1136 bytes [ 53.111630] tracked: 1136 bytes [ 53.111630] untracked: 576 bytes [ 53.111630] poisoned: 14376 bytes [ 53.111630] low offset: 8 bytes [ 53.115078] lkdtm: OK: the rest of the thread stack is properly erased Performance impact (tested on qemu env with 1 riscv64 hart, 1GB mem) hackbench -s 512 -l 200 -g 15 -f 25 -P 2.0% slowdown Signed-off-by: Dao Lu Co-developed-by: Xianting Tian Signed-off-by: Xianting Tian Co-developed-by: Guo Ren Signed-off-by: Guo Ren Cc: Mark Rutland Cc: Conor Dooley --- Dao Lu gave the first patch at [1], and Xianting missed the previous patch and gave the second one [2]. Guo Ren tried to move stackleak into common generic entry codes [3], but Mark Rutland pointed out the problem. Combine the Dao Lu's patch with the GENEIRC_ENTRY patchset series, with some modifications (fit GENEIRC_ENTRY, directly using stackleak_erase_on_task_stack). [1] https://lore.kernel.org/linux-riscv/20220615213834.3116135-1-daolu@rivosinc.com/ [2] https://lore.kernel.org/linux-riscv/20220828135407.3897717-1-xianting.tian@linux.alibaba.com/ [3] https://lore.kernel.org/lkml/20220907014809.919979-1-guoren@kernel.org/ --- arch/riscv/Kconfig | 1 + arch/riscv/kernel/entry.S | 3 +++ drivers/firmware/efi/libstub/Makefile | 2 +- 3 files changed, 5 insertions(+), 1 deletion(-) diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig index df067b225757..b15df48d9d31 100644 --- a/arch/riscv/Kconfig +++ b/arch/riscv/Kconfig @@ -85,6 +85,7 @@ config RISCV select HAVE_ARCH_MMAP_RND_BITS if MMU select HAVE_ARCH_MMAP_RND_COMPAT_BITS if COMPAT select HAVE_ARCH_SECCOMP_FILTER + select HAVE_ARCH_STACKLEAK select HAVE_ARCH_TRACEHOOK select HAVE_ARCH_TRANSPARENT_HUGEPAGE if 64BIT && MMU select ARCH_ENABLE_THP_MIGRATION if TRANSPARENT_HUGEPAGE diff --git a/arch/riscv/kernel/entry.S b/arch/riscv/kernel/entry.S index 03655577e26f..b1babad5f829 100644 --- a/arch/riscv/kernel/entry.S +++ b/arch/riscv/kernel/entry.S @@ -145,6 +145,9 @@ ENTRY(ret_from_exception) andi s0, s0, SR_SPP #endif bnez s0, 1f +#ifdef CONFIG_GCC_PLUGIN_STACKLEAK + call stackleak_erase_on_task_stack +#endif /* Save unwound kernel stack pointer in thread_info */ addi s0, sp, PT_SIZE_ON_STACK diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile index b1601aad7e1a..28170707fa6f 100644 --- a/drivers/firmware/efi/libstub/Makefile +++ b/drivers/firmware/efi/libstub/Makefile @@ -25,7 +25,7 @@ cflags-$(CONFIG_ARM) := $(subst $(CC_FLAGS_FTRACE),,$(KBUILD_CFLAGS)) \ -fno-builtin -fpic \ $(call cc-option,-mno-single-pic-base) cflags-$(CONFIG_RISCV) := $(subst $(CC_FLAGS_FTRACE),,$(KBUILD_CFLAGS)) \ - -fpic + -fpic $(DISABLE_STACKLEAK_PLUGIN) cflags-$(CONFIG_LOONGARCH) := $(subst $(CC_FLAGS_FTRACE),,$(KBUILD_CFLAGS)) \ -fpie