Message ID | 7bd67c4ccdd202f2125b7fc0ed0332d0d020690b.1537186089.git.christophe.leroy@c-s.fr (mailing list archive) |
---|---|
State | Superseded |
Headers | show |
Series | [1/2] powerpc: initial stack protector (-fstack-protector) support | expand |
Context | Check | Description |
---|---|---|
snowpatch_ozlabs/apply_patch | success | next/apply_patch Successfully applied |
snowpatch_ozlabs/checkpatch | success | Test checkpatch on branch next |
snowpatch_ozlabs/build-ppc64le | success | Test build-ppc64le on branch next |
snowpatch_ozlabs/build-ppc64be | success | Test build-ppc64be on branch next |
snowpatch_ozlabs/build-ppc64e | success | Test build-ppc64e on branch next |
snowpatch_ozlabs/build-ppc32 | success | Test build-ppc32 on branch next |
On Mon, Sep 17, 2018 at 12:15:08PM +0000, Christophe Leroy wrote: > I would have liked to use -mstack-protector-guard=tls -mstack-protector-guard-reg=r2 > -mstack-protector-guard-offset=offsetof(struct task_struct, stack_canary) but I have > not found how set the value of offsetof(struct task_struct, stack_canary) in Makefile. By far the easiest is to have the canary at a fixed offset from r2. Segher
diff --git a/arch/powerpc/kernel/asm-offsets.c b/arch/powerpc/kernel/asm-offsets.c index 89cf15566c4e..cb02d23764ca 100644 --- a/arch/powerpc/kernel/asm-offsets.c +++ b/arch/powerpc/kernel/asm-offsets.c @@ -89,6 +89,9 @@ int main(void) DEFINE(THREAD_INFO_GAP, _ALIGN_UP(sizeof(struct thread_info), 16)); OFFSET(KSP_LIMIT, thread_struct, ksp_limit); #endif /* CONFIG_PPC64 */ +#ifdef CONFIG_CC_STACKPROTECTOR + DEFINE(TSK_STACK_CANARY, offsetof(struct task_struct, stack_canary)); +#endif #ifdef CONFIG_LIVEPATCH OFFSET(TI_livepatch_sp, thread_info, livepatch_sp); diff --git a/arch/powerpc/kernel/entry_32.S b/arch/powerpc/kernel/entry_32.S index e58c3f467db5..0cdb4170a21d 100644 --- a/arch/powerpc/kernel/entry_32.S +++ b/arch/powerpc/kernel/entry_32.S @@ -721,6 +721,11 @@ BEGIN_FTR_SECTION mtspr SPRN_SPEFSCR,r0 /* restore SPEFSCR reg */ END_FTR_SECTION_IFSET(CPU_FTR_SPE) #endif /* CONFIG_SPE */ +#if defined(CONFIG_CC_STACKPROTECTOR) && !defined(CONFIG_SMP) + lwz r0, TSK_STACK_CANARY(r2) + lis r4, __stack_chk_guard@ha + stw r0, __stack_chk_guard@l(r4) +#endif lwz r0,_CCR(r1) mtcrf 0xFF,r0
Partially copied from commit df0698be14c66 ("ARM: stack protector: change the canary value per task") A new random value for the canary is stored in the task struct whenever a new task is forked. This is meant to allow for different canary values per task. On powerpc, GCC expects the canary value to be found in a global variable called __stack_chk_guard. So this variable has to be updated with the value stored in the task struct whenever a task switch occurs. Because the variable GCC expects is global, this cannot work on SMP unfortunately. So, on SMP, the same initial canary value is kept throughout, making this feature a bit less effective although it is still useful. Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr> --- I would have liked to use -mstack-protector-guard=tls -mstack-protector-guard-reg=r2 -mstack-protector-guard-offset=offsetof(struct task_struct, stack_canary) but I have not found how set the value of offsetof(struct task_struct, stack_canary) in Makefile. Any idea ? arch/powerpc/kernel/asm-offsets.c | 3 +++ arch/powerpc/kernel/entry_32.S | 5 +++++ 2 files changed, 8 insertions(+)