Hello,
(cc'ing lkml as requested)
On Tue, Feb 13, 2018 at 11:40:17AM -0500, tedheadster wrote:
> in your patch "x86: make lazy %gs optional on x86_32" were you able
> to test it on really old processors? In 4.16.0-rc1, X86_32_LAZY_GS got
> toggled from 'y' to 'n' in my default config because of changes to the
> stack protector code. It hangs my ancient i486 test machine right
> after 'Booting the kernel'.
I didn't have access to an i486 at the time or ever since, so it
wasn't tested there. If this is specific to i486, flagging it so in
the config probably isn't the end of the world at this point.
Thanks.
--
tejun
> On Tue, Feb 13, 2018 at 11:40:17AM -0500, tedheadster wrote:
>> in your patch "x86: make lazy %gs optional on x86_32" were you able
>> to test it on really old processors? In 4.16.0-rc1, X86_32_LAZY_GS got
>> toggled from 'y' to 'n' in my default config because of changes to the
>> stack protector code. It hangs my ancient i486 test machine right
>> after 'Booting the kernel'.
>
> I didn't have access to an i486 at the time or ever since, so it
> wasn't tested there. If this is specific to i486, flagging it so in
> the config probably isn't the end of the world at this point.
Tejun,
I will be able to test this on other 32bit hardware at the end of
the week. Hopefully I'll be able to identify which processors it does
not work on (i486/i586/i686).
- Matthew
On Tue, Feb 13, 2018 at 8:57 AM, tedheadster <[email protected]> wrote:
> Changing X86_32_LAZY_GS to 'y' does not cause the kernel to hang.
>
>> On Tue, Feb 13, 2018 at 11:40:17AM -0500, tedheadster wrote:
>>> in your patch "x86: make lazy %gs optional on x86_32" were you able
>>> to test it on really old processors? In 4.16.0-rc1, X86_32_LAZY_GS got
>>> toggled from 'y' to 'n' in my default config because of changes to the
>>> stack protector code. It hangs my ancient i486 test machine right
>>> after 'Booting the kernel'.
>>
>> I didn't have access to an i486 at the time or ever since, so it
>> wasn't tested there. If this is specific to i486, flagging it so in
>> the config probably isn't the end of the world at this point.
>
> Tejun,
> I will be able to test this on other 32bit hardware at the end of
> the week. Hopefully I'll be able to identify which processors it does
> not work on (i486/i586/i686).
So, this is the exact opposite of my tests: if I had X86_32_LAZY_GS=y
and stack protector enabled (via _AUTO), the boot would hang. This
change solved that for me:
config X86_32_LAZY_GS
def_bool y
- depends on X86_32 && !CC_STACKPROTECTOR
+ depends on X86_32 && CC_STACKPROTECTOR_NONE
since stack-protector in _AUTO mode had to reorganize that logic. It
seemed LAZY_GS isn't compatible with stack-protector, so I made sure
to retain that. What are your other configs?
-Kees
--
Kees Cook
Pixel Security
On Tue, Feb 13, 2018 at 4:37 PM, Kees Cook <[email protected]> wrote:
> On Tue, Feb 13, 2018 at 8:57 AM, tedheadster <[email protected]> wrote:
>> Changing X86_32_LAZY_GS to 'y' does not cause the kernel to hang.
>>
>>> On Tue, Feb 13, 2018 at 11:40:17AM -0500, tedheadster wrote:
>>>> in your patch "x86: make lazy %gs optional on x86_32" were you able
>>>> to test it on really old processors? In 4.16.0-rc1, X86_32_LAZY_GS got
>>>> toggled from 'y' to 'n' in my default config because of changes to the
>>>> stack protector code. It hangs my ancient i486 test machine right
>>>> after 'Booting the kernel'.
>>>
>>> I didn't have access to an i486 at the time or ever since, so it
>>> wasn't tested there. If this is specific to i486, flagging it so in
>>> the config probably isn't the end of the world at this point.
