Re: [PATCH] x86: fix early boot crash on gcc-10
From: Borislav Petkov
Date: Mon Mar 16 2020 - 13:54:46 EST
On Mon, Mar 16, 2020 at 02:42:34PM +0100, Peter Zijlstra wrote:
> Right I know, I looked for it recently :/ But since this is new in 10
> and 10 isn't released yet, I figured someone can add the attribute
> before it does get released.
Yes, that would be a good solution.
I looked at what happens briefly after building gcc10 from git and IINM,
the function in question - start_secondary() - already gets the stack
canary asm glue added so it checks for a stack canary.
However, the stack canary value itself gets set later in that same
function:
/* to prevent fake stack check failure in clock setup */
boot_init_stack_canary();
so the asm glue which checks for it would need to reload the newly
computed canary value (it is 0 before we compute it and thus the
mismatch).
So having a way to state "do not add stack canary checking to this
particular function" would be optimal. And since you already have the
"stack_protect" function attribute I figure adding a "no_stack_protect"
one should be easy...
> > Or of course you could add noinline attribute to whatever got inlined
> > and contains some array or addressable variable that whatever
> > -fstack-protector* mode kernel uses triggers it. With -fstack-protector-all
> > it would never work even in the past I believe.
>
> I don't think the kernel supports -fstack-protector-all, but I could be
> mistaken.
The other thing I was thinking was to carve out only that function into
a separate compilation unit and disable stack protector only for it.
All IMHO of course.
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette