From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Cyrus-Session-Id: sloti22d1t05-2617905-1520931361-2-16011744374269477474 X-Sieve: CMU Sieve 3.0 X-Spam-known-sender: no X-Spam-score: 0.0 X-Spam-hits: BAYES_00 -1.9, HEADER_FROM_DIFFERENT_DOMAINS 0.25, RCVD_IN_DNSWL_HI -5, T_RP_MATCHES_RCVD -0.01, LANGUAGES unknown, BAYES_USED global, SA_VERSION 3.4.0 X-Spam-source: IP='209.132.180.67', Host='vger.kernel.org', Country='CN', FromHeader='com', MailFrom='org' X-Spam-charsets: plain='UTF-8' X-Resolved-to: greg@kroah.com X-Delivered-to: greg@kroah.com X-Mail-from: stable-owner@vger.kernel.org ARC-Seal: i=1; a=rsa-sha256; cv=none; d=messagingengine.com; s=arctest; t=1520931360; b=DOkc02FPH5MU/LII+dHxrPlllCUPWat6oarc59gU6m08DpZ LlAFJ7fHKwVDXNSNV3MNM5Cyoov4cNuJpPX8RXzYZrdydVoNpOYpKcAvxEBwuGdh FTdaAda80wDXCpOt58xa3kHjl7YhZfgnwb5fyfj+XjyfO2VBhCdzZQP+HUIhVezp yBZsjtmDblOoa9cPOD+NGPuXyNJfGv4xb6DK/G1YVDx+MFGRJ1plka99Y/C9GGNj jIgpkOA9s6IK9yHohLPGZhqE9ALFPzmh8BzsH/umadKfNvi4yFjuXieBz1oplpus o35c4Ju90fG/5k/ztVQ8vlScU6qEQYlSMhtRAPg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=mime-version:in-reply-to:references:from :date:message-id:subject:to:cc:content-type:sender:list-id; s= arctest; t=1520931360; bh=O77kUL2a+AMdQ7TlSitH2uSivsuI8670QlwCwd aFWts=; b=nS6yXcMRiiD1XQaQoDT5xVuh8G3t/7/2n5HdVL9KjTmdpBWED+d5br BS1ONymJhbISb2NDPM0S1xu8qc3e7IlkA9ol/JBPJpP9vnLVV5nIzLyXbfEBnBLx UFbiKyXft1NfTors4a2yQRRDx0UwBNVHIYveU73c7FZKwXC1rI3v4ToI1ZANGq5f Dj2qN0nEJ6gydskIbJD9EtP2Bbclzx6Whosyv3JSuB6Wp8VbrQDS/euEA2PII2yJ V1BS0sKnUDZD5i+0kYnfR5BfT9UP80zwmIS+hcbW+sBJ/HrQaDbffa6lYEjZjlRT ZQ3BOWayfNGvqUXKjR/PZ7Qp3DZwaSog== ARC-Authentication-Results: i=1; mx2.messagingengine.com; arc=none (no signatures found); dkim=fail (message has been altered; 2048-bit rsa key sha256) header.d=gmail.com header.i=@gmail.com header.b=ZbxYNDyx x-bits=2048 x-keytype=rsa x-algorithm=sha256 x-selector=20161025; dmarc=none (p=none,has-list-id=yes,d=none) header.from=lemote.com; iprev=pass policy.iprev=209.132.180.67 (vger.kernel.org); spf=none smtp.mailfrom=stable-owner@vger.kernel.org smtp.helo=vger.kernel.org; x-aligned-from=fail; x-category=clean score=-100 state=0; x-google-dkim=fail (message has been altered; 2048-bit rsa key) header.d=1e100.net header.i=@1e100.net header.b=MU389qeB; x-ptr=pass x-ptr-helo=vger.kernel.org x-ptr-lookup=vger.kernel.org; x-return-mx=pass smtp.domain=vger.kernel.org smtp.result=pass smtp_org.domain=kernel.org smtp_org.result=pass smtp_is_org_domain=no header.domain=lemote.com header.result=pass header_is_org_domain=yes Authentication-Results: mx2.messagingengine.com; arc=none (no signatures found); dkim=fail (message has been altered; 2048-bit rsa key sha256) header.d=gmail.com header.i=@gmail.com header.b=ZbxYNDyx x-bits=2048 x-keytype=rsa x-algorithm=sha256 x-selector=20161025; dmarc=none (p=none,has-list-id=yes,d=none) header.from=lemote.com; iprev=pass policy.iprev=209.132.180.67 (vger.kernel.org); spf=none smtp.mailfrom=stable-owner@vger.kernel.org smtp.helo=vger.kernel.org; x-aligned-from=fail; x-category=clean score=-100 state=0; x-google-dkim=fail (message has been altered; 2048-bit rsa key) header.d=1e100.net header.i=@1e100.net header.b=MU389qeB; x-ptr=pass x-ptr-helo=vger.kernel.org