riscv: Implement thread_struct whitelist for hardened usercopy

This whitelists the FPU register state portion of the thread_struct for copying to userspace, instead of the default entire struct. Signed-off-by: Tong Tiangen <tongtiangen@huawei.com> Signed-off-by: Palmer Dabbelt <palmerdabbelt@google.com>

riscv: Implement thread_struct whitelist for hardened usercopy
This whitelists the FPU register state portion of the thread_struct for copying to userspace, instead of the default entire struct. Signed-off-by: Tong Tiangen <tongtiangen@huawei.com> Signed-off-by: Palmer Dabbelt <palmerdabbelt@google.com>
13e47beb · Tong Tiangen · Palmer Dabbelt · 67979e92 · 13e47beb · 13e47beb
Commit 13e47beb authored Jul 02, 2021 by Tong Tiangen Committed by Palmer Dabbelt Aug 03, 2021
Hide whitespace changes
Inline Side-by-side

Showing with 9 additions and 0 deletions

arch/riscv/Kconfig arch/riscv/Kconfig +1 -0

arch/riscv/include/asm/processor.h arch/riscv/include/asm/processor.h +8 -0

No files found.
--- a/arch/riscv/Kconfig
+++ b/arch/riscv/Kconfig
@@ -72,6 +72,7 @@ config RISCV
 	select HAVE_ARCH_SECCOMP_FILTER
 	select HAVE_ARCH_TRACEHOOK
 	select HAVE_ARCH_TRANSPARENT_HUGEPAGE if 64BIT && MMU
+	select HAVE_ARCH_THREAD_STRUCT_WHITELIST
 	select HAVE_ARCH_VMAP_STACK if MMU && 64BIT
 	select HAVE_ASM_MODVERSIONS
 	select HAVE_CONTEXT_TRACKING

--- a/arch/riscv/include/asm/processor.h
+++ b/arch/riscv/include/asm/processor.h
@@ -37,6 +37,14 @@ struct thread_struct {
 	unsigned long bad_cause;
 };

+/* Whitelist the fstate from the task_struct for hardened usercopy */
+static inline void arch_thread_struct_whitelist(unsigned long *offset,
+						unsigned long *size)
+{
+	*offset = offsetof(struct thread_struct, fstate);
+	*size = sizeof_field(struct thread_struct, fstate);
+}
+
 #define INIT_THREAD {					\
 	.sp = sizeof(init_stack) + (long)&init_stack,	\
 }