lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <90df6cf5674241a85ac7dfe0a1558f1fd025cc17.1698051454.git.houwenlong.hwl@antgroup.com>
Date:   Mon, 23 Oct 2023 17:09:38 +0800
From:   "Hou Wenlong" <houwenlong.hwl@...group.com>
To:     linux-kernel@...r.kernel.org
Cc:     "Hou Wenlong" <houwenlong.hwl@...group.com>,
        "Juergen Gross" <jgross@...e.com>,
        "Boris Ostrovsky" <boris.ostrovsky@...cle.com>,
        "Darren Hart" <dvhart@...radead.org>,
        "Andy Shevchenko" <andy@...radead.org>,
        "Thomas Gleixner" <tglx@...utronix.de>,
        "Ingo Molnar" <mingo@...hat.com>, "Borislav Petkov" <bp@...en8.de>,
        "Dave Hansen" <dave.hansen@...ux.intel.com>,
        "maintainer:X86 ARCHITECTURE 32-BIT AND 64-BIT" 
        <x86@...nel.org>, "H. Peter Anvin" <hpa@...or.com>,
        "moderated list:XEN HYPERVISOR X86" 
        <xen-devel@...ts.xenproject.org>,
        "open list:X86 PLATFORM DRIVERS - ARCH" 
        <platform-driver-x86@...r.kernel.org>
Subject: [PATCH 1/2] x86/xen/pvh: Set up percpu for stack canary in 32-bit kernel entry

In a 32-bit SMP kernel, the stack canary is a percpu variable accessed
as %fs:__stack_chk_guard. However, the ABI for PVH entry does not
specify the %fs register state. It currently works because the initial
%fs register is 0x10 for QEMU, which is the same as $PVH_DS_SEL.
%However, for added safety, the percpu should be set up explicitly
%before calling xen_prepare_pvh(), which accesses the stack canary.

Signed-off-by: Hou Wenlong <houwenlong.hwl@...group.com>
---
 arch/x86/platform/pvh/head.S | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/arch/x86/platform/pvh/head.S b/arch/x86/platform/pvh/head.S
index c4365a05ab83..cee4dadf5344 100644
--- a/arch/x86/platform/pvh/head.S
+++ b/arch/x86/platform/pvh/head.S
@@ -121,6 +121,10 @@ SYM_CODE_START_LOCAL(pvh_start_xen)
 
 	ljmp $PVH_CS_SEL, $1f
 1:
+	/* Set percpu for stack canary. */
+	mov $PVH_DS_SEL,%eax
+	mov %eax, %fs
+
 	call xen_prepare_pvh
 	mov $_pa(pvh_bootparams), %esi
 
-- 
2.31.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