2023-05-29 08:56:47

by Guo Ren

[permalink] [raw]
Subject: [PATCH -next V12 1/3] riscv: stack: Support HAVE_IRQ_EXIT_ON_IRQ_STACK

From: Guo Ren <[email protected]>

Add independent irq stacks for percpu to prevent kernel stack overflows.
It is also compatible with VMAP_STACK by arch_alloc_vmap_stack.

Tested-by: Jisheng Zhang <[email protected]>
Signed-off-by: Guo Ren <[email protected]>
Signed-off-by: Guo Ren <[email protected]>
Cc: Conor Dooley <[email protected]>
---
arch/riscv/Kconfig | 7 ++++++
arch/riscv/include/asm/irq_stack.h | 32 +++++++++++++++++++++++++
arch/riscv/include/asm/thread_info.h | 2 ++
arch/riscv/kernel/irq.c | 33 ++++++++++++++++++++++++++
arch/riscv/kernel/traps.c | 35 ++++++++++++++++++++++++++--
5 files changed, 107 insertions(+), 2 deletions(-)
create mode 100644 arch/riscv/include/asm/irq_stack.h

diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig
index fa256f2e23c1..44b4c9690f94 100644
--- a/arch/riscv/Kconfig
+++ b/arch/riscv/Kconfig
@@ -588,6 +588,13 @@ config FPU

If you don't know what to do here, say Y.

+config IRQ_STACKS
+ bool "Independent irq stacks" if EXPERT
+ default y
+ select HAVE_IRQ_EXIT_ON_IRQ_STACK
+ help
+ Add independent irq stacks for percpu to prevent kernel stack overflows.
+
endmenu # "Platform type"

menu "Kernel features"
diff --git a/arch/riscv/include/asm/irq_stack.h b/arch/riscv/include/asm/irq_stack.h
new file mode 100644
index 000000000000..b0dcee9a3fa2
--- /dev/null
+++ b/arch/riscv/include/asm/irq_stack.h
@@ -0,0 +1,32 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+
+#ifndef _ASM_RISCV_IRQ_STACK_H
+#define _ASM_RISCV_IRQ_STACK_H
+
+#include <linux/bug.h>
+#include <linux/gfp.h>
+#include <linux/kconfig.h>
+#include <linux/vmalloc.h>
+#include <linux/pgtable.h>
+#include <asm/thread_info.h>
+
+DECLARE_PER_CPU(ulong *, irq_stack_ptr);
+
+#ifdef CONFIG_VMAP_STACK
+/*
+ * To ensure that VMAP'd stack overflow detection works correctly, all VMAP'd
+ * stacks need to have the same alignment.
+ */
+static inline unsigned long *arch_alloc_vmap_stack(size_t stack_size, int node)
+{
+ void *p;
+
+ BUILD_BUG_ON(!IS_ENABLED(CONFIG_VMAP_STACK));
+
+ p = __vmalloc_node(stack_size, THREAD_ALIGN, THREADINFO_GFP, node,
+ __builtin_return_address(0));
+ return kasan_reset_tag(p);
+}
+#endif /* CONFIG_VMAP_STACK */
+
+#endif /* _ASM_RISCV_IRQ_STACK_H */
diff --git a/arch/riscv/include/asm/thread_info.h b/arch/riscv/include/asm/thread_info.h
index 97e6f65ec176..2f32875276b0 100644
--- a/arch/riscv/include/asm/thread_info.h
+++ b/arch/riscv/include/asm/thread_info.h
@@ -40,6 +40,8 @@
#define OVERFLOW_STACK_SIZE SZ_4K
#define SHADOW_OVERFLOW_STACK_SIZE (1024)

