From patchwork Sat Nov 30 01:10:15 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Volodymyr Babchuk X-Patchwork-Id: 13889038 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id B92BAD735EB for ; Sat, 30 Nov 2024 01:10:46 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.846084.1261338 (Exim 4.92) (envelope-from ) id 1tHC0A-00044i-Vn; Sat, 30 Nov 2024 01:10:26 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 846084.1261338; Sat, 30 Nov 2024 01:10:26 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tHC0A-00044b-SW; Sat, 30 Nov 2024 01:10:26 +0000 Received: by outflank-mailman (input) for mailman id 846084; Sat, 30 Nov 2024 01:10:24 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tHC08-00044C-L7 for xen-devel@lists.xenproject.org; Sat, 30 Nov 2024 01:10:24 +0000 Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2062d.outbound.protection.outlook.com [2a01:111:f403:2613::62d]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id ddd7de69-aeb7-11ef-a0cf-8be0dac302b0; Sat, 30 Nov 2024 02:10:20 +0100 (CET) Received: from GV1PR03MB10456.eurprd03.prod.outlook.com (2603:10a6:150:16a::21) by AM9PR03MB7694.eurprd03.prod.outlook.com (2603:10a6:20b:41e::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8207.15; Sat, 30 Nov 2024 01:10:16 +0000 Received: from GV1PR03MB10456.eurprd03.prod.outlook.com ([fe80::a41e:5aa8:e298:757e]) by GV1PR03MB10456.eurprd03.prod.outlook.com ([fe80::a41e:5aa8:e298:757e%7]) with mapi id 15.20.8182.018; Sat, 30 Nov 2024 01:10:16 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: ddd7de69-aeb7-11ef-a0cf-8be0dac302b0 X-Custom-Connection: eyJyZW1vdGVpcCI6IjJhMDE6MTExOmY0MDM6MjYxMzo6NjJkIiwiaGVsbyI6IkVVUjA1LVZJMS1vYmUub3V0Ym91bmQucHJvdGVjdGlvbi5vdXRsb29rLmNvbSJ9 X-Custom-Transaction: eyJpZCI6ImRkZDdkZTY5LWFlYjctMTFlZi1hMGNmLThiZTBkYWMzMDJiMCIsInRzIjoxNzMyOTI5MDIwLjE2NjI2NCwic2VuZGVyIjoidm9sb2R5bXlyX2JhYmNodWtAZXBhbS5jb20iLCJyZWNpcGllbnQiOiJ4ZW4tZGV2ZWxAbGlzdHMueGVucHJvamVjdC5vcmcifQ== ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=YD6G+C/NAtQfb76QIil7fgi1+OeLZ2dFPNIeK8s/qjVKpwlDEJ+z59GTFBbwk70/qOtjpMJpxYBq9IqzxU0iozZwEjdxIt+uiscNjOYq/TmAq3xc9b3Zma+q0MsFie7IMKde2LrJHtl69YRSXGsH6S6ioWHwnM/aC+0zZFqz5LvGvCNYvJG3hRtNIlNElBaYiEKiCCy8lKccEt2YaDygqGd93vFN5inleyTng96BpIByWR5uqLuAsLoQRUGBvrrGHkeTLlVZEebzWRvIa7um6h6CxOaD+jy1FphN5TaNhpcHPmg1vXhYAHiCLUrik3EmsBtvOjGVxM0PE9305rEVQA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pw3TVcYG2GcL6D1CgReR7ofWSiP1ku/xjJnw0Bx6q3Y=; b=yKm80CawYha+Q03if7wH3BGEIMHNSk0+y3j7RWXELF31T5p9WhhoPFFPJnlC+Jp5iQSZsmgEgKvt7+3qzziJUu+hyCpv9JmFrIT7KaI4BHfG/Tsg8KaQJxOLVcFB1+R/v4DFTLkDHiSZXmiXGZtfU8G6d0dkDMkYKYiQ2OzkBHShlPXJsBN8N7WoBbZeAcXojeS+R5jZk47GA+R0GGUPqIrcEooovZsIbf4ltx6k8SHzGFdBUWiYZ66ALtKneiTwQkAexLqYfYGEGSzzxxjF4YKvj75HSZfr9eDETfh/Uey4LmF1u3XrAaACw/NYJw6oMPXu6VJ5dUuUmP+LDotT8A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=epam.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pw3TVcYG2GcL6D1CgReR7ofWSiP1ku/xjJnw0Bx6q3Y=; b=CU72Nx7odxJenceCY73QrfDYf2dCXoR4bauUQWnvOtNKe0KDdzME86NZ8Os4bnZKpz3VU8ZP8M+6FfXXp2ngrWwoclp9cXVM3fRWovGunaM8ko9qXhmufJkT+Sz8soFIMY4ojLsGCK96zypZU+pbZTP7AQmUNr+S9JdEgW40Lmrc9TjIZ5CEoAHRg6lHQsQBAZSfxGqaXVU/yaFuOLTaHmJJaIja/QZmQdFzt7uCgCVBhw6uTeM7YIffhT/FrVudSVgy5lJjLaKXgW1uhZ4iUn9RqobrgMKdsPGDFl11vzbhCQCVvu2898FAh2NyHBNbuGQMH3KCvrXviaHtjQ/lxA== From: Volodymyr Babchuk To: "xen-devel@lists.xenproject.org" CC: Volodymyr Babchuk , Andrew Cooper , Jan Beulich , Julien Grall , Stefano Stabellini , Anthony PERARD , Samuel Thibault , =?iso-8859-1?q?Roger_Pau_Mo?= =?iso-8859-1?q?nn=E9?= Subject: [PATCH v2 1/4] common: remove -fno-stack-protector from EMBEDDED_EXTRA_CFLAGS Thread-Topic: [PATCH v2 1/4] common: remove -fno-stack-protector from EMBEDDED_EXTRA_CFLAGS Thread-Index: AQHbQsSdhsEy1dPVQEOcqGdxy6Xe0A== Date: Sat, 30 Nov 2024 01:10:15 +0000 Message-ID: <20241130010954.36057-2-volodymyr_babchuk@epam.com> References: <20241130010954.36057-1-volodymyr_babchuk@epam.com> In-Reply-To: <20241130010954.36057-1-volodymyr_babchuk@epam.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-mailer: git-send-email 2.47.1 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: GV1PR03MB10456:EE_|AM9PR03MB7694:EE_ x-ms-office365-filtering-correlation-id: 51db0109-5a26-494f-f614-08dd10dbc00e x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|366016|376014|38070700018; x-microsoft-antispam-message-info: =?iso-8859-1?q?lmqJT3QWeZaE3+mnJwgGFCwW3L?= =?iso-8859-1?q?l1zDnaf/AAGeXYiR79PUuNkaoKILBICrNKsHk6LJv/unBQ2b+e7LCMTXBOYp?= =?iso-8859-1?q?DU75YnPBxSv9FpjIugcHp/3mQuMjl1IQtpUcP871eKmxksYPERVKhhLY1Ma/?= =?iso-8859-1?q?7v3G+Vph768PSOULQ7FRAPbednxAWqTcroCea9829YAeIQG4FP+HZ0g4rYWF?= =?iso-8859-1?q?B1EMpt9lu+jeoEwNcAVJRu+jxTAm6jKBVq7vZA8jYZ7FK9vBLswO0zdBhqi4?= =?iso-8859-1?q?+NL7oxk6GzBmHtZRmkQIL8oEqjAuNdqfIxdWLShlnLG7l8ztorcJg/bze2Br?= =?iso-8859-1?q?iIFi5QkS3LvN79pB1wG7IcgDrt3tsCucgi7FPq5AOUY7WQ4PNxTCMmtDZjTH?= =?iso-8859-1?q?l8vX3ijg8qRhaZBObfRomXWAPfQj5P4krt4V5fwPE3q59/fkIcQk/X2b6rqz?= =?iso-8859-1?q?hzDeZe84FLpiO+WSHGzhqTPY6lYSZ9LElPlA1BPRWln3myBDhxaQrnZYbL7A?= =?iso-8859-1?q?ftvwbvgKE8rHAOaJaj7N9QRId47vTCZ8fxmhjekmCbiyg5UyDWmilwJNiEav?= =?iso-8859-1?q?CEAPDuABd8aehnGZTAokldLeKvkt1Xq8MZ/QZYbEmwq1xv5gCTQlmsFBhFWv?= =?iso-8859-1?q?Dp+Dlc5UeakR/CD8o6bVpsB87POrW+WCosF274GgxCv/I7jgljzqkvLKcz/+?= =?iso-8859-1?q?maXhgzXHLqI5HLRWFuZvyE7sa7igiSWMSyDwIOMRQqLV/M1wWQPknZtZxaAW?= =?iso-8859-1?q?pRxQvJIhnj5SC1fJ5wQmONJoH7oS0PRcytiJ0jhNPWHGPcnmb8ITT6FQNIY4?= =?iso-8859-1?q?wLhpOJevUHKcINywEUNbHthxtVV6+aD97XzIX/021rZgdMe5bdqCP6IHwIOc?= =?iso-8859-1?q?0vIJ3fRT+MRfGJr1eWz9iEAt2KwCn094vc4mP9Xg9Gbh0mk0iKbcGOJcevs+?= =?iso-8859-1?q?bbebypVlZOvsxWja4kL7AzRZshIaqdA6ZNHGoNH7iC5w2atJR71K4KLwRdgU?= =?iso-8859-1?q?z/4oJHMgs9Y83SxUNj/ABup7aEUPG+bQhULcB/OQ8kHNwXkMx8cSvEomMLWT?