From patchwork Mon Feb 11 17:59:34 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Will Deacon X-Patchwork-Id: 158024 Delivered-To: patch@linaro.org Received: by 2002:a02:48:0:0:0:0:0 with SMTP id 69csp2892059jaa; Mon, 11 Feb 2019 09:59:56 -0800 (PST) X-Google-Smtp-Source: AHgI3Ibj9XdMvBD7j5+XlcxKYSDek4uod5Lf/8SrLEDUqB1y0MS5IYCwKWysfmMzUv1hMigGkAZU X-Received: by 2002:a63:e20a:: with SMTP id q10mr9937994pgh.206.1549907996655; Mon, 11 Feb 2019 09:59:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1549907996; cv=none; d=google.com; s=arc-20160816; b=O3f5n8VinUfVOGg0/p7vKw5cbPExPNIq24fhe4TEEoZeJmSFbT8m7MLjJa5VyH3GZK se/C5rt3fOlTCC1i2z06h8MyjAuJKh7LlcRm3IUXbZWbY1Q3pwDv8rhUduDsbaWQnAps TGSm9aZKCKTX2k3yaEeCS4KUaVobsU8o+dcUri7B6C1VsUTiz8yO6kx17u5avozXXR0O W+j9H+iaTeic0ytseKogGMi+bBHPxy88kFUtNItefYppt+A3cDM/qec7ZHkM6pSYtThe 74uZI+d/1hW0suG8cO+l+HNFz2JGtVJe2b+LmIJh0TqqAkv8ASpjWNE4GccxziL+uxgi IQ6A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from; bh=mQVhC3u0Xi5MYLbXVZiUfWPecJHdAse2xz1r97E+usI=; b=v1FitbJirUvqtArwZ0uM92hCpLLP+svtGb8tRRaw3SWYA58mmPxUzeBIFPtCdKpLwD 58ytwmo/FsFQezXLSqM039i+NKMXTqmpqizpR/KuBlqFkype8q1b5DRQ5PC/mCmXab5/ Xm59Sn0N0BZyYhqMF+1Dk6IE/Z9bbvUUIW/H9flwdpMTvvMFtydv4pY3RKUY7G65pDvx JLdLcO5YhnN/8xQimUZ802vYCbAkQfp6TPDlH37B9S2+fm4NsrYKq+hrpzxASkyP29DH czSnTHEbRJEoriRiHMbk1GOKk3cx0QGUUsLBEjaDR6EzJRPmdMtihqzcnFVz5hg2a0Z8 dggw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b12si4348421pgj.327.2019.02.11.09.59.56; Mon, 11 Feb 2019 09:59:56 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731359AbfBKR7t (ORCPT + 31 others); Mon, 11 Feb 2019 12:59:49 -0500 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:55076 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726104AbfBKR7r (ORCPT ); Mon, 11 Feb 2019 12:59:47 -0500 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id D800F15BF; Mon, 11 Feb 2019 09:59:46 -0800 (PST) Received: from fuggles.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.72.51.249]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 5DFFE3F675; Mon, 11 Feb 2019 09:59:45 -0800 (PST) From: Will Deacon To: linux-kernel@vger.kernel.org Cc: Will Deacon , Kees Cook , Jann Horn , Andrew Morton , Matthew Wilcox , Michal Hocko , Peter Zijlstra Subject: [RFC PATCH 3/4] mm: Add kconfig entries for user stack pointer checking Date: Mon, 11 Feb 2019 17:59:34 +0000 Message-Id: <20190211175935.4602-4-will.deacon@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20190211175935.4602-1-will.deacon@arm.com> References: <20190211175935.4602-1-will.deacon@arm.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Provide Kconfig entries to enable/disable user stack pointer checking and also for architectures to expose the system call controls via prctl() once they have augmented their system call entry path to perform the necessary checks. Cc: Kees Cook Cc: Jann Horn Cc: Andrew Morton Cc: Matthew Wilcox Cc: Michal Hocko Cc: Peter Zijlstra Signed-off-by: Will Deacon --- mm/Kconfig | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) -- 2.11.0 diff --git a/mm/Kconfig b/mm/Kconfig index 25c71eb8a7db..35f044162501 100644 --- a/mm/Kconfig +++ b/mm/Kconfig @@ -758,4 +758,21 @@ config GUP_BENCHMARK config ARCH_HAS_PTE_SPECIAL bool +config USER_STACK_POINTER_CHECKS + bool "Check user stack pointer points to stack pages" + depends on MMU + default y + help + This feature can be used to enforce that the user stack pointer + points to either the kernel-allocated user stack or a mapping + created with the MAP_STACK flag. + + By default, no checks are performed, and an application must + opt-in via the PR_SP_CHECK prctl() system call if it wishes to + enable checking. Checking can be independently controlled for + system calls and page fault handling. + +config ARCH_HAS_USP_CHECK_SYSCALL + bool + endmenu