+#define IRQ_STACK_SIZE THREAD_SIZE
+
#ifndef __ASSEMBLY__

extern long shadow_stack[SHADOW_OVERFLOW_STACK_SIZE / sizeof(long)];
diff --git a/arch/riscv/kernel/irq.c b/arch/riscv/kernel/irq.c
index eb9a68a539e6..a1dcf8e43b3c 100644
--- a/arch/riscv/kernel/irq.c
+++ b/arch/riscv/kernel/irq.c
@@ -28,6 +28,38 @@ struct fwnode_handle *riscv_get_intc_hwnode(void)
}
EXPORT_SYMBOL_GPL(riscv_get_intc_hwnode);

+#ifdef CONFIG_IRQ_STACKS
+#include <asm/irq_stack.h>
+
+DEFINE_PER_CPU(ulong *, irq_stack_ptr);
+
+#ifdef CONFIG_VMAP_STACK
+static void init_irq_stacks(void)
+{
+ int cpu;
+ ulong *p;
+
+ for_each_possible_cpu(cpu) {
+ p = arch_alloc_vmap_stack(IRQ_STACK_SIZE, cpu_to_node(cpu));
+ per_cpu(irq_stack_ptr, cpu) = p;
+ }
+}
+#else
+/* irq stack only needs to be 16 byte aligned - not IRQ_STACK_SIZE aligned. */
+DEFINE_PER_CPU_ALIGNED(ulong [IRQ_STACK_SIZE/sizeof(ulong)], irq_stack);
+
+static void init_irq_stacks(void)
+{
+ int cpu;
+
+ for_each_possible_cpu(cpu)
+ per_cpu(irq_stack_ptr, cpu) = per_cpu(irq_stack, cpu);
+}
+#endif /* CONFIG_VMAP_STACK */
+#else
+static void init_irq_stacks(void) {}
+#endif /* CONFIG_IRQ_STACKS */
+
int arch_show_interrupts(struct seq_file *p, int prec)
{
show_ipi_stats(p, prec);
@@ -36,6 +68,7 @@ int arch_show_interrupts(struct seq_file *p, int prec)

void __init init_IRQ(void)
{
+ init_irq_stacks();
irqchip_init();
if (!handle_arch_irq)
panic("No interrupt controller found.");
diff --git a/arch/riscv/kernel/traps.c b/arch/riscv/kernel/traps.c
index 24d309c6ab8d..9e0426cfcc60 100644
--- a/arch/riscv/kernel/traps.c
+++ b/arch/riscv/kernel/traps.c
@@ -27,6 +27,7 @@
#include <asm/syscall.h>
#include <asm/thread_info.h>
#include <asm/vector.h>
+#include <asm/irq_stack.h>

int show_unhandled_signals = 1;

@@ -327,16 +328,46 @@ asmlinkage __visible noinstr void do_page_fault(struct pt_regs *regs)
}
#endif

-asmlinkage __visible noinstr void do_irq(struct pt_regs *regs)
+static void noinstr handle_riscv_irq(struct pt_regs *regs)
{
struct pt_regs *old_regs;
- irqentry_state_t state = irqentry_enter(regs);

irq_enter_rcu();
old_regs = set_irq_regs(regs);
handle_arch_irq(regs);
set_irq_regs(old_regs);
irq_exit_rcu();
+}
+
+asmlinkage void noinstr do_irq(struct pt_regs *regs)
+{
+ irqentry_state_t state = irqentry_enter(regs);
+#ifdef CONFIG_IRQ_STACKS
+ if (on_thread_stack()) {
+ ulong *sp = per_cpu(irq_stack_ptr, smp_processor_id())
+ + IRQ_STACK_SIZE/sizeof(ulong);
+ __asm__ __volatile(
+ "addi sp, sp, -"RISCV_SZPTR "\n"
+ REG_S" ra, (sp) \n"
+ "addi sp, sp, -"RISCV_SZPTR "\n"
+ REG_S" s0, (sp) \n"
+ "addi s0, sp, 2*"RISCV_SZPTR "\n"
+ "move sp, %[sp] \n"
+ "move a0, %[regs] \n"
+ "call handle_riscv_irq \n"
+ "addi sp, s0, -2*"RISCV_SZPTR"\n"
+ REG_L" s0, (sp) \n"
+ "addi sp, sp, "RISCV_SZPTR "\n"
+ REG_L" ra, (sp) \n"
+ "addi sp, sp, "RISCV_SZPTR "\n"
+ :
+ : [sp] "r" (sp), [regs] "r" (regs)
+ : "a0", "a1", "a2", "a3", "a4", "a5", "a6", "a7",
+ "t0", "t1", "t2", "t3", "t4", "t5", "t6",
+ "memory");
+ } else
+#endif
+ handle_riscv_irq(regs);

