riscv: Implement thread_struct whitelist for hardened usercopy

This whitelists the FPU register state portion of the thread_struct for copying to userspace, instead of the default entire struct. Signed-off-by: Tong Tiangen <tongtiangen@huawei.com> Signed-off-by: Palmer Dabbelt <palmerdabbelt@google.com>
2024-09-22 04:31:58 +08:00 · 2021-07-02 04:54:21 +00:00 · 2021-07-02 04:54:21 +00:00 · 13e47bebbe
commit 13e47bebbe
parent 67979e927d
2 changed files with 9 additions and 0 deletions
--- a/arch/riscv/Kconfig
+++ b/arch/riscv/Kconfig
@ -72,6 +72,7 @@ config RISCV
 	select HAVE_ARCH_SECCOMP_FILTER
 	select HAVE_ARCH_TRACEHOOK
 	select HAVE_ARCH_TRANSPARENT_HUGEPAGE if 64BIT && MMU
+	select HAVE_ARCH_THREAD_STRUCT_WHITELIST
 	select HAVE_ARCH_VMAP_STACK if MMU && 64BIT
 	select HAVE_ASM_MODVERSIONS
 	select HAVE_CONTEXT_TRACKING
--- a/arch/riscv/include/asm/processor.h
+++ b/arch/riscv/include/asm/processor.h
@ -37,6 +37,14 @@ struct thread_struct {
 	unsigned long bad_cause;
 };

+/* Whitelist the fstate from the task_struct for hardened usercopy */
+static inline void arch_thread_struct_whitelist(unsigned long *offset,
+						unsigned long *size)
+{
+	*offset = offsetof(struct thread_struct, fstate);
+	*size = sizeof_field(struct thread_struct, fstate);
+}
+
 #define INIT_THREAD {					\
 	.sp = sizeof(init_stack) + (long)&init_stack,	\
 }