>>
>> Tejun,
>> I will be able to test this on other 32bit hardware at the end of
>> the week. Hopefully I'll be able to identify which processors it does
>> not work on (i486/i586/i686).
>
> So, this is the exact opposite of my tests: if I had X86_32_LAZY_GS=y
> and stack protector enabled (via _AUTO), the boot would hang. This
> change solved that for me:
>
> config X86_32_LAZY_GS
> def_bool y
> - depends on X86_32 && !CC_STACKPROTECTOR
> + depends on X86_32 && CC_STACKPROTECTOR_NONE
>
> since stack-protector in _AUTO mode had to reorganize that logic. It
> seemed LAZY_GS isn't compatible with stack-protector, so I made sure
> to retain that. What are your other configs?
>
Kees,
I am running the 4.16-rc1 release. My arch/x86/Kconfig has this logic:
config X86_32_LAZY_GS
def_bool y
depends on X86_32 && CC_STACKPROTECTOR_NONE
I get a hang on i486 when I choose any of these configuration options:
CONFIG_CC_STACKPROTECTOR_AUTO=y
CONFIG_CC_STACKPROTECTOR_REGULAR=y
CONFIG_CC_STACKPROTECTOR_STRONG=y
Also, CONFIG_X86_32_LAZY_GS does not appear in any of these config
files, not even as "# CONFIG_X86_32_LAZY_GS is not set", which I
thought was strange.
The only configuration that works on i486 is:
CONFIG_CC_STACKPROTECTOR_NONE=y
CONFIG_X86_32_LAZY_GS=y
Now it gets interesting. All four of these configurations boots
successfully when compiled for, and run on, a Pentium 4 M
(CONFIG_PENTIUM4). So it certainly is related to what version of the
processor you use.
I will continue to try other configuration combinations and report back.
- Matthew
On Tue, Feb 13, 2018 at 3:14 PM, tedheadster <[email protected]> wrote:
> Kees,
> I am running the 4.16-rc1 release. My arch/x86/Kconfig has this logic:
>
> config X86_32_LAZY_GS
> def_bool y
> depends on X86_32 && CC_STACKPROTECTOR_NONE
>
> I get a hang on i486 when I choose any of these configuration options:
>
> CONFIG_CC_STACKPROTECTOR_AUTO=y
> CONFIG_CC_STACKPROTECTOR_REGULAR=y
> CONFIG_CC_STACKPROTECTOR_STRONG=y
>
> Also, CONFIG_X86_32_LAZY_GS does not appear in any of these config
> files, not even as "# CONFIG_X86_32_LAZY_GS is not set", which I
> thought was strange.
I think that's normal because it's forced to be unselectedable due to
CC_STACKPROTECTOR_NONE not being set.
> The only configuration that works on i486 is:
>
> CONFIG_CC_STACKPROTECTOR_NONE=y
> CONFIG_X86_32_LAZY_GS=y
>
> Now it gets interesting. All four of these configurations boots
> successfully when compiled for, and run on, a Pentium 4 M
> (CONFIG_PENTIUM4). So it certainly is related to what version of the
> processor you use.
>
> I will continue to try other configuration combinations and report back.
Okay, that's pretty weird. And does 4.15 boot with either of:
CONFIG_CC_STACKPROTECTOR_REGULAR=y
CONFIG_CC_STACKPROTECTOR_STRONG=y
Because if so, I'm very confused. If it does _not_ boot, then I can
chalk this up to an untested CPU/compiler combo and disable _AUTO on
X86_32, as there appears to be a pre-existing conflict there. (I doubt
it will turn out to be that easy... it never is.)
FWIW, the core change is 2bc2f688fdf8808de4f36be563ccdb0bde7c0c54
(though the next two commits build on it and introduce _AUTO).
-Kees
--
Kees Cook
Pixel Security