kernel: wipe TLS when dropping to user mode
For threads that run in supervisor mode for some time before synchronously dropping to user mode, re-initialize the TLS area to prevent leakage of potentially sensitive information. We did this already for CONFIG_THREAD_USERSPACE_LOCAL_DATA but not the new CONFIG_THREAD_LOCAL_STORAGE. Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This commit is contained in:
Andrew Boie
Ioannis Glaropoulos
parent
5c5e3597c8
commit
0e30c6a0fa
1 changed files with 7 additions and 1 deletions
|
|
@ -493,7 +493,8 @@ static char *setup_thread_stack(struct k_thread *new_thread,
|
|||
*((uint32_t *)stack_buf_start) = STACK_SENTINEL;
|
||||
#endif /* CONFIG_STACK_SENTINEL */
|
||||
#ifdef CONFIG_THREAD_LOCAL_STORAGE
|
||||
delta += arch_tls_stack_setup(new_thread, (stack_ptr - delta));
|
||||
/* TLS is always last within the stack buffer */
|
||||
delta += arch_tls_stack_setup(new_thread, stack_ptr);
|
||||
#endif /* CONFIG_THREAD_LOCAL_STORAGE */
|
||||
#ifdef CONFIG_THREAD_USERSPACE_LOCAL_DATA
|
||||
size_t tls_size = sizeof(struct _thread_userspace_local_data);
|
||||
|
|
@ -838,6 +839,11 @@ FUNC_NORETURN void k_thread_user_mode_enter(k_thread_entry_t entry,
|
|||
#ifdef CONFIG_THREAD_USERSPACE_LOCAL_DATA
|
||||
memset(_current->userspace_local_data, 0,
|
||||
sizeof(struct _thread_userspace_local_data));
|
||||
#endif
|
||||
#ifdef CONFIG_THREAD_LOCAL_STORAGE
|
||||
arch_tls_stack_setup(_current,
|
||||
(char *)(_current->stack_info.start +
|
||||
_current->stack_info.size));
|
||||
#endif
|
||||
arch_user_mode_enter(entry, p1, p2, p3);
|
||||
#else
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue