From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-qt1-f179.google.com (mail-qt1-f179.google.com [209.85.160.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AD4691ADC6B for ; Thu, 23 Jan 2025 19:08:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.179 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737659282; cv=none; b=jKP+DdQICdpLp4df60B6hVNYJTrAI6idNog+oMfDGON20cW+c8ETLWAtotcQe+7CqPlyb180zkiytwhoBhB/nguKsM3YB4cVIYwTENEzL62n+m3FCEsJpBiWIZTJrDoRqeUbDhAz/Z1PXrVTHCjf7wAPqeKsY6WURamNvPUsmXw= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737659282; c=relaxed/simple; bh=HXT857HI/GT1wv6dwR3xqCnhlhq2CXOVCsqoYL5wf4Q=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=jCTdRrK5OXb07kQf9tMj5m4Tn5xUfLY4hTMfJpXS+rbciEKJU94ghVZWcjKeMsG7LHGgQCZub480pUeo/xWxue+wZ41SyhM+iRZ+HzBRkH4btPO5DAwum/PzXx+lyaeVCaSUn5LOWzBOq9YFrTNXHKiXanCO5GBBz+U5r27ieCw= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=bdTeKguk; arc=none smtp.client-ip=209.85.160.179 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="bdTeKguk" Received: by mail-qt1-f179.google.com with SMTP id d75a77b69052e-4679ea3b13bso10456891cf.1 for ; Thu, 23 Jan 2025 11:08:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1737659279; x=1738264079; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=m1RtC1B+/gGlGEEDGqPPqPWp8BQI75UwQ1lUG58RUBc=; b=bdTeKgukjJER80QPjTk9BDohKPZ8ARii+AlWaTp0eAlfJUGgU9tjf8lk/1KPglWkyz odxzFolwHpoHkfSnNdW7kgZD/lp1H7SUzSdl2MKQQXVWRrqn89hvoyEzhBynqmd0YLre BpG9feQrhH5rKP+nMvGHLIOjr52qzxINl+v7vQF3V5sJ4P5iaaLDdrMz0F6LgSJb5M3j 307Ve8vzkAh3MeJILCITJg8qJarw4fexAcCYTpz7DowT2TfUWjnKQ6yClPZu0hSzAPR1 fhqDtt7nKJSSQ0VY7jpuDzdnDqIxipS77wAlq7bBMVMJc8rgcuAftZSBHv1l3dJz3LeM qzHQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737659279; x=1738264079; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=m1RtC1B+/gGlGEEDGqPPqPWp8BQI75UwQ1lUG58RUBc=; b=Ti5CP8hYaqtxxPLLgenSU4WVfboRAMo+ew8N84VkMH0wKbiUVN38mYa6HVEUzx5b0s fByLw0VFkkwEcP+VLnGcjcv5UpDkQCDAiAGCFrbsMnJh4b9zltQXZs58VWuSgQ2Xgn1u UUJmGHuF67+uDyiO1smxrRDlHlUZN4jZF9EF+VUbxRqD+F0cSouCOsDKxm3b+kUwRAzt XT9JwaBH+Leelq0ZS09YIOFBLUKu1nqONjGU3FJQKZ7bhsvQHqDfsZkpj7Xv3QyrPRYd XmGOi8JUm7lWXo3LjWagkyYmFBDZCJeeyhY0TJdSL2VtzxhpFbXCOGrbhv9TUZvG/S0z ijow== X-Gm-Message-State: AOJu0YycGm+kSFjQ2Hd5WTO9QdFjaVSq1re+Kct5Qt2JklTndnlL/3BD YvDlvhoJJX582igAHYBzwztJfOWVZDZ0YwEZrCa4f7ApSrBm0ZnhvXMa X-Gm-Gg: ASbGnct4+in4V4IAbhqLBxkcxoO7d+Fm79rw6VpMfnef9WDL3LVBuQYcXajPpOrOZel NS//sLGFY3OCcAFED2YCX8Ghi1rR20klgRadN4VVKhRBYCbCl8SFMBYFv4SFF48hXnqw9l03lx8 ewrH5gHQ2JWkWWAUL2SI3CMb8m7aSHliJw8gkzfnBWhkABoUrTHwFBxLVPUgm+7QspbYC2+uVtA /hrfv5CyjKLWBeMp9fUz/Dmd79hTcg6dXiKak7Wl0aqkrSh6At5NPQb2wey3g== X-Google-Smtp-Source: AGHT+IFhvpRepeLUULUqlybv+mzq0xtoslCVvae9sKgN+0cpRWTMbgR38FboDvZ+v7q0DUPygDFCcg== X-Received: by 2002:a05:622a:1820:b0:466:a824:751c with SMTP id d75a77b69052e-46e12a9cabcmr362676511cf.29.1737659279210; Thu, 23 Jan 2025 11:07:59 -0800 (PST) Received: from citadel.lan ([2600:6c4a:4d3f:6d5c::1019]) by smtp.gmail.com with ESMTPSA id d75a77b69052e-46e66b880b6sm1768021cf.69.2025.01.23.11.07.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 23 Jan 2025 11:07:58 -0800 (PST) From: Brian Gerst To: linux-kernel@vger.kernel.org, x86@kernel.org Cc: Ingo Molnar , "H . Peter Anvin" , Thomas Gleixner , Borislav Petkov , Ard Biesheuvel , Uros Bizjak , Brian Gerst Subject: [PATCH v6 03/15] x86/boot: Disable stack protector for early boot code Date: Thu, 23 Jan 2025 14:07:35 -0500 Message-ID: <20250123190747.745588-4-brgerst@gmail.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20250123190747.745588-1-brgerst@gmail.com> References: <20250123190747.745588-1-brgerst@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit On 64-bit, this will prevent crashes when the canary access is changed from %gs:40 to %gs:__stack_chk_guard(%rip). RIP-relative addresses from the identity-mapped early boot code will target the wrong address with zero-based percpu. KASLR could then shift that address to an unmapped page causing a crash on boot. This early boot code runs well before userspace is active and does not need stack protector enabled. Signed-off-by: Brian Gerst Reviewed-by: Ard Biesheuvel --- arch/x86/kernel/Makefile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile index b43eb7e384eb..84cfa179802c 100644 --- a/arch/x86/kernel/Makefile +++ b/arch/x86/kernel/Makefile @@ -44,6 +44,8 @@ KCOV_INSTRUMENT_unwind_orc.o := n KCOV_INSTRUMENT_unwind_frame.o := n KCOV_INSTRUMENT_unwind_guess.o := n +CFLAGS_head32.o := -fno-stack-protector +CFLAGS_head64.o := -fno-stack-protector CFLAGS_irq.o := -I $(src)/../include/asm/trace obj-y += head_$(BITS).o -- 2.47.1