* [PATCH] purgatory: force PIC/PIE/SSP off
@ 2015-04-16 5:15 Mike Frysinger
2015-04-16 7:30 ` Laurent Dufour
0 siblings, 1 reply; 4+ messages in thread
From: Mike Frysinger @ 2015-04-16 5:15 UTC (permalink / raw)
To: kexec; +Cc: Mike Frysinger
From: Mike Frysinger <vapier@chromium.org>
If the toolchain has these things turned on automatically, then the
purgatory code might be miscompiled leading to runtime errors like:
Unhandled rela relocation: R_X86_64_GOTPC64
It might look like the problem is with the kernel when in reality,
kexec is complaining about the purgatory module. Force off harden
features that don't make sense in kernel space.
Signed-off-by: Mike Frysinger <vapier@chromium.org>
---
purgatory/Makefile | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/purgatory/Makefile b/purgatory/Makefile
index 2d6b2c0..2b5c061 100644
--- a/purgatory/Makefile
+++ b/purgatory/Makefile
@@ -49,7 +49,8 @@ $(PURGATORY): CC=$(TARGET_CC)
$(PURGATORY): CFLAGS+=$(PURGATORY_EXTRA_CFLAGS) \
$($(ARCH)_PURGATORY_EXTRA_CFLAGS) \
-Os -fno-builtin -ffreestanding \
- -fno-zero-initialized-in-bss
+ -fno-zero-initialized-in-bss \
+ -fno-PIC -fno-PIE -fno-stack-protector
$(PURGATORY): CPPFLAGS=$($(ARCH)_PURGATORY_EXTRA_CFLAGS) \
-I$(srcdir)/purgatory/include \
--
2.3.5
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] purgatory: force PIC/PIE/SSP off
2015-04-16 5:15 [PATCH] purgatory: force PIC/PIE/SSP off Mike Frysinger
@ 2015-04-16 7:30 ` Laurent Dufour
2015-04-16 7:39 ` [PATCH v2] " Mike Frysinger
0 siblings, 1 reply; 4+ messages in thread
From: Laurent Dufour @ 2015-04-16 7:30 UTC (permalink / raw)
To: Mike Frysinger, kexec; +Cc: Mike Frysinger
On 16/04/2015 07:15, Mike Frysinger wrote:
> From: Mike Frysinger <vapier@chromium.org>
>
> If the toolchain has these things turned on automatically, then the
> purgatory code might be miscompiled leading to runtime errors like:
> Unhandled rela relocation: R_X86_64_GOTPC64
>
> It might look like the problem is with the kernel when in reality,
> kexec is complaining about the purgatory module. Force off harden
> features that don't make sense in kernel space.
>
> Signed-off-by: Mike Frysinger <vapier@chromium.org>
> ---
> purgatory/Makefile | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/purgatory/Makefile b/purgatory/Makefile
> index 2d6b2c0..2b5c061 100644
> --- a/purgatory/Makefile
> +++ b/purgatory/Makefile
> @@ -49,7 +49,8 @@ $(PURGATORY): CC=$(TARGET_CC)
> $(PURGATORY): CFLAGS+=$(PURGATORY_EXTRA_CFLAGS) \
> $($(ARCH)_PURGATORY_EXTRA_CFLAGS) \
> -Os -fno-builtin -ffreestanding \
> - -fno-zero-initialized-in-bss
> + -fno-zero-initialized-in-bss \
> + -fno-PIC -fno-PIE -fno-stack-protector
Some architectures (ppc64 and s390) are already setting
-fno-stack-protector in purgatory/arch/x/Makefile through
x_PURGATORY_EXTRA_CFLAGS.
It would be cleaner to remove those per architecture settings if you set
it globally.
Cheers,
Laurent.
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH v2] purgatory: force PIC/PIE/SSP off
2015-04-16 7:30 ` Laurent Dufour
@ 2015-04-16 7:39 ` Mike Frysinger
2015-04-30 5:05 ` Simon Horman
0 siblings, 1 reply; 4+ messages in thread
From: Mike Frysinger @ 2015-04-16 7:39 UTC (permalink / raw)
To: kexec
From: Mike Frysinger <vapier@chromium.org>
If the toolchain has these things turned on automatically, then the
purgatory code might be miscompiled leading to runtime errors like:
Unhandled rela relocation: R_X86_64_GOTPC64
It might look like the problem is with the kernel when in reality,
kexec is complaining about the purgatory module. Force off harden
features that don't make sense in kernel space.
Signed-off-by: Mike Frysinger <vapier@chromium.org>
---
Note: I suspect this patch fixes a semi-recent report:
http://lists.infradead.org/pipermail/kexec/2015-February/013305.html
v2:
- clean up ssp flags in arch subdirs
purgatory/Makefile | 3 ++-
purgatory/arch/ppc64/Makefile | 2 +-
purgatory/arch/s390/Makefile | 1 -
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/purgatory/Makefile b/purgatory/Makefile
index 2d6b2c0..2b5c061 100644
--- a/purgatory/Makefile
+++ b/purgatory/Makefile
@@ -49,7 +49,8 @@ $(PURGATORY): CC=$(TARGET_CC)
$(PURGATORY): CFLAGS+=$(PURGATORY_EXTRA_CFLAGS) \
$($(ARCH)_PURGATORY_EXTRA_CFLAGS) \
-Os -fno-builtin -ffreestanding \
- -fno-zero-initialized-in-bss
+ -fno-zero-initialized-in-bss \
+ -fno-PIC -fno-PIE -fno-stack-protector
$(PURGATORY): CPPFLAGS=$($(ARCH)_PURGATORY_EXTRA_CFLAGS) \
-I$(srcdir)/purgatory/include \
diff --git a/purgatory/arch/ppc64/Makefile b/purgatory/arch/ppc64/Makefile
index 6c58fa2..8ca2719 100644
--- a/purgatory/arch/ppc64/Makefile
+++ b/purgatory/arch/ppc64/Makefile
@@ -9,7 +9,7 @@ ppc64_PURGATORY_SRCS += purgatory/arch/ppc64/console-ppc64.c
ppc64_PURGATORY_SRCS += purgatory/arch/ppc64/crashdump_backup.c
ppc64_PURGATORY_SRCS += purgatory/arch/ppc64/misc.S
-ppc64_PURGATORY_EXTRA_CFLAGS += -m64 -msoft-float -fno-stack-protector \
+ppc64_PURGATORY_EXTRA_CFLAGS += -m64 -msoft-float \
-fno-exceptions
ppc64_PURGATORY_EXTRA_ASFLAGS += -m64
ifeq ($(SUBARCH),BE)
diff --git a/purgatory/arch/s390/Makefile b/purgatory/arch/s390/Makefile
index 09749bd..c94cc3c 100644
--- a/purgatory/arch/s390/Makefile
+++ b/purgatory/arch/s390/Makefile
@@ -2,7 +2,6 @@
# Purgatory s390
#
-s390_PURGATORY_EXTRA_CFLAGS += -fno-stack-protector
s390_PURGATORY_SRCS += purgatory/arch/s390/console-s390.c
s390_PURGATORY_SRCS += purgatory/arch/s390/setup-s390.S
s390_PURGATORY_SRCS += purgatory/arch/s390/purgatory-s390.c
--
2.3.5
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH v2] purgatory: force PIC/PIE/SSP off
2015-04-16 7:39 ` [PATCH v2] " Mike Frysinger
@ 2015-04-30 5:05 ` Simon Horman
0 siblings, 0 replies; 4+ messages in thread
From: Simon Horman @ 2015-04-30 5:05 UTC (permalink / raw)
To: Mike Frysinger; +Cc: kexec
On Thu, Apr 16, 2015 at 03:39:26AM -0400, Mike Frysinger wrote:
> From: Mike Frysinger <vapier@chromium.org>
>
> If the toolchain has these things turned on automatically, then the
> purgatory code might be miscompiled leading to runtime errors like:
> Unhandled rela relocation: R_X86_64_GOTPC64
>
> It might look like the problem is with the kernel when in reality,
> kexec is complaining about the purgatory module. Force off harden
> features that don't make sense in kernel space.
