[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH RFC 16/43] x86-64: Use per-cpu stack canary if supported by compiler
- To: Hou Wenlong <houwenlong.hwl@xxxxxxxxxxxx>, linux-kernel@xxxxxxxxxxxxxxx
- From: Juergen Gross <jgross@xxxxxxxx>
- Date: Thu, 4 May 2023 12:31:59 +0200
- Cc: Thomas Garnier <thgarnie@xxxxxxxxxxxx>, Lai Jiangshan <jiangshan.ljs@xxxxxxxxxxxx>, Kees Cook <keescook@xxxxxxxxxxxx>, Brian Gerst <brgerst@xxxxxxxxx>, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, Ingo Molnar <mingo@xxxxxxxxxx>, Borislav Petkov <bp@xxxxxxxxx>, Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>, x86@xxxxxxxxxx, "H. Peter Anvin" <hpa@xxxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxx>, Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>, Darren Hart <dvhart@xxxxxxxxxxxxx>, Andy Shevchenko <andy@xxxxxxxxxxxxx>, Nathan Chancellor <nathan@xxxxxxxxxx>, Nick Desaulniers <ndesaulniers@xxxxxxxxxx>, Tom Rix <trix@xxxxxxxxxx>, Peter Zijlstra <peterz@xxxxxxxxxxxxx>, "Mike Rapoport (IBM)" <rppt@xxxxxxxxxx>, Ashok Raj <ashok.raj@xxxxxxxxx>, Rick Edgecombe <rick.p.edgecombe@xxxxxxxxx>, Catalin Marinas <catalin.marinas@xxxxxxx>, Guo Ren <guoren@xxxxxxxxxx>, Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>, "Jason A. Donenfeld" <Jason@xxxxxxxxx>, Pawan Gupta <pawan.kumar.gupta@xxxxxxxxxxxxxxx>, Kim Phillips <kim.phillips@xxxxxxx>, David Woodhouse <dwmw@xxxxxxxxxxxx>, Josh Poimboeuf <jpoimboe@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, platform-driver-x86@xxxxxxxxxxxxxxx, llvm@xxxxxxxxxxxxxxx
- Delivery-date: Thu, 04 May 2023 10:32:14 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 28.04.23 11:50, Hou Wenlong wrote:
From: Brian Gerst <brgerst@xxxxxxxxx>
From: Brian Gerst <brgerst@xxxxxxxxx>
If the compiler supports it, use a standard per-cpu variable for the
stack protector instead of the old fixed location. Keep the fixed
location code for compatibility with older compilers.
[Hou Wenlong: Disable it on Clang, adapt new code change and adapt
missing GS set up path in pvh_start_xen()]
Signed-off-by: Brian Gerst <brgerst@xxxxxxxxx>
Co-developed-by: Hou Wenlong <houwenlong.hwl@xxxxxxxxxxxx>
Signed-off-by: Hou Wenlong <houwenlong.hwl@xxxxxxxxxxxx>
Cc: Thomas Garnier <thgarnie@xxxxxxxxxxxx>
Cc: Lai Jiangshan <jiangshan.ljs@xxxxxxxxxxxx>
Cc: Kees Cook <keescook@xxxxxxxxxxxx>
---
arch/x86/Kconfig | 12 ++++++++++++
arch/x86/Makefile | 21 ++++++++++++++-------
arch/x86/entry/entry_64.S | 6 +++++-
arch/x86/include/asm/processor.h | 17 ++++++++++++-----
arch/x86/include/asm/stackprotector.h | 16 +++++++---------
arch/x86/kernel/asm-offsets_64.c | 2 +-
arch/x86/kernel/cpu/common.c | 15 +++++++--------
arch/x86/kernel/head_64.S | 16 ++++++++++------
arch/x86/kernel/vmlinux.lds.S | 4 +++-
arch/x86/platform/pvh/head.S | 8 ++++++++
arch/x86/xen/xen-head.S | 14 +++++++++-----
11 files changed, 88 insertions(+), 43 deletions(-)
...
diff --git a/arch/x86/xen/xen-head.S b/arch/x86/xen/xen-head.S
index 643d02900fbb..09eaf59e8066 100644
--- a/arch/x86/xen/xen-head.S
+++ b/arch/x86/xen/xen-head.S
@@ -51,15 +51,19 @@ SYM_CODE_START(startup_xen)
leaq (__end_init_task - PTREGS_SIZE)(%rip), %rsp
- /* Set up %gs.
- *
- * The base of %gs always points to fixed_percpu_data. If the
- * stack protector canary is enabled, it is located at %gs:40.
+ /*
+ * Set up GS base.
* Note that, on SMP, the boot cpu uses init data section until
* the per cpu areas are set up.
*/
movl $MSR_GS_BASE,%ecx
- movq $INIT_PER_CPU_VAR(fixed_percpu_data),%rax
+#if defined(CONFIG_STACKPROTECTOR_FIXED)
+ leaq INIT_PER_CPU_VAR(fixed_percpu_data)(%rip), %rdx
+#elif defined(CONFIG_SMP)
+ movabs $__per_cpu_load, %rdx
Shouldn't above 2 targets be %rax?
+#else
+ xorl %eax, %eax
+#endif
cdq
wrmsr
Juergen
Attachment:
OpenPGP_0xB0DE9DD628BF132F.asc
Description: OpenPGP public key
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
|
