Message ID | 20221130023515.20217-2-palmer@rivosinc.com (mailing list archive) |
---|---|
State | Accepted |
Commit | de57ecc476103179e93fd85091770921f76a19af |
Headers | show |
Series | [1/2] RISC-V: Align the shadow stack | expand |
Context | Check | Description |
---|---|---|
conchuod/tree_selection | fail | Guessing tree name failed |
On Wed, Nov 30, 2022 at 10:35 AM Palmer Dabbelt <palmer@rivosinc.com> wrote: > > It took me a while to page all this back in when trying to review the > recent spin_shadow_stack, so I figured I'd just write up some comments. > > Signed-off-by: Palmer Dabbelt <palmer@rivosinc.com> > --- > arch/riscv/kernel/traps.c | 20 +++++++++++++------- > 1 file changed, 13 insertions(+), 7 deletions(-) > > diff --git a/arch/riscv/kernel/traps.c b/arch/riscv/kernel/traps.c > index acdfcacd7e57..336d4aadadb1 100644 > --- a/arch/riscv/kernel/traps.c > +++ b/arch/riscv/kernel/traps.c > @@ -200,18 +200,18 @@ void __init trap_init(void) > } > > #ifdef CONFIG_VMAP_STACK > +/* > + * Extra stack space that allows us to provide panic messages when the kernel > + * has overflowed its stack. > + */ > static DEFINE_PER_CPU(unsigned long [OVERFLOW_STACK_SIZE/sizeof(long)], > overflow_stack)__aligned(16); > /* > - * shadow stack, handled_ kernel_ stack_ overflow(in kernel/entry.S) is used > - * to get per-cpu overflow stack(get_overflow_stack). > + * A temporary stack for use by handle_kernel_stack_overflow. This is used so > + * we can call into C code to get the per-hart overflow stack. Usage of this > + * stack must be protected by spin_shadow_stack. Reviewed-by: Guo Ren <guoren@kernel.org> > */ > long shadow_stack[SHADOW_OVERFLOW_STACK_SIZE/sizeof(long)] __aligned(16); > -asmlinkage unsigned long get_overflow_stack(void) > -{ > - return (unsigned long)this_cpu_ptr(overflow_stack) + > - OVERFLOW_STACK_SIZE; > -} > > /* > * A pseudo spinlock to protect the shadow stack from being used by multiple > @@ -222,6 +222,12 @@ asmlinkage unsigned long get_overflow_stack(void) > */ > unsigned long spin_shadow_stack; > > +asmlinkage unsigned long get_overflow_stack(void) > +{ > + return (unsigned long)this_cpu_ptr(overflow_stack) + > + OVERFLOW_STACK_SIZE; > +} > + > asmlinkage void handle_bad_stack(struct pt_regs *regs) > { > unsigned long tsk_stk = (unsigned long)current->stack; > -- > 2.38.1 >
On Tue, Nov 29, 2022 at 06:35:15PM -0800, Palmer Dabbelt wrote: > It took me a while to page all this back in when trying to review the > recent spin_shadow_stack, so I figured I'd just write up some comments. > > Signed-off-by: Palmer Dabbelt <palmer@rivosinc.com> Reviewed-by: Jisheng Zhang <jszhang@kernel.org> > --- > arch/riscv/kernel/traps.c | 20 +++++++++++++------- > 1 file changed, 13 insertions(+), 7 deletions(-) > > diff --git a/arch/riscv/kernel/traps.c b/arch/riscv/kernel/traps.c > index acdfcacd7e57..336d4aadadb1 100644 > --- a/arch/riscv/kernel/traps.c > +++ b/arch/riscv/kernel/traps.c > @@ -200,18 +200,18 @@ void __init trap_init(void) > } > > #ifdef CONFIG_VMAP_STACK > +/* > + * Extra stack space that allows us to provide panic messages when the kernel > + * has overflowed its stack. > + */ > static DEFINE_PER_CPU(unsigned long [OVERFLOW_STACK_SIZE/sizeof(long)], > overflow_stack)__aligned(16); > /* > - * shadow stack, handled_ kernel_ stack_ overflow(in kernel/entry.S) is used > - * to get per-cpu overflow stack(get_overflow_stack). > + * A temporary stack for use by handle_kernel_stack_overflow. This is used so > + * we can call into C code to get the per-hart overflow stack. Usage of this > + * stack must be protected by spin_shadow_stack. > */ > long shadow_stack[SHADOW_OVERFLOW_STACK_SIZE/sizeof(long)] __aligned(16); > -asmlinkage unsigned long get_overflow_stack(void) > -{ > - return (unsigned long)this_cpu_ptr(overflow_stack) + > - OVERFLOW_STACK_SIZE; > -} > > /* > * A pseudo spinlock to protect the shadow stack from being used by multiple > @@ -222,6 +222,12 @@ asmlinkage unsigned long get_overflow_stack(void) > */ > unsigned long spin_shadow_stack; > > +asmlinkage unsigned long get_overflow_stack(void) > +{ > + return (unsigned long)this_cpu_ptr(overflow_stack) + > + OVERFLOW_STACK_SIZE; > +} > + > asmlinkage void handle_bad_stack(struct pt_regs *regs) > { > unsigned long tsk_stk = (unsigned long)current->stack; > -- > 2.38.1 >
diff --git a/arch/riscv/kernel/traps.c b/arch/riscv/kernel/traps.c index acdfcacd7e57..336d4aadadb1 100644 --- a/arch/riscv/kernel/traps.c +++ b/arch/riscv/kernel/traps.c @@ -200,18 +200,18 @@ void __init trap_init(void) } #ifdef CONFIG_VMAP_STACK +/* + * Extra stack space that allows us to provide panic messages when the kernel + * has overflowed its stack. + */ static DEFINE_PER_CPU(unsigned long [OVERFLOW_STACK_SIZE/sizeof(long)], overflow_stack)__aligned(16); /* - * shadow stack, handled_ kernel_ stack_ overflow(in kernel/entry.S) is used - * to get per-cpu overflow stack(get_overflow_stack). + * A temporary stack for use by handle_kernel_stack_overflow. This is used so + * we can call into C code to get the per-hart overflow stack. Usage of this + * stack must be protected by spin_shadow_stack. */ long shadow_stack[SHADOW_OVERFLOW_STACK_SIZE/sizeof(long)] __aligned(16); -asmlinkage unsigned long get_overflow_stack(void) -{ - return (unsigned long)this_cpu_ptr(overflow_stack) + - OVERFLOW_STACK_SIZE; -} /* * A pseudo spinlock to protect the shadow stack from being used by multiple @@ -222,6 +222,12 @@ asmlinkage unsigned long get_overflow_stack(void) */ unsigned long spin_shadow_stack; +asmlinkage unsigned long get_overflow_stack(void) +{ + return (unsigned long)this_cpu_ptr(overflow_stack) + + OVERFLOW_STACK_SIZE; +} + asmlinkage void handle_bad_stack(struct pt_regs *regs) { unsigned long tsk_stk = (unsigned long)current->stack;
It took me a while to page all this back in when trying to review the recent spin_shadow_stack, so I figured I'd just write up some comments. Signed-off-by: Palmer Dabbelt <palmer@rivosinc.com> --- arch/riscv/kernel/traps.c | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-)