mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2025-01-05 21:35:04 +08:00
6d13de1489
As we've done with VFS, string operations, etc, reject usercopy sizes larger than INT_MAX, which would be nice to have for catching bugs related to size calculation overflows[1]. This adds 10 bytes to x86_64 defconfig text and 1980 bytes to the data section: text data bss dec hex filename 19691167 5134320 1646664 26472151 193eed7 vmlinux.before 19691177 5136300 1646664 26474141 193f69d vmlinux.after [1] https://marc.info/?l=linux-s390&m=156631939010493&w=2 Link: http://lkml.kernel.org/r/201908251612.F9902D7A@keescook Signed-off-by: Kees Cook <keescook@chromium.org> Suggested-by: Dan Carpenter <dan.carpenter@oracle.com> Cc: Alexander Viro <viro@zeniv.linux.org.uk> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
163 lines
4.1 KiB
C
163 lines
4.1 KiB
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
/* thread_info.h: common low-level thread information accessors
|
|
*
|
|
* Copyright (C) 2002 David Howells (dhowells@redhat.com)
|
|
* - Incorporating suggestions made by Linus Torvalds
|
|
*/
|
|
|
|
#ifndef _LINUX_THREAD_INFO_H
|
|
#define _LINUX_THREAD_INFO_H
|
|
|
|
#include <linux/types.h>
|
|
#include <linux/bug.h>
|
|
#include <linux/restart_block.h>
|
|
|
|
#ifdef CONFIG_THREAD_INFO_IN_TASK
|
|
/*
|
|
* For CONFIG_THREAD_INFO_IN_TASK kernels we need <asm/current.h> for the
|
|
* definition of current, but for !CONFIG_THREAD_INFO_IN_TASK kernels,
|
|
* including <asm/current.h> can cause a circular dependency on some platforms.
|
|
*/
|
|
#include <asm/current.h>
|
|
#define current_thread_info() ((struct thread_info *)current)
|
|
#endif
|
|
|
|
#include <linux/bitops.h>
|
|
|
|
/*
|
|
* For per-arch arch_within_stack_frames() implementations, defined in
|
|
* asm/thread_info.h.
|
|
*/
|
|
enum {
|
|
BAD_STACK = -1,
|
|
NOT_STACK = 0,
|
|
GOOD_FRAME,
|
|
GOOD_STACK,
|
|
};
|
|
|
|
#include <asm/thread_info.h>
|
|
|
|
#ifdef __KERNEL__
|
|
|
|
#ifndef THREAD_ALIGN
|
|
#define THREAD_ALIGN THREAD_SIZE
|
|
#endif
|
|
|
|
#define THREADINFO_GFP (GFP_KERNEL_ACCOUNT | __GFP_ZERO)
|
|
|
|
/*
|
|
* flag set/clear/test wrappers
|
|
* - pass TIF_xxxx constants to these functions
|
|
*/
|
|
|
|
static inline void set_ti_thread_flag(struct thread_info *ti, int flag)
|
|
{
|
|
set_bit(flag, (unsigned long *)&ti->flags);
|
|
}
|
|
|
|
static inline void clear_ti_thread_flag(struct thread_info *ti, int flag)
|
|
{
|
|
clear_bit(flag, (unsigned long *)&ti->flags);
|
|
}
|
|
|
|
static inline void update_ti_thread_flag(struct thread_info *ti, int flag,
|
|
bool value)
|
|
{
|
|
if (value)
|
|
set_ti_thread_flag(ti, flag);
|
|
else
|
|
clear_ti_thread_flag(ti, flag);
|
|
}
|
|
|
|
static inline int test_and_set_ti_thread_flag(struct thread_info *ti, int flag)
|
|
{
|
|
return test_and_set_bit(flag, (unsigned long *)&ti->flags);
|
|
}
|
|
|
|
static inline int test_and_clear_ti_thread_flag(struct thread_info *ti, int flag)
|
|
{
|
|
return test_and_clear_bit(flag, (unsigned long *)&ti->flags);
|
|
}
|
|
|
|
static inline int test_ti_thread_flag(struct thread_info *ti, int flag)
|
|
{
|
|
return test_bit(flag, (unsigned long *)&ti->flags);
|
|
}
|
|
|
|
#define set_thread_flag(flag) \
|
|
set_ti_thread_flag(current_thread_info(), flag)
|
|
#define clear_thread_flag(flag) \
|
|
clear_ti_thread_flag(current_thread_info(), flag)
|
|
#define update_thread_flag(flag, value) \
|
|
update_ti_thread_flag(current_thread_info(), flag, value)
|
|
#define test_and_set_thread_flag(flag) \
|
|
test_and_set_ti_thread_flag(current_thread_info(), flag)
|
|
#define test_and_clear_thread_flag(flag) \
|
|
test_and_clear_ti_thread_flag(current_thread_info(), flag)
|
|
#define test_thread_flag(flag) \
|
|
test_ti_thread_flag(current_thread_info(), flag)
|
|
|
|
#define tif_need_resched() test_thread_flag(TIF_NEED_RESCHED)
|
|
|
|
#ifndef CONFIG_HAVE_ARCH_WITHIN_STACK_FRAMES
|
|
static inline int arch_within_stack_frames(const void * const stack,
|
|
const void * const stackend,
|
|
const void *obj, unsigned long len)
|
|
{
|
|
return 0;
|
|
}
|
|
#endif
|
|
|
|
#ifdef CONFIG_HARDENED_USERCOPY
|
|
extern void __check_object_size(const void *ptr, unsigned long n,
|
|
bool to_user);
|
|
|
|
static __always_inline void check_object_size(const void *ptr, unsigned long n,
|
|
bool to_user)
|
|
{
|
|
if (!__builtin_constant_p(n))
|
|
__check_object_size(ptr, n, to_user);
|
|
}
|
|
#else
|
|
static inline void check_object_size(const void *ptr, unsigned long n,
|
|
bool to_user)
|
|
{ }
|
|
#endif /* CONFIG_HARDENED_USERCOPY */
|
|
|
|
extern void __compiletime_error("copy source size is too small")
|
|
__bad_copy_from(void);
|
|
extern void __compiletime_error("copy destination size is too small")
|
|
__bad_copy_to(void);
|
|
|
|
static inline void copy_overflow(int size, unsigned long count)
|
|
{
|
|
WARN(1, "Buffer overflow detected (%d < %lu)!\n", size, count);
|
|
}
|
|
|
|
static __always_inline __must_check bool
|
|
check_copy_size(const void *addr, size_t bytes, bool is_source)
|
|
{
|
|
int sz = __compiletime_object_size(addr);
|
|
if (unlikely(sz >= 0 && sz < bytes)) {
|
|
if (!__builtin_constant_p(bytes))
|
|
copy_overflow(sz, bytes);
|
|
else if (is_source)
|
|
__bad_copy_from();
|
|
else
|
|
__bad_copy_to();
|
|
return false;
|
|
}
|
|
if (WARN_ON_ONCE(bytes > INT_MAX))
|
|
return false;
|
|
check_object_size(addr, bytes, is_source);
|
|
return true;
|
|
}
|
|
|
|
#ifndef arch_setup_new_exec
|
|
static inline void arch_setup_new_exec(void) { }
|
|
#endif
|
|
|
|
#endif /* __KERNEL__ */
|
|
|
|
#endif /* _LINUX_THREAD_INFO_H */
|