irqentry_exit(regs, state);
}
--
2.36.1



2023-06-13 13:22:58

by Clément Léger

[permalink] [raw]
Subject: Re: [PATCH -next V12 1/3] riscv: stack: Support HAVE_IRQ_EXIT_ON_IRQ_STACK



On 29/05/2023 10:45, [email protected] wrote:
> From: Guo Ren <[email protected]>
>
> Add independent irq stacks for percpu to prevent kernel stack overflows.
> It is also compatible with VMAP_STACK by arch_alloc_vmap_stack.
>
> Tested-by: Jisheng Zhang <[email protected]>
> Signed-off-by: Guo Ren <[email protected]>
> Signed-off-by: Guo Ren <[email protected]>
> Cc: Conor Dooley <[email protected]>
> ---
> arch/riscv/Kconfig | 7 ++++++
> arch/riscv/include/asm/irq_stack.h | 32 +++++++++++++++++++++++++
> arch/riscv/include/asm/thread_info.h | 2 ++
> arch/riscv/kernel/irq.c | 33 ++++++++++++++++++++++++++
> arch/riscv/kernel/traps.c | 35 ++++++++++++++++++++++++++--
> 5 files changed, 107 insertions(+), 2 deletions(-)
> create mode 100644 arch/riscv/include/asm/irq_stack.h
>
> diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig
> index fa256f2e23c1..44b4c9690f94 100644
> --- a/arch/riscv/Kconfig
> +++ b/arch/riscv/Kconfig
> @@ -588,6 +588,13 @@ config FPU
>
> If you don't know what to do here, say Y.
>
> +config IRQ_STACKS
> + bool "Independent irq stacks" if EXPERT
> + default y
> + select HAVE_IRQ_EXIT_ON_IRQ_STACK
> + help
> + Add independent irq stacks for percpu to prevent kernel stack overflows.
> +
> endmenu # "Platform type"
>
> menu "Kernel features"
> diff --git a/arch/riscv/include/asm/irq_stack.h b/arch/riscv/include/asm/irq_stack.h
> new file mode 100644
> index 000000000000..b0dcee9a3fa2
> --- /dev/null
> +++ b/arch/riscv/include/asm/irq_stack.h
> @@ -0,0 +1,32 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +
> +#ifndef _ASM_RISCV_IRQ_STACK_H
> +#define _ASM_RISCV_IRQ_STACK_H
> +
> +#include <linux/bug.h>
> +#include <linux/gfp.h>
> +#include <linux/kconfig.h>
> +#include <linux/vmalloc.h>
> +#include <linux/pgtable.h>
> +#include <asm/thread_info.h>
> +
> +DECLARE_PER_CPU(ulong *, irq_stack_ptr);
> +
> +#ifdef CONFIG_VMAP_STACK
> +/*
> + * To ensure that VMAP'd stack overflow detection works correctly, all VMAP'd
> + * stacks need to have the same alignment.
> + */
> +static inline unsigned long *arch_alloc_vmap_stack(size_t stack_size, int node)
> +{
> + void *p;
> +
> + BUILD_BUG_ON(!IS_ENABLED(CONFIG_VMAP_STACK));

Hi Guo,

Since this function is already guarded with #ifdef CONFIG_VMAP_STACK, I
guess this BUILD_BUG_ON() is unnecessary).

