[PATCH] powerpc: Interrupt handler stack randomisation
Christophe Leroy
christophe.leroy at csgroup.eu
Thu Nov 3 18:52:24 AEDT 2022
Le 25/10/2022 à 05:38, Rohan McLure a écrit :
> Stack frames used by syscall handlers support random offsets as of
> commit f4a0318f278d (powerpc: add support for syscall stack randomization).
> Implement the same for general interrupt handlers, by applying the
> random stack offset and then updating this offset from within the
> DEFINE_INTERRUPT_HANDLER macros.
>
> Applying this offset perturbs the layout of interrupt handler stack
> frames, rendering to the kernel stack more difficult to control by means
> of user invoked interrupts.
>
> Link: https://lists.ozlabs.org/pipermail/linuxppc-dev/2022-May/243238.html
>
> Signed-off-by: Rohan McLure <rmclure at linux.ibm.com>
Reviewed-by: Christophe Leroy <christophe.leroy at csgroup.eu>
> ---
> arch/powerpc/include/asm/interrupt.h | 12 ++++++++++++
> 1 file changed, 12 insertions(+)
>
> diff --git a/arch/powerpc/include/asm/interrupt.h b/arch/powerpc/include/asm/interrupt.h
> index 4745bb9998bd..b7f7beff4e13 100644
> --- a/arch/powerpc/include/asm/interrupt.h
> +++ b/arch/powerpc/include/asm/interrupt.h
> @@ -68,6 +68,7 @@
>
> #include <linux/context_tracking.h>
> #include <linux/hardirq.h>
> +#include <linux/randomize_kstack.h>
> #include <asm/cputime.h>
> #include <asm/firmware.h>
> #include <asm/ftrace.h>
> @@ -448,9 +449,12 @@ interrupt_handler long func(struct pt_regs *regs) \
> long ret; \
> \
> __hard_RI_enable(); \
> + add_random_kstack_offset(); \
> \
> ret = ____##func (regs); \
> \
> + choose_random_kstack_offset(mftb()); \
> + \
> return ret; \
> } \
> NOKPROBE_SYMBOL(func); \
> @@ -480,9 +484,11 @@ static __always_inline void ____##func(struct pt_regs *regs); \
> interrupt_handler void func(struct pt_regs *regs) \
> { \
> interrupt_enter_prepare(regs); \
> + add_random_kstack_offset(); \
> \
> ____##func (regs); \
> \
> + choose_random_kstack_offset(mftb()); \
> interrupt_exit_prepare(regs); \
> } \
> NOKPROBE_SYMBOL(func); \
> @@ -515,9 +521,11 @@ interrupt_handler long func(struct pt_regs *regs) \
> long ret; \
> \
> interrupt_enter_prepare(regs); \
> + add_random_kstack_offset(); \
> \
> ret = ____##func (regs); \
> \
> + choose_random_kstack_offset(mftb()); \
> interrupt_exit_prepare(regs); \
> \
> return ret; \
> @@ -548,9 +556,11 @@ static __always_inline void ____##func(struct pt_regs *regs); \
> interrupt_handler void func(struct pt_regs *regs) \
> { \
> interrupt_async_enter_prepare(regs); \
> + add_random_kstack_offset(); \
> \
> ____##func (regs); \
> \
> + choose_random_kstack_offset(mftb()); \
> interrupt_async_exit_prepare(regs); \
> } \
> NOKPROBE_SYMBOL(func); \
> @@ -585,9 +595,11 @@ interrupt_handler long func(struct pt_regs *regs) \
> long ret; \
> \
> interrupt_nmi_enter_prepare(regs, &state); \
> + add_random_kstack_offset(); \
> \
> ret = ____##func (regs); \
> \
> + choose_random_kstack_offset(mftb()); \
> interrupt_nmi_exit_prepare(regs, &state); \
> \
> return ret; \
More information about the Linuxppc-dev
mailing list