linux/arch/mips/kernel
Andy Lutomirski f56141e3e2 all arches, signal: move restart_block to struct task_struct
If an attacker can cause a controlled kernel stack overflow, overwriting
the restart block is a very juicy exploit target.  This is because the
restart_block is held in the same memory allocation as the kernel stack.

Moving the restart block to struct task_struct prevents this exploit by
making the restart_block harder to locate.

Note that there are other fields in thread_info that are also easy
targets, at least on some architectures.

It's also a decent simplification, since the restart code is more or less
identical on all architectures.

[james.hogan@imgtec.com: metag: align thread_info::supervisor_stack]
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Kees Cook <keescook@chromium.org>
Cc: David Miller <davem@davemloft.net>
Acked-by: Richard Weinberger <richard@nod.at>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Cc: Matt Turner <mattst88@gmail.com>
Cc: Vineet Gupta <vgupta@synopsys.com>
Cc: Russell King <rmk@arm.linux.org.uk>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Will Deacon <will.deacon@arm.com>
Cc: Haavard Skinnemoen <hskinnemoen@gmail.com>
Cc: Hans-Christian Egtvedt <egtvedt@samfundet.no>
Cc: Steven Miao <realmz6@gmail.com>
Cc: Mark Salter <msalter@redhat.com>
Cc: Aurelien Jacquiot <a-jacquiot@ti.com>
Cc: Mikael Starvik <starvik@axis.com>
Cc: Jesper Nilsson <jesper.nilsson@axis.com>
Cc: David Howells <dhowells@redhat.com>
Cc: Richard Kuo <rkuo@codeaurora.org>
Cc: "Luck, Tony" <tony.luck@intel.com>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Michal Simek <monstr@monstr.eu>
Cc: Ralf Baechle <ralf@linux-mips.org>
Cc: Jonas Bonn <jonas@southpole.se>
Cc: "James E.J. Bottomley" <jejb@parisc-linux.org>
Cc: Helge Deller <deller@gmx.de>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Paul Mackerras <paulus@samba.org>
Acked-by: Michael Ellerman <mpe@ellerman.id.au> (powerpc)
Tested-by: Michael Ellerman <mpe@ellerman.id.au> (powerpc)
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Chen Liqin <liqin.linux@gmail.com>
Cc: Lennox Wu <lennox.wu@gmail.com>
Cc: Chris Metcalf <cmetcalf@ezchip.com>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Cc: Chris Zankel <chris@zankel.net>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: James Hogan <james.hogan@imgtec.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-12 18:54:12 -08:00
..
.gitignore
8250-platform.c
asm-offsets.c all arches, signal: move restart_block to struct task_struct 2015-02-12 18:54:12 -08:00
binfmt_elfn32.c
binfmt_elfo32.c MIPS: Remove old core dump functions 2014-08-02 00:06:37 +02:00
bmips_vec.S MIPS: BMIPS: Fix ".previous without corresponding .section" warnings 2014-11-24 07:44:05 +01:00
branch.c MIPS: Fix build with binutils 2.24.51+ 2014-11-07 15:07:36 +01:00
cevt-bcm1480.c MIPS: Delete __cpuinit/__CPUINIT usage from MIPS code 2013-07-14 19:36:51 -04:00
cevt-ds1287.c
cevt-gt641xx.c
cevt-r4k.c MIPS: Move gic.h to include/linux/irqchip/mips-gic.h 2014-11-24 07:44:59 +01:00
cevt-sb1250.c MIPS: Delete __cpuinit/__CPUINIT usage from MIPS code 2013-07-14 19:36:51 -04:00
cevt-txx9.c
cps-vec.S MIPS: kernel: cps-vec: Set ISA level to mips32r2 for the MIPS MT ASE 2014-11-24 07:44:06 +01:00
