mirror of
https://github.com/hardkernel/linux.git
synced 2026-06-07 03:15:31 +09:00
Revert "FROMLIST: arm64: implement Shadow Call Stack"
Shadow call stack is now merged upstream for 5.9, so revert the patches
cherry-picked into android-mainline in preparation for pulling the upstream
version instead.
This reverts commit 084cffa679.
Signed-off-by: Will Deacon <willdeacon@google.com>
Change-Id: Ie0f0e3a32948f68082ed23e67535529035a16300
This commit is contained in:
Will Deacon
@@ -65,7 +65,6 @@ config ARM64
|
||||
select ARCH_USE_QUEUED_RWLOCKS
|
||||
select ARCH_USE_QUEUED_SPINLOCKS
|
||||
select ARCH_SUPPORTS_MEMORY_FAILURE
|
||||
select ARCH_SUPPORTS_SHADOW_CALL_STACK if CC_HAVE_SHADOW_CALL_STACK
|
||||
select ARCH_SUPPORTS_LTO_CLANG
|
||||
select ARCH_SUPPORTS_THINLTO
|
||||
select ARCH_SUPPORTS_ATOMIC_RMW
|
||||
@@ -1029,10 +1028,6 @@ config ARCH_HAS_CACHE_LINE_SIZE
|
||||
config ARCH_ENABLE_SPLIT_PMD_PTLOCK
|
||||
def_bool y if PGTABLE_LEVELS > 2
|
||||
|
||||
# Supported by clang >= 7.0
|
||||
config CC_HAVE_SHADOW_CALL_STACK
|
||||
def_bool $(cc-option, -fsanitize=shadow-call-stack -ffixed-x18)
|
||||
|
||||
config SECCOMP
|
||||
bool "Enable seccomp to safely compute untrusted bytecode"
|
||||
---help---
|
||||
|
||||
@@ -1,37 +0,0 @@
|
||||
/* SPDX-License-Identifier: GPL-2.0 */
|
||||
#ifndef _ASM_SCS_H
|
||||
#define _ASM_SCS_H
|
||||
|
||||
#ifndef __ASSEMBLY__
|
||||
|
||||
#include <linux/scs.h>
|
||||
|
||||
#ifdef CONFIG_SHADOW_CALL_STACK
|
||||
|
||||
extern void scs_init_irq(void);
|
||||
|
||||
static __always_inline void scs_save(struct task_struct *tsk)
|
||||
{
|
||||
void *s;
|
||||
|
||||
asm volatile("mov %0, x18" : "=r" (s));
|
||||
task_set_scs(tsk, s);
|
||||
}
|
||||
|
||||
static inline void scs_overflow_check(struct task_struct *tsk)
|
||||
{
|
||||
if (unlikely(scs_corrupted(tsk)))
|
||||
panic("corrupted shadow stack detected inside scheduler\n");
|
||||
}
|
||||
|
||||
#else /* CONFIG_SHADOW_CALL_STACK */
|
||||
|
||||
static inline void scs_init_irq(void) {}
|
||||
static inline void scs_save(struct task_struct *tsk) {}
|
||||
static inline void scs_overflow_check(struct task_struct *tsk) {}
|
||||
|
||||
#endif /* CONFIG_SHADOW_CALL_STACK */
|
||||
|
||||
#endif /* __ASSEMBLY __ */
|
||||
|
||||
#endif /* _ASM_SCS_H */
|
||||
@@ -68,10 +68,6 @@ extern void dump_backtrace(struct pt_regs *regs, struct task_struct *tsk);
|
||||
|
||||
DECLARE_PER_CPU(unsigned long *, irq_stack_ptr);
|
||||
|
||||
#ifdef CONFIG_SHADOW_CALL_STACK
|
||||
DECLARE_PER_CPU(unsigned long *, irq_shadow_call_stack_ptr);
|
||||
#endif
|
||||
|
||||
static inline bool on_irq_stack(unsigned long sp,
|
||||
struct stack_info *info)
|
||||
{
|
||||
|
||||
@@ -41,9 +41,6 @@ struct thread_info {
|
||||
#endif
|
||||
} preempt;
|
||||
};
|
||||
#ifdef CONFIG_SHADOW_CALL_STACK
|
||||
void *shadow_call_stack;
|
||||
#endif
|
||||
};
|
||||
|
||||
#define thread_saved_pc(tsk) \
|
||||
|
||||
@@ -63,7 +63,6 @@ obj-$(CONFIG_CRASH_CORE) += crash_core.o
|
||||
obj-$(CONFIG_ARM_SDE_INTERFACE) += sdei.o
|
||||
obj-$(CONFIG_ARM64_SSBD) += ssbd.o
|
||||
obj-$(CONFIG_ARM64_PTR_AUTH) += pointer_auth.o
|
||||
obj-$(CONFIG_SHADOW_CALL_STACK) += scs.o
|
||||
|
||||
