[PATCH RFC 2/8] arm64: stacktrace: Add arch_within_stack_frames
He Zhe
zhe.he at windriver.com
Mon Apr 18 06:22:11 PDT 2022
This function checks if the given address range crosses frame boundary.
It is based on the existing x86 algorithm, but implemented via stacktrace.
This can be tested by USERCOPY_STACK_FRAME_FROM and
USERCOPY_STACK_FRAME_TO in lkdtm.
Signed-off-by: He Zhe <zhe.he at windriver.com>
---
arch/arm64/Kconfig | 1 +
arch/arm64/include/asm/thread_info.h | 12 +++++
arch/arm64/kernel/stacktrace.c | 76 ++++++++++++++++++++++++++--
3 files changed, 85 insertions(+), 4 deletions(-)
diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index 57c4c995965f..0f52a83d7771 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -165,6 +165,7 @@ config ARM64
select HAVE_ARCH_TRACEHOOK
select HAVE_ARCH_TRANSPARENT_HUGEPAGE
select HAVE_ARCH_VMAP_STACK
+ select HAVE_ARCH_WITHIN_STACK_FRAMES
select HAVE_ARM_SMCCC
select HAVE_ASM_MODVERSIONS
select HAVE_EBPF_JIT
diff --git a/arch/arm64/include/asm/thread_info.h b/arch/arm64/include/asm/thread_info.h
index e1317b7c4525..b839ad9f2248 100644
--- a/arch/arm64/include/asm/thread_info.h
+++ b/arch/arm64/include/asm/thread_info.h
@@ -58,6 +58,18 @@ void arch_setup_new_exec(void);
void arch_release_task_struct(struct task_struct *tsk);
int arch_dup_task_struct(struct task_struct *dst,
struct task_struct *src);
+/*
+ * Walks up the stack frames to make sure that the specified object is
+ * entirely contained by a single stack frame.
+ *
+ * Returns:
+ * GOOD_FRAME if within a frame
+ * BAD_STACK if placed across a frame boundary (or outside stack)
+ * NOT_STACK unable to determine (no frame pointers, etc)
+ */
+int arch_within_stack_frames(const void * const stack,
+ const void * const stackend,
+ const void *obj, unsigned long len);
#endif
diff --git a/arch/arm64/kernel/stacktrace.c b/arch/arm64/kernel/stacktrace.c
index e4103e085681..219b90c1de12 100644
--- a/arch/arm64/kernel/stacktrace.c
+++ b/arch/arm64/kernel/stacktrace.c
@@ -145,12 +145,17 @@ NOKPROBE_SYMBOL(unwind_frame);
static void notrace walk_stackframe(struct task_struct *tsk,
struct stackframe *frame,
- bool (*fn)(void *, unsigned long), void *data)
+ stack_trace_consume_fn fn, void *data)
{
+ struct frame_info fi;
+
while (1) {
int ret;
- if (!fn(data, frame->pc))
+ fi.pc = frame->pc;
+ fi.fp = frame->fp;
+ fi.prev_fp = frame->prev_fp;
+ if (!fn(data, &fi))
break;
ret = unwind_frame(tsk, frame);
if (ret < 0)
@@ -159,10 +164,10 @@ static void notrace walk_stackframe(struct task_struct *tsk,
}
NOKPROBE_SYMBOL(walk_stackframe);
-static bool dump_backtrace_entry(void *arg, unsigned long where)
+static bool dump_backtrace_entry(void *arg, struct frame_info *fi)
{
char *loglvl = arg;
- printk("%s %pSb\n", loglvl, (void *)where);
+ printk("%s %pSb\n", loglvl, (void *)fi->pc);
return true;
}
@@ -210,3 +215,66 @@ noinline notrace void arch_stack_walk(stack_trace_consume_fn consume_entry,
walk_stackframe(task, &frame, consume_entry, cookie);
}
+
+struct arch_stack_object {
+ unsigned long start;
+ unsigned long len;
+ int flag;
+};
+
+static bool arch_stack_object_check(void *data, struct frame_info *fi)
+{
+ struct arch_stack_object *obj = (struct arch_stack_object *)data;
+
+ /* Skip the frame of arch_within_stack_frames itself */
+ if (fi->prev_fp == 0)
+ return true;
+
+ /*
+ * low ----------------------------------------------> high
+ * [saved bp][saved ip][args][local vars][saved bp][saved ip]
+ * ^----------------^
+ * allow copies only within here
+ */
+ if (obj->start + obj->len <= fi->fp) {
+ obj->flag = obj->start >=
+ fi->prev_fp + 2 * sizeof(void *) ?
+ GOOD_FRAME : BAD_STACK;
+ return false;
+ } else
+ return true;
+}
+
+/*
+ * Walks up the stack frames to make sure that the specified object is
+ * entirely contained by a single stack frame.
+ *
+ * Returns:
+ * GOOD_FRAME if within a frame
+ * BAD_STACK if placed across a frame boundary (or outside stack)
+ * NOT_STACK unable to determine (no frame pointers, etc)
+ */
+int arch_within_stack_frames(const void * const stack,
+ const void * const stackend,
+ const void *obj, unsigned long len)
+{
+#if defined(CONFIG_FRAME_POINTER)
+ struct arch_stack_object object;
+ struct pt_regs regs;
+
+ if (__builtin_frame_address(1) == 0)
+ return NOT_STACK;
+
+ object.start = (unsigned long)obj;
+ object.len = len;
+ object.flag = NOT_STACK;
+
+ regs.regs[29] = (u64)__builtin_frame_address(1);
+
+ arch_stack_walk(arch_stack_object_check, (void *)&object, NULL, ®s);
+
+ return object.flag;
+#else
+ return NOT_STACK;
+#endif
+}
--
2.25.1
More information about the linux-arm-kernel
mailing list