cpu-bugs64.c MIPS: Delete __cpuinit/__CPUINIT usage from MIPS code 2013-07-14 19:36:51 -04:00
cpu-probe.c Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus 2014-12-11 17:56:37 -08:00
crash_dump.c mips: Convert pr_warning to pr_warn 2014-11-24 07:44:51 +01:00
crash.c mips: delete non-required instances of include <linux/init.h> 2014-01-24 22:39:56 +01:00
csrc-bcm1480.c
csrc-ioasic.c MIPS: DECstation HRT initialization rearrangement 2013-09-13 11:56:13 +02:00
csrc-r4k.c
csrc-sb1250.c
early_printk_8250.c MIPS: Add 8250/16550 serial early printk driver 2013-10-29 21:24:36 +01:00
early_printk.c
elf.c MIPS: ELF: fix loading o32 binaries on 64-bit kernels 2015-01-15 15:59:28 +01:00
entry.S MIPS: MT: Remove SMTC support 2014-05-24 00:07:01 +02:00
ftrace.c Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus 2014-08-07 08:47:00 -07:00
genex.S MIPS: Fix build with binutils 2.24.51+ 2014-11-07 15:07:36 +01:00
gpio_txx9.c
head.S MIPS: MT: Remove SMTC support 2014-05-24 00:07:01 +02:00
i8253.c
i8259.c MIPS: i8259: Use IRQ domains 2014-11-24 07:44:52 +01:00
idle.c MIPS: idle: Remove leftover __pastwait symbol and its references 2014-10-23 19:24:05 +02:00
irq_cpu.c MIPS: IRQ: Fix disable_irq on CPU IRQs 2015-01-16 14:03:17 +01:00
irq_txx9.c
irq-gt641xx.c
irq-msc01.c MIPS: MSC: Prevent out-of-bounds writes to MIPS SC ioremap'd region 2014-06-26 10:48:23 +01:00
irq-rm7000.c
irq.c Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus 2014-06-09 18:10:34 -07:00
jump_label.c MIPS: jump_label.c: Handle the microMIPS J instruction encoding 2014-11-19 18:22:09 +01:00
kgdb.c MIPS: kernel: {ftrace,kgdb}: Set correct address limit for cache flushes 2014-03-26 23:09:18 +01:00
kprobes.c mips: Replace __get_cpu_var uses 2014-08-26 13:45:51 -04:00
linux32.c
machine_kexec.c MIPS: kdump: Set correct value to kexec_indirection_page variable 2014-08-25 16:33:44 +02:00
Makefile clocksource: mips-gic: Combine with GIC clockevent driver 2014-11-24 07:45:15 +01:00
mcount.S MIPS: mcount: Adjust stack pointer for static trace in MIPS32 2014-09-26 11:41:17 +02:00
mips_ksyms.c MIPS: Remove __strlen_user(). 2014-11-24 07:45:00 +01:00
mips_machine.c
mips-cm.c MIPS: Replace use of phys_t with phys_addr_t. 2014-11-24 22:47:31 +01:00
mips-cpc.c MIPS: Replace use of phys_t with phys_addr_t. 2014-11-24 22:47:31 +01:00
mips-mt-fpaff.c MIPS: MT: Remove SMTC support 2014-05-24 00:07:01 +02:00
mips-mt.c MIPS: MT: Remove SMTC support 2014-05-24 00:07:01 +02:00
module-rela.c
module.c MIPS: Use NUMA_NO_NODE instead of -1 for node ID. 2013-10-29 21:24:14 +01:00
octeon_switch.S MIPS: OCTEON: Enable use of FPU 2014-05-30 21:01:09 +02:00
perf_event_mipsxx.c MIPS: Add hook to get C0 performance counter interrupt 2014-11-24 07:44:53 +01:00
perf_event.c
pm-cps.c MIPS: {pm,smp}-cps: use cpu_vpe_id macro 2014-07-30 20:48:42 +02:00
pm.c MIPS: PM: Implement PM helper macros 2014-05-02 16:39:10 +01:00
proc.c MIPS: cpu: Add new cpu option for Hardware Table Walker. 2014-08-02 00:06:38 +02:00
process.c MIPS: fork: Fix MSA/FPU/DSP context duplication race 2015-01-31 00:44:19 +01:00
prom.c MIPS: Create a helper function for DT setup 2014-11-24 07:45:12 +01:00
ptrace32.c MIPS: Remove asm/user.h 2014-08-02 00:06:37 +02:00
ptrace.c MIPS: Fix syscall_get_nr for the syscall exit tracing. 2015-02-04 16:40:09 +01:00