= =?iso-8859-1?q?5QB7v82k4Jxx5iW84gl/aGeMMvwTTcmAenYLUzWHUW2v2wevbNIZDf3MWAEq?= =?iso-8859-1?q?J0y8XI5pneMkrzHXuS/tzfRdoAUVSStkvZX0Dxu4zw4SwxtNOQ608L4N9tWK?= =?iso-8859-1?q?5Pky/SyHWCfhrFoVN9IeQ6dMEHAMAIBe9mGafRofSCWZM63gDCrTztzP/c9R?= =?iso-8859-1?q?+txqUQjIeuf9wYa7mTyiH7suVsG2v/B9eouJidDHIlhloLXlL4IoIdY5AXkq?= =?iso-8859-1?q?pZB3O84cf3xjOmDrkee+HkCi0g1eofKeXphZteQ0RJ3BCV9Qe63p2j9LpMQR?= =?iso-8859-1?q?uFbw6WluVq8vk9Vy+F+rZWbEq7sWY0lec5INozVfk=3D?= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:GV1PR03MB10456.eurprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(376014)(38070700018);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?q?enqKTeIn8BbI8MWRMxjxuSv?= =?iso-8859-1?q?Vk4hnW9URqH8eNqB0yMqojgjfAxrFW6QWyPrDxXZr50zHnY8xzPv0yWnSoBS?= =?iso-8859-1?q?0u2gr1QVuYNp5hNjOEPAsvbushiXy7w5JWC4CBF/pcyvgGri0280f8xz/GgL?= =?iso-8859-1?q?4GrV28lzoZOCaRVo4NNijzbEm/0iTPn1h7mQzr8T31MUYV4LWlZEefH5vRwF?= =?iso-8859-1?q?HRk28be0/vtRFXWwoE2r62/3b26vY3cD5FxR3RK6dGIFJ6AHtMmS44aLgEzc?= =?iso-8859-1?q?ECCPzAQGRRMNr7/NEnJctA0ETKKpK2qRr6JJPULr7Dn/SpgfKk84HeONsqHO?= =?iso-8859-1?q?X6S+T0Gw2DbaOcUsplSFHyhN8TQBW46dO8o2IXv60IpM5nl4NXI2gLCYG/ZL?= =?iso-8859-1?q?98eSZpgek4Ka7fCVriZSz0HxQWEmQXR45tE+FHWjo2iBKv/pPKcVK/T5dAWS?= =?iso-8859-1?q?SN35E4f4NY2Au1rZLAWnzyUUe7psgRbO9VyM5uySdVwIJ2GwYq6QV3OmnuYD?= =?iso-8859-1?q?P6KCjatae9AqaEU7C89xJ5Yo/mLy/e7QyDvfsdre2UNRbh4n3UveF/7tWUgU?= =?iso-8859-1?q?TY4buQrVpgeuRcbSA6DtQ9vWZ0WHvIZ/90A7BElCbR945h9yhqj7gjg2iB3k?= =?iso-8859-1?q?VIJVJcCpNPqFLJla4LbEJOOdmJjWhy95jfC8hSuATL6KXvtTyBFP+6sl5EJu?= =?iso-8859-1?q?Tdd1pmhk1vl8DdD2N8oc3mQTW2jLtwT3b490HziPgZ52Lg41wvDfcV//K+ib?= =?iso-8859-1?q?ffgW//LifaqBrOOLMvoDHYgBLYJGqxHIykYK+K3J9NFB8MA6r3pZppsJFLuY?= =?iso-8859-1?q?EvN/Fp3WBr+hDiQ7ZnioC7celv1GsWcf94BJOJfa3Gzf1mfFVdWeT+Oj9PBF?= =?iso-8859-1?q?gm/fUShE6ZEk3nBJn20XeDnljkSP/h1nfABdl2v22MYRXhHXOJO9nwnC8fn2?= =?iso-8859-1?q?VhQ2QrVIdE6li1OiTd+cPua+JNNzbs9U+ZkFiduRgNsJ1ZA3mfcJ01PHWqp+?= =?iso-8859-1?q?4bFBHobtarGNV/lQ5/DEjISOyWZKd2oJQREYT7WnvzT8+3b3HCivf6zakH8c?= =?iso-8859-1?q?97GxmrSlCjLQYgPDPSl287p5GQzdKFAw+72z/gvYGZAelKBfv+kclZ88gLXr?= =?iso-8859-1?q?lYITUEqXVKpZIliOr4purIWkbiqrklKASeMOKwAnrUTOyJ9CpWtxZ7INtvk/?= =?iso-8859-1?q?QmxlpFqszs78xtcWNGMle7c3cYvcX1Ytl28XLg5AhAJqQuPmpLfbntkDBdcY?= =?iso-8859-1?q?TpeXN44HCxr4rJiLXcgvMWXQuyNi+a+dPdL2NQDUCXMUfC4ZxzfLUQYtSW6+?= =?iso-8859-1?q?xs2dhC+7Sj9MohcMtAbAvAWkT6weMuv+fUQ4k/uwQyEUh1vH7Q2xvhb+/o6M?= =?iso-8859-1?q?bFNLj4YIw+4H9OjXUhK9BM/fjHEQnQWQtrcFnlN5gr8SRyzWacg1W1U3xry6?= =?iso-8859-1?q?9hZq9Gg3mtgYDHMu54rxvd63mlJkqORRgAJ35U6fBQfdfuNFFAJMUsonQs8z?= =?iso-8859-1?q?W1mxIbUp+1Zugycko3eziBSNloxEFn8ekmPNUGr+9YHJiLIL1Ed/bpyRLTEG?= =?iso-8859-1?q?I6DkaPo/RWQ+Vd0+38MW+LE33sA7upce+aUgaoL5dWA5fHOtrDdr8Jha24ok?= =?iso-8859-1?q?z2ZFdxGcvEHH0BsfUS8LqdK+KR3hdstFt2tXq6A=3D=3D?= MIME-Version: 1.0 X-OriginatorOrg: epam.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: GV1PR03MB10456.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 51db0109-5a26-494f-f614-08dd10dbc00e X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Nov 2024 01:10:15.6837 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: b41b72d0-4e9f-4c26-8a69-f949f367c91d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: f2ZsS24ljqzCiqJlCABDUIPp02lkpOw7RuTvaCIdLGmvs1HHMoDfHhsbZvgrygiCPTBgnvavylWX7dUaRmI745llHOo5mkOfBm2WcX9dPsA= X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR03MB7694 This patch is preparation for making stack protector configurable. First step is to remove -fno-stack-protector flag from EMBEDDED_EXTRA_CFLAGS so separate projects (Hypervisor in this case) can enable/disable this feature by themselves. Signed-off-by: Volodymyr Babchuk --- Changes in v2: - New in v2 --- Config.mk | 2 +- stubdom/Makefile | 2 ++ tools/firmware/Rules.mk | 2 ++ tools/tests/x86_emulator/testcase.mk | 2 ++ xen/Makefile | 2 ++ 5 files changed, 9 insertions(+), 1 deletion(-) diff --git a/Config.mk b/Config.mk index fa0414055b..c9fef4659f 100644 --- a/Config.mk +++ b/Config.mk @@ -190,7 +190,7 @@ endif APPEND_LDFLAGS += $(foreach i, $(APPEND_LIB), -L$(i)) APPEND_CFLAGS += $(foreach i, $(APPEND_INCLUDES), -I$(i)) -EMBEDDED_EXTRA_CFLAGS := -fno-pie -fno-stack-protector +EMBEDDED_EXTRA_CFLAGS := -fno-pie EMBEDDED_EXTRA_CFLAGS += -fno-exceptions -fno-asynchronous-unwind-tables XEN_EXTFILES_URL ?= https://xenbits.xen.org/xen-extfiles diff --git a/stubdom/Makefile b/stubdom/Makefile index 2a81af28a1..41424f6aca 100644 --- a/stubdom/Makefile +++ b/stubdom/Makefile @@ -54,6 +54,8 @@ TARGET_CFLAGS += $(CFLAGS) TARGET_CPPFLAGS += $(CPPFLAGS) $(call cc-options-add,TARGET_CFLAGS,CC,$(EMBEDDED_EXTRA_CFLAGS)) +$(call cc-option-add,TARGET_CFLAGS,CC,-fno-stack-protector) + # Do not use host headers and libs GCC_INSTALL = $(shell LANG=C gcc -print-search-dirs | sed -n -e 's/install: \(.*\)/\1/p') TARGET_CPPFLAGS += -U __linux__ -U __FreeBSD__ -U __sun__ diff --git a/tools/firmware/Rules.mk b/tools/firmware/Rules.mk index d3482c9ec4..b3f29556b7 100644 --- a/tools/firmware/Rules.mk +++ b/tools/firmware/Rules.mk @@ -15,6 +15,8 @@ $(call cc-options-add,CFLAGS,CC,$(EMBEDDED_EXTRA_CFLAGS)) $(call cc-option-add,CFLAGS,CC,-fcf-protection=none) +$(call cc-option-add,CFLAGS,CC,-fno-stack-protector) + # Do not add the .note.gnu.property section to any of the firmware objects: it # breaks the rombios binary and is not useful for firmware anyway. $(call cc-option-add,CFLAGS,CC,-Wa$$(comma)-mx86-used-note=no) diff --git a/tools/tests/x86_emulator/testcase.mk b/tools/tests/x86_emulator/testcase.mk index fc95e24589..49a7a8dee9 100644 --- a/tools/tests/x86_emulator/testcase.mk +++ b/tools/tests/x86_emulator/testcase.mk @@ -4,6 +4,8 @@ include $(XEN_ROOT)/tools/Rules.mk $(call cc-options-add,CFLAGS,CC,$(EMBEDDED_EXTRA_CFLAGS)) +$(call cc-option-add,CFLAGS,CC,-fno-stack-protector) + CFLAGS += -fno-builtin -g0 $($(TESTCASE)-cflags) LDFLAGS_DIRECT += $(shell { $(LD) -v --warn-rwx-segments; } >/dev/null 2>&1 && echo --no-warn-rwx-segments) diff --git a/xen/Makefile b/xen/Makefile index 2e1a925c84..34ed8c0fc7 100644 --- a/xen/Makefile +++ b/xen/Makefile @@ -432,6 +432,8 @@ else CFLAGS_UBSAN := endif +CFLAGS += -fno-stack-protector + ifeq ($(CONFIG_LTO),y) CFLAGS += -flto LDFLAGS-$(CONFIG_CC_IS_CLANG) += -plugin LLVMgold.so From patchwork Sat Nov 30 01:10:15 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Volodymyr Babchuk X-Patchwork-Id: 13889039 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id D60CFD735ED for ; Sat, 30 Nov 2024 01:10:46 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.846089.1261378 (Exim 4.92) (envelope-from ) id 1tHC0H-00054I-54; Sat, 30 Nov 2024 01:10:33 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 846089.1261378; Sat, 30 Nov 2024 01:10:33 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tHC0H-000543-1a; Sat, 30 Nov 2024 01:10:33 +0000 Received: by outflank-mailman (input) for mailman id 846089; Sat, 30 Nov 2024 01:10:31 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tHC0F-00044C-MA for xen-devel@lists.xenproject.org; Sat, 30 Nov 2024 01:10:31 +0000 Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2062d.outbound.protection.outlook.com [2a01:111:f403:2613::62d]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id e3b013fd-aeb7-11ef-a0cf-8be0dac302b0; Sat, 30 Nov 2024 02:10:29 +0100 (CET) Received: from GV1PR03MB10456.eurprd03.prod.outlook.com (2603:10a6:150:16a::21) by AM9PR03MB7694.eurprd03.prod.outlook.com (2603:10a6:20b:41e::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8207.15; Sat, 30 Nov 2024 01:10:16 +0000 Received: from GV1PR03MB10456.eurprd03.prod.outlook.com ([fe80::a41e:5aa8:e298:757e]) by GV1PR03MB10456.eurprd03.prod.outlook.com ([fe80::a41e:5aa8:e298:757e%7]) with mapi id 15.20.8182.018; Sat, 30 Nov 2024 01:10:16 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: e3b013fd-aeb7-11ef-a0cf-8be0dac302b0 X-Custom-Connection: eyJyZW1vdGVpcCI6IjJhMDE6MTExOmY0MDM6MjYxMzo6NjJkIiwiaGVsbyI6IkVVUjA1LVZJMS1vYmUub3V0Ym91bmQucHJvdGVjdGlvbi5vdXRsb29rLmNvbSJ9 X-Custom-Transaction: eyJpZCI6ImUzYjAxM2ZkLWFlYjctMTFlZi1hMGNmLThiZTBkYWMzMDJiMCIsInRzIjoxNzMyOTI5MDI5LjUxMjg3OSwic2VuZGVyIjoidm9sb2R5bXlyX2JhYmNodWtAZXBhbS5jb20iLCJyZWNpcGllbnQiOiJ4ZW4tZGV2ZWxAbGlzdHMueGVucHJvamVjdC5vcmcifQ== ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=zFqp34+OGvfFHvkj3/xy1m1SC+EToXdPAuQ37nOuGfYewssDfFd6e7kgPczw7AAadMrQOLAzc0LVyqxcM7O5Id1u4YyDB9W35zinQhqhcZx9z4iuEoN6NDaqKdc0QW087gMgiF2V0jibt2DFP2q65n1s0JoqOF97OwEx0fRKZz/oKSpruGBjfd0kmBq1SaYP4tRDC5LikTsJODQ8ijduQhk9SoSk+RueWHsM1mZGDi6j+GRLzcIYwX0VX9dLsoiIn8oa2inK7V8w2k0lE0PwItc/y7MsorxFYJ7LA+1JFbGUlQHHdcnQw52EIWNg4Ma6p3zM/1YqTgVAvkWQRJvadQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Lk0HamVq4FxAqQJVSVFKu2L4HLWpx3Q1Ibp43i+aQ68=; b=iHuMjI2DnApIM7wpX6t+pA+JCnNN1bkXT9M0QzFvYPvsZeynjx694lo3K2lxRQtjVCsKZpM3J40+F5uNFUjO6ffxjNYsYtNAeKU1rnj9U7kRAptrnurACkO0HrCuZ817DLFnAQavwfVa1UF4sCxzap1C9j0Dr/qF/qBKO8nMfVtdJZCYbll70ivDgk/sv9MhoPW2B+ju1ZIdXL3WFy9kxMYSA+/rjjOP1jz6p5a0oBu6sBfSfSyL6+FuYBT+QoLtqspvulBH3n9m84xHdBBnUGo10ymvM1td57dL6b9Hl/hXgN2URvMOlkQ4Ontr+VxIX5MgtvhCOVQ9WwISqqkDKw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=epam.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Lk0HamVq4FxAqQJVSVFKu2L4HLWpx3Q1Ibp43i+aQ68=; b=SORKnbMj8pPcCXoYMfim6hzzIMFFW/HnhLWdGowsBxMYt1doiibgPWQfpE8h+f+4U6z9KRQjhkalmEfVpAWd8F4qbuf1QCXvBPzLBITWicjAlnwOglNSRgnA8VuK7Hta85fK46kiZvAK64C78Zx86pnXb8WUcRTZTeBB5oO2jf3JdU4euMm4C/Ca0FxmjBQyrvahxtFrh+SwQWFXAlecNFCwG8W6xMmjg0M2eOcGJSPUp4/rNAwZPjYkWew3vJdi514Tkc+Q5UHS2S/c881gQnztXVX28IDZLEGvN6A8irX+MdFpBHy0fy0Vr4bSx+JnSyoM0Ngs47ojgpxyVDp1LQ== From: Volodymyr Babchuk To: "xen-devel@lists.xenproject.org" CC: Volodymyr Babchuk , Andrew Cooper , Jan Beulich , Julien Grall , Stefano Stabellini Subject: [PATCH v2 2/4] xen: common: add ability to enable stack protector Thread-Topic: [PATCH v2 2/4] xen: common: add ability to enable stack protector Thread-Index: AQHbQsSdkWILXIuO706XPyPrUU1cAA== Date: Sat, 30 Nov 2024 01:10:15 +0000 Message-ID: <20241130010954.36057-3-volodymyr_babchuk@epam.com> References: <20241130010954.36057-1-volodymyr_babchuk@epam.com> In-Reply-To: <20241130010954.36057-1-volodymyr_babchuk@epam.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-mailer: git-send-email 2.47.1 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: GV1PR03MB10456:EE_|AM9PR03MB7694:EE_ x-ms-office365-filtering-correlation-id: 60322106-e114-43c4-5a18-08dd10dbc03a x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|366016|376014|38070700018; x-microsoft-antispam-message-info: =?iso-8859-1?q?NKwJhqdwrA8AdoAVasRDl/n3y0?= =?iso-8859-1?q?mu8VdAOlyGm6rUqLoUhd/yf8TDMuYWCWrPK6woFaQPQLUbiKVl99Vgin48aB?= =?iso-8859-1?q?Y8cxUqszhhTuAs865TnB9+/GuCZ1Gt4uktCrcEqwkIv+OLGOHPViT1V2UZXW?= =?iso-8859-1?q?9suUqTFAqtF5zkT9JtKpCHO7GELdZLIGeGw7fgEiKkok3y27ISu94ANRCRv2?= =?iso-8859-1?q?hcBoqU1WkqC0UwIKEhylbAoQpWeKbZWycPeKrh5IWOan2CFNmOPx3HfSVYMb?= =?iso-8859-1?q?AVlU7TjJvSy4HBFdUJrhMLJ1YtB43JweQKasVeSiZkIQ03GBNP3cgHF2pR1G?= =?iso-8859-1?q?B29Y9WkOsaCeichriMqKanp3QLfhMVECqGSwkykND9NHrpElO9FOQsc69CkT?= =?iso-8859-1?q?BsB6AaNMD80Tmzam5LcZwbGFY44yqIQxS1INVyTUB/IwXXOrNEe60YLzwnKH?= =?iso-8859-1?q?XMQZrybq9wU1N4DBnqY2nAuPCwMOKnnZmy4xGkj+0MpRHBVCw5Y3bqtVA0uO?= =?iso-8859-1?q?SKeQ9n1gOxkBSgMlxY6+ETgRlKaWcATOkBILKk/UvTJd1ummlGAHTAhYRXCS?= =?iso-8859-1?q?L7N8sySxzh8B0iv+8z+ZGH4i69VycACD8cHl4rRRUT5pl7y1dCEjqcH6rzDn?= =?iso-8859-1?q?nfaYTwyfx/QSTsvSeo9WBh7kbY4JGnWUqj0ieYFd54QnvpU985enihf07hLo?= =?iso-8859-1?q?esi8sK+kWtAkxEtNrnHuz4ex2df4fRWbjbISoXSL6KKIP4EWHT177I3+9gcN?