Eric Lee / smarc-fsl-linux-kernel

11 May, 2019

1 commit

  • 259799ea5   gcc-plugins: arm_ssp_per_task_plugin: Fix for older GCC < 6 ... Browse Code »

    Use gen_rtx_set instead of gen_rtx_SET. The former is a wrapper macro
    that handles the difference between GCC versions implementing
    the latter.

    This fixes the following error on my system with g++ 5.4.0 as the host
    compiler

    HOSTCXX -fPIC scripts/gcc-plugins/arm_ssp_per_task_plugin.o
    scripts/gcc-plugins/arm_ssp_per_task_plugin.c:42:14: error: macro "gen_rtx_SET" requires 3 arguments, but only 2 given
    mask)),
    ^
    scripts/gcc-plugins/arm_ssp_per_task_plugin.c: In function ‘unsigned int arm_pertask_ssp_rtl_execute()’:
    scripts/gcc-plugins/arm_ssp_per_task_plugin.c:39:20: error: ‘gen_rtx_SET’ was not declared in this scope
    emit_insn_before(gen_rtx_SET

    Signed-off-by: Chris Packham
    Fixes: 189af4657186 ("ARM: smp: add support for per-task stack canaries")
    Cc: stable@vger.kernel.org
    Tested-by: Douglas Anderson
    Signed-off-by: Kees Cook

    Chris Packham
     

21 Jan, 2019

2 commits

  • 2c88c742d   gcc-plugins: arm_ssp_per_task_plugin: fix for GCC 9+ ... Browse Code »

    GCC 9 reworks the way the references to the stack canary are
    emitted, to prevent the value from being spilled to the stack
    before the final comparison in the epilogue, defeating the
    purpose, given that the spill slot is under control of the
    attacker that we are protecting ourselves from.

    Since our canary value address is obtained without accessing
    memory (as opposed to pre-v7 code that will obtain it from a
    literal pool), it is unlikely (although not guaranteed) that
    the compiler will spill the canary value in the same way, so
    let's just disable this improvement when building with GCC9+.

    Signed-off-by: Ard Biesheuvel
    Signed-off-by: Kees Cook

    Ard Biesheuvel
     
  • 560706d5d   gcc-plugins: arm_ssp_per_task_plugin: sign extend the SP mask ... Browse Code »

    The ARM per-task stack protector GCC plugin hits an assert in
    the compiler in some case, due to the fact the the SP mask
    expression is not sign-extended as it should be. So fix that.

    Suggested-by: Kugan Vivekanandarajah
    Signed-off-by: Ard Biesheuvel
    Signed-off-by: Kees Cook

    Ard Biesheuvel
     

13 Dec, 2018

1 commit

  • 189af4657   ARM: smp: add support for per-task stack canaries ... Browse Code »

    On ARM, we currently only change the value of the stack canary when
    switching tasks if the kernel was built for UP. On SMP kernels, this
    is impossible since the stack canary value is obtained via a global
    symbol reference, which means
    a) all running tasks on all CPUs must use the same value
    b) we can only modify the value when no kernel stack frames are live
    on any CPU, which is effectively never.

    So instead, use a GCC plugin to add a RTL pass that replaces each
    reference to the address of the __stack_chk_guard symbol with an
    expression that produces the address of the 'stack_canary' field
    that is added to struct thread_info. This way, each task will use
    its own randomized value.

    Cc: Russell King
    Cc: Kees Cook
    Cc: Emese Revfy
    Cc: Arnd Bergmann
    Cc: Laura Abbott
    Cc: kernel-hardening@lists.openwall.com
    Acked-by: Nicolas Pitre
    Signed-off-by: Ard Biesheuvel
    Signed-off-by: Kees Cook

    Ard Biesheuvel