Clément

2023-06-13 15:37:09

by Guo Ren

[permalink] [raw]
Subject: Re: [PATCH -next V12 1/3] riscv: stack: Support HAVE_IRQ_EXIT_ON_IRQ_STACK

On Tue, Jun 13, 2023 at 9:01 PM Clément Léger <[email protected]> wrote:
>
>
>
> On 29/05/2023 10:45, [email protected] wrote:
> > From: Guo Ren <[email protected]>
> >
> > Add independent irq stacks for percpu to prevent kernel stack overflows.
> > It is also compatible with VMAP_STACK by arch_alloc_vmap_stack.
> >
> > Tested-by: Jisheng Zhang <[email protected]>
> > Signed-off-by: Guo Ren <[email protected]>
> > Signed-off-by: Guo Ren <[email protected]>
> > Cc: Conor Dooley <[email protected]>
> > ---
> > arch/riscv/Kconfig | 7 ++++++
> > arch/riscv/include/asm/irq_stack.h | 32 +++++++++++++++++++++++++
> > arch/riscv/include/asm/thread_info.h | 2 ++
> > arch/riscv/kernel/irq.c | 33 ++++++++++++++++++++++++++
> > arch/riscv/kernel/traps.c | 35 ++++++++++++++++++++++++++--
> > 5 files changed, 107 insertions(+), 2 deletions(-)
> > create mode 100644 arch/riscv/include/asm/irq_stack.h
> >
> > diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig
> > index fa256f2e23c1..44b4c9690f94 100644
> > --- a/arch/riscv/Kconfig
> > +++ b/arch/riscv/Kconfig
> > @@ -588,6 +588,13 @@ config FPU
> >
> > If you don't know what to do here, say Y.
> >
> > +config IRQ_STACKS
> > + bool "Independent irq stacks" if EXPERT
> > + default y
> > + select HAVE_IRQ_EXIT_ON_IRQ_STACK
> > + help
> > + Add independent irq stacks for percpu to prevent kernel stack overflows.
> > +
> > endmenu # "Platform type"
> >
> > menu "Kernel features"
> > diff --git a/arch/riscv/include/asm/irq_stack.h b/arch/riscv/include/asm/irq_stack.h
> > new file mode 100644
> > index 000000000000..b0dcee9a3fa2
> > --- /dev/null
> > +++ b/arch/riscv/include/asm/irq_stack.h
> > @@ -0,0 +1,32 @@
> > +/* SPDX-License-Identifier: GPL-2.0 */
> > +
> > +#ifndef _ASM_RISCV_IRQ_STACK_H
> > +#define _ASM_RISCV_IRQ_STACK_H
> > +
> > +#include <linux/bug.h>
> > +#include <linux/gfp.h>
> > +#include <linux/kconfig.h>
> > +#include <linux/vmalloc.h>
> > +#include <linux/pgtable.h>
> > +#include <asm/thread_info.h>
> > +
> > +DECLARE_PER_CPU(ulong *, irq_stack_ptr);
> > +
> > +#ifdef CONFIG_VMAP_STACK
> > +/*
> > + * To ensure that VMAP'd stack overflow detection works correctly, all VMAP'd
> > + * stacks need to have the same alignment.
> > + */
> > +static inline unsigned long *arch_alloc_vmap_stack(size_t stack_size, int node)
> > +{
> > + void *p;
> > +
> > + BUILD_BUG_ON(!IS_ENABLED(CONFIG_VMAP_STACK));
>
> Hi Guo,
>
> Since this function is already guarded with #ifdef CONFIG_VMAP_STACK, I
> guess this BUILD_BUG_ON() is unnecessary).
Yes, my carelessness. I would remove it in the next version.

>
> Clément




--
Best Regards
Guo Ren