obj-y += vdso/ probes/
|
||||
obj-$(CONFIG_COMPAT_VDSO) += vdso32/
|
||||
|
||||
@@ -33,9 +33,6 @@ int main(void)
|
||||
DEFINE(TSK_TI_ADDR_LIMIT, offsetof(struct task_struct, thread_info.addr_limit));
|
||||
#ifdef CONFIG_ARM64_SW_TTBR0_PAN
|
||||
DEFINE(TSK_TI_TTBR0, offsetof(struct task_struct, thread_info.ttbr0));
|
||||
#endif
|
||||
#ifdef CONFIG_SHADOW_CALL_STACK
|
||||
DEFINE(TSK_TI_SCS, offsetof(struct task_struct, thread_info.shadow_call_stack));
|
||||
#endif
|
||||
DEFINE(TSK_STACK, offsetof(struct task_struct, stack));
|
||||
#ifdef CONFIG_STACKPROTECTOR
|
||||
|
||||
@@ -178,10 +178,6 @@ alternative_cb_end
|
||||
|
||||
apply_ssbd 1, x22, x23
|
||||
|
||||
#ifdef CONFIG_SHADOW_CALL_STACK
|
||||
ldr x18, [tsk, #TSK_TI_SCS] // Restore shadow call stack
|
||||
str xzr, [tsk, #TSK_TI_SCS] // Limit visibility of saved SCS
|
||||
#endif
|
||||
ptrauth_keys_install_kernel tsk, 1, x20, x22, x23
|
||||
.else
|
||||
add x21, sp, #S_FRAME_SIZE
|
||||
@@ -284,12 +280,6 @@ alternative_else_nop_endif
|
||||
ct_user_enter
|
||||
.endif
|
||||
|
||||
#ifdef CONFIG_SHADOW_CALL_STACK
|
||||
.if \el == 0
|
||||
str x18, [tsk, #TSK_TI_SCS] // Save shadow call stack
|
||||
.endif
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_ARM64_SW_TTBR0_PAN
|
||||
/*
|
||||
* Restore access to TTBR0_EL1. If returning to EL0, no need for SPSR
|
||||
@@ -398,9 +388,6 @@ alternative_insn eret, nop, ARM64_UNMAP_KERNEL_AT_EL0
|
||||
|
||||
.macro irq_stack_entry
|
||||
mov x19, sp // preserve the original sp
|
||||
#ifdef CONFIG_SHADOW_CALL_STACK
|
||||
mov x20, x18 // preserve the original shadow stack
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Compare sp with the base of the task stack.
|
||||
@@ -418,24 +405,15 @@ alternative_insn eret, nop, ARM64_UNMAP_KERNEL_AT_EL0
|
||||
|
||||
/* switch to the irq stack */
|
||||
mov sp, x26
|
||||
|
||||
#ifdef CONFIG_SHADOW_CALL_STACK
|
||||
/* also switch to the irq shadow stack */
|
||||
ldr_this_cpu x18, irq_shadow_call_stack_ptr, x26
|
||||
#endif
|
||||
|
||||
9998:
|
||||
.endm
|
||||
|
||||
/*
|
||||
* The callee-saved regs (x19-x29) should be preserved between
|
||||
* irq_stack_entry and irq_stack_exit.
|
||||
* x19 should be preserved between irq_stack_entry and
|
||||
* irq_stack_exit.
|
||||
*/
|
||||
.macro irq_stack_exit
|
||||
mov sp, x19
|
||||
#ifdef CONFIG_SHADOW_CALL_STACK
|
||||
mov x18, x20
|
||||
#endif
|
||||
.endm
|
||||
|
||||
/* GPRs used by entry code */
|
||||
@@ -922,11 +900,6 @@ SYM_FUNC_START(cpu_switch_to)
|
||||
ldr lr, [x8]
|
||||
mov sp, x9
|
||||
msr sp_el0, x1
|
||||
#ifdef CONFIG_SHADOW_CALL_STACK
|
||||
str x18, [x0, #TSK_TI_SCS]
|
||||
ldr x18, [x1, #TSK_TI_SCS]
|
||||
str xzr, [x1, #TSK_TI_SCS] // limit visibility of saved SCS
|
||||
#endif
|
||||
ptrauth_keys_install_kernel x1, 1, x8, x9, x10
|
||||
ret
|
||||
SYM_FUNC_END(cpu_switch_to)
|
||||
|
||||
@@ -27,7 +27,6 @@
|
||||
#include <asm/pgtable-hwdef.h>
|
||||
#include <asm/pgtable.h>
|
||||
#include <asm/page.h>
|
||||
#include <asm/scs.h>
|
||||
#include <asm/smp.h>
|
||||
#include <asm/sysreg.h>
|
||||
#include <asm/thread_info.h>
|
||||
@@ -425,10 +424,6 @@ SYM_FUNC_START_LOCAL(__primary_switched)
|
||||
stp xzr, x30, [sp, #-16]!
