From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-qt1-f182.google.com (mail-qt1-f182.google.com [209.85.160.182])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id ED3F3186E20
	for <linux-kernel@vger.kernel.org>; Thu, 23 Jan 2025 19:08:04 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.182
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1737659286; cv=none; b=aDhTok5lL0R5MsNXGbvfqjrCvmUV+fsqjszN/DvikK55r1H83GRgCQ3iAkHIKFExjgstVYaqnKAgpsoBtewEadASfCw3InuNEjDtYg0hnwZH8A+AskogznW5piYfX2dUCib/zxEEYQ6XDZN7xCeEHR08Dv2B0G+LpuE6cxU2OOE=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1737659286; c=relaxed/simple;
	bh=cQTQCq7MFpFfimJvMJ3YRR3Q9T50HKqHoKlOrQqBDns=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version; b=azIbgLFoXmHwBoXrjVFRSTdAga8GLA2fsBJR6MKOz5eB3CNiF/id9YknTsjhrQMEJ7p1srXhpPKff6lg6KeRKdzMUCXDAu5d9xisU7Y1jU9UdhzLh2YtCMHvsrtpn8v/+SHgxZnzSIkSwIZno4rOADZbQXUTLKSwkJ9HbKQ0YyI=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=EU1Lwxl0; arc=none smtp.client-ip=209.85.160.182
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="EU1Lwxl0"
Received: by mail-qt1-f182.google.com with SMTP id d75a77b69052e-467b74a1754so16367491cf.1
        for <linux-kernel@vger.kernel.org>; Thu, 23 Jan 2025 11:08:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1737659283; x=1738264083; darn=vger.kernel.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=SKMeShTr5yIEEuySQxpHmJWUqDYpyI8ElDfHkF9VXP0=;
        b=EU1Lwxl0emL2R20MV0EXbJOsFaJYMW9s0ofqf1gnseQVKNC4VWo7196Iyu4jZ0RCMx
         GgdwksBSgDhRq7pnicswOGUGX+2ULQK4vSpDk6mtzh9kg9Jq9ha0Z/rco5v7s9wxOHtT
         1KorNET8zjn9KYei0hcDS+F5eyy7rrGnXGYDUYV/Mx0lgRp9eerwpT8K8oZZfA+Mtt0s
         wo6UqB8vBkdGJQcppk0TnI/64MjdefP434nXc5yWFeVVxGun3nqacM0H/2gM1+oDYj1F
         gI6dWsRon4DJILeOX3zafJyshD4uOF6e7BPmJKqvLG/DQBJb6JqVd8YSsRJj46n0AqeI
         SUTg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1737659283; x=1738264083;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=SKMeShTr5yIEEuySQxpHmJWUqDYpyI8ElDfHkF9VXP0=;
        b=bXTN8ny0m0XsLqbDd9dbVDVD1oIJBSB7wswT4a0V4jKthZesmOl5zOwg5bHJc+KE0u
         0OY6bUwl0fwz5SBW4dZ4P15ZuygF3WYWJ59YF3SB6Lv4gVodN6y5SHBYURhfTOI/sJck
         7goj3iKYhI65myG2kvQ9piAjJ+u8VVFVTxnbCyY+RgIM9MkPaMwNYpen17z6o3ClP3IH
         fBfl1dtAQmKfgPTkLSMgNcIPK6/kilqjZcd4CKsi9/sVzqjDEgoT8sAd0y3Jm+70wJLt
         aSNAaUoGyTxqtmc8UpHskoHSIefqzYZpZ3Cob2uxZpMXxYFRp/m73mtixbmCPnh89b0T
         Fj3w==
X-Gm-Message-State: AOJu0YyqIrpML7gV3BN/mc+ie2QvS4eFUDHri8vi50X1Vjlu8uiedqT6
	g5Zeb2uPQPdQo9whEMdZycbRtuVPu6kE5PUIR59olt/Urpr6uQzcw8a7
X-Gm-Gg: ASbGnctQGSRrNbDHZyFptzGwQlxtdyPOpI0OGtK8lY5v4yqqTqLpal2+NwwoLssmiuC
	NLpk4JrsZoThvGea0frlIB1YSXziT0BRZLWhPMgNNXzO+p0bQAHxkh3ZoYCso1ZciCm2a1Y5VMR
	iRtSUeqKBmpts73lW6ilkjaQM0K8/kGJgRX3Dicnx//+dLMbpKbHJWtMCv+HigOl7InUSln3hiG
	P2ll0OzYJGjNIzLv04ue5YI2s2IQbZnCpFOVD7AT+gpRu05hoJtIvWMHw4k7+e9ScEEN64o
X-Google-Smtp-Source: AGHT+IFLCrefgg9t4xDY8CHyjjdoACC5ycJAWAmgLmeRxdIBQ4JyG0jnrRwnW8YerNVxGCFZT+GtmA==
X-Received: by 2002:a05:622a:38b:b0:46c:7646:4a1e with SMTP id d75a77b69052e-46e12a62966mr445586521cf.13.1737659283425;
        Thu, 23 Jan 2025 11:08:03 -0800 (PST)
Received: from citadel.lan ([2600:6c4a:4d3f:6d5c::1019])
        by smtp.gmail.com with ESMTPSA id d75a77b69052e-46e66b880b6sm1768021cf.69.2025.01.23.11.08.02
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 23 Jan 2025 11:08:02 -0800 (PST)
From: Brian Gerst <brgerst@gmail.com>
To: linux-kernel@vger.kernel.org,
	x86@kernel.org
Cc: Ingo Molnar <mingo@kernel.org>,
	"H . Peter Anvin" <hpa@zytor.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Borislav Petkov <bp@alien8.de>,
	Ard Biesheuvel <ardb@kernel.org>,
	Uros Bizjak <ubizjak@gmail.com>,
	Brian Gerst <brgerst@gmail.com>
Subject: [PATCH v6 06/15] x86/module: Deal with GOT based stack cookie load on Clang < 17
Date: Thu, 23 Jan 2025 14:07:38 -0500
Message-ID: <20250123190747.745588-7-brgerst@gmail.com>
X-Mailer: git-send-email 2.47.1
In-Reply-To: <20250123190747.745588-1-brgerst@gmail.com>
References: <20250123190747.745588-1-brgerst@gmail.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

From: Ard Biesheuvel <ardb@kernel.org>

Clang versions before 17 will not honour -fdirect-access-external-data
for the load of the stack cookie emitted into each function's prologue
and epilogue.

This is not an issue for the core kernel, as the linker will relax these
loads into LEA instructions that take the address of __stack_chk_guard
directly. For modules, however, we need to work around this, by dealing
with R_X86_64_REX_GOTPCRELX relocations that refer to __stack_chk_guard.

In this case, given that this is a GOT load, the reference should not
refer to __stack_chk_guard directly, but to a memory location that holds
its address. So take the address of __stack_chk_guard into a static
variable, and fix up the relocations to refer to that.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Brian Gerst <brgerst@gmail.com>
---
 arch/x86/include/asm/elf.h |  3 ++-
 arch/x86/kernel/module.c   | 15 +++++++++++++++
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/arch/x86/include/asm/elf.h b/arch/x86/include/asm/elf.h
index 1fb83d47711f..0d6ca771549d 100644
--- a/arch/x86/include/asm/elf.h
+++ b/arch/x86/include/asm/elf.h
@@ -55,7 +55,8 @@ typedef struct user_i387_struct elf_fpregset_t;
 #define R_X86_64_JUMP_SLOT	7	/* Create PLT entry */
 #define R_X86_64_RELATIVE	8	/* Adjust by program base */
 #define R_X86_64_GOTPCREL	9	/* 32 bit signed pc relative
-					   offset to GOT */
+#define R_X86_64_GOTPCRELX	41	   offset to GOT */
+#define R_X86_64_REX_GOTPCRELX	42
 #define R_X86_64_32		10	/* Direct 32 bit zero extended */
 #define R_X86_64_32S		11	/* Direct 32 bit sign extended */
 #define R_X86_64_16		12	/* Direct 16 bit zero extended */
diff --git a/arch/x86/kernel/module.c b/arch/x86/kernel/module.c
index 8984abd91c00..a286f32c5503 100644
--- a/arch/x86/kernel/module.c
+++ b/arch/x86/kernel/module.c
@@ -19,6 +19,7 @@
 #include <linux/jump_label.h>
 #include <linux/random.h>
 #include <linux/memory.h>
+#include <linux/stackprotector.h>
 
 #include <asm/text-patching.h>
 #include <asm/page.h>
@@ -130,6 +131,20 @@ static int __write_relocate_add(Elf64_Shdr *sechdrs,
 				goto overflow;
 			size = 4;
 			break;
+#if defined(CONFIG_STACKPROTECTOR) && \
+    defined(CONFIG_CC_IS_CLANG) && CONFIG_CLANG_VERSION < 170000
+		case R_X86_64_REX_GOTPCRELX: {
+			static unsigned long __percpu *const addr = &__stack_chk_guard;
+
+			if (sym->st_value != (u64)addr) {
+				pr_err("%s: Unsupported GOTPCREL relocation\n", me->name);
+				return -ENOEXEC;
+			}
+
+			val = (u64)&addr + rel[i].r_addend;
+			fallthrough;
+		}
+#endif
 		case R_X86_64_PC32:
 		case R_X86_64_PLT32:
 			val -= (u64)loc;
-- 
2.47.1