[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAJD_bP+43=XXD7p3fRfDxCbj=_YedgVLv38XO4iOAw94a+4PHg@mail.gmail.com>
Date: Sun, 22 Sep 2024 16:18:39 -0400
From: Jason Montleon <jmontleo@...hat.com>
To: Kees Cook <kees@...nel.org>
Cc: linux-hardening@...r.kernel.org,
Linux regressions mailing list <regressions@...ts.linux.dev>, linux-riscv@...ts.infradead.org
Subject: Re: [REGRESSION][BISECTED] Cannot boot Lichee Pi 4A with
FORTIFY_SOURCE enabled
On Sat, Sep 21, 2024 at 10:42 PM Kees Cook <kees@...nel.org> wrote:
>
>
>
> On September 21, 2024 10:42:11 AM PDT, Jason Montleon <jmontleo@...hat.com> wrote:
> >Starting with 6.11-rc1 I can no longer boot the Lichee Pi 4A with
> >FORTIFY_SOURCE enabled. This works on 6.10 up to at least 6.10.11.
> >However, with 6.11 I get no output at all from the kernel on the
> >serial console with FORTIFY_SOURCE enabled and the system never comes
> >online on network or otherwise as far as I can tell.
> >
> >I did a bisect which led to:
> >2003e483a81cc235e29f77da3f6b256cb4b348e7
> >fortify: Do not special-case 0-sized destinations
> >
> >If I revert this commit I can once again boot the Lichee Pi 4A with
> >FORTIFY_SOURCE enabled.
> >
>
> Thanks for the report! Are you able to catch what the error log shows? There must be some 0-sized array that snuck by.
>
> Can you share your .config and compiler version?
>
Hi Kees,
Thank you for the quick reply! I am using the Fedora 40 packaged
version of gcc, gcc-14.1.1-1.fc40.riscv64.
I originally noticed this while testing a build of the Fedora RISC-V
.config on Fedora 40.
http://fedora.riscv.rocks:3000/rpms/kernel/src/branch/main-riscv64/kernel-riscv64-fedora.config
When I noticed I could not boot this on the lpi4a I tried the
defconfig(arch/riscv/configs/defconfig), which worked. After merging
the configs a bit at a time I narrowed it down to FORTIFY_SOURCE=y
To do the bisect I used the riscv defconfig, running make menuconfig
to turn on FORTIFY_SOURCE, and saving.
https://gist.github.com/jmontleon/9cdc778e9c9139296924d3f71b48067b
As far as logs, I am having a hard time gathering anything useful
because the boot fails so early. Normally with FORTIFY_SOURCE turned
on I get no output from the kernel at all.
https://gist.github.com/jmontleon/42167a7b6d71bb4db8b7ca7114893b86
With a config closer to the Fedora debug kernel config I got a bit
more, but it stopped booting here and doesn't seem much more useful.
https://gist.github.com/jmontleon/00426b3bff2c85a68370ca1fb5f968c7
If you have suggestions for getting more meaningful output I am happy to try.
The Fedora kernel config boots fine on the VisionFive 2, so I think it
is more specific to the hardware than RISC-V, maybe something T-Head
related if not specific to the Lichee Pi 4A. I was thinking because it
seems pretty hardware specific and failure is so early maybe it is due
to something in one of the THEAD errata or the patch function.
While trying some more things today I noticed if FORTIFY_SOURCE is
left unset and I also unset ERRATA_THEAD_MAE it similarly fails to
boot without output, so I think my idea is possible though I don't
have anything more concrete than that to back it up at the moment.
Thank you,
- Jason
> -Kees
>
> --
> Kees Cook
>
Powered by blists - more mailing lists