Received: by 2002:a25:e7d8:0:0:0:0:0 with SMTP id e207csp1156107ybh; Sat, 14 Mar 2020 19:35:46 -0700 (PDT) X-Google-Smtp-Source: ADFU+vvl7aTljonY/17isBP0LMc6B8TmBWOgNSAKlyyZzFvdrCnjaBgOHrcHaYXKdnFSau9l0KOc X-Received: by 2002:a05:6830:4c5:: with SMTP id s5mr3590692otd.367.1584239745962; Sat, 14 Mar 2020 19:35:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1584239745; cv=none; d=google.com; s=arc-20160816; b=VEuU8/JvLgBy+OywITuPRPGoHe6HDOBeJO29IuvNOAmjKfmC4FQQzKTkAFwW7JhS77 xI8ZXFZmdENFXwTjAQIsCIJ3BGehbHseCGnZZvWRLQjQCV+XCKTndxRiZ4gup6bUbBbp 7Gr6U78Gx3MZcWB7auvW/f0QmJbFJ+bQqsvxymjSpdlg0i1EvBkc/uQCqyHLuVheDbFa hQbwXhgD3Bny/I/Vs8iza8NVjO6fR+uI9iN5bmK37xWlylt1al66/qNgEum0Tp4/N5ju OX2Qe9oTCVpzh3yYGMaUxMgACIpClmgvt6e3wDdWUqSUNd4DZAye4V4MLOh9WUpMKhd7 h1Zg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=+Gw4DjU008oWfY5f/WBeJZ8orheougashf+u1OqPKuE=; b=Gy5HbJeVBZm75RgAFlf1CUjkEsxSTbIIbgxGx7WvyZbzayUNdg3zWaKa0pzti8KT5c ypNLtkbPVoