x86: Implement thread_struct whitelist for hardened usercopy

This whitelists the FPU register state portion of the thread_struct for copying to userspace, instead of the default entire struct. This is needed because FPU register state is dynamically sized, so it doesn't bypass the hardened usercopy checks. Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Ingo Molnar <mingo@redhat.com> Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: x86@kernel.org Cc: Borislav Petkov <bp@suse.de> Cc: Andy Lutomirski <luto@kernel.org> Cc: Mathias Krause <minipli@googlemail.com> Signed-off-by: Kees Cook <keescook@chromium.org> Acked-by: Rik van Riel <riel@redhat.com>
author: Kees Cook <keescook@chromium.org> 2017-08-16 13:26:03 -0700
committer: Kees Cook <keescook@chromium.org> 2018-01-15 12:08:05 -0800
commit: f7d83c1cf3c77ae45876792aee5285ae970413ac (patch)
tree: 885c783c6717503e5935338a0fe9f4387b52a9ec /arch/x86/include/asm/processor.h
parent: 5905429ad85657c28d93ec3d826ddeea1f44c3ce (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/processor.h
index cc16fa882e3e..2b037b7fe0eb 100644
--- a/arch/x86/include/asm/processor.h
+++ b/arch/x86/include/asm/processor.h
@@ -492,6 +492,14 @@ struct thread_struct {
 	 */
 };
 
+/* Whitelist the FPU state from the task_struct for hardened usercopy. */
+static inline void arch_thread_struct_whitelist(unsigned long *offset,
+						unsigned long *size)
+{
+	*offset = offsetof(struct thread_struct, fpu.state);
+	*size = fpu_kernel_xstate_size;
+}
+
 /*
  * Thread-synchronous status.
  *
author	Kees Cook <keescook@chromium.org>	2017-08-16 13:26:03 -0700
committer	Kees Cook <keescook@chromium.org>	2018-01-15 12:08:05 -0800
commit	f7d83c1cf3c77ae45876792aee5285ae970413ac (patch)
tree	885c783c6717503e5935338a0fe9f4387b52a9ec /arch/x86/include/asm/processor.h
parent	5905429ad85657c28d93ec3d826ddeea1f44c3ce (diff)