x-ptr-lookup=vger.kernel.org; x-return-mx=pass smtp.domain=vger.kernel.org smtp.result=pass smtp_org.domain=kernel.org smtp_org.result=pass smtp_is_org_domain=no header.domain=lemote.com header.result=pass header_is_org_domain=yes Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752202AbeCMIz5 (ORCPT ); Tue, 13 Mar 2018 04:55:57 -0400 Received: from mail-io0-f195.google.com ([209.85.223.195]:45368 "EHLO mail-io0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752074AbeCMIzz (ORCPT ); Tue, 13 Mar 2018 04:55:55 -0400 X-Google-Smtp-Source: AG47ELstT6TZ9+89Yl0XcGz8yZQzqzoRynkVzgusdjycDhKbPQ//C1a6iSyvrJNDzsbjkoJKiJX8lQPWLzgu/AylxIs= MIME-Version: 1.0 In-Reply-To: <1520820258-19225-1-git-send-email-chenhc@lemote.com> References: <1520820258-19225-1-git-send-email-chenhc@lemote.com> From: Huacai Chen Date: Tue, 13 Mar 2018 16:55:53 +0800 X-Google-Sender-Auth: CwX3XcGfYV0mAA9-6WR75NC1Lq4 Message-ID: Subject: Re: [PATCH V2] ZBOOT: fix stack protector in compressed boot phase To: Andrew Morton Cc: linux-mm@kvack.org, LKML , Ralf Baechle , James Hogan , Linux MIPS Mailing List , Russell King , linux-arm-kernel@lists.infradead.org, Yoshinori Sato , Rich Felker , linux-sh@vger.kernel.org, Huacai Chen , stable Content-Type: text/plain; charset="UTF-8" Sender: stable-owner@vger.kernel.org X-Mailing-List: stable@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-Mailing-List: linux-kernel@vger.kernel.org List-ID: Hi, Yoshinori, Rich and SuperH developers, I'm not familiar with SuperH assembly, but SuperH has the same bug obviously. Could you please fix that? Huacai On Mon, Mar 12, 2018 at 10:04 AM, Huacai Chen wrote: > Call __stack_chk_guard_setup() in decompress_kernel() is too late that > stack checking always fails for decompress_kernel() itself. So remove > __stack_chk_guard_setup() and initialize __stack_chk_guard before we > call decompress_kernel(). > > Original code comes from ARM but also used for MIPS and SH, so fix them > together. If without this fix, compressed booting of these archs will > fail because stack checking is enabled by default (>=4.16). > > V2: Fix build on ARM. > > Cc: stable@vger.kernel.org > Signed-off-by: Huacai Chen > --- > arch/arm/boot/compressed/head.S | 4 ++++ > arch/arm/boot/compressed/misc.c | 7 ------- > arch/mips/boot/compressed/decompress.c | 7 ------- > arch/mips/boot/compressed/head.S | 4 ++++ > arch/sh/boot/compressed/head_32.S | 4 ++++ > arch/sh/boot/compressed/head_64.S | 4 ++++ > arch/sh/boot/compressed/misc.c | 7 ------- > 7 files changed, 16 insertions(+), 21 deletions(-) > > diff --git a/arch/arm/boot/compressed/head.S b/arch/arm/boot/compressed/head.S > index 45c8823..bae1fc6 100644 > --- a/arch/arm/boot/compressed/head.S > +++ b/arch/arm/boot/compressed/head.S > @@ -547,6 +547,10 @@ not_relocated: mov r0, #0 > bic r4, r4, #1 > blne cache_on > > + ldr r0, =__stack_chk_guard > + ldr r1, =0x000a0dff > + str r1, [r0] > + > /* > * The C runtime environment should now be setup sufficiently. > * Set up some pointers, and start decompressing. > diff --git a/arch/arm/boot/compressed/misc.c b/arch/arm/boot/compressed/misc.c > index 16a8a80..e518ef5 100644 > --- a/arch/arm/boot/compressed/misc.c > +++ b/arch/arm/boot/compressed/misc.c > @@ -130,11 +130,6 @@ asmlinkage void __div0(void) > > unsigned long __stack_chk_guard; > > -void __stack_chk_guard_setup(void) > -{ > - __stack_chk_guard = 0x000a0dff; > -} > - > void __stack_chk_fail(void) > { > error("stack-protector: Kernel stack is corrupted\n"); > @@ -150,8 +145,6 @@ decompress_kernel(unsigned long output_start, unsigned long free_mem_ptr_p, > { > int ret; > > - __stack_chk_guard_setup(); > - > output_data = (unsigned char *)output_start; > free_mem_ptr = free_mem_ptr_p; > free_mem_end_ptr = free_mem_ptr_end_p; > diff --git a/arch/mips/boot/compressed/decompress.c b/arch/mips/boot/compressed/decompress.c > index fdf99e9..5ba431c 100644 > --- a/arch/mips/boot/compressed/decompress.c > +++ b/arch/mips/boot/compressed/decompress.c > @@ -78,11 +78,6 @@ void error(char *x) > > unsigned long __stack_chk_guard; > > -void __stack_chk_guard_setup(void) > -{ > - __stack_chk_guard = 0x000a0dff; > -} > - > void __stack_chk_fail(void) > { > error("stack-protector: Kernel stack is corrupted\n"); > @@ -92,8 +87,6 @@ void decompress_kernel(unsigned long boot_heap_start) > { > unsigned long zimage_start, zimage_size; > > - __stack_chk_guard_setup(); > - > zimage_start = (unsigned long)(&__image_begin); > zimage_size = (unsigned long)(&__image_end) - > (unsigned long)(&__image_begin); > diff --git a/arch/mips/boot/compressed/head.S b/arch/mips/boot/compressed/head.S > index 409cb48..00d0ee0 100644 > --- a/arch/mips/boot/compressed/head.S > +++ b/arch/mips/boot/compressed/head.S > @@ -32,6 +32,10 @@ start: > bne a2, a0, 1b > addiu a0, a0, 4 > > + PTR_LA a0, __stack_chk_guard > + PTR_LI a1, 0x000a0dff > + sw a1, 0(a0) > + > PTR_LA a0, (.heap) /* heap address */ > PTR_LA sp, (.stack + 8192) /* stack address */ > > diff --git a/arch/sh/boot/compressed/head_32.S b/arch/sh/boot/compressed/head_32.S > index 7bb1681..a3fdb05 100644 > --- a/arch/sh/boot/compressed/head_32.S > +++ b/arch/sh/boot/compressed/head_32.S > @@ -76,6 +76,10 @@ l1: > mov.l init_stack_addr, r0 > mov.l @r0, r15 > > + mov.l __stack_chk_guard, r0 > + mov #0x000a0dff, r1 > + mov.l r1, @r0 > + > /* Decompress the kernel */ > mov.l decompress_kernel_addr, r0 > jsr @r0 > diff --git a/arch/sh/boot/compressed/head_64.S b/arch/sh/boot/compressed/head_64.S > index 9993113..8b4d540 100644 > --- a/arch/sh/boot/compressed/head_64.S > +++ b/arch/sh/boot/compressed/head_64.S > @@ -132,6 +132,10 @@ startup: > addi r22, 4, r22 > bne r22, r23, tr1 > > + movi datalabel __stack_chk_guard, r0 > + movi 0x000a0dff, r1 > + st.l r0, 0, r1 > + > /* > * Decompress the kernel. > */ > diff --git a/arch/sh/boot/compressed/misc.c b/arch/sh/boot/compressed/misc.c > index 627ce8e..fe4c079 100644 > --- a/arch/sh/boot/compressed/misc.c > +++ b/arch/sh/boot/compressed/misc.c > @@ -106,11 +106,6 @@ static void error(char *x) > > unsigned long __stack_chk_guard; > > -void __stack_chk_guard_setup(void) > -{ > - __stack_chk_guard = 0x000a0dff; > -} > - > void __stack_chk_fail(void) > { > error("stack-protector: Kernel stack is corrupted\n"); > @@ -130,8 +125,6 @@ void decompress_kernel(void) > { > unsigned long output_addr; > > - __stack_chk_guard_setup(); > - > #ifdef CONFIG_SUPERH64 > output_addr = (CONFIG_MEMORY_START + 0x2000); > #else > -- > 2.7.0 >