• Christophe Leroy's avatar
    powerpc/32: add stack protector support · c3ff2a51
    Christophe Leroy authored
    This functionality was tentatively added in the past
    (commit 6533b7c1 ("powerpc: Initial stack protector
    (-fstack-protector) support")) but had to be reverted
    (commit f2574030 ("powerpc: Revert the initial stack
    protector support") because of GCC implementing it differently
    whether it had been built with libc support or not.
    
    Now, GCC offers the possibility to manually set the
    stack-protector mode (global or tls) regardless of libc support.
    
    This time, the patch selects HAVE_STACKPROTECTOR only if
    -mstack-protector-guard=tls is supported by GCC.
    
    On PPC32, as register r2 points to current task_struct at
    all time, the stack_canary located inside task_struct can be
    used directly by using the following GCC options:
    -mstack-protector-guard=tls
    -mstack-protector-guard-reg=r2
    -mstack-protector-guard-offset=offsetof(struct task_struct, stack_canary))
    
    The protector is disabled for prom_init and bootx_init as
    it is too early to handle it properly.
    
     $ echo CORRUPT_STACK > /sys/kernel/debug/provoke-crash/DIRECT
    [  134.943666] Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: lkdtm_CORRUPT_STACK+0x64/0x64
    [  134.943666]
    [  134.955414] CPU: 0 PID: 283 Comm: sh Not tainted 4.18.0-s3k-dev-12143-ga3272be41209 #835
    [  134.963380] Call Trace:
    [  134.965860] [c6615d60] [c001f76c] panic+0x118/0x260 (unreliable)
    [  134.971775] [c6615dc0] [c001f654] panic+0x0/0x260
    [  134.976435] [c6615dd0] [c032c368] lkdtm_CORRUPT_STACK_STRONG+0x0/0x64
    [  134.982769] [c6615e00] [ffffffff] 0xffffffff
    Signed-off-by: default avatarChristophe Leroy <christophe.leroy@c-s.fr>
    Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
    c3ff2a51
asm-offsets.c 30 KB