Received: by 2002:ac0:8c9a:0:0:0:0:0 with SMTP id r26csp1078886ima; Fri, 1 Feb 2019 16:05:51 -0800 (PST) X-Google-Smtp-Source: AHgI3IaAP9YvSd6Qc+vzZW8mZxR2mmFLLYRLM7E9keATuIxhwyTYhfeZ6I5WYymEQNiuDd2IABnM X-Received: by 2002:a63:b105:: with SMTP id r5mr4323978pgf.442.1549065951100; Fri, 01 Feb 2019 16:05:51 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1549065951; cv=none; d=google.com; s=arc-20160816; b=PooaCuY2DDXpqxDQmd7Loqnw3HdkiYudHrM8kseLntWt9occrQEAIisD/Q5Y1Clfee TMOyAZVVUoirbUPO3qBHRAuMYl3Fo+Hc476Z7tcBIoxijg0mhv6H1w8r8KZtIEFXz1YT 1u69WqTun5xS4u/3taGaVvy2AHd7ch7bxj1VclCCo8oGkrFS2fV9+F+DQNRL/3ug39GN wEnpuJqKFcmwcGAIuIUAbq3sU5OxorEPSD/4TWc0sHKGSNUsaMecpNhrvTGzuECfZ8DU lJF3BvDOGTTTIfZsMhRg6ZV0NUWF6aqk+z5Ns2EEzo3hMJRiWMQXZuo5lsvXuzpCLNru OWmg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=VV4f2PCyGwW/crTEb5s0n6CHHCI9fSydRbghYb9rKSc=; b=TFS+Yh+oO/ms064poZBKt8hCzz6g5PuUeux1VvgOv+E8nB0buk21mSBe3v5VyJMcy4 WoZxzna0gFT84yr3tiLQpNY+n9bk347Y0yyWNrgh2XKEnYA9hrZGjI6vGQGwdOsqgdDw KM+L6FOxyZwPFyDForm5bUTLdZZQcsyDgfSbXO2QK8miv1FG/hexndgJxivxBjCu3FLC Fnum0AWxyZqFnGwnv/YIeuxm6VK3RcLdy22FthEpH/l9Jneub2bMFSK5ew3+yGhZLLey QfubXV9HOAjZU7sn91XGpg8WTeNdHpvws1iIk21SH1qlIde1lNKpSU12ZqAcWHQB1H21 hxsg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=NDmEWQCX; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 193si8227458pgc.220.2019.02.01.16.05.33; Fri, 01 Feb 2019 16:05:51 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=NDmEWQCX; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726957AbfBBAEA (ORCPT + 99 others); Fri, 1 Feb 2019 19:04:00 -0500 Received: from mail-it1-f193.google.com ([209.85.166.193]:56285 "EHLO mail-it1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726121AbfBBAD7 (ORCPT ); Fri, 1 Feb 2019 19:03:59 -0500 Received: by mail-it1-f193.google.com with SMTP id m62so12110922ith.5 for ; Fri, 01 Feb 2019 16:03:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=VV4f2PCyGwW/crTEb5s0n6CHHCI9fSydRbghYb9rKSc=; b=NDmEWQCXb9uyA6KnzxjAn2r1ogUz//7P4HKFVVeOeBPpVcPfMEqMnqLAUSsiA/Dsa0 rZ7Bvqe+7XsnjVnr7AUhKwnCFCG/+eMjqR7vQUf4Ypn0+wcRWe6ZZo5ApbdNPWGDjAnA eg7NYMI/ermzNth9hrJASTHntqJFljEaSyU0o= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=VV4f2PCyGwW/crTEb5s0n6CHHCI9fSydRbghYb9rKSc=; b=D14j3KTJ05m/89NGsdRf5CEceEuTOA7bKZEk04ngBrKe4yMLbX9BiDR8u/gXBKa4Z4 u/dL3GdiS3n5tOwss0hctQ9bn/q5f65GzpVRD122Fbgy2Hl7pQB35+M4MclAJH8DaOLu bYItMCtDxJjc4U1MYa2KaJcZoUXk+hLZZHiqZqavHQbSsSNIAQIdIkwsHc1kM+tWHYGj 4b5EE5ozYChnzL21zYx7QLQMbm9KzykGY9EtbUPlwYIo5NgZuVJnb4jJ/4230tNaktcY 6hg93QkSknxfZSCIb4KHxpGsxqzCXOnBUQBaJ79ErarqVSErAqbcb3Qt4eRzB/MCSObq ixTg== X-Gm-Message-State: AHQUAua6ROXGt5OJiHDsBiQoVOGC906BJAVu4WIDPMWpROhGaViNWU63 78ozgGyta27q4QOfradK61ukIk6tNcs= X-Received: by 2002:a24:54d0:: with