| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 Apr 2020 14:15:59 -0000
From: "tip-bot2 for Sergei Trofimovich" <tip-bot2@...utronix.de>
To: linux-tip-commits@...r.kernel.org
Cc: Sergei Trofimovich <slyfox@...too.org>,
Borislav Petkov <bp@...e.de>, Jakub Jelinek <jakub@...hat.com>,
Michael Matz <matz@...e.de>, x86 <x86@...nel.org>,
LKML <linux-kernel@...r.kernel.org>
Subject: [tip: x86/urgent] x86: Fix early boot crash on gcc-10
The following commit has been merged into the x86/urgent branch of tip:
Commit-ID: 5871c72d659e5c312b9ad635034cab59f7786a98
Gitweb: https://git.kernel.org/tip/5871c72d659e5c312b9ad635034cab59f7786a98
Author: Sergei Trofimovich <slyfox@...too.org>
AuthorDate: Sat, 28 Mar 2020 08:48:58
Committer: Borislav Petkov <bp@...e.de>
CommitterDate: Mon, 13 Apr 2020 16:07:35 +02:00
x86: Fix early boot crash on gcc-10
Fix a boot failure where the kernel is built with gcc-10 with stack
protector enabled by default:
Kernel panic — not syncing: stack-protector: Kernel stack is corrupted in: start_secondary
CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.6.0-rc5—00235—gfffb08b37df9 #139
Hardware name: Gigabyte Technology Co., Ltd. To be filled by O.E.M./H77M—D3H, BIOS F12 11/14/2013
Call Trace:
dump_stack
panic
? start_secondary
__stack_chk_fail
start_secondary
secondary_startup_64
-—-[ end Kernel panic — not syncing: stack—protector: Kernel stack is corrupted in: start_secondary
This happens because start_secondary() is responsible for setting
up initial stack canary value in smpboot.c but nothing prevents gcc
from inserting stack canary into start_secondary() itself before the
boot_init_stack_canary() call which sets up said canary value.
Inhibit the stack canary addition for start_secondary() only.
[ bp: Massage a bit. ]
Signed-off-by: Sergei Trofimovich <slyfox@...too.org>
Signed-off-by: Borislav Petkov <bp@...e.de>
Cc: Jakub Jelinek <jakub@...hat.com>
Cc: Michael Matz <matz@...e.de>
Link: https://lkml.kernel.org/r/20200328084858.421444-1-slyfox@gentoo.org
---
arch/x86/kernel/smpboot.c | 6 +++++-
include/linux/compiler-gcc.h | 1 +
include/linux/compiler_types.h | 4 ++++
3 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kernel/smpboot.c b/arch/x86/kernel/smpboot.c
index fe3ab96..9ea28e5 100644
--- a/arch/x86/kernel/smpboot.c
+++ b/arch/x86/kernel/smpboot.c
@@ -209,10 +209,14 @@ static void smp_callin(void)
static int cpu0_logical_apicid;
static int enable_start_cpu0;
+
/*
* Activate a secondary processor.
+ *
+ * Note: boot_init_stack_canary() sets up the canary value so omit the stack
+ * canary creation for this function only.
*/
-static void notrace start_secondary(void *unused)
+static void __no_stack_protector notrace start_secondary(void *unused)
{
/*
* Don't put *anything* except direct CPU state initialization
diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h
index d7ee4c6..fb67c74 100644
--- a/include/linux/compiler-gcc.h
+++ b/include/linux/compiler-gcc.h
@@ -172,3 +172,4 @@
#endif
#define __no_fgcse __attribute__((optimize("-fno-gcse")))
+#define __no_stack_protector __attribute__((optimize("-fno-stack-protector")))
diff --git a/include/linux/compiler_types.h b/include/linux/compiler_types.h
index e970f97..069c981 100644
--- a/include/linux/compiler_types.h
+++ b/include/linux/compiler_types.h
@@ -203,6 +203,10 @@ struct ftrace_likely_data {
#define asm_inline asm
#endif
+#ifndef __no_stack_protector
+# define __no_stack_protector
+#endif
+
#ifndef __no_fgcse
# define __no_fgcse
#endif
Powered by blists - more mailing lists