= =?iso-8859-1?q?SgPPSh1jux3+m/hPk5NDK5fzwyDkJKOj1UjDfWJYKkKOxGD8AlsiGDsTpWio?= =?iso-8859-1?q?yC+JbBGKhGlT55spZROGY12lBqceZnNNFjU7Ulj17GY0G0zJcNJLfh9fyP0C?= =?iso-8859-1?q?4B/M172gD2C7Xrm5wlpsdN5V7QcNlfbv4mO2kWmN6L46TY5i76ygy7Pw2Wfk?= =?iso-8859-1?q?uh0CcUTDlJu68kEdCTLl1zd4guYCsrIvessvt5BU2xve71Rv3+PX6dzJS2mx?= =?iso-8859-1?q?Sj8C0P3bozL7YG7ceCkaNTGpLqIeyenyaouqR+9FMXlaf3cVfN7GcONMV3E4?= =?iso-8859-1?q?OiC4IRIHTnBqnMgR0oAP70U9suCJurn7cyfAkCs2yVBeLlc/aHlRmLexFcm9?= =?iso-8859-1?q?g/9rRNrwEPjpePTfpi2L4LdMsJK9rCwLFTF07Q0gmP6Himr8X5KpxrDu65Ng?= =?iso-8859-1?q?7E2TQ1kMfUP9VT0L3Lw8BxqKTBQiCso/05f1B805KI93WB6QokX0Tqptzyw9?= =?iso-8859-1?q?1cD/5x0DkUJae0rErwMKFJklRwoVBXWCGTBkpn83+gHWFVrM8hoyW0ygayD1?= =?iso-8859-1?q?AemYnzNbw177MFlDS56fF79V6PbXuwyvzdnDoS7lf+wmbMI87RmsfShATTdv?= =?iso-8859-1?q?iZL/F6w/HSQvliqJDfk9yALCCAagm2sgT6rHXzWd2ax2AnlXlEvxacN3f6Ny?= =?iso-8859-1?q?J4l6q48mNe/+k1VuuhmMsBYA=3D=3D?= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:GV1PR03MB10456.eurprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(376014)(38070700018);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?q?+erIPVTbcmK5GUDyNz1iwfb?= =?iso-8859-1?q?lWfClsddW1E8dT2A+jXYGQdq1avVzEjpSlYQdUIObWv2TXq+b/asYVttAwL4?= =?iso-8859-1?q?Qwetz+MQeSYZI/jdAfJSfEiPVmd+YOxH1O4pPelrVLbXGB7dw6I9m8XYntmq?= =?iso-8859-1?q?ayPmYw8BIEwyrJCDbJbPMNaAvQgvDGiW6fuSKoQaDiI5ArloZ4jME0Z6ec2j?= =?iso-8859-1?q?9zIa530KyHUkXbQ1mcb5VsA886Wg/wQ+qXVdJQY5o7cgsSHphELu9uu4Zwxs?= =?iso-8859-1?q?c1Pj/tJmpb2r3DtQeg9y4it+b31bYjd7DaCfYAheCh8j11gWzzq3f+0IHcF0?= =?iso-8859-1?q?IHEwUttKZ6Whsd2QTauON+fyr+AUBmnD91vYTUlPE9Jg8OrRmniusGDUU+ji?= =?iso-8859-1?q?5W3PVwubZZIdmgPCuPir6yqIkSE6unnl4UOBcBJn0wGS2TB7u7e9Tsv9j7Bn?= =?iso-8859-1?q?30DNwpj/bXVRxbngoxCDuSbhSnN8wF/wOD9PwtiOqxUYYsafiXF8xaiGuiYZ?= =?iso-8859-1?q?aqB1mXEzB/3hu0E9XyAipisL5UsGvrW8YdBZ+rdsEYQayWnrLmzz/4znC/xt?= =?iso-8859-1?q?D6Yf72xhRu6lxA1acJOoEI63IiL5dA3fgvpxQn9ie+8BhR8yMlg/ir+PyIj9?= =?iso-8859-1?q?ADHuzMkuP22fTJ7S5v2/FsQwXCNkagsc6fWoYExOo6MdT/nOwZWu+XCXi8X8?= =?iso-8859-1?q?NUNsLsr8ccQSnfomcxlDpr2AsIIAVQztFKr29slQ6tbm2skQb/pVgaTzNajF?= =?iso-8859-1?q?WdrDD+MjkP1PAnQxFK+OU//fsK3r5xpczZaeqbxcEU9d5o0y0lzTX2pzcPAu?= =?iso-8859-1?q?JZarqrNe1k94m1Mm5+rCF6vUPRXhseS0PlFHZWny2wK7nwovzAmIHFoVnx7+?= =?iso-8859-1?q?TR95Xh3q7DMPLCFPKMFnZgIeNTCVQyy553QxeG3E61NnU1uRv7Bz0yMRqQGe?= =?iso-8859-1?q?eGntU+Oo77qE2QTp/Q618XBL5aGN1tH2eXGin7TTfSzZcJjlCSVbciPJRymo?= =?iso-8859-1?q?fBJmg4TfpRYTwXVRfvbvFX114Efh61wMduFWcgK2b4irq1LdrtGO5LTbjG/O?= =?iso-8859-1?q?IG8G8kl/Z3QY0Ob93awmEiyqKjdwyu7xwxFEHZlLoJoEOvTKHoxvPSe+Zug0?= =?iso-8859-1?q?am0eeYLA6stxF8BpzsGCH98M+tqirkKMwH6VWnG+gccVJ7cXM5Rk3jU9Fa74?= =?iso-8859-1?q?H3fKRk9b10Gf4qq7f4dWmErSBkDVGrra/QAxgfbCTvm4yJFhluxj97bfl0cO?= =?iso-8859-1?q?hGRGgFP/NrXs4sS73ZxMm9p+PAF1zVo/3o8Ac602NxlAhe1V7HBCJ8wLr6PC?= =?iso-8859-1?q?x8HJkbvse5MzzQ699dnOGBjaRJSMcegJ5FJDTb+1hemC+NgGhHvXg9p4pC8J?= =?iso-8859-1?q?4YmqNYy2UGxyugfuVcCDlFPCLRWHAOeVif2rk2DtNhDplibOVKMnDeolFQwL?= =?iso-8859-1?q?GAVKqHaL1YPS6m3+q6ikY7xP3XSHvCy/6FAnmdrTKf822AH2eoQg5F3jGENk?= =?iso-8859-1?q?6gdE8i3bljAqPl70iU67UXm+TXRJ/xmTDgJ6329kaJPPapzC9xOi23ddDOty?= =?iso-8859-1?q?EqepT+mzmtWj7MdRxnbc15FrNNi5sXzN1Kb9lWYCg1Y8/L7E6EwZRt1Kyent?= =?iso-8859-1?q?KwdAsLzpTp6UtXFqLfiEXh1N/1MFqr+s9RK7Z+A=3D=3D?= MIME-Version: 1.0 X-OriginatorOrg: epam.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: GV1PR03MB10456.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 60322106-e114-43c4-5a18-08dd10dbc03a X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Nov 2024 01:10:15.9693 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: b41b72d0-4e9f-4c26-8a69-f949f367c91d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: YiUZz6WwqrIFFAp1fDWSyt23wu64HqX0xw/vnD1NF6npLWOSnv4S+Gc/dd5x7gek+I75mN+oz8EeGfIIjn18rpuOugVreHcn8W4KFIlrX4g= X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR03MB7694 Both GCC and Clang support -fstack-protector feature, which add stack canaries to functions where stack corruption is possible. This patch makes general preparations to enable this feature on different supported architectures: - Added CONFIG_HAS_STACK_PROTECTOR option so each architecture can enable this feature individually - Added user-selectable CONFIG_STACK_PROTECTOR option - Implemented code that sets up random stack canary and a basic handler for stack protector failures Signed-off-by: Volodymyr Babchuk --- Changes in v2: - Moved changes to EMBEDDED_EXTRA_CFLAGS into separate patch - Renamed stack_protector.c to stack-protector.c - Renamed stack_protector.h to stack-protector.h - Removed #ifdef CONFIG_X86 in stack-protector.h - Updated comment in stack-protector.h (also, we can't call boot_stack_chk_guard_setup() from asm code in general case, because it calls get_random() and get_random() may depend in per_cpu infrastructure, which is initialized later) - Fixed coding style - Moved CONFIG_STACK_PROTECTOR into newly added "Compiler options" submenu - Marked __stack_chk_guard as __ro_after_init --- xen/Makefile | 4 ++++ xen/common/Kconfig | 17 +++++++++++++++++ xen/common/Makefile | 1 + xen/common/stack-protector.c | 10 ++++++++++ xen/include/xen/stack-protector.h | 29 +++++++++++++++++++++++++++++ 5 files changed, 61 insertions(+) create mode 100644 xen/common/stack-protector.c create mode 100644 xen/include/xen/stack-protector.h diff --git a/xen/Makefile b/xen/Makefile index 34ed8c0fc7..0de0101fd0 100644 --- a/xen/Makefile +++ b/xen/Makefile @@ -432,7 +432,11 @@ else CFLAGS_UBSAN := endif +ifeq ($(CONFIG_STACK_PROTECTOR),y) +CFLAGS += -fstack-protector +else CFLAGS += -fno-stack-protector +endif ifeq ($(CONFIG_LTO),y) CFLAGS += -flto diff --git a/xen/common/Kconfig b/xen/common/Kconfig index 90268d9249..64fd04f805 100644 --- a/xen/common/Kconfig +++ b/xen/common/Kconfig @@ -86,6 +86,9 @@ config HAS_UBSAN config HAS_VMAP bool +config HAS_STACK_PROTECTOR + bool + config MEM_ACCESS_ALWAYS_ON bool @@ -213,6 +216,20 @@ config SPECULATIVE_HARDEN_LOCK endmenu +menu "Compiler options" + +config STACK_PROTECTOR + bool "Stack protection" + depends on HAS_STACK_PROTECTOR + help + Use compiler's option -fstack-protector (supported both by GCC + and Clang) to generate code that checks for corrupted stack + and halts the system in case of any problems. + + Please note that this option will impair performance. + +endmenu + config DIT_DEFAULT bool "Data Independent Timing default" depends on HAS_DIT diff --git a/xen/common/Makefile b/xen/common/Makefile index b279b09bfb..ceb5b2f32b 100644 --- a/xen/common/Makefile +++ b/xen/common/Makefile @@ -45,6 +45,7 @@ obj-y += shutdown.o obj-y += softirq.o obj-y += smp.o obj-y += spinlock.o +obj-$(CONFIG_STACK_PROTECTOR) += stack-protector.o obj-y += stop_machine.o obj-y += symbols.o obj-y += tasklet.o diff --git a/xen/common/stack-protector.c b/xen/common/stack-protector.c new file mode 100644 index 0000000000..b258590d3a --- /dev/null +++ b/xen/common/stack-protector.c @@ -0,0 +1,10 @@ +// SPDX-License-Identifier: GPL-2.0-only +#include +#include + +unsigned long __ro_after_init __stack_chk_guard; + +void __stack_chk_fail(void) +{ + panic("Detected stack corruption\n"); +} diff --git a/xen/include/xen/stack-protector.h b/xen/include/xen/stack-protector.h new file mode 100644 index 0000000000..779d7cf9ec --- /dev/null +++ b/xen/include/xen/stack-protector.h @@ -0,0 +1,29 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ + +#ifndef XEN__STACK_PROTECTOR_H +#define XEN__STACK_PROTECTOR_H + +#ifdef CONFIG_STACKPROTECTOR + +extern unsigned long __stack_chk_guard; + +/* + * This function should be always inlined. Also it should be called + * from a function that never returns or a function that with + * stack-protector disabled. + */ +static always_inline void boot_stack_chk_guard_setup(void) +{ + __stack_chk_guard = get_random(); + if (BITS_PER_LONG == 64) + __stack_chk_guard |= ((unsigned long)get_random()) << 32; +} + +#else + +static inline void boot_stack_chk_guard_setup(void) {} + +#endif /* CONFIG_STACKPROTECTOR */ + +#endif /* XEN__STACK_PROTECTOR_H */ + From patchwork Sat Nov 30 01:10:16 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Volodymyr Babchuk X-Patchwork-Id: 13889037 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id BCD85D735EE for ; Sat, 30 Nov 2024 01:10:47 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.846087.1261368 (Exim 4.92) (envelope-from ) id 1tHC0E-0004ma-Qe; Sat, 30 Nov 2024 01:10:30 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 846087.1261368; Sat, 30 Nov 2024 01:10:30 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tHC0E-0004mR-MT; Sat, 30 Nov 2024 01:10:30 +0000 Received: by outflank-mailman (input) for mailman id 846087; Sat, 30 Nov 2024 01:10:29 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tHC0D-00044C-G4 for xen-devel@lists.xenproject.org; Sat, 30 Nov 2024 01:10:29 +0000 Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2062d.outbound.protection.outlook.com [2a01:111:f403:2613::62d]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id e2799066-aeb7-11ef-a0cf-8be0dac302b0; Sat, 30 Nov 2024 02:10:27 +0100 (CET) Received: from GV1PR03MB10456.eurprd03.prod.outlook.com (2603:10a6:150:16a::21) by AM9PR03MB7694.eurprd03.prod.outlook.com (2603:10a6:20b:41e::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8207.15; Sat, 30 Nov 2024 01:10:16 +0000 Received: from GV1PR03MB10456.eurprd03.prod.outlook.com ([fe80::a41e:5aa8:e298:757e]) by GV1PR03MB10456.eurprd03.prod.outlook.com ([fe80::a41e:5aa8:e298:757e%7]) with mapi id 15.20.8182.018; Sat, 30 Nov 2024 01:10:16 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: e2799066-aeb7-11ef-a0cf-8be0dac302b0 X-Custom-Connection: eyJyZW1vdGVpcCI6IjJhMDE6MTExOmY0MDM6MjYxMzo6NjJkIiwiaGVsbyI6IkVVUjA1LVZJMS1vYmUub3V0Ym91bmQucHJvdGVjdGlvbi5vdXRsb29rLmNvbSJ9 X-Custom-Transaction: eyJpZCI6ImUyNzk5MDY2LWFlYjctMTFlZi1hMGNmLThiZTBkYWMzMDJiMCIsInRzIjoxNzMyOTI5MDI3LjQ4MTM3Niwic2VuZGVyIjoidm9sb2R5bXlyX2JhYmNodWtAZXBhbS5jb20iLCJyZWNpcGllbnQiOiJ4ZW4tZGV2ZWxAbGlzdHMueGVucHJvamVjdC5vcmcifQ== ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=dJGgNN3u03vI/zEaAexMLmSK2Zk65WXniXdHACi6cyM8r+F0r2FXdIpV3O5XL7T9DGmqoklF4im4QHVe9TDJz2NqD/6OmtPsDgb2/5JYQP0qgw8zqGsVqH+nM9Q0jkajP7k+07dAhzlJcsAWmWuKHTmh+g+B4DriZ01lZnYzb10vsrCKXOPGMMuTN0N1V71Nf9IzXWbRrL/iefXkQ2Gz46ivOmjqzrsdc8SfdQe1fgEkswMBH4PV4pbmWLV8xU6Gbm5DmfMu4WIUxqeI8KVXyIfUF4Mg+KXKtOFGjVADbWqR9WM7lpAi++XEq3X7mIYe/fEyYbiyhWjfzXhOEVz1Ug== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/GsamCxU4DN+NHcKP8lPzqtJEu/j5Oky0k16OeYjFl0=; b=lp99NVvkken8eGyMkGD+JrsaN1ZI2NfxRM6h5GFUEFjJA8T5yhh00gZzK2dYRRVUGCYtrmD1G/SOIqocgboZ8ZGdLJwmGBng2PdMxTm4bDGJrEnCwPG4c+nOj4QplbXA1vFs1M/9iLXNQafT+7QlqwZ1UiDHbVkA0+X6ipEVknARbtGiU48yGEknP7muSu2rNXCOB9zu/8++JhN9FxtcLF/OSbg58Vx31cB/kXSMPESgqzOf03B1/4Zqv0L+bWHOzip6oVa267kj9wVGJLs4xPGc2GqmpDr6v/XZbbWqjlfrs2Wm+VIEGCUYXOj6IhrhLzA7gYTK/wLcNP5DHBRN/Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=epam.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/GsamCxU4DN+NHcKP8lPzqtJEu/j5Oky0k16OeYjFl0=; b=ESjXKrQw569T3+U6ohQnUqwuP94i1DzmsjeDPVIfej6Tw0mkRzsJgVxyFMH9N9xClCzmatafnhbM4ZLMosnwUv1kDOjFdTjHHT4nijevx5MU0kW3uz6cpBt6bVz8KDs8OCuxbp4SK4IYJJ5oaebwJo03QdkZZ/a/83RNkHL7+3Z23ySNxRU5czgU2+Jl4ZV/aRlkQ2Z1sEADr4VBWk1Wg0rhW4C6DpRACek2dWP0h0KNt2engewxtyvkQBMTt1vCcrAdt8MLihifG17fIK1XE57QDLUfMaIQtiOlA7DARqEcrHCW3JKlk4HiwvKYylg1b7JoDs8NBBY2FaucDmuH6w== From: Volodymyr Babchuk To: "xen-devel@lists.xenproject.org" CC: Volodymyr Babchuk , Stefano Stabellini , Julien Grall , Bertrand Marquis , Michal Orzel , Volodymyr Babchuk Subject: [PATCH v2 3/4] xen: arm: enable stack protector feature Thread-Topic: [PATCH v2 3/4] xen: arm: enable stack protector feature Thread-Index: AQHbQsSdZeSazgkTckCfCx9gDu8jUA== Date: Sat, 30 Nov 2024 01:10:16 +0000 Message-ID: <20241130010954.36057-4-volodymyr_babchuk@epam.com> References: <20241130010954.36057-1-volodymyr_babchuk@epam.com> In-Reply-To: <20241130010954.36057-1-volodymyr_babchuk@epam.