kernel: wipe TLS when dropping to user mode
For threads that run in supervisor mode for some time before synchronously dropping to user mode, re-initialize the TLS area to prevent leakage of potentially sensitive information. We did this already for CONFIG_THREAD_USERSPACE_LOCAL_DATA but not the new CONFIG_THREAD_LOCAL_STORAGE. Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This commit is contained in:
parent
5c5e3597c8
commit
0e30c6a0fa
1 changed files with 7 additions and 1 deletions
|
@ -493,7 +493,8 @@ static char *setup_thread_stack(struct k_thread *new_thread,
|
||||||
*((uint32_t *)stack_buf_start) = STACK_SENTINEL;
|
*((uint32_t *)stack_buf_start) = STACK_SENTINEL;
|
||||||
#endif /* CONFIG_STACK_SENTINEL */
|
#endif /* CONFIG_STACK_SENTINEL */
|
||||||
#ifdef CONFIG_THREAD_LOCAL_STORAGE
|
#ifdef CONFIG_THREAD_LOCAL_STORAGE
|
||||||
delta += arch_tls_stack_setup(new_thread, (stack_ptr - delta));
|
/* TLS is always last within the stack buffer */
|
||||||
|
delta += arch_tls_stack_setup(new_thread, stack_ptr);
|
||||||
#endif /* CONFIG_THREAD_LOCAL_STORAGE */
|
#endif /* CONFIG_THREAD_LOCAL_STORAGE */
|
||||||
#ifdef CONFIG_THREAD_USERSPACE_LOCAL_DATA
|
#ifdef CONFIG_THREAD_USERSPACE_LOCAL_DATA
|
||||||
size_t tls_size = sizeof(struct _thread_userspace_local_data);
|
size_t tls_size = sizeof(struct _thread_userspace_local_data);
|
||||||
|
@ -838,6 +839,11 @@ FUNC_NORETURN void k_thread_user_mode_enter(k_thread_entry_t entry,
|
||||||
#ifdef CONFIG_THREAD_USERSPACE_LOCAL_DATA
|
#ifdef CONFIG_THREAD_USERSPACE_LOCAL_DATA
|
||||||
memset(_current->userspace_local_data, 0,
|
memset(_current->userspace_local_data, 0,
|
||||||
sizeof(struct _thread_userspace_local_data));
|
sizeof(struct _thread_userspace_local_data));
|
||||||
|
#endif
|
||||||
|
#ifdef CONFIG_THREAD_LOCAL_STORAGE
|
||||||
|
arch_tls_stack_setup(_current,
|
||||||
|
(char *)(_current->stack_info.start +
|
||||||
|
_current->stack_info.size));
|
||||||
#endif
|
#endif
|
||||||
arch_user_mode_enter(entry, p1, p2, p3);
|
arch_user_mode_enter(entry, p1, p2, p3);
|
||||||
#else
|
#else
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue