]> git.baikalelectronics.ru Git - kernel.git/commit
powerpc/32: add stack protector support
authorChristophe Leroy <christophe.leroy@c-s.fr>
Thu, 27 Sep 2018 07:05:53 +0000 (07:05 +0000)
committerMichael Ellerman <mpe@ellerman.id.au>
Wed, 3 Oct 2018 05:40:03 +0000 (15:40 +1000)
commita40f02c47b1ac70e521dc35b6c64a2799a3c774a
tree042c4265fbe1dac941bd5c6c9d2079c1d8bdde14
parent81da51595741d6f7e92572dc15aa8670f39231bf
powerpc/32: add stack protector support

This functionality was tentatively added in the past
(commit e539f5809f0e ("powerpc: Initial stack protector
(-fstack-protector) support")) but had to be reverted
(commit c8c92e75d7b7 ("powerpc: Revert the initial stack
protector support") because of GCC implementing it differently
whether it had been built with libc support or not.

Now, GCC offers the possibility to manually set the
stack-protector mode (global or tls) regardless of libc support.

This time, the patch selects HAVE_STACKPROTECTOR only if
-mstack-protector-guard=tls is supported by GCC.

On PPC32, as register r2 points to current task_struct at
all time, the stack_canary located inside task_struct can be
used directly by using the following GCC options:
-mstack-protector-guard=tls
-mstack-protector-guard-reg=r2
-mstack-protector-guard-offset=offsetof(struct task_struct, stack_canary))

The protector is disabled for prom_init and bootx_init as
it is too early to handle it properly.

 $ echo CORRUPT_STACK > /sys/kernel/debug/provoke-crash/DIRECT
[  134.943666] Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: lkdtm_CORRUPT_STACK+0x64/0x64
[  134.943666]
[  134.955414] CPU: 0 PID: 283 Comm: sh Not tainted 4.18.0-s3k-dev-12143-ga3272be41209 #835
[  134.963380] Call Trace:
[  134.965860] [c6615d60] [c001f76c] panic+0x118/0x260 (unreliable)
[  134.971775] [c6615dc0] [c001f654] panic+0x0/0x260
[  134.976435] [c6615dd0] [c032c368] lkdtm_CORRUPT_STACK_STRONG+0x0/0x64
[  134.982769] [c6615e00] [ffffffff] 0xffffffff

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
arch/powerpc/Kconfig
arch/powerpc/Makefile
arch/powerpc/include/asm/stackprotector.h [new file with mode: 0644]
arch/powerpc/kernel/Makefile
arch/powerpc/kernel/asm-offsets.c
arch/powerpc/platforms/powermac/Makefile