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-mailer: git-send-email 2.47.1 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: GV1PR03MB10456:EE_|AM9PR03MB7694:EE_ x-ms-office365-filtering-correlation-id: a3c86f64-0920-46bf-b577-08dd10dbc065 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|366016|376014|38070700018; x-microsoft-antispam-message-info: =?iso-8859-1?q?bRipTcm2C1tHjSJy+OQ79DxPH5?= =?iso-8859-1?q?BBdwz4nolXBL/9hMF/CDqAYvcarMCkXqyMxzE/Ctk1otpwQGiHDjWA1lkY3b?= =?iso-8859-1?q?HRZZYrmtxmCCbhlAfYEUH1gLCUoRAZ8WY8iYQXDzFXBWY19QrAz9M4EoHNEE?= =?iso-8859-1?q?6HI2yjnDXefDOdhFdxSxEFK13/WyMpf/53jrqxkLOgC7+KNp6eSzf3r1OOGE?= =?iso-8859-1?q?7X/FEQKmcYmbW5t/X2FaKcX48QCdNhXbcuyKy8RF35vdx/1g+JmHUBhBRpoZ?= =?iso-8859-1?q?TozfVRoHp9MqxNBtLKHHK21pw4PPY/tBAnnnca6VqQZAGeByCdgPhxGpFtAQ?= =?iso-8859-1?q?bYVuoWf8try4iiUxtHJe2Q6NpoG9VZlNDQt7XO9i17kf1EsRN/9QYLV7ND/b?= =?iso-8859-1?q?p1wD7vG1Ps3t5uNMXrcqXpbPdqgyZkkMwp9dPtaRLJjb55c5T7GskME7U0ck?= =?iso-8859-1?q?46giwyyUc73Ks5tv2Fk5JSdx3sX6/zFiK+gp/Eu0rPCVdoTeJInmeKebiJqq?= =?iso-8859-1?q?akqxRxX18AY5PmCHYV0B0XekvJHegoGfHDxgxvZjPF7cEaaO2JzL4VjTjCGt?= =?iso-8859-1?q?zt0ufUmvAvW/eCfhHOg78Rx8UnlLP4wlE8JdNBhGs3twFhNCx7+jYIQgjyIk?= =?iso-8859-1?q?z3bT6i2Fzjps2ECCfIwHH/KcTkWZgtKdouAgDHh4+bihasRrcxPmXJ3jaEiN?= =?iso-8859-1?q?blCo6krpi3FSLRtKeMTt0tWvkLD/l8ul2qVuY3KP2okJzMvi818uByAfpPae?= =?iso-8859-1?q?vYomqAa8gXJZr2l0+ddu1XCYR+UvRtFTpzPNZb8wzDha8y6oabym/BeTjB4J?= =?iso-8859-1?q?CIJ6Vu20nxBljGjbPgWUzr9JdksXLntW9czRomkyhWlWiI8EmnVVavcNQsoI?= =?iso-8859-1?q?R2PtckheaC4kTbsPJrygzYtOA7pw/od1au6+yLYIO2SVfIAHALlHthYkEsdb?= =?iso-8859-1?q?qhN5MMnG7CrEv1KJHJBa8NjQ+XYeFW/PFtzOfm3VmXpm4xNwWSoIt1BSz2nm?= =?iso-8859-1?q?+Ibv/pchvWRKoLaqbEXsrR3oFQCN0hP7inYECvsEdSpZ+sdtf/HjNRdXHQpZ?= =?iso-8859-1?q?ksxO0+haVrmOqDOIG4smBdkTPyaviTSeqakLAQFo036bGW46xBq5rggdxLRX?= =?iso-8859-1?q?Jq2Ew9fF2gYgAHyhHXvSh6nI017sy0XAqYlImhUIgF9Mkw2ExlkinJXtaOve?= =?iso-8859-1?q?zl9umFLo6iEVUljS2Jkq894miFtFW/kLyQfRJEcRKem7DQ/v5ozHEwUtIeq2?= =?iso-8859-1?q?Cl2CwAWlJha4/X9KDI5ekZDqDSonjZkA+dKkltmVQOt9I4EgmS9QrWT/hnY0?= =?iso-8859-1?q?yPHP9w/0LPJxSrMioREQCKju6GbfQmb8tvsKIEXu+3768SrluwCv3jXXJA5W?= =?iso-8859-1?q?jcpwMFPxzAD5dKuUQixpO5kelUSiVEvR4aq7rxbGg+oQZNtvozmcaj4QbKsj?= =?iso-8859-1?q?HzL2y3Z7Powrguoif7iBBcXA=3D=3D?= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:GV1PR03MB10456.eurprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(376014)(38070700018);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?q?nOhroqYjEZr1xhJrVW8pCTk?= =?iso-8859-1?q?4jsml6Kxveykifqrv0tG2E+W69E7boVcm33YvHiRLlQhe6yqA4BWnOt1+I+2?= =?iso-8859-1?q?iH+pT0ypAJy4ALLbcFgIajqHFV8bTUfN/Qwbfe6PIGps2tV+nksYkTcUErus?= =?iso-8859-1?q?BdY63A3zleVaZh+Ytf22zsjyUlWH6ZSaBetpjo9XDQ3e57TdxTXzdWV8dlIF?= =?iso-8859-1?q?rb+mgxH9z4VDI/ts4uZjg1eFD1I7dAbgYtsEgni7gIDXOeJ2+5yBzAMOe7UX?= =?iso-8859-1?q?xa2rPwqpi9oA0MRuQcPuiLTMZT/gahSBxqtsPLP8WINEF6h/ybwyrHQHUnaU?= =?iso-8859-1?q?D6zbbLozyq1/xqON4dloRXmCXh+2TUYIoZJzTh9XduZEAi4cugW9I9FelL0L?= =?iso-8859-1?q?53OluzFKIH2do33O63Vki5VBIwqJjGwdlxE4IDdsWE+yFFaPuPL0KtiBCjLV?= =?iso-8859-1?q?g4aFztwF843p/Kv0U0Bc6DIslb1IcIsbtbzhE/ZYkAV86lKcmc0NoWhlPwWE?= =?iso-8859-1?q?JfffQoUfHmbY/uR7R1JfXCAE/F83K78tAg6rl+LienQPdSZxgfzgvhN86wQ+?= =?iso-8859-1?q?9SyBpLyz76B+ylxpGH/RrTAz+CfwHZ2yoaxlCj6gED9DR/i6zFSlxPjVkGcD?= =?iso-8859-1?q?IpaKfADoHUz1sqTnTa8xR8ZM4BM5086bF5ksIUmXRn1p5RYkLaLELOPiB81p?= =?iso-8859-1?q?4dqYHDbAWOaZ1zGGElP8jo2JVfHjIM/FPx2Y9PUG3c3pxKjNO6GhHiGRou0d?= =?iso-8859-1?q?CrXa1PCDO0sSAYycQbHp8pwSQUkD66/n12w/lBlUUkvAPdrxazjyOlfTk1Yb?= =?iso-8859-1?q?aCJan44hZ4mmW06oYhnJzLbGqGXxx188yuHU9nbx035w4UMqf8uDc8GWu0FP?= =?iso-8859-1?q?u/z/9XGMN+kECszwtbeUQ8+Lu3peaJUXNtzmKwx3eYlmy/qcTIKMXjwpZq0B?= =?iso-8859-1?q?AzlgYBUyccuWz/AdexVue6jvrlngrkF5DGr4YUCPaGq0vfy+EoCf42YoMKi9?= =?iso-8859-1?q?DLwUpMwDYs8+Jut0wJMwS0yMSgCFaek5iwvJPKSNRCOTrfuggoprQ8HG283W?= =?iso-8859-1?q?JBROQROgnJv30yPBhLOxw2iOPW5EvszYRAyDEU0hDSMakKww7WVIPorBMG4m?= =?iso-8859-1?q?qHRACyzR/8rhb8GxSeUG0gou5nQ1jw87TifDxnnWVhCN+bYcLWQQlBge04Di?= =?iso-8859-1?q?VBWUsNxFyGGWey3TDJmCrTiZ8W+zul5FpXD/PDcb8PtUFHx45nJz4tQQDxil?= =?iso-8859-1?q?lcuRl9DpTGZeh4HZOc9dPZgMeCS39RGpJEgBJwSEmgvyRwmat0JMDuZ+/wWD?= =?iso-8859-1?q?MOFyTspTo0G6tnis+wQll570I4vZawVTvw/hvmOXKHzyiaOUTeIMQFZN7LS+?= =?iso-8859-1?q?qFID8mggSIXW40vE0luQi2V7o9MEHAvNs1iK82kJwH/ognNiwsjQ9HSPwGGY?= =?iso-8859-1?q?d/6dDgXI51tcU3iKf7iH6wONi0HWixQ80SIMGb6x02PYHQiDFyL8r4wBnsUr?= =?iso-8859-1?q?gw+0JYo1j/REWSG1rZG5pH/CUoClCT9EwiiH0YSetP3A9LxIOgAaIMsAf4q/?= =?iso-8859-1?q?CLn/mb0xZgZ4GF1Z39lIZBxaEA6ss1v/7hGh5jCQHrhGvm42T0zkZ7iV8BUo?= =?iso-8859-1?q?qAHiHyZ/P5D05JC4pCzB2uaPUJyFf5THMS2RC6g=3D=3D?= MIME-Version: 1.0 X-OriginatorOrg: epam.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: GV1PR03MB10456.