riscv: cfi: clear CFI lock status in start_thread() (a6ede084) · Commits · git / linux-net

arch/riscv/include/asm/usercfi.h

+4 −4

Original line number	Diff line number	Diff line
		@@ -39,7 +39,7 @@ void set_active_shstk(struct task_struct *task, unsigned long shstk_addr);
		bool is_shstk_enabled(struct task_struct *task);
		bool is_shstk_locked(struct task_struct *task);
		bool is_shstk_allocated(struct task_struct *task);
		void set_shstk_lock(struct task_struct *task);
		void set_shstk_lock(struct task_struct *task, bool lock);
		void set_shstk_status(struct task_struct *task, bool enable);
		unsigned long get_active_shstk(struct task_struct *task);
		int restore_user_shstk(struct task_struct *tsk, unsigned long shstk_ptr);
		@@ -47,7 +47,7 @@ int save_user_shstk(struct task_struct tsk, unsigned long saved_shstk_ptr);
		bool is_indir_lp_enabled(struct task_struct *task);
		bool is_indir_lp_locked(struct task_struct *task);
		void set_indir_lp_status(struct task_struct *task, bool enable);
		void set_indir_lp_lock(struct task_struct *task);
		void set_indir_lp_lock(struct task_struct *task, bool lock);

		#define PR_SHADOW_STACK_SUPPORTED_STATUS_MASK (PR_SHADOW_STACK_ENABLE)

		@@ -69,7 +69,7 @@ void set_indir_lp_lock(struct task_struct *task);

		#define is_shstk_allocated(task) false

		#define set_shstk_lock(task) do {} while (0)
		#define set_shstk_lock(task, lock) do {} while (0)

		#define set_shstk_status(task, enable) do {} while (0)

		@@ -79,7 +79,7 @@ void set_indir_lp_lock(struct task_struct *task);

		#define set_indir_lp_status(task, enable) do {} while (0)

		#define set_indir_lp_lock(task) do {} while (0)
		#define set_indir_lp_lock(task, lock) do {} while (0)

		#define restore_user_shstk(tsk, shstk_ptr) -EINVAL

arch/riscv/kernel/process.c

+2 −0

Original line number	Diff line number	Diff line
		@@ -160,6 +160,7 @@ void start_thread(struct pt_regs *regs, unsigned long pc,
		* clear shadow stack state on exec.
		* libc will set it later via prctl.
		*/
		set_shstk_lock(current, false);
		set_shstk_status(current, false);
		set_shstk_base(current, 0, 0);
		set_active_shstk(current, 0);
		@@ -167,6 +168,7 @@ void start_thread(struct pt_regs *regs, unsigned long pc,
		* disable indirect branch tracking on exec.
		* libc will enable it later via prctl.
		*/
		set_indir_lp_lock(current, false);
		set_indir_lp_status(current, false);

		#ifdef CONFIG_64BIT

arch/riscv/kernel/usercfi.c

+6 −6

Original line number	Diff line number	Diff line
		@@ -74,9 +74,9 @@ void set_shstk_status(struct task_struct *task, bool enable)
		csr_write(CSR_ENVCFG, task->thread.envcfg);
		}

		void set_shstk_lock(struct task_struct *task)
		void set_shstk_lock(struct task_struct *task, bool lock)
		{
		task->thread_info.user_cfi_state.ubcfi_locked = 1;
		task->thread_info.user_cfi_state.ubcfi_locked = lock;
		}

		bool is_indir_lp_enabled(struct task_struct *task)
		@@ -104,9 +104,9 @@ void set_indir_lp_status(struct task_struct *task, bool enable)
		csr_write(CSR_ENVCFG, task->thread.envcfg);
		}

		void set_indir_lp_lock(struct task_struct *task)
		void set_indir_lp_lock(struct task_struct *task, bool lock)
		{
		task->thread_info.user_cfi_state.ufcfi_locked = 1;
		task->thread_info.user_cfi_state.ufcfi_locked = lock;
		}
		/*
		* If size is 0, then to be compatible with regular stack we want it to be as big as
		@@ -452,7 +452,7 @@ int arch_lock_shadow_stack_status(struct task_struct *task,
		!is_shstk_enabled(task) \|\| arg != 0)
		return -EINVAL;

		set_shstk_lock(task);
		set_shstk_lock(task, true);

		return 0;
		}
		@@ -502,7 +502,7 @@ int arch_lock_indir_br_lp_status(struct task_struct *task,
		!is_indir_lp_enabled(task) \|\| arg != 0)
		return -EINVAL;

		set_indir_lp_lock(task);
		set_indir_lp_lock(task, true);

		return 0;
		}