r4k_fpu.S MIPS: Fix build with binutils 2.24.51+ 2014-11-07 15:07:36 +01:00
r4k_switch.S MIPS: Fix build with binutils 2.24.51+ 2014-11-07 15:07:36 +01:00
r2300_fpu.S MIPS: Fix build with binutils 2.24.51+ 2014-11-07 15:07:36 +01:00
r2300_switch.S MIPS: Fix build with binutils 2.24.51+ 2014-11-07 15:07:36 +01:00
r6000_fpu.S MIPS: Fix build with binutils 2.24.51+ 2014-11-07 15:07:36 +01:00
relocate_kernel.S MIPS: kdump: Skip walking indirection page for crashkernels 2013-09-05 20:53:37 +02:00
reset.c
rtlx-cmp.c MIPS: APRP: Fix an issue when device_create() fails. 2014-08-01 17:30:35 +02:00
rtlx-mt.c MIPS: APRP: Fix an issue when device_create() fails. 2014-08-01 17:30:35 +02:00
rtlx.c MIPS: rtlx: Remove KERN_DEBUG from pr_debug() arguments in rtlx.c 2014-11-24 07:44:04 +01:00
scall32-o32.S MIPS: Fix restart of indirect syscalls 2015-01-16 00:35:45 +01:00
scall64-64.S MIPS: Wire up execveat(2). 2015-01-13 15:53:09 +01:00
scall64-n32.S MIPS: Wire up execveat(2). 2015-01-13 15:53:09 +01:00
scall64-o32.S MIPS: Fix restart of indirect syscalls 2015-01-16 00:35:45 +01:00
segment.c MIPS: Add debugfs file to print the segmentation control registers 2014-01-22 20:19:00 +01:00
setup.c MIPS: Use phys_addr_t instead of phys_t 2014-12-12 15:36:13 -08:00
signal32.c all arches, signal: move restart_block to struct task_struct 2015-02-12 18:54:12 -08:00
signal_n32.c mips: Use sigsp() 2014-08-06 13:04:30 +02:00
signal-common.h mips: Use get_signal() signal_setup_done() 2014-08-06 13:03:08 +02:00
signal.c all arches, signal: move restart_block to struct task_struct 2015-02-12 18:54:12 -08:00
smp-bmips.c MIPS: BMIPS: Let each platform customize the CPU1 IRQ mask 2014-11-24 07:45:11 +01:00
smp-cmp.c MIPS: smp-mt,smp-cmp: Enable all HW IRQs on secondary CPUs 2015-01-16 13:02:40 +01:00
smp-cps.c MIPS: Move gic.h to include/linux/irqchip/mips-gic.h 2014-11-24 07:44:59 +01:00
smp-gic.c MIPS: Move gic.h to include/linux/irqchip/mips-gic.h 2014-11-24 07:44:59 +01:00
smp-mt.c MIPS: smp-mt,smp-cmp: Enable all HW IRQs on secondary CPUs 2015-01-16 13:02:40 +01:00
smp-up.c MIPS: SMP: Remove plat_smp_ops cpus_done method. 2014-05-27 11:06:42 +02:00
smp.c MIPS: Fix kernel lockup or crash after CPU offline/online 2015-01-29 23:54:07 +01:00
spinlock_test.c
spram.c MIPS: Use current_cpu_type() instead of c->cputype 2014-03-31 18:17:12 +02:00
stacktrace.c
sync-r4k.c MIPS: MT: Remove SMTC support 2014-05-24 00:07:01 +02:00
syscall.c MIPS: Apply `.insn' to fixup labels throughout 2014-11-24 07:45:36 +01:00
time.c MIPS: MT: Remove SMTC support 2014-05-24 00:07:01 +02:00
topology.c
traps.c MIPS: traps: Fix inline asm ctc1 missing .set hardfloat 2015-01-30 23:05:04 +01:00
unaligned.c MIPS: Remove BUG_ON(!is_fpu_owner()) in do_ade() 2014-07-30 21:30:22 +02:00
vdso.c MIPS: Enable VDSO randomization 2014-11-24 07:45:38 +01:00
vmlinux.lds.S MIPS: Discard .eh_frame sections in linker script. 2013-08-26 15:33:41 +02:00
vpe-cmp.c MIPS: APRP: Add VPE loader support for CMP platforms. 2014-01-22 20:19:02 +01:00
vpe-mt.c MIPS: MT: Remove SMTC support 2014-05-24 00:07:01 +02:00
vpe.c Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus 2014-01-30 17:20:32 -08:00
watch.c MIPS: Delete __cpuinit/__CPUINIT usage from MIPS code 2013-07-14 19:36:51 -04:00