| Message ID | 20240521104825.1060966-2-jolsa@kernel.org (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | uprobe: uretprobe speed up | expand |
On 05/21, Jiri Olsa wrote: > > Currently the application with enabled shadow stack will crash > if it sets up return uprobe. The reason is the uretprobe kernel > code changes the user space task's stack, but does not update > shadow stack accordingly. > > Adding new functions to update values on shadow stack and using > them in uprobe code to keep shadow stack in sync with uretprobe > changes to user stack. I don't think my ack has any value in this area but looks good to me. Reviewed-by: Oleg Nesterov <oleg@redhat.com> > Fixes: 8b1c23543436 ("x86/shstk: Add return uprobe support") Hmm... Was this commit ever applied? Oleg.
On Tue, May 21, 2024 at 04:22:21PM +0200, Oleg Nesterov wrote: > On 05/21, Jiri Olsa wrote: > > > > Currently the application with enabled shadow stack will crash > > if it sets up return uprobe. The reason is the uretprobe kernel > > code changes the user space task's stack, but does not update > > shadow stack accordingly. > > > > Adding new functions to update values on shadow stack and using > > them in uprobe code to keep shadow stack in sync with uretprobe > > changes to user stack. > > I don't think my ack has any value in this area but looks good to me. > > Reviewed-by: Oleg Nesterov <oleg@redhat.com> > > > > Fixes: 8b1c23543436 ("x86/shstk: Add return uprobe support") > > Hmm... Was this commit ever applied? should have been: 488af8ea7131 x86/shstk: Wire in shadow stack interface will send new version thanks, jirka > > Oleg. >
On Tue, 2024-05-21 at 12:48 +0200, Jiri Olsa wrote: > Currently the application with enabled shadow stack will crash > if it sets up return uprobe. The reason is the uretprobe kernel > code changes the user space task's stack, but does not update > shadow stack accordingly. > > Adding new functions to update values on shadow stack and using > them in uprobe code to keep shadow stack in sync with uretprobe > changes to user stack. > > Fixes: 8b1c23543436 ("x86/shstk: Add return uprobe support") > Signed-off-by: Jiri Olsa <jolsa@kernel.org> > --- Acked-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
diff --git a/arch/x86/include/asm/shstk.h b/arch/x86/include/asm/shstk.h index 42fee8959df7..896909f306e3 100644 --- a/arch/x86/include/asm/shstk.h +++ b/arch/x86/include/asm/shstk.h @@ -21,6 +21,7 @@ unsigned long shstk_alloc_thread_stack(struct task_struct *p, unsigned long clon void shstk_free(struct task_struct *p); int setup_signal_shadow_stack(struct ksignal *ksig); int restore_signal_shadow_stack(void); +int shstk_update_last_frame(unsigned long val); #else static inline long shstk_prctl(struct task_struct *task, int option, unsigned long arg2) { return -EINVAL; } @@ -31,6 +32,7 @@ static inline unsigned long shstk_alloc_thread_stack(struct task_struct *p, static inline void shstk_free(struct task_struct *p) {} static inline int setup_signal_shadow_stack(struct ksignal *ksig) { return 0; } static inline int restore_signal_shadow_stack(void) { return 0; } +static inline int shstk_update_last_frame(unsigned long val) { return 0; } #endif /* CONFIG_X86_USER_SHADOW_STACK */ #endif /* __ASSEMBLY__ */ diff --git a/arch/x86/kernel/shstk.c b/arch/x86/kernel/shstk.c index 6f1e9883f074..9797d4cdb78a 100644 --- a/arch/x86/kernel/shstk.c +++ b/arch/x86/kernel/shstk.c @@ -577,3 +577,14 @@ long shstk_prctl(struct task_struct *task, int option, unsigned long arg2) return wrss_control(true); return -EINVAL; } + +int shstk_update_last_frame(unsigned long val) +{ + unsigned long ssp; + + if (!features_enabled(ARCH_SHSTK_SHSTK)) + return 0; + + ssp = get_user_shstk_addr(); + return write_user_shstk_64((u64 __user *)ssp, (u64)val); +} diff --git a/arch/x86/kernel/uprobes.c b/arch/x86/kernel/uprobes.c index 6c07f6daaa22..6402fb3089d2 100644 --- a/arch/x86/kernel/uprobes.c +++ b/arch/x86/kernel/uprobes.c @@ -1076,8 +1076,13 @@ arch_uretprobe_hijack_return_addr(unsigned long trampoline_vaddr, struct pt_regs return orig_ret_vaddr; nleft = copy_to_user((void __user *)regs->sp, &trampoline_vaddr, rasize); - if (likely(!nleft)) + if (likely(!nleft)) { + if (shstk_update_last_frame(trampoline_vaddr)) { + force_sig(SIGSEGV); + return -1; + } return orig_ret_vaddr; + } if (nleft != rasize) { pr_err("return address clobbered: pid=%d, %%sp=%#lx, %%ip=%#lx\n",
Currently the application with enabled shadow stack will crash if it sets up return uprobe. The reason is the uretprobe kernel code changes the user space task's stack, but does not update shadow stack accordingly. Adding new functions to update values on shadow stack and using them in uprobe code to keep shadow stack in sync with uretprobe changes to user stack. Fixes: 8b1c23543436 ("x86/shstk: Add return uprobe support") Signed-off-by: Jiri Olsa <jolsa@kernel.org> --- arch/x86/include/asm/shstk.h | 2 ++ arch/x86/kernel/shstk.c | 11 +++++++++++ arch/x86/kernel/uprobes.c | 7 ++++++- 3 files changed, 19 insertions(+), 1 deletion(-)