SMTP id t199mr3185977ita.57.1549065838411; Fri, 01 Feb 2019 16:03:58 -0800 (PST) Received: from mail-it1-f176.google.com (mail-it1-f176.google.com. [209.85.166.176]) by smtp.gmail.com with ESMTPSA id c75sm1997316itd.1.2019.02.01.16.03.58 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 01 Feb 2019 16:03:58 -0800 (PST) Received: by mail-it1-f176.google.com with SMTP id d11so12148894itf.2 for ; Fri, 01 Feb 2019 16:03:58 -0800 (PST) X-Received: by 2002:a24:3987:: with SMTP id l129mr2952723ita.45.1549065379165; Fri, 01 Feb 2019 15:56:19 -0800 (PST) MIME-Version: 1.0 References: <20190131192533.34130-1-thgarnie@chromium.org> <20190131192533.34130-21-thgarnie@chromium.org> <777DD215-A4F5-454F-856F-FFE870F15CDD@amacapital.net> In-Reply-To: <777DD215-A4F5-454F-856F-FFE870F15CDD@amacapital.net> From: Thomas Garnier Date: Fri, 1 Feb 2019 15:56:07 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v6 20/27] x86: Support global stack cookie To: Andy Lutomirski Cc: Andy Lutomirski , Kernel Hardening , Kristen Carlson Accardi , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , X86 ML , Masahiro Yamada , Juergen Gross , Joerg Roedel , Jia Zhang , Konrad Rzeszutek Wilk , Tim Chen , LKML Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Feb 1, 2019 at 2:36 PM Andy Lutomirski wrote: > > > > On Feb 1, 2019, at 12:21 PM, Thomas Garnier wrote: > > > >> On Fri, Feb 1, 2019 at 11:27 AM Andy Lutomirski wrote: > >> > >>> On Thu, Jan 31, 2019 at 11:29 AM Thomas Garnier wrote: > >>> > >>> Add an off-by-default configuration option to use a global stack cookie > >>> instead of the default TLS. This configuration option will only be used > >>> with PIE binaries. > >>> > >>> For kernel stack cookie, the compiler uses the mcmodel=kernel to switch > >>> between the fs segment to gs segment. A PIE binary does not use > >>> mcmodel=kernel because it can be relocated anywhere, therefore the > >>> compiler will default to the fs segment register. This is fixed on the > >>> latest version of gcc. > >> > >> I hate all these gcc-sucks-so-we-hack-it-and-change-nasty-semantics > >> options. How about just preventing use of both stack protector and > >> PIE unless the version of gcc in use is new enough. > > > > So fail the build in this scenario? > > Fail the build or use some Kconfig magic to prevent this from being configured in the first place. Ok, I can do that in next iteration. > > > > >> > >> Also, does -mstack-protector-guard-reg not solve this? See > >> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81708. Or is there > >> another bug? Or are you worried about gcc versions that don't have > >> that feature yet? > > > > I am worried about gcc versions that don't have this feature, yes.