Re: [PATCH RFC 16/43] x86-64: Use per-cpu stack canary if supported by compiler

From: Hou Wenlong
Date: Thu May 04 2023 - 23:10:17 EST

Next message: Dave Airlie: "[git pull] drm fixes part 2 for 6.4-rc1"
Previous message: Xingui Yang: "[PATCH v2] ata: libata-scsi: Fix get identity data failed"
In reply to: Juergen Gross: "Re: [PATCH RFC 16/43] x86-64: Use per-cpu stack canary if supported by compiler"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, May 04, 2023 at 12:31:59PM +0200, Juergen Gross wrote:
> On 28.04.23 11:50, Hou Wenlong wrote:
> >From: Brian Gerst <brgerst@xxxxxxxxx>
> >
> >From: Brian Gerst <brgerst@xxxxxxxxx>
> >
> >If the compiler supports it, use a standard per-cpu variable for the
> >stack protector instead of the old fixed location. Keep the fixed
> >location code for compatibility with older compilers.
> >
> >[Hou Wenlong: Disable it on Clang, adapt new code change and adapt
> >missing GS set up path in pvh_start_xen()]
> >
> >Signed-off-by: Brian Gerst <brgerst@xxxxxxxxx>
> >Co-developed-by: Hou Wenlong <houwenlong.hwl@xxxxxxxxxxxx>
> >Signed-off-by: Hou Wenlong <houwenlong.hwl@xxxxxxxxxxxx>
> >Cc: Thomas Garnier <thgarnie@xxxxxxxxxxxx>
> >Cc: Lai Jiangshan <jiangshan.ljs@xxxxxxxxxxxx>
> >Cc: Kees Cook <keescook@xxxxxxxxxxxx>
> >---
> > arch/x86/Kconfig | 12 ++++++++++++
> > arch/x86/Makefile | 21 ++++++++++++++-------
> > arch/x86/entry/entry_64.S | 6 +++++-
> > arch/x86/include/asm/processor.h | 17 ++++++++++++-----
> > arch/x86/include/asm/stackprotector.h | 16 +++++++---------
> > arch/x86/kernel/asm-offsets_64.c | 2 +-
> > arch/x86/kernel/cpu/common.c | 15 +++++++--------
> > arch/x86/kernel/head_64.S | 16 ++++++++++------
> > arch/x86/kernel/vmlinux.lds.S | 4 +++-
> > arch/x86/platform/pvh/head.S | 8 ++++++++
> > arch/x86/xen/xen-head.S | 14 +++++++++-----
> > 11 files changed, 88 insertions(+), 43 deletions(-)
> >
>
> ...
>
> >diff --git a/arch/x86/xen/xen-head.S b/arch/x86/xen/xen-head.S
> >index 643d02900fbb..09eaf59e8066 100644
> >--- a/arch/x86/xen/xen-head.S
> >+++ b/arch/x86/xen/xen-head.S
> >@@ -51,15 +51,19 @@ SYM_CODE_START(startup_xen)
> > leaq (__end_init_task - PTREGS_SIZE)(%rip), %rsp
> >- /* Set up %gs.
> >- *
> >- * The base of %gs always points to fixed_percpu_data. If the
> >- * stack protector canary is enabled, it is located at %gs:40.
> >+ /*
> >+ * Set up GS base.
> > * Note that, on SMP, the boot cpu uses init data section until
> > * the per cpu areas are set up.
> > */
> > movl $MSR_GS_BASE,%ecx
> >- movq $INIT_PER_CPU_VAR(fixed_percpu_data),%rax
> >+#if defined(CONFIG_STACKPROTECTOR_FIXED)
> >+ leaq INIT_PER_CPU_VAR(fixed_percpu_data)(%rip), %rdx
> >+#elif defined(CONFIG_SMP)
> >+ movabs $__per_cpu_load, %rdx
>
> Shouldn't above 2 targets be %rax?
>
Ah yes, my mistake. I didn't test it on XEN guest, sorry,
I'll test XEN guest before the next submission.

Thanks.

> >+#else
> >+ xorl %eax, %eax
> >+#endif
> > cdq
> > wrmsr
>
>
> Juergen

> pub 2048R/28BF132F 2014-06-02 Juergen Gross <jg@xxxxxxxxx>
> uid Juergen Gross <jgross@xxxxxxxx>
> uid Juergen Gross <jgross@xxxxxxxxxx>
> uid Juergen Gross <jgross@xxxxxxx>
> sub 2048R/16375B53 2014-06-02

Next message: Dave Airlie: "[git pull] drm fixes part 2 for 6.4-rc1"
Previous message: Xingui Yang: "[PATCH v2] ata: libata-scsi: Fix get identity data failed"
In reply to: Juergen Gross: "Re: [PATCH RFC 16/43] x86-64: Use per-cpu stack canary if supported by compiler"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]