From: Volodymyr Babchuk <Volodymyr_Babchuk@epam.com>
To: "oleksii.kurochko@gmail.com" <oleksii.kurochko@gmail.com>
Cc: Jan Beulich <jbeulich@suse.com>,
Alistair Francis <alistair.francis@wdc.com>,
Bob Eshleman <bobbyeshleman@gmail.com>,
Connor Davis <connojdavis@gmail.com>,
Andrew Cooper <andrew.cooper3@citrix.com>,
Julien Grall <julien@xen.org>,
Stefano Stabellini <sstabellini@kernel.org>,
"xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>
Subject: Re: [PATCH v2 4/4] xen: riscv: enable stack protector feature
Date: Tue, 3 Dec 2024 19:30:15 +0000 [thread overview]
Message-ID: <87ttbk4la1.fsf@epam.com> (raw)
In-Reply-To: <f6bcf4dac683b1ebd89cdbfa33777c64c2df4637.camel@gmail.com> (oleksii kurochko's message of "Mon, 02 Dec 2024 10:56:04 +0100")
Hello Oleksii,
oleksii.kurochko@gmail.com writes:
> On Mon, 2024-12-02 at 09:12 +0100, Jan Beulich wrote:
>> On 30.11.2024 02:10, Volodymyr Babchuk wrote:
>> > Enable previously added CONFIG_STACK_PROTECTOR feature for RISC-V
>> > platform. Here we can call boot_stack_chk_guard_setup() in
>> > start_xen()
>> > function, because it never returns, so stack protector code will
>> > not
>> > be triggered because of changed canary.
>> >
>> > Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
>> > Tested-by: Oleksii Kurochko <oleksii.kurochko@gmail.com>
>>
>> Isn't this premature? For ...
>>
>> > @@ -57,6 +58,8 @@ void __init noreturn start_xen(unsigned long
>> > bootcpu_id,
>> > if ( !boot_fdt_info(device_tree_flattened, dtb_addr) )
>> > BUG();
>> >
>> > + boot_stack_chk_guard_setup();
>>
>> ... this function's use of get_random(), either arch_get_random()
>> needs
>> to be implemented, or (as Julien also pointed out for Arm64) NOW()
>> needs
>> to work. Yet get_s_time() presently expands to just BUG_ON(). Given
>> this
>> it's not even clear to me how Oleksii managed to actually test this.
> Okay, I think I found what is the problem and why my testing on staging
> wasn't really correct.
>
> In xen/include/xen/stack_protector.h (
> https://patchew.org/Xen/20241130010954.36057-1-volodymyr._5Fbabchuk@epam.com/20241130010954.36057-3-volodymyr._5Fbabchuk@epam.com/
> ) CONFIG_STACKPROTECTOR is used for ifdef-ing so the stub version of
> boot_stack_chk_guard_setup() is used and there is no need for
> get_random() implementation:
> 1. Shouldn't it be /s/CONFIG_STACKPROTECTOR/CONFIG_STACK_PROTECTOR ?
> 2. CONFIG_STACK_PROTECTOR isn't set in case of RISC-V, at least:
> grep -Rni "STACK_PROTECTOR" xen/.config
> 38:CONFIG_HAS_STACK_PROTECTOR=y
> 76:# CONFIG_STACK_PROTECTOR is not set
>
> Shouldn't it be default HAS_STACK_PROTECTOR ( or something similar )
> for 'config STACK_PROTECTOR':
> diff --git a/xen/common/Kconfig b/xen/common/Kconfig
> index 0ffd825510..f3156dbb9a 100644
> --- a/xen/common/Kconfig
> +++ b/xen/common/Kconfig
> @@ -521,6 +521,7 @@ config TRACEBUFFER
>
> config STACK_PROTECTOR
> bool "Stack protection"
> + default HAS_STACK_PROTECTOR
> depends on HAS_STACK_PROTECTOR
> help
> Use compiler's option -fstack-protector (supported both by
> GCC
>
> With these changes, I can confirm Jan's statement that the BUG_ON()
> occurs due to the absence of the get_random()/NOW() implementation.
>
> My second test (on my downstream branch) wasn't relevant because
> get_s_time() and NOW() are implemented there.
>
>
> Aside from the changes I mentioned above, I can re-send this patch when
> I submit the patch enabling get_s_time() and NOW() for RISC-V. If you,
> Volodymyr, are okay with that, we can proceed in this way.
Thank you for testing this once more. I'll drop this patch from v3 then, so
you'll be able to include it into your series.
--
WBR, Volodymyr
prev parent reply other threads:[~2024-12-03 19:30 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-30 1:10 [PATCH v2 0/4] Add stack protector Volodymyr Babchuk
2024-11-30 1:10 ` [PATCH v2 2/4] xen: common: add ability to enable " Volodymyr Babchuk
2024-12-02 8:29 ` Jan Beulich
2024-12-03 20:33 ` Andrew Cooper
2024-12-05 3:34 ` Volodymyr Babchuk
2024-12-05 12:52 ` Andrew Cooper
2024-11-30 1:10 ` [PATCH v2 1/4] common: remove -fno-stack-protector from EMBEDDED_EXTRA_CFLAGS Volodymyr Babchuk
2024-12-02 8:06 ` Jan Beulich
2024-12-02 10:32 ` Andrew Cooper
2024-12-02 11:31 ` Jan Beulich
2024-11-30 1:10 ` [PATCH v2 3/4] xen: arm: enable stack protector feature Volodymyr Babchuk
2024-11-30 17:06 ` Julien Grall
2024-12-03 22:00 ` Andrew Cooper
2024-12-03 23:16 ` Julien Grall
2024-12-05 19:23 ` Andrew Cooper
2024-12-06 4:46 ` Volodymyr Babchuk
2024-12-09 9:36 ` Jan Beulich
2024-12-09 12:45 ` Volodymyr Babchuk
2024-11-30 1:10 ` [PATCH v2 4/4] xen: riscv: " Volodymyr Babchuk
2024-12-02 8:12 ` Jan Beulich
2024-12-02 8:54 ` oleksii.kurochko
2024-12-02 9:56 ` oleksii.kurochko
2024-12-03 19:30 ` Volodymyr Babchuk [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87ttbk4la1.fsf@epam.com \
--to=volodymyr_babchuk@epam.com \
--cc=alistair.francis@wdc.com \
--cc=andrew.cooper3@citrix.com \
--cc=bobbyeshleman@gmail.com \
--cc=connojdavis@gmail.com \
--cc=jbeulich@suse.com \
--cc=julien@xen.org \
--cc=oleksii.kurochko@gmail.com \
--cc=sstabellini@kernel.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.