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: a3c86f64-0920-46bf-b577-08dd10dbc065 X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Nov 2024 01:10:16.2832 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: b41b72d0-4e9f-4c26-8a69-f949f367c91d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: dTYxlbX7Jb1Qk0SQ0QLzkPO3bKSZbxWLl0LdEcOJrrry+kyGOR39IBbqxxKggknROqf0p8ODu/uv4JQFumc3AYa5Cuhr6/yJs7vAnqIxEuw= X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR03MB7694 Enable previously added CONFIG_STACK_PROTECTOR feature for ARM platform. Here we can call boot_stack_chk_guard_setup() in start_xen() function, because it never returns, so stack protector code will not be triggered because of changed canary. Signed-off-by: Volodymyr Babchuk --- In v2: - Reordered Kconfig entry --- xen/arch/arm/Kconfig | 1 + xen/arch/arm/setup.c | 3 +++ 2 files changed, 4 insertions(+) diff --git a/xen/arch/arm/Kconfig b/xen/arch/arm/Kconfig index 23bbc91aad..a24c88c327 100644 --- a/xen/arch/arm/Kconfig +++ b/xen/arch/arm/Kconfig @@ -16,6 +16,7 @@ config ARM select HAS_ALTERNATIVE if HAS_VMAP select HAS_DEVICE_TREE select HAS_PASSTHROUGH + select HAS_STACK_PROTECTOR select HAS_UBSAN select IOMMU_FORCE_PT_SHARE diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c index 2e27af4560..f855e97e25 100644 --- a/xen/arch/arm/setup.c +++ b/xen/arch/arm/setup.c @@ -13,6 +13,7 @@ #include #include #include +#include #include #include #include @@ -341,6 +342,8 @@ void asmlinkage __init start_xen(unsigned long fdt_paddr) */ system_state = SYS_STATE_boot; + boot_stack_chk_guard_setup(); + if ( acpi_disabled ) { printk("Booting using Device Tree\n"); From patchwork Sat Nov 30 01:10:16 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Volodymyr Babchuk X-Patchwork-Id: 13889040 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id C6672D735EF for ; Sat, 30 Nov 2024 01:10:47 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.846086.1261358 (Exim 4.92) (envelope-from ) id 1tHC0C-0004XA-J3; Sat, 30 Nov 2024 01:10:28 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 846086.1261358; Sat, 30 Nov 2024 01:10:28 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tHC0C-0004X3-Fh; Sat, 30 Nov 2024 01:10:28 +0000 Received: by outflank-mailman (input) for mailman id 846086; Sat, 30 Nov 2024 01:10:27 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tHC0B-00044C-F1 for xen-devel@lists.xenproject.org; Sat, 30 Nov 2024 01:10:27 +0000 Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2062d.outbound.protection.outlook.com [2a01:111:f403:2613::62d]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id e142c225-aeb7-11ef-a0cf-8be0dac302b0; Sat, 30 Nov 2024 02:10:25 +0100 (CET) Received: from GV1PR03MB10456.eurprd03.prod.outlook.com (2603:10a6:150:16a::21) by AM9PR03MB7694.eurprd03.prod.outlook.com (2603:10a6:20b:41e::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8207.15; Sat, 30 Nov 2024 01:10:17 +0000 Received: from GV1PR03MB10456.eurprd03.prod.outlook.com ([fe80::a41e:5aa8:e298:757e]) by GV1PR03MB10456.eurprd03.prod.outlook.com ([fe80::a41e:5aa8:e298:757e%7]) with mapi id 15.20.8182.018; Sat, 30 Nov 2024 01:10:17 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: e142c225-aeb7-11ef-a0cf-8be0dac302b0 X-Custom-Connection: eyJyZW1vdGVpcCI6IjJhMDE6MTExOmY0MDM6MjYxMzo6NjJkIiwiaGVsbyI6IkVVUjA1LVZJMS1vYmUub3V0Ym91bmQucHJvdGVjdGlvbi5vdXRsb29rLmNvbSJ9 X-Custom-Transaction: eyJpZCI6ImUxNDJjMjI1LWFlYjctMTFlZi1hMGNmLThiZTBkYWMzMDJiMCIsInRzIjoxNzMyOTI5MDI1LjQ3MTA3Nywic2VuZGVyIjoidm9sb2R5bXlyX2JhYmNodWtAZXBhbS5jb20iLCJyZWNpcGllbnQiOiJ4ZW4tZGV2ZWxAbGlzdHMueGVucHJvamVjdC5vcmcifQ== ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Q6zrJPiOoYZzJHV1mJopSCls5JIBibHr+mbOEgXnZHiDSxUunWb9ODvMUw6nQDcuohPbUTgS9az8Yu84i1LA/6dvTJHfFDykAtTno8NXadCpsGnQj7kifdmFoHKQgXjlWpGvT4dpyPCXlAFaSiDdAiuMrj8lHiKO/4qdYKajaxGZUUVL1OHEINhNFqqvLbUGcRG3vOeEajpodhdrDEAba+oCoD3AHu0ZXpx1lLfz6LL1vbNjwGatohV5OD+e1ZIquuiOaGTAdzKrltrSAxRdNQPSrte9/jLCkwNNbILIp0HxV9is3hAa2fBaXrHWd1nNdSKiGmhXXhh4OgofwDVzyw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=sMLsAsxP2jCKXlPGp2d48OpFc6sgoHg60qnvVOllAa0=; b=aEY9T8VKCMjTGIjleNZuRGbY2+jKMaJfgyyUBGYSVW75fh+/IGc3HngvzYFPwf/naj0dSt1SA+ntWF9Em1xJGhI6OuNCtATl3TEburhTj5TRG6n+zyU/g42u34qxiT9iugd1otpMlG/kC7KzEloVZhVfzG/Vrr4eFfyVMa2HBkyJcQMtdL0z3+1XSqJep923te3WTxv5lL6vJorXufoiV/DFmr/TFQTkdiBvOTvmdqRO+tynUx7aEKDj9ASip3TWBPivFVv4M2o6zU5/GEWeHLDNWubddfF44WPP9B/oFngQ9//AdnvYe/Mb4CyYdS49WyjjnOUgQP/PJITug3IBFQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=epam.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sMLsAsxP2jCKXlPGp2d48OpFc6sgoHg60qnvVOllAa0=; b=rvv9qRw9tXc23DMjcV9jea3tJ3lcW7hrrPAu15DPg2WMMVRlDy4Lg41kTFuxd9PUn/36dl5cgJpXkd8NLRzdxf3Dphu+V8w9slewHJju+mzkElhm2pyHNUTmNvakRozC3cR7U8DCW5fbIZqh5CUa4o4yabNAN5zojJTT41Vm/eXFdPMchEtzHZBVnr4mAgvO/wbdj18b2gc9SzrLq5BC4tdzrZGH99LsLscIjREWS3EQA/PIeA3SPb5Qm1G7t6MB9L4zPc8skzRGm3FcHVrc5swkyX9GwwoPaHzulX9LEyjLG/VXiXanxQ+rPk75SluQ3TUv1cuSeRRS7i+WEEEl3Q== From: Volodymyr Babchuk To: "xen-devel@lists.xenproject.org" CC: Volodymyr Babchuk , Alistair Francis , Bob Eshleman , Connor Davis , Oleksii Kurochko , Andrew Cooper , Jan Beulich , Julien Grall , Stefano Stabellini Subject: [PATCH v2 4/4] xen: riscv: enable stack protector feature Thread-Topic: [PATCH v2 4/4] xen: riscv: enable stack protector feature Thread-Index: AQHbQsSdrqhVO8R3/0W5bnSX25z8yw== Date: Sat, 30 Nov 2024 01:10:16 +0000 Message-ID: <20241130010954.36057-5-volodymyr_babchuk@epam.com> References: <20241130010954.36057-1-volodymyr_babchuk@epam.com> In-Reply-To: <20241130010954.36057-1-volodymyr_babchuk@epam.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-mailer: git-send-email 2.47.1 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: GV1PR03MB10456:EE_|AM9PR03MB7694:EE_ x-ms-office365-filtering-correlation-id: cd6b4f3d-38c6-47e6-1237-08dd10dbc094 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|366016|376014|38070700018; x-microsoft-antispam-message-info: =?iso-8859-1?q?k3mjZrk9VHb7MObOMvN85ZqNUk?= =?iso-8859-1?q?vQyQJ7H2Fb/FMmMEj93r4gE49ZJ38yjUDr+w414prgQDAp5wlwOnbW5eEcem?= =?iso-8859-1?q?HqXTVK92aTxCqcQR9GZP3KXK4ZQLbQkLR44QVHVKertD+sS07H4CJ/BVu/DE?= =?iso-8859-1?q?/cUIwxSHFgker9t/p7z4x34SukGf3zmi6T9BT8Bu0VhEs8+PUA+f/ci90PYN?= =?iso-8859-1?q?ccA1IeleqwO2vICq7HSHVWIGUFF4mU2djjxo++Pzif3qLaYhQYkz+8t8qE1P?