Received: by 2002:a5b:505:0:0:0:0:0 with SMTP id o5csp362679ybp; Thu, 10 Oct 2019 19:58:21 -0700 (PDT) X-Google-Smtp-Source: APXvYqzghrvoI2Ek8/2lT6K6hB7VraVnNU9ZlSq9zIoG5vHmYqxsYAByqx12MP26/ktNmNoD4ZxB X-Received: by 2002:aa7:c38f:: with SMTP id k15mr11627751edq.100.1570762701072; Thu, 10 Oct 2019 19:58:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1570762701; cv=none; d=google.com; s=arc-20160816; b=PJqkACfsY4kwfQ1wJ9umbRTGVsD0q0S64JeHtdiRrlEphXCb+P1/Q/c523Menl97w6 26VQjn08gNlwV2zVQwsI93s9H5WsQs359SPqkeUc/LQKxer+evXUMVfgpE4dOfSxHxUI 5s/Y1QZTPdq6QAJ4b9X50b9hPtKdqHUESDNdmSFa171UzmB4JRs49CIukO+DMWEOPTtu YJ3xOSRFZ6Ik62buFqMrkQ/wb3XCLoJX1zjB2reRhdC4gIWO8NfZUX0ytCPXyEh7OLr9 QkrAocJB6vNf2qQK6kuCh7aP13jFxmglnD78KbfUdujgwxhy6UXtP8zQNz3XadqFMd8u clEQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from; bh=mhFf2u+I74kTOC/d8b+Io/NH3lb41Iru4Lg6x7u7JuE=; b=vAmDptRlbU+n6ESMlkPpTL+pehIkNVTHYa6DpRyxr0jEeMMRsW/5Kqp6kDQFppcIOD JZs7Ze6FosqDMKfWbDoYUg1OMebGmadoPgvXHVndJkLxzkoE4yDfD70hIJtBdeik1264 HZqDS5aoXaeaYySdW4F1//L4JKHfZxBHoYl0TRsp+VTJImyjcfOILEDKt0dVEbKreeIN YxPhyYySS5gMeuu4VgooULoxjDXWe6edEDgt/8ZaAGve57j5H6/fh1My3qKDzDJsp1fy B4T2AzF05lDWfeMvPdjzSWdr7koBKnT/rVcGfEnmIu3SFFIB0rhozay+DDYg5b6CAmkI b0xw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u8si4201486ejt.219.2019.10.10.19.57.57; Thu, 10 Oct 2019 19:58:21 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726546AbfJKC5C (ORCPT + 99 others); Thu, 10 Oct 2019 22:57:02 -0400 Received: from smtp2200-217.mail.aliyun.com ([121.197.200.217]:41694 "EHLO smtp2200-217.mail.aliyun.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726116AbfJKC5C (ORCPT ); Thu, 10 Oct 2019 22:57:02 -0400 X-Alimail-AntiSpam: AC=CONTINUE;BC=0.07448077|-1;CH=green;DM=CONTINUE|CONTINUE|true|0.335335-0.0158047-0.64886;FP=0|0|0|0|0|-1|-1|-1;HT=e02c03291;MF=han_mao@c-sky.com;NM=1;PH=DS;RN=3;RT=3;SR=0;TI=SMTPD_---.FjD-bDi_1570762619; Received: from localhost(mailfrom:han_mao@c-sky.com fp:SMTPD_---.FjD-bDi_1570762619) by smtp.aliyun-inc.com(10.147.41.138); Fri, 11 Oct 2019 10:56:59 +0800 From: Mao Han To: linux-kernel@vger.kernel.org Cc: Mao Han , Guo Ren Subject: [PATCH] csky: Initial stack protector support Date: Fri, 11 Oct 2019 10:56:55 +0800 Message-Id: <1570762615-4256-1-git-send-email-han_mao@c-sky.com> X-Mailer: git-send-email 2.7.4 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This is a basic -fstack-protector support without per-task canary switching. The protector will report something like when stack corruption is detected: stack-protector: Kernel stack is corrupted in: sys_kill+0x23c/0x23c Tested with a local array overflow in kill system call. Signed-off-by: Mao Han Cc: Guo Ren --- arch/csky/Kconfig | 1 + arch/csky/include/asm/stackprotector.h | 29 +++++++++++++++++++++++++++++ arch/csky/kernel/process.c | 6 ++++++ 3 files changed, 36 insertions(+) create mode 100644 arch/csky/include/asm/stackprotector.h diff --git a/arch/csky/Kconfig b/arch/csky/Kconfig index 3973847..2852343 100644 --- a/arch/csky/Kconfig +++ b/arch/csky/Kconfig @@ -48,6 +48,7 @@ config CSKY select HAVE_PERF_USER_STACK_DUMP select HAVE_DMA_API_DEBUG select HAVE_DMA_CONTIGUOUS + select HAVE_STACKPROTECTOR select HAVE_SYSCALL_TRACEPOINTS select MAY_HAVE_SPARSE_IRQ select MODULES_USE_ELF_RELA if MODULES diff --git a/arch/csky/include/asm/stackprotector.h b/arch/csky/include/asm/stackprotector.h new file mode 100644 index 0000000..d7cd4e5 --- /dev/null +++ b/arch/csky/include/asm/stackprotector.h @@ -0,0 +1,29 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef _ASM_STACKPROTECTOR_H +#define _ASM_STACKPROTECTOR_H 1 + +#include +#include + +extern unsigned long __stack_chk_guard; + +/* + * Initialize the stackprotector canary value. + * + * NOTE: this must only be called from functions that never return, + * and it must always be inlined. + */ +static __always_inline void boot_init_stack_canary(void) +{ + unsigned long canary; + + /* Try to get a semi random initial value. */ + get_random_bytes(&canary, sizeof(canary)); + canary ^= LINUX_VERSION_CODE; + canary &= CANARY_MASK; + + current->stack_canary = canary; + __stack_chk_guard = current->stack_canary; +} + +#endif /* __ASM_SH_STACKPROTECTOR_H */ diff --git a/arch/csky/kernel/process.c b/arch/csky/kernel/process.c index f320d92..5349cd8 100644 --- a/arch/csky/kernel/process.c +++ b/arch/csky/kernel/process.c @@ -16,6 +16,12 @@ struct cpuinfo_csky cpu_data[NR_CPUS]; +#ifdef CONFIG_STACKPROTECTOR +#include +unsigned long __stack_chk_guard __read_mostly; +EXPORT_SYMBOL(__stack_chk_guard); +#endif + asmlinkage void ret_from_fork(void); asmlinkage void ret_from_kernel_thread(void); -- 2.7.4