From patchwork Mon Apr 7 22:40:25 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Volodymyr Babchuk X-Patchwork-Id: 14041934 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 6CB6BC369A1 for ; Mon, 7 Apr 2025 22:41:01 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.941214.1340746 (Exim 4.92) (envelope-from ) id 1u1v8u-00070v-8E; Mon, 07 Apr 2025 22:40:36 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 941214.1340746; Mon, 07 Apr 2025 22:40:36 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1u1v8u-00070M-5a; Mon, 07 Apr 2025 22:40:36 +0000 Received: by outflank-mailman (input) for mailman id 941214; Mon, 07 Apr 2025 22:40:34 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1u1v8s-0006OT-NM for xen-devel@lists.xenproject.org; Mon, 07 Apr 2025 22:40:34 +0000 Received: from EUR02-VI1-obe.outbound.protection.outlook.com (mail-vi1eur02on20605.outbound.protection.outlook.com [2a01:111:f403:2607::605]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id 4faa0187-1401-11f0-9ffb-bf95429c2676; Tue, 08 Apr 2025 00:40:31 +0200 (CEST) Received: from GV1PR03MB10456.eurprd03.prod.outlook.com (2603:10a6:150:16a::21) by PA1PR03MB10914.eurprd03.prod.outlook.com (2603:10a6:102:48a::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8606.31; Mon, 7 Apr 2025 22:40:26 +0000 Received: from GV1PR03MB10456.eurprd03.prod.outlook.com ([fe80::a41e:5aa8:e298:757e]) by GV1PR03MB10456.eurprd03.prod.outlook.com ([fe80::a41e:5aa8:e298:757e%5]) with mapi id 15.20.8606.033; Mon, 7 Apr 2025 22:40:26 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 4faa0187-1401-11f0-9ffb-bf95429c2676 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=jJUznvMJ1KTrn5Ou3q1ACETKC14quAKouBhkKhpzZw6SvQoZJs3mMlg4N1EjSkpWOWUzIe896Q5JbjQQs+xQqpQv3pH6ivy1JIjbSW3deTZ0sBOLOrOSYX7nGydUWADz/5UpMSoYRr6GSWqx6yUjf/vVg4zxoYIV+diCrB8y+TIuV5+wbkpplGWRrTUosZxacFKM3sLW7/cG0KDHsxL1kDz0MGVxQrBQPxuAHkVGjNbsT9OJTkRkn567FC26mZaLFGaR7q5V5zlVChIzUxXBDn7bs+dgidUGatST2Z7UXv/T4p40v5fIwFF0BUx+RRhMx8L6FHYddNexjy2blodG5Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=hJZ1VK1dH0aQT5LROQf9UQqgdUMpjf/S9LRF/mvQYd0=; b=JUbaPYZcMG1gLQCHt3uI20iNS12v1vt5uMxtVgEDpVPeEnK5YIrNP0MTR/vH9p3opIMnZcblvuZ0P14XKVX/qQvt7cogFMN12wPyG7J1FIXV5jq2x/TnzYQNQTk1tDfPHRa2qzNkF0mOZdl4jfhY6ZvBnXF4ZzB0SKlA4DqfQaN5e3V1Alp/qCn0EijR0H9er/MXUAC0vEzeIsKdehrb8h/2qtpGOPWj9bPlWJvNXAsZHwor0AidNUyrHyGYl+rodbXohN5k+YQmW8Vwd1j0Um6VIn7TTYn2xLIU1fD5WjSU4a07b7yEfQugeRF3uUFK31Soww44NCT1bbby+f7E6A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=epam.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hJZ1VK1dH0aQT5LROQf9UQqgdUMpjf/S9LRF/mvQYd0=; b=Av7K7tFZwEtrY+1Imx9eaofO/dVdsxOzocxhPsqvGettxE6/r6y+jb35uF47GZp2rb0FX5BQibLE3HqGOSg0XmjJVf0DUVVtqepM3fRKgwceNL5YKrsYhm/XjGxXyGGe2E8E1nLp+6+wTJX/Q2UT52sPtMdfm/VrVN96VqOBGKabYwuYta6HG4nXu6qbdJyi5XTDTQG0eIEMO9j1ABsYDpj00BaZMO+clq57Oreg3OgKOjvqgZHuRbDBN/Mja5vYme41WBcd5hY7/cY+nmlZwRP0gAcxX9CsQN2VL7H+pSuAkQXdYo6BusqRbfVuECNxUFCzTpKRwVnbkJkOPTxeXA== From: Volodymyr Babchuk To: "xen-devel@lists.xenproject.org" CC: Volodymyr Babchuk , Andrew Cooper , Anthony PERARD , Michal Orzel , Jan Beulich , Julien Grall , =?iso-8859-1?q?Roger_Pau_Monn=E9?= , Stefano Stabellini , Bertrand Marquis , Volodymyr Babchuk , Oleksii Kurochko , Community Manager Subject: [PATCH v8 0/3] Add/enable stack protector Thread-Topic: [PATCH v8 0/3] Add/enable stack protector Thread-Index: AQHbqA4O1S8K2RG8Nk6rnhLaMaN4aQ== Date: Mon, 7 Apr 2025 22:40:25 +0000 Message-ID: <20250407224009.2577560-1-volodymyr_babchuk@epam.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-mailer: git-send-email 2.48.1 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: GV1PR03MB10456:EE_|PA1PR03MB10914:EE_ x-ms-office365-filtering-correlation-id: 19572e48-e3fb-4ce8-1f7b-08dd762530ed x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|7416014|376014|366016|38070700018; x-microsoft-antispam-message-info: =?iso-8859-1?q?rTO1Pvwte705+MilLk6RM5LMvn?= =?iso-8859-1?q?VShmAphxIkmmBj9F+C+V9mkzbu1fV2wLGrAypcsv8JNd/TUhedorTO161gXh?= =?iso-8859-1?q?Fn0/Y+QDLaaWaVbck1wBdRtomCWh4mGTptqR3lruPNV0q2nIvtqBhtJEucuj?= =?iso-8859-1?q?G72vHsco+dCTi4mn25c1tdo3m9CXmJWLa41sKnx7XWxdU8z34llfN3ONgsoN?= =?iso-8859-1?q?wpFEZsYFM7Tv2Se0OPLwz2+JXDYvu80oT2Y8DpSZG5/IbfRRABYPOhSBW4lf?= =?iso-8859-1?q?u4ZlfLx+AymQuZIe6+g5NXXdBvKwmNOvxQNhuQrMe4IZ7tVrmQ+HPkXRYLI8?= =?iso-8859-1?q?MLBWA1H2rYrlGjHmEI3bCo7VffA/BhTJmW8WCKggpaJZ0BH6MbmxGw/DsS3r?= =?iso-8859-1?q?4tsN07pD5aq3x0SHh1qkHuR96gSy9S+LX14M6mOFmfcgaxitaqnRUZ73Miqs?= =?iso-8859-1?q?SXhw5bMoHMi5GoucxBTAKDi7B7TKGlJqSeQS6oV7Pv5/X73jlmHAJJmcROPe?= =?iso-8859-1?q?fMuUe1b8KVTAlGCAtPH7lAw1SlyAFWJS94oBnOUyXoZF8W88RZl70GzbBrrl?= =?iso-8859-1?q?vKNtdzGpIvHGMn7JQWBWKp19h/Fz645KMzSJGQqi9bJCrtIRdDRTQf05c++g?= =?iso-8859-1?q?3lnj/UWZnaWthda/HKB6Qr4bPUl2ziUP4fJEZkQsEmRdLQMA7sUpKUBAin86?= =?iso-8859-1?q?tXRaSBjA07FrjSM3oVgNYzlZNbsgf9Kn3T/cKSvMQTiWzvWymRe2MGEo9CnL?= =?iso-8859-1?q?8N6uN5xGY+uPKcwFTMxknp8YNR5dhzm9clcQcKOpMdFehyeFYbSqrVSaJGJi?= =?iso-8859-1?q?UbppuGXNo1UnLxAUGabeBUwh1zekO1FOZPZb869vAVZSI/Ma4+0OPAv82PIO?= =?iso-8859-1?q?nbVcdpA7iTGvq+4xEcz+FwgAQyvRu/nUB9GQw8BnA85AJ8EfVFWrOCLejgNQ?= =?iso-8859-1?q?ptShDMH3H5kUZ41uCIYK5uOyKemQK1ksFhl3z9RHVDGkQEs2M8rc9XKtv85m?= =?iso-8859-1?q?B18eOCXKwEyguLMFlYBKtCaHsD9Yetgys2y4ENb+OHdH6+upd3iik/wBaiSX?= =?iso-8859-1?q?XXoWsqIrJ7d49gDnS48UzgpPXsS/NurEmTz7owoDg7idDgKF+aZNVfYs6izw?= =?iso-8859-1?q?547UNupER0nVniPFLvfGAqDHl9HwLOHvJ/UsLRWhHlPF5Lh9CRbrfXVRfAn/?= =?iso-8859-1?q?6T6d5sbnHG0CxIpVP7fLfj0vn08DRlDZmg3p+ZGaRP70yAtpfIAPwzH7GHtt?= =?iso-8859-1?q?kuQT8b4L4ieOgQ22f+a8UWiqP4Fdm+NSdmtNA9lfQ8Aa2XS/9uJoiBJcsiVs?= =?iso-8859-1?q?7+NsXRvdLkCnzJcb4a5nlzrWsxyxb0BBzsuF3ZzZgSoftR73BpAkpMRJdaAF?= =?iso-8859-1?q?wk4JnTpM3Dw4mJ0CzIfk9VFnaHE6WDsOya3sYoS7CrR+1osNPkIzdo0NKF6c?= =?iso-8859-1?q?7taz8gyugAisBciQK3XHbfMGtRX1yZnd89zJ95kPngofOFKut27MmBjigiTt?= =?iso-8859-1?q?iPxHSN?= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:GV1PR03MB10456.eurprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(7416014)(376014)(366016)(38070700018);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?q?jhH4ASZCQvhDurQn83d+0Av?= =?iso-8859-1?q?g1/BtCQ4KciFTCU3WKqFzusOCyXqb7AgbDmvZvRHh49By6AlIxgwZ2qaGQlO?= =?iso-8859-1?q?+pW0IOgRL1G15potTY7Fg2TFskXRZnWTCCt/jSZUlKsRQqTXKnzU8S/fpqZ5?= =?iso-8859-1?q?6XqvFGXdeC6CZB0dURxVJJbBRWGnLjfX/JGefyevtYjTEEizHaEWuNQQJmmK?= =?iso-8859-1?q?9aycmj6BuBOUuuxZ8qxmjFv5YUd09P2yCc3CiBC0agrl8nIkoWSfwQ0feQZL?= =?iso-8859-1?q?AO5hmpLhJ8WYjtqk7gemxvN+QMaIOv19blPz6XLh6JOtLLWJiDbKaelWMmju?= =?iso-8859-1?q?vuDG74Qe0yQQoc4XtEQr0NxbxIPWcuGOOhr/ZUTb/9wxvXGJXdSsAcWP45Te?= =?iso-8859-1?q?UIOoibYgc6MtTnGhrYPzYWSvyESZyE+Q+6PnOzSCac9i0hEY8weNbXb38NwM?= =?iso-8859-1?q?i6Mrrll3rdfkUOxk1jnUolJvcA83W59STGSO1akivEYgbMv0KgO/aHi5sr4m?= =?iso-8859-1?q?7GdOGswwr0WWPhCX2svbEodV6opyVwXpARv4WW9e8KJ6ma1qrfv09Xx+193u?= =?iso-8859-1?q?aiuSY34gInkfZkrFVaXYGm0dmdKr8PvGrs0aaVACl8CIQNhHnytB403I4Cci?= =?iso-8859-1?q?IajiNapkEjvCq/oMPz/x2hJPmpXn+8eo4Ovk1YwAp4MNhvnOEsD7ppqsZjVT?= =?iso-8859-1?q?ii6sL6pgBBWXOfhL6vhszX8LjoiEXQ54HQs3BfwrO7P14stjNHT1O9eW/W85?= =?iso-8859-1?q?dppJHbuBOSSy3DLP0V3i8CxEr95yQeht4XVdumnap/qFIUuN9stIMv5FbQ+r?= =?iso-8859-1?q?maEpxRU/J5C6LkORQfbHX3FgbBFeY7ZSSPgJTk+fpU9Me+kww6ERpxdOpxtB?= =?iso-8859-1?q?1k/s8acjpBJnDtV3J91Ej4aH3pPvXu26SAmgb6eveKmuOtJdZiQIzCa7twH0?= =?iso-8859-1?q?NKmaN0QCXPYTZ4yCWZvdPM0thybd2V6Q1atjmIVauvcy3YqxzU66DZpcEXMW?= =?iso-8859-1?q?7Ft5SUk5JO/ROaf6QPO2sksBH5lookfSukL6fyv0m2ggrz+mFVqu0ItN8gd3?= =?iso-8859-1?q?ep98mbiVcYuUpU60Zz2Xys++6HAFFcyT9YggQuvCjdbKW8zlXN9vF3duYy2Y?= =?iso-8859-1?q?aMrZaq71ghFogMtRC6SSOjziQCoh2LP4Yod0CM2goj9W+spwOsZhMNzBrNf7?= =?iso-8859-1?q?0o31AyZ84bSrtI3NOe+sLEnqCtp0I+QBdQ1p5x86GbV/N59FS2UGGAqOK61f?= =?iso-8859-1?q?MNwwJ6kBOOk1vL2p3jfFJ3SHfCQpC1uJa+GWwEL47LNNV0KK26umOcOkg2Ji?= =?iso-8859-1?q?pDeLmoekxAxfUn5Dl3N6+9tLrY71WxlANIwzGZS9qm64on3s5PbRCJjleBBk?= =?iso-8859-1?q?GCRok9YUsPPz8VRTNLoPDbPdkwI8SKby7+d3AAOYo24ZgD/kEQ6uroUU+09A?= =?iso-8859-1?q?684bJOEePlByFjiitBomd2xHTnHwCUMIaRIODZbXDHbn+2QXsgCRAc7ua0YO?= =?iso-8859-1?q?iiGCpVjD/VVykyqUngZo3tlO0Iu+Z1kCdhJlLu8RJvkxWLqhQNF0t0Q/7F2x?= =?iso-8859-1?q?8lIP55VK/PvhwapaHj3aLCnQdnLvcsSDGaPOFq1wwyzjhO78zfm9Nk99D6MF?= =?iso-8859-1?q?bZCfojjU8FnGuMIJigudbrPa/FXuqgNhvDS9OdA=3D=3D?= MIME-Version: 1.0 X-OriginatorOrg: epam.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: GV1PR03MB10456.