= =?iso-8859-1?q?z3Yo1QF590xrzqAcyNucJtOYInezyc4u2BCvYARAPyB0glYIAgp9bvNFHizp?= =?iso-8859-1?q?psTkrPJ3Wqjy0XQ8vMvEChqAbE0FsGq+iUp3ILPu4uGAn3nPmki64M/5YiiG?= =?iso-8859-1?q?+gw69QQO2zgDzGN/LfK33pbqnGzLQJoMUKnxN5xxG2fyMvfsQhliybeax21G?= =?iso-8859-1?q?zeGlKHmYfhaILRjXAuv/im0vJT7T5mRYQaubyfvRZKN8vKxCHazBdsyLSmNM?= =?iso-8859-1?q?B54zjyOpsyNfzfCEPcJ8/CDjITAYKkBgZTvRBefdApA8+hJqarBmDBV4V8YK?= =?iso-8859-1?q?28+3Om5ad4txEZS53JNTOjFNLnu3y5m9cBv8eeWgqzOhO1XwcmqoQWx9Zesm?= =?iso-8859-1?q?ddad4hsPMAgj+5kxePpM8nEMCCswPN/M54EDsCM7nd7yW3xx7qHIxFbxaHvF?= =?iso-8859-1?q?9B4wDHvLfoVbVeWz+cXjLU3XQ7tAjiWRoNzxsQa5rGB7VwuBJqmSXuC7Mxg3?= =?iso-8859-1?q?LgTsve4ZDePBHnDknyuSW2tfvx0e2HaY0tK3xK4JEuNMtIT/koIdw2F3okOQ?= =?iso-8859-1?q?RTHPHcaRWNSXr8UoUxsmv5nkhnjQQtHqYDXLIeokMTZU8V4e4RryWu90qqlT?= =?iso-8859-1?q?Mk6svacmojnKvqNLFe3rOkBJ/xsh4Eaa2tonwYYvcu/NQ+DZrY9uAJqbxKu1?= =?iso-8859-1?q?YUE0riJ51dNOO9+pvLTa14nAVItJapob5jMihYTGTiHyJo0r9wwJnk7N/0pu?= =?iso-8859-1?q?pTMssbw5QIngguG/U7w2EUJ6G4P7Uavz2k7FUjwudBDeexRLosX2qYuXBFH2?= =?iso-8859-1?q?dp44SF4B+L2MXvaxfJRSkmoYMr50NEe2aGsk1Oj+kuJAJpTMMJIXutkdYl2c?= =?iso-8859-1?q?gb2PSEQzh/n7r8gqzjvr9Y1gWFqJvt9UkoY/z12Nc3iqCbm5sksvUDfBWTni?= =?iso-8859-1?q?nHDgx3IIC/+IKmB7nfJYyPMtsfhGo8oBTFTLd4a+P4TO6lR+mNl/VjaIrd60?= =?iso-8859-1?q?cJYmBI1MvdxGJxpNlDSEKLptjadYnxT26IY3JAb8hFPM9ej68JiPQCp51Oxo?= =?iso-8859-1?q?4BbtLGhb252p9EWEs67c/rOASYvkoN6qs4IvWnzXBRfRLTnDyfOScW6Jwo69?= =?iso-8859-1?q?pXFXR9Kpz4Iiu8yhGbsbpHH7GJHPIWYj47BLudM2VFAZyEtry/OqTqaE+kWI?= =?iso-8859-1?q?aIRMEwJWrQy47FB1PV3D0Bkg=3D=3D?= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:GV1PR03MB10456.eurprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(376014)(38070700018);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?q?1X3XPcbFMFaVlCJOmqJr0ui?= =?iso-8859-1?q?SPPlahk6n9va9JCIoqHAmNpq+PlvNXExJSJ8BnrEGNk8AVDsKgCtcO+FPZZx?= =?iso-8859-1?q?w3R2FXmJqq97RdvzCkyI6nBWn3nX5CUmqPT6KkIhEpayOzI8zzIic9h51oSW?= =?iso-8859-1?q?SLBLwlvGEjtREJs0XIhzF8tIWrhcWKy9DA+ja0jISlgfI7+cEr6znCy5eFaZ?= =?iso-8859-1?q?Dizn2vHh/Os6gPwtYwgo91ObEPqqf43XLk03uPD3a5oCuvbL0Un+ERLxAltf?= =?iso-8859-1?q?MPSWHw3XrIfpbGoLJih8y+Z/04BGCkNBDDcxg8/4OBfMGaIBWkENAUlmkwGB?= =?iso-8859-1?q?QhpKA5yRN6h3KoOjre/liu0SRxmxqJ0hWG+I4kKdVJdLd1T4Q2GQROljjP7f?= =?iso-8859-1?q?9jjFeiy4qx7JKrjR7gWODik8AzVMHS9gGbMfpJWcyQRfzdOJf6EpCsku90o4?= =?iso-8859-1?q?wRBiBKxB8ktkRm/Sp6uOznmZIIsTQe2kmF7aaRCb9iLFXg+XPSb5QsV5lmWw?= =?iso-8859-1?q?t9HdrtLzLXKuhB+lGKFax7eXch0Y0VXY84XS4n1qKn2hpJSLzE63gXs5ZMrM?= =?iso-8859-1?q?ReTTB4GsMm15rEwyrSsX6rW5Pg47O2xihffcV5fxlowXc3uehFU55/YLao9a?= =?iso-8859-1?q?NQ7Nk1mNsUKspzNDqppNrsZxXsKj8ifUStvEUEgZ6U24uZwwNI6iRJHeoGFI?= =?iso-8859-1?q?UPAlF6rZKS4dx4O5c5fIzqcdXkAydDX4Sgz0re5/9tMxCgNLbqWFpWxF6F9z?= =?iso-8859-1?q?o082LXQ8zqI5Q2gBGmdP026BYuVw68PW+UJV2PwaXQzIvHDbYNpNtnjrsl7/?= =?iso-8859-1?q?Kf6NeacuVbTTtBR//45ZmSxAB2wpNj0pImwflsFmsiWIPxHUqdgbod0VPoha?= =?iso-8859-1?q?STSXUb6e/4Y7R6Ck6DVN/WNMhO75GAlPNGfeb0H5YJ8yvhF9+QDtryZMZLCP?= =?iso-8859-1?q?Yl7ICR0koNswq3oKZob/hKpFx8sF8DRrJE2W8x9Sqzv2gecMdp/hGd7y1mCx?= =?iso-8859-1?q?TSplp4mJ61M3wfBq+prLAl88FrRh/cJ8JW6FEbUomB3oK8zttWfuAgO/GBUq?= =?iso-8859-1?q?WXRBU3BaLYJeHVZ4XUdPt3MAJHl+nGE3I5me1nuq4ESn64nI26eTSNE8v1ey?= =?iso-8859-1?q?cbBlFOo2EpvcrXB3MXCtRQ/V51CQxO8eUXBjWBAfRbQAmvWlGymuW4QqkPaw?= =?iso-8859-1?q?0qEb/aLxgBljc7tOOYycgXfJg9EZa8RoEFhCTBlyZpugk1LGPhrsd8qyFvVj?= =?iso-8859-1?q?b+yvtQXd/abbpsIEbVQ91XQXp/vGBYicoTNGQfhITGHfkBVSQ/iT3vr8R660?= =?iso-8859-1?q?aQOrSSHh19HqN5uybmvWnM/S5uW8Gpj3/mDNKl/DxDd4oVGifW3ZVA4+PNBq?= =?iso-8859-1?q?ZQoq88KqoPe+y6cK3xxD5d8dfDVYCrThagxLe+7yMPNXbpa2h4+VBJoPYmoL?= =?iso-8859-1?q?mhMrC9PrGQ8WsA+pxq7E8axx393adTe9HYLqDJCYAGw19rLoN/Xc7WCusm/V?= =?iso-8859-1?q?e0RmvqtvFkqT4c6qO2nJDg/tfB6/ITLpyvPUmrzlh2H0qFtDbr/rnuc44f1x?= =?iso-8859-1?q?R2L3k7laXWKnm4bH+ryL+VsELSnnHDYsz10QC9gNJYqukmul5f6T2fLLRPdc?= =?iso-8859-1?q?74JPYd4b5JB4nXbIFIAoJ/shfjnLal03Woxyx1A=3D=3D?= MIME-Version: 1.0 X-OriginatorOrg: epam.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: GV1PR03MB10456.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: cd6b4f3d-38c6-47e6-1237-08dd10dbc094 X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Nov 2024 01:10:16.5991 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: b41b72d0-4e9f-4c26-8a69-f949f367c91d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: 8X8GmRRjURy0XqMk2Shw6ukUfXhf3iq3UNSrXAZZbQI1AhDmi0qfmbXJXvRquAlFNRoK1sCeIcrmW3IN1CPUkOooU7mGRzZ4qyloR9wGUgU= X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR03MB7694 Enable previously added CONFIG_STACK_PROTECTOR feature for RISC-V platform. Here we can call boot_stack_chk_guard_setup() in start_xen() function, because it never returns, so stack protector code will not be triggered because of changed canary. Signed-off-by: Volodymyr Babchuk Tested-by: Oleksii Kurochko --- In v2: - Reordered Kconfig entry - Added Oleksii's Tested-by tag --- xen/arch/riscv/Kconfig | 1 + xen/arch/riscv/setup.c | 3 +++ 2 files changed, 4 insertions(+) diff --git a/xen/arch/riscv/Kconfig b/xen/arch/riscv/Kconfig index 1858004676..79b3b68754 100644 --- a/xen/arch/riscv/Kconfig +++ b/xen/arch/riscv/Kconfig @@ -4,6 +4,7 @@ config RISCV select GENERIC_BUG_FRAME select HAS_DEVICE_TREE select HAS_PMAP + select HAS_STACK_PROTECTOR select HAS_VMAP config RISCV_64 diff --git a/xen/arch/riscv/setup.c b/xen/arch/riscv/setup.c index 9680332fee..59eddb465a 100644 --- a/xen/arch/riscv/setup.c +++ b/xen/arch/riscv/setup.c @@ -7,6 +7,7 @@ #include #include #include +#include #include #include @@ -57,6 +58,8 @@ void __init noreturn start_xen(unsigned long bootcpu_id, if ( !boot_fdt_info(device_tree_flattened, dtb_addr) ) BUG(); + boot_stack_chk_guard_setup(); + cmdline = boot_fdt_cmdline(device_tree_flattened); printk("Command line: %s\n", cmdline); cmdline_parse(cmdline);