|
||||
mov x29, sp
|
||||
|
||||
#ifdef CONFIG_SHADOW_CALL_STACK
|
||||
adr_l x18, init_shadow_call_stack // Set shadow call stack
|
||||
#endif
|
||||
|
||||
str_l x21, __fdt_pointer, x5 // Save FDT pointer
|
||||
|
||||
ldr_l x4, kimage_vaddr // Save the offset between
|
||||
@@ -742,10 +737,6 @@ SYM_FUNC_START_LOCAL(__secondary_switched)
|
||||
ldr x2, [x0, #CPU_BOOT_TASK]
|
||||
cbz x2, __secondary_too_slow
|
||||
msr sp_el0, x2
|
||||
#ifdef CONFIG_SHADOW_CALL_STACK
|
||||
ldr x18, [x2, #TSK_TI_SCS] // set shadow call stack
|
||||
str xzr, [x2, #TSK_TI_SCS] // limit visibility of saved SCS
|
||||
#endif
|
||||
mov x29, #0
|
||||
mov x30, #0
|
||||
b secondary_start_kernel
|
||||
|
||||
@@ -21,7 +21,6 @@
|
||||
#include <linux/vmalloc.h>
|
||||
#include <asm/daifflags.h>
|
||||
#include <asm/vmap_stack.h>
|
||||
#include <asm/scs.h>
|
||||
|
||||
unsigned long irq_err_count;
|
||||
|
||||
@@ -64,7 +63,6 @@ static void init_irq_stacks(void)
|
||||
void __init init_IRQ(void)
|
||||
{
|
||||
init_irq_stacks();
|
||||
scs_init_irq();
|
||||
irqchip_init();
|
||||
if (!handle_arch_irq)
|
||||
panic("No interrupt controller found.");
|
||||
|
||||
@@ -52,7 +52,6 @@
|
||||
#include <asm/mmu_context.h>
|
||||
#include <asm/processor.h>
|
||||
#include <asm/pointer_auth.h>
|
||||
#include <asm/scs.h>
|
||||
#include <asm/stacktrace.h>
|
||||
|
||||
#if defined(CONFIG_STACKPROTECTOR) && !defined(CONFIG_STACKPROTECTOR_PER_TASK)
|
||||
@@ -516,7 +515,6 @@ __notrace_funcgraph struct task_struct *__switch_to(struct task_struct *prev,
|
||||
entry_task_switch(next);
|
||||
uao_thread_switch(next);
|
||||
ssbs_thread_switch(next);
|
||||
scs_overflow_check(next);
|
||||
|
||||
/*
|
||||
* Complete any pending TLB or cache maintenance on this CPU in case
|
||||
|
||||
@@ -1,40 +0,0 @@
|
||||
// SPDX-License-Identifier: GPL-2.0
|
||||
/*
|
||||
* Shadow Call Stack support.
|
||||
*
|
||||
* Copyright (C) 2019 Google LLC
|
||||
*/
|
||||
|
||||
#include <linux/percpu.h>
|
||||
#include <linux/vmalloc.h>
|
||||
#include <asm/pgtable.h>
|
||||
#include <asm/scs.h>
|
||||
|
||||
DEFINE_PER_CPU(unsigned long *, irq_shadow_call_stack_ptr);
|
||||
|
||||
#ifndef CONFIG_SHADOW_CALL_STACK_VMAP
|
||||
DEFINE_PER_CPU(unsigned long [SCS_SIZE/sizeof(long)], irq_shadow_call_stack)
|
||||
__aligned(SCS_SIZE);
|
||||
#endif
|
||||
|
||||
void scs_init_irq(void)
|
||||
{
|
||||
int cpu;
|
||||
|
||||
for_each_possible_cpu(cpu) {
|
||||
#ifdef CONFIG_SHADOW_CALL_STACK_VMAP
|
||||
unsigned long *p;
|
||||
|
||||
p = __vmalloc_node_range(PAGE_SIZE, SCS_SIZE,
|
||||
VMALLOC_START, VMALLOC_END,
|
||||
GFP_SCS, PAGE_KERNEL,
|
||||
0, cpu_to_node(cpu),
|
||||
__builtin_return_address(0));
|
||||
|
||||
per_cpu(irq_shadow_call_stack_ptr, cpu) = p;
|
||||
#else
|
||||
per_cpu(irq_shadow_call_stack_ptr, cpu) =
|
||||
per_cpu(irq_shadow_call_stack, cpu);
|
||||
#endif /* CONFIG_SHADOW_CALL_STACK_VMAP */
|
||||
}
|
||||
}
|
||||
@@ -46,7 +46,6 @@
|
||||
#include <asm/pgtable.h>
|
||||
#include <asm/pgalloc.h>
|
||||
#include <asm/processor.h>
|
||||
#include <asm/scs.h>
|
||||
#include <asm/smp_plat.h>
|
||||
#include <asm/sections.h>
|
||||
#include <asm/tlbflush.h>
|
||||
@@ -371,9 +370,6 @@ void cpu_die(void)
|
||||
unsigned int cpu = smp_processor_id();
|
||||
const struct cpu_operations *ops = get_cpu_ops(cpu);
|
||||
|
||||
/* Save the shadow stack pointer before exiting the idle task */
|
||||
scs_save(current);
|
||||
|
||||
idle_task_exit();
|
||||
|
||||
local_daif_mask();
|
||||
|
||||
Reference in New Issue
Block a user