>
> Signed-off-by: Mike Frysinger <vapier@chromium.org>
thanks, applied.
> ---
> Note: I suspect this patch fixes a semi-recent report:
> http://lists.infradead.org/pipermail/kexec/2015-February/013305.html
>
> v2:
> - clean up ssp flags in arch subdirs
>
> purgatory/Makefile | 3 ++-
> purgatory/arch/ppc64/Makefile | 2 +-
> purgatory/arch/s390/Makefile | 1 -
> 3 files changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/purgatory/Makefile b/purgatory/Makefile
> index 2d6b2c0..2b5c061 100644
> --- a/purgatory/Makefile
> +++ b/purgatory/Makefile
> @@ -49,7 +49,8 @@ $(PURGATORY): CC=$(TARGET_CC)
> $(PURGATORY): CFLAGS+=$(PURGATORY_EXTRA_CFLAGS) \
> $($(ARCH)_PURGATORY_EXTRA_CFLAGS) \
> -Os -fno-builtin -ffreestanding \
> - -fno-zero-initialized-in-bss
> + -fno-zero-initialized-in-bss \
> + -fno-PIC -fno-PIE -fno-stack-protector
>
> $(PURGATORY): CPPFLAGS=$($(ARCH)_PURGATORY_EXTRA_CFLAGS) \
> -I$(srcdir)/purgatory/include \
> diff --git a/purgatory/arch/ppc64/Makefile b/purgatory/arch/ppc64/Makefile
> index 6c58fa2..8ca2719 100644
> --- a/purgatory/arch/ppc64/Makefile
> +++ b/purgatory/arch/ppc64/Makefile
> @@ -9,7 +9,7 @@ ppc64_PURGATORY_SRCS += purgatory/arch/ppc64/console-ppc64.c
> ppc64_PURGATORY_SRCS += purgatory/arch/ppc64/crashdump_backup.c
> ppc64_PURGATORY_SRCS += purgatory/arch/ppc64/misc.S
>
> -ppc64_PURGATORY_EXTRA_CFLAGS += -m64 -msoft-float -fno-stack-protector \
> +ppc64_PURGATORY_EXTRA_CFLAGS += -m64 -msoft-float \
> -fno-exceptions
> ppc64_PURGATORY_EXTRA_ASFLAGS += -m64
> ifeq ($(SUBARCH),BE)
> diff --git a/purgatory/arch/s390/Makefile b/purgatory/arch/s390/Makefile
> index 09749bd..c94cc3c 100644
> --- a/purgatory/arch/s390/Makefile
> +++ b/purgatory/arch/s390/Makefile
> @@ -2,7 +2,6 @@
> # Purgatory s390
> #
>
> -s390_PURGATORY_EXTRA_CFLAGS += -fno-stack-protector
> s390_PURGATORY_SRCS += purgatory/arch/s390/console-s390.c
> s390_PURGATORY_SRCS += purgatory/arch/s390/setup-s390.S
> s390_PURGATORY_SRCS += purgatory/arch/s390/purgatory-s390.c
> --
> 2.3.5
>
>
> _______________________________________________
> kexec mailing list
> kexec@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/kexec
>
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2015-04-30 5:06 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-04-16 5:15 [PATCH] purgatory: force PIC/PIE/SSP off Mike Frysinger
2015-04-16 7:30 ` Laurent Dufour
2015-04-16 7:39 ` [PATCH v2] " Mike Frysinger
2015-04-30 5:05 ` Simon Horman
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox