Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

kernel: Fix stack randomization for the main thread #24467

Closed
wants to merge 1 commit into from

Conversation

ceolin
Copy link
Member

@ceolin ceolin commented Apr 17, 2020

On architectures with custom swap to main the main thread is not being
randomized properly. The size of the randomized stack created with
z_setup_new_thread is being ignored and they are using the original
main stack size.

Fixes: #23702

On architectures with custom swap to main the main thread is not being
randomized properly. The size of the randomized stack created with
z_setup_new_thread is being ignored and they are using the original
main stack size.

Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Copy link
Contributor

@andrewboie andrewboie left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the overall way this code is structured is in dire need of reorganization / simplification, but for now this LGTM

@ceolin
Copy link
Member Author

ceolin commented Apr 21, 2020

@andy @ioannisg any feedback on it ?
Btw, the CI error does not seems to be related with this PR.

@carlescufi
Copy link
Member

@andy @ioannisg any feedback on it ?
Btw, the CI error does not seems to be related with this PR.

@ceolin I reran CI and this is fixed now. @ioannisg take a quick look?

@ioannisg
Copy link
Member

@andy @ioannisg any feedback on it ?
Btw, the CI error does not seems to be related with this PR.

@ceolin I reran CI and this is fixed now. @ioannisg take a quick look?

Will take a look today

Copy link
Member

@ioannisg ioannisg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Solution looks fine, but I have some concerns for the corner case of ARMv7-M with power-of-two-alignment requirement for MPU regions.

{
#ifdef CONFIG_ARCH_HAS_CUSTOM_SWAP_TO_MAIN
arch_switch_to_main_thread(&z_main_thread, z_main_stack,
K_THREAD_STACK_SIZEOF(z_main_stack),
stack_size,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think K_THREAD_STACK_SIZEOF was here to not allow passing the whole z_main_stack size, and remove the guard if needed.

NULL, NULL, NULL,
CONFIG_MAIN_THREAD_PRIORITY, K_ESSENTIAL, "main");
ret = z_setup_new_thread(&z_main_thread, z_main_stack,
CONFIG_MAIN_STACK_SIZE, bg_thread_main,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If i understand this correctly, this does not account for the guard area that in some cases is part of the thread stack memory allocation. Before this was not a problem because switch_to_main_thread was using the K_THREAD_STACK_SIZE_OF macro function, but now this is changed.

/*
 * Note:
 * The caller must guarantee that the stack_size passed here corresponds
 * to the amount of stack memory available for the thread.
 */
void z_setup_new_thread(struct k_thread *new_thread,

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you are right, the guard is not being accounted. Will close this pr, since @andrew is addressing it in a different pr though.

@ceolin
Copy link
Member Author

ceolin commented Apr 27, 2020

#24714

@ceolin ceolin closed this Apr 27, 2020
andrewboie pushed a commit to andrewboie/zephyr that referenced this pull request Jul 30, 2020
This now takes a stack pointer as an argument with TLS
and random offsets accounted for properly.

Based on zephyrproject-rtos#24467 authored by Flavio Ceolin.

Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
nashif pushed a commit that referenced this pull request Jul 31, 2020
This now takes a stack pointer as an argument with TLS
and random offsets accounted for properly.

Based on #24467 authored by Flavio Ceolin.

Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

STACK_POINTER_RANDOM is not working on ARM for the main thread
4 participants