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 19572e48-e3fb-4ce8-1f7b-08dd762530ed X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Apr 2025 22:40:26.3124 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: b41b72d0-4e9f-4c26-8a69-f949f367c91d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: C51nFj6fcYTXepVkWVe5q35IswfItOLxhLGU9rHqShjE8gwDl5d3SFqngZmwqIRankisHXbMLvoHi5Yfw/VVEDqwbF5+UD7BMSoIyOOK8vg= X-MS-Exchange-Transport-CrossTenantHeadersStamped: PA1PR03MB10914 Both GCC and Clang support -fstack-protector feature, which add stack canaries to functions where stack corruption is possible. This series makes possible to use this feature in Xen. I tested this on ARM64 and it is working as intended. Tested both with GCC and Clang. Also tested with "-fstack-protector-all" compilation option to ensure that initialization code works as expected. It is hard to enable this feature on x86, as GCC stores stack canary in %fs:40 by default, but Xen can't use %fs for various reasons. It is possibly to change stack canary location new newer GCC versions, but attempt to do this uncovered a whole host problems with GNU ld. So, this series focus mostly on ARM. Changes in v8: - Added MISRA deviation for __stack_chk_fail() Changes in v7: - Patch "common: remove -fno-stack-protector from EMBEDDED_EXTRA_CFLAGS" is taken into mainline - Updated CHANGELOG for v4.21 - Updated stack-protector.h as per Jan's comments Changes in v6: - Moved stack guard initialization code to the header file - Expanded commit message for "[PATCH v6 3/4] xen: arm: enable stack protector feature" - Dropped couple of R-b tags - Added comment to "PATCH v6 4/4] CHANGELOG.md: Mention stack-protector feature", mentioning that it should be reworked if (almost certainly) it will not get into 4.20. - Tested with "-fstack-protector-all" Changes in v5: - ARM code calls boot_stack_chk_guard_setup() from early C code - Bringed back stack-protector.h because C code needs to call boot_stack_chk_guard_setup() - Fixed formatting - Added Andrew's R-b tag Changes in v4: - Added patch to CHANGELOG.md - Removed stack-protector.h because we dropped support for Xen's built-in RNG code and rely only on own implementation - Changes in individual patches are covered in their respect commit messages Changes in v3: - Removed patch for riscv - Changes in individual patches are covered in their respect commit messages Changes in v2: - Patch "xen: common: add ability to enable stack protector" was divided into two patches. - Rebase onto Andrew's patch that removes -fno-stack-protector-all - Tested on RISC-V thanks to Oleksii Kurochko - Changes in individual patches covered in their respect commit messages Volodymyr Babchuk (3): xen: common: add ability to enable stack protector xen: arm: enable stack protector feature CHANGELOG.md: Mention stack-protector feature CHANGELOG.md | 3 +++ docs/misra/safe.json | 8 +++++++ xen/Makefile | 4 ++++ xen/arch/arm/Kconfig | 1 + xen/arch/arm/setup.c | 3 +++ xen/common/Kconfig | 15 ++++++++++++ xen/common/Makefile | 1 + xen/common/stack-protector.c | 22 +++++++++++++++++ xen/include/xen/stack-protector.h | 39 +++++++++++++++++++++++++++++++ 9 files changed, 96 insertions(+) create mode 100644 xen/common/stack-protector.c create mode 100644 xen/include/xen/stack-protector.h