Enable shadow stacks for x32.
While we normally don't do such feature-enabling on 32-bit kernels anymore, this change is small, straightforward & tested on upstream glibc. Signed-off-by: Ingo Molnar <mingo@kernel.org> -----BEGIN PGP SIGNATURE----- iQJFBAABCgAvFiEEBpT5eoXrXCwVQwEKEnMQ0APhK1gFAmZByx4RHG1pbmdvQGtl cm5lbC5vcmcACgkQEnMQ0APhK1htKA/9EXRmI4498QY07EaqkrvGdzDnPnvQgHLv JoPvMM73pCY8FyOt0D/fRLeS/JvP0zGnn6HT55LeQkJVcWUIAdDhuniDBSjxS7xd BdwHzkfJn2qa6kA1ekXWS7zHY+D1hsJEq9/15gFj/q2JVfo+HyN768fHS6kohdkW aNneAbsVOJZNxmKNVXXiC69xhDNVyjFxEJ0xP7rUctjj4GvJRg14pt95//z+YnNB qKmmd1/+ul652rZzsFbDjB9PZkkixm8qALFDR7I94UWX3MYknpTcV+n/tFSykQrv z3nabF+pTHKSJDrtGVOC4ks+SofK2wwEg4vYC2mfCWtVcZfPoEfEIVum6VbmfW8J 2sr1hfydTRycA6i90U2IjbnyYCtQsXyzyHGuJI4JplDinHu+GxiQQ9xMU7nmdlA+ xXazqk8dciMpzPJY8pUv0JXurNFfq/n6BfYTYrBsBeRCm8gcyYFB7fTkJWamowWc DhXHOz/MC6BkZhgkoB1/L9i9GgMu9boCJ1vdcnUMBZfqWVlcePlspOtUtabhvF2r 8NKKLwTtdcgGswrBmVcWZhbwRuc9imK3uAoNlSIEe5jC8rlcp7F5lnpYF2DPFnYn VCeGfoQGdJyt8D+9Ag7wm9zseMRekdI8dABJW2ZVAmq810+6PSW4ToONwlqzfL63 uTcapyAC0qQ= =AqG9 -----END PGP SIGNATURE----- Merge tag 'x86-shstk-2024-05-13' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 shadow stacks from Ingo Molnar: "Enable shadow stacks for x32. While we normally don't do such feature-enabling for 32-bit anymore, this change is small, straightforward & tested on upstream glibc" * tag 'x86-shstk-2024-05-13' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/shstk: Enable shadow stacks for x32
This commit is contained in:
commit
a5131c3fdf
@ -374,7 +374,7 @@
|
|||||||
450 common set_mempolicy_home_node sys_set_mempolicy_home_node
|
450 common set_mempolicy_home_node sys_set_mempolicy_home_node
|
||||||
451 common cachestat sys_cachestat
|
451 common cachestat sys_cachestat
|
||||||
452 common fchmodat2 sys_fchmodat2
|
452 common fchmodat2 sys_fchmodat2
|
||||||
453 64 map_shadow_stack sys_map_shadow_stack
|
453 common map_shadow_stack sys_map_shadow_stack
|
||||||
454 common futex_wake sys_futex_wake
|
454 common futex_wake sys_futex_wake
|
||||||
455 common futex_wait sys_futex_wait
|
455 common futex_wait sys_futex_wait
|
||||||
456 common futex_requeue sys_futex_requeue
|
456 common futex_requeue sys_futex_requeue
|
||||||
|
@ -163,8 +163,8 @@ static int shstk_setup(void)
|
|||||||
if (features_enabled(ARCH_SHSTK_SHSTK))
|
if (features_enabled(ARCH_SHSTK_SHSTK))
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
/* Also not supported for 32 bit and x32 */
|
/* Also not supported for 32 bit */
|
||||||
if (!cpu_feature_enabled(X86_FEATURE_USER_SHSTK) || in_32bit_syscall())
|
if (!cpu_feature_enabled(X86_FEATURE_USER_SHSTK) || in_ia32_syscall())
|
||||||
return -EOPNOTSUPP;
|
return -EOPNOTSUPP;
|
||||||
|
|
||||||
size = adjust_shstk_size(0);
|
size = adjust_shstk_size(0);
|
||||||
|
@ -315,6 +315,9 @@ int x32_setup_rt_frame(struct ksignal *ksig, struct pt_regs *regs)
|
|||||||
|
|
||||||
uc_flags = frame_uc_flags(regs);
|
uc_flags = frame_uc_flags(regs);
|
||||||
|
|
||||||
|
if (setup_signal_shadow_stack(ksig))
|
||||||
|
return -EFAULT;
|
||||||
|
|
||||||
if (!user_access_begin(frame, sizeof(*frame)))
|
if (!user_access_begin(frame, sizeof(*frame)))
|
||||||
return -EFAULT;
|
return -EFAULT;
|
||||||
|
|
||||||
@ -377,6 +380,9 @@ COMPAT_SYSCALL_DEFINE0(x32_rt_sigreturn)
|
|||||||
if (!restore_sigcontext(regs, &frame->uc.uc_mcontext, uc_flags))
|
if (!restore_sigcontext(regs, &frame->uc.uc_mcontext, uc_flags))
|
||||||
goto badframe;
|
goto badframe;
|
||||||
|
|
||||||
|
if (restore_signal_shadow_stack())
|
||||||
|
goto badframe;
|
||||||
|
|
||||||
if (compat_restore_altstack(&frame->uc.uc_stack))
|
if (compat_restore_altstack(&frame->uc.uc_stack))
|
||||||
goto badframe;
|
goto badframe;
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user