forge/linux-uconsole
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

FROMLIST: arm64: efi: restore x18 if it was corrupted

Browse source 
If we detect a corrupted x18 and SCS is enabled, restore the register
before jumping back to instrumented code. This is safe, because the
wrapper is called with preemption disabled and a separate shadow stack
is used for interrupt handling.

Bug: 145210207
Change-Id: Idb75117e38c895231a14f5573261861e722c1264
(am from https://lore.kernel.org/patchwork/patch/1149060/)
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
This commit is contained in:
Sami Tolvanen 2019-10-02 13:37:45 -07:00 committed by Alistair Delva
commit 0db85aae47
1 changed files with 10 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

11
arch/arm64/kernel/efi-rt-wrapper.S
View file

@ -34,5 +34,14 @@ ENTRY(__efi_rt_asm_wrapper)
ldp x29, x30, [sp], #32
b.ne 0f
ret
0: b efi_handle_corrupted_x18 // tail call
0:
#ifdef CONFIG_SHADOW_CALL_STACK
/*
* Restore x18 before returning to instrumented code. This is
* safe because the wrapper is called with preemption disabled and
* a separate shadow stack is used for interrupts.
*/
mov x18, x2
#endif
b efi_handle_corrupted_x18 // tail call
ENDPROC(__efi_rt_asm_wrapper)