Commit c7cdd96e authored by Greentime Hu's avatar Greentime Hu Committed by Palmer Dabbelt

riscv: prevent stack corruption by reserving task_pt_regs(p) early

Early function calls, such as setup_vm(), relocate_enable_mmu(),
soc_early_init() etc, are free to operate on stack. However,
PT_SIZE_ON_STACK bytes at the head of the kernel stack are purposedly
reserved for the placement of per-task register context pointed by
task_pt_regs(p). Those functions may corrupt task_pt_regs if we overlap
the $sp with it. In fact, we had accidentally corrupted sstatus.VS in some
tests, treating the kernel to save V context before V was actually
allocated, resulting in a kernel panic.

Thus, we should skip PT_SIZE_ON_STACK for $sp before making C function
calls from the top-level assembly.
Co-developed-by: default avatarShihPo Hung <shihpo.hung@sifive.com>
Signed-off-by: default avatarShihPo Hung <shihpo.hung@sifive.com>
Co-developed-by: default avatarVincent Chen <vincent.chen@sifive.com>
Signed-off-by: default avatarVincent Chen <vincent.chen@sifive.com>
Signed-off-by: default avatarGreentime Hu <greentime.hu@sifive.com>
Signed-off-by: default avatarAndy Chiu <andy.chiu@sifive.com>
Reviewed-by: default avatarConor Dooley <conor.dooley@microchip.com>
Reviewed-by: default avatarHeiko Stuebner <heiko.stuebner@vrull.eu>
Tested-by: default avatarHeiko Stuebner <heiko.stuebner@vrull.eu>
Link: https://lore.kernel.org/r/20230605110724.21391-18-andy.chiu@sifive.comSigned-off-by: default avatarPalmer Dabbelt <palmer@rivosinc.com>
parent 76e22fdc
...@@ -301,6 +301,7 @@ clear_bss_done: ...@@ -301,6 +301,7 @@ clear_bss_done:
la tp, init_task la tp, init_task
la sp, init_thread_union + THREAD_SIZE la sp, init_thread_union + THREAD_SIZE
XIP_FIXUP_OFFSET sp XIP_FIXUP_OFFSET sp
addi sp, sp, -PT_SIZE_ON_STACK
#ifdef CONFIG_BUILTIN_DTB #ifdef CONFIG_BUILTIN_DTB
la a0, __dtb_start la a0, __dtb_start
XIP_FIXUP_OFFSET a0 XIP_FIXUP_OFFSET a0
...@@ -318,6 +319,7 @@ clear_bss_done: ...@@ -318,6 +319,7 @@ clear_bss_done:
/* Restore C environment */ /* Restore C environment */
la tp, init_task la tp, init_task
la sp, init_thread_union + THREAD_SIZE la sp, init_thread_union + THREAD_SIZE
addi sp, sp, -PT_SIZE_ON_STACK
#ifdef CONFIG_KASAN #ifdef CONFIG_KASAN
call kasan_early_init call kasan_early_init
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment