1 | /* SPDX-License-Identifier: GPL-2.0 */ |
2 | #ifndef _LINUX_STACKLEAK_H |
3 | #define _LINUX_STACKLEAK_H |
4 | |
5 | #include <linux/sched.h> |
6 | #include <linux/sched/task_stack.h> |
7 | |
8 | /* |
9 | * Check that the poison value points to the unused hole in the |
10 | * virtual memory map for your platform. |
11 | */ |
12 | #define STACKLEAK_POISON -0xBEEF |
13 | #define STACKLEAK_SEARCH_DEPTH 128 |
14 | |
15 | #ifdef CONFIG_GCC_PLUGIN_STACKLEAK |
16 | #include <asm/stacktrace.h> |
17 | #include <linux/linkage.h> |
18 | |
19 | /* |
20 | * The lowest address on tsk's stack which we can plausibly erase. |
21 | */ |
22 | static __always_inline unsigned long |
23 | stackleak_task_low_bound(const struct task_struct *tsk) |
24 | { |
25 | /* |
26 | * The lowest unsigned long on the task stack contains STACK_END_MAGIC, |
27 | * which we must not corrupt. |
28 | */ |
29 | return (unsigned long)end_of_stack(tsk) + sizeof(unsigned long); |
30 | } |
31 | |
32 | /* |
33 | * The address immediately after the highest address on tsk's stack which we |
34 | * can plausibly erase. |
35 | */ |
36 | static __always_inline unsigned long |
37 | stackleak_task_high_bound(const struct task_struct *tsk) |
38 | { |
39 | /* |
40 | * The task's pt_regs lives at the top of the task stack and will be |
41 | * overwritten by exception entry, so there's no need to erase them. |
42 | */ |
43 | return (unsigned long)task_pt_regs(tsk); |
44 | } |
45 | |
46 | /* |
47 | * Find the address immediately above the poisoned region of the stack, where |
48 | * that region falls between 'low' (inclusive) and 'high' (exclusive). |
49 | */ |
50 | static __always_inline unsigned long |
51 | stackleak_find_top_of_poison(const unsigned long low, const unsigned long high) |
52 | { |
53 | const unsigned int depth = STACKLEAK_SEARCH_DEPTH / sizeof(unsigned long); |
54 | unsigned int poison_count = 0; |
55 | unsigned long poison_high = high; |
56 | unsigned long sp = high; |
57 | |
58 | while (sp > low && poison_count < depth) { |
59 | sp -= sizeof(unsigned long); |
60 | |
61 | if (*(unsigned long *)sp == STACKLEAK_POISON) { |
62 | poison_count++; |
63 | } else { |
64 | poison_count = 0; |
65 | poison_high = sp; |
66 | } |
67 | } |
68 | |
69 | return poison_high; |
70 | } |
71 | |
72 | static inline void stackleak_task_init(struct task_struct *t) |
73 | { |
74 | t->lowest_stack = stackleak_task_low_bound(t); |
75 | # ifdef CONFIG_STACKLEAK_METRICS |
76 | t->prev_lowest_stack = t->lowest_stack; |
77 | # endif |
78 | } |
79 | |
80 | asmlinkage void noinstr stackleak_erase(void); |
81 | asmlinkage void noinstr stackleak_erase_on_task_stack(void); |
82 | asmlinkage void noinstr stackleak_erase_off_task_stack(void); |
83 | void __no_caller_saved_registers noinstr stackleak_track_stack(void); |
84 | |
85 | #else /* !CONFIG_GCC_PLUGIN_STACKLEAK */ |
86 | static inline void stackleak_task_init(struct task_struct *t) { } |
87 | #endif |
88 | |
89 | #endif |
90 | |