mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-10-05 00:20:32 +00:00
arm64: efi: Restore register x18 if it was corrupted
If we detect a corrupted x18, restore the register before jumping back to potentially SCS instrumented code. This is safe, because the wrapper is called with preemption disabled and a separate shadow stack is used for interrupt handling. Signed-off-by: Sami Tolvanen <samitolvanen@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Acked-by: Will Deacon <will@kernel.org> Signed-off-by: Will Deacon <will@kernel.org>
This commit is contained in:
parent
6d37d81f44
commit
e73f02c6eb
1 changed files with 10 additions and 1 deletions
|
@ -34,5 +34,14 @@ ENTRY(__efi_rt_asm_wrapper)
|
||||||
ldp x29, x30, [sp], #32
|
ldp x29, x30, [sp], #32
|
||||||
b.ne 0f
|
b.ne 0f
|
||||||
ret
|
ret
|
||||||
0: b efi_handle_corrupted_x18 // tail call
|
0:
|
||||||
|
/*
|
||||||
|
* With CONFIG_SHADOW_CALL_STACK, the kernel uses x18 to store a
|
||||||
|
* shadow stack pointer, which we need to restore before returning to
|
||||||
|
* potentially instrumented code. This is safe because the wrapper is
|
||||||
|
* called with preemption disabled and a separate shadow stack is used
|
||||||
|
* for interrupts.
|
||||||
|
*/
|
||||||
|
mov x18, x2
|
||||||
|
b efi_handle_corrupted_x18 // tail call
|
||||||
ENDPROC(__efi_rt_asm_wrapper)
|
ENDPROC(__efi_rt_asm_wrapper)
|
||||||
|
|
Loading…
Reference in a new issue