From: Brian Gerst <brgerst@gmail.com>
To: linux-kernel@vger.kernel.org, x86@kernel.org
Cc: Ingo Molnar <mingo@kernel.org>, "H . Peter Anvin" <hpa@zytor.com>,
Thomas Gleixner <tglx@linutronix.de>,
Borislav Petkov <bp@alien8.de>, Ard Biesheuvel <ardb@kernel.org>,
Uros Bizjak <ubizjak@gmail.com>, Brian Gerst <brgerst@gmail.com>
Subject: [PATCH v5 07/16] x86/module: Deal with GOT based stack cookie load on Clang < 17
Date: Tue, 5 Nov 2024 10:57:52 -0500 [thread overview]
Message-ID: <20241105155801.1779119-8-brgerst@gmail.com> (raw)
In-Reply-To: <20241105155801.1779119-1-brgerst@gmail.com>
From: Ard Biesheuvel <ardb@kernel.org>
Clang versions before 17 will not honour -fdirect-access-external-data
for the load of the stack cookie emitted into each function's prologue
and epilogue.
This is not an issue for the core kernel, as the linker will relax these
loads into LEA instructions that take the address of __stack_chk_guard
directly. For modules, however, we need to work around this, by dealing
with R_X86_64_REX_GOTPCRELX relocations that refer to __stack_chk_guard.
In this case, given that this is a GOT load, the reference should not
refer to __stack_chk_guard directly, but to a memory location that holds
its address. So take the address of __stack_chk_guard into a static
variable, and fix up the relocations to refer to that.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Brian Gerst <brgerst@gmail.com>
---
arch/x86/include/asm/elf.h | 3 ++-
arch/x86/kernel/module.c | 15 +++++++++++++++
2 files changed, 17 insertions(+), 1 deletion(-)
diff --git a/arch/x86/include/asm/elf.h b/arch/x86/include/asm/elf.h
index 1fb83d47711f..0d6ca771549d 100644
--- a/arch/x86/include/asm/elf.h
+++ b/arch/x86/include/asm/elf.h
@@ -55,7 +55,8 @@ typedef struct user_i387_struct elf_fpregset_t;
#define R_X86_64_JUMP_SLOT 7 /* Create PLT entry */
#define R_X86_64_RELATIVE 8 /* Adjust by program base */
#define R_X86_64_GOTPCREL 9 /* 32 bit signed pc relative
- offset to GOT */
+#define R_X86_64_GOTPCRELX 41 offset to GOT */
+#define R_X86_64_REX_GOTPCRELX 42
#define R_X86_64_32 10 /* Direct 32 bit zero extended */
#define R_X86_64_32S 11 /* Direct 32 bit sign extended */
#define R_X86_64_16 12 /* Direct 16 bit zero extended */
diff --git a/arch/x86/kernel/module.c b/arch/x86/kernel/module.c
index 837450b6e882..9929be7a76e7 100644
--- a/arch/x86/kernel/module.c
+++ b/arch/x86/kernel/module.c
@@ -19,6 +19,7 @@
#include <linux/jump_label.h>
#include <linux/random.h>
#include <linux/memory.h>
+#include <linux/stackprotector.h>
#include <asm/text-patching.h>
#include <asm/page.h>
@@ -130,6 +131,20 @@ static int __write_relocate_add(Elf64_Shdr *sechdrs,
goto overflow;
size = 4;
break;
+#if defined(CONFIG_STACKPROTECTOR) && \
+ defined(CONFIG_CC_IS_CLANG) && CONFIG_CLANG_VERSION < 170000
+ case R_X86_64_REX_GOTPCRELX: {
+ static unsigned long __percpu *const addr = &__stack_chk_guard;
+
+ if (sym->st_value != (u64)addr) {
+ pr_err("%s: Unsupported GOTPCREL relocation\n", me->name);
+ return -ENOEXEC;
+ }
+
+ val = (u64)&addr + rel[i].r_addend;
+ fallthrough;
+ }
+#endif
case R_X86_64_PC32:
case R_X86_64_PLT32:
val -= (u64)loc;
--
2.47.0
next prev parent reply other threads:[~2024-11-05 15:58 UTC|newest]
Thread overview: 67+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-05 15:57 [PATCH v5 00/16] x86-64: Stack protector and percpu improvements Brian Gerst
2024-11-05 15:57 ` [PATCH v5 01/16] x86/stackprotector: Work around strict Clang TLS symbol requirements Brian Gerst
2024-11-05 19:30 ` Nathan Chancellor
2024-11-08 14:43 ` [tip: x86/urgent] " tip-bot2 for Ard Biesheuvel
2024-12-06 11:51 ` [PATCH v5 01/16] " Oleg Nesterov
2024-12-06 14:09 ` Brian Gerst
2024-12-06 14:28 ` Oleg Nesterov
2024-12-06 12:32 ` [PATCH] x86/stackprotector: fix build failure with CONFIG_STACKPROTECTOR=n Oleg Nesterov
2024-12-06 13:17 ` Ard Biesheuvel
2024-12-06 14:21 ` Oleg Nesterov
2024-12-06 14:37 ` Ard Biesheuvel
2024-12-06 15:12 ` Brian Gerst
2024-12-06 15:17 ` Ard Biesheuvel
2025-03-10 21:44 ` Borislav Petkov
2025-03-10 22:19 ` Ard Biesheuvel
2025-03-11 10:23 ` Borislav Petkov
2025-03-11 10:37 ` Ard Biesheuvel
2025-03-11 11:21 ` Borislav Petkov
2025-03-11 13:13 ` Borislav Petkov
2025-03-11 14:37 ` Oleg Nesterov
2025-03-11 17:46 ` Borislav Petkov
2025-03-11 18:10 ` Oleg Nesterov
2025-03-11 19:01 ` Borislav Petkov
2025-03-11 19:24 ` Oleg Nesterov
2025-03-11 21:27 ` Brian Gerst
2025-03-11 21:42 ` Oleg Nesterov
2025-03-11 21:47 ` Brian Gerst
2025-03-12 9:28 ` Borislav Petkov
2024-11-05 15:57 ` [PATCH v5 02/16] x86: Raise minimum GCC version to 8.1 Brian Gerst
2024-12-05 11:44 ` Ard Biesheuvel
2024-12-05 16:05 ` Brian Gerst
2025-01-14 16:25 ` Borislav Petkov
2024-11-05 15:57 ` [PATCH v5 03/16] x86/stackprotector: Remove stack protector test scripts Brian Gerst
2024-11-07 13:19 ` Uros Bizjak
2024-11-05 15:57 ` [PATCH v5 04/16] x86/boot: Disable stack protector for early boot code Brian Gerst
2024-11-05 15:57 ` [PATCH v5 05/16] x86/pvh: Use fixed_percpu_data for early boot GSBASE Brian Gerst
2024-11-07 14:30 ` Uros Bizjak
2024-11-05 15:57 ` [PATCH v5 06/16] x86/relocs: Handle R_X86_64_REX_GOTPCRELX relocations Brian Gerst
2024-11-07 11:20 ` Uros Bizjak
2024-11-07 11:27 ` Brian Gerst
2024-11-07 11:31 ` Uros Bizjak
2024-11-05 15:57 ` Brian Gerst [this message]
2024-11-09 9:36 ` [PATCH v5 07/16] x86/module: Deal with GOT based stack cookie load on Clang < 17 David Laight
2024-11-05 15:57 ` [PATCH v5 08/16] x86/stackprotector/64: Convert to normal percpu variable Brian Gerst
2024-11-07 13:29 ` Uros Bizjak
2025-02-15 14:27 ` Borislav Petkov
2025-02-15 17:38 ` Brian Gerst
2025-02-15 21:18 ` Borislav Petkov
2025-02-15 22:10 ` Brian Gerst
2025-02-16 8:33 ` Borislav Petkov
2024-11-05 15:57 ` [PATCH v5 09/16] x86/percpu/64: Use relative percpu offsets Brian Gerst
2024-11-07 11:28 ` Uros Bizjak
2024-11-07 12:05 ` Brian Gerst
2024-11-07 13:34 ` Uros Bizjak
2024-11-05 15:57 ` [PATCH v5 10/16] x86/percpu/64: Remove fixed_percpu_data Brian Gerst
2024-11-07 13:32 ` Uros Bizjak
2024-11-05 15:57 ` [PATCH v5 11/16] x86/boot/64: Remove inverse relocations Brian Gerst
2024-11-05 15:57 ` [PATCH v5 12/16] x86/percpu/64: Remove INIT_PER_CPU macros Brian Gerst
2024-11-07 13:59 ` Uros Bizjak
2024-11-05 15:57 ` [PATCH v5 13/16] percpu: Remove PER_CPU_FIRST_SECTION Brian Gerst
2024-11-05 15:57 ` [PATCH v5 14/16] percpu: Remove PERCPU_VADDR() Brian Gerst
2024-11-05 15:58 ` [PATCH v5 15/16] percpu: Remove __per_cpu_load Brian Gerst
2024-11-05 15:58 ` [PATCH v5 16/16] kallsyms: Remove KALLSYMS_ABSOLUTE_PERCPU Brian Gerst
2024-11-09 9:31 ` [PATCH v5 00/16] x86-64: Stack protector and percpu improvements David Laight
2024-11-09 15:11 ` Brian Gerst
2024-11-09 21:27 ` David Laight
2025-01-04 9:14 ` Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241105155801.1779119-8-brgerst@gmail.com \
--to=brgerst@gmail.com \
--cc=ardb@kernel.org \
--cc=bp@alien8.de \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=tglx@linutronix.de \
--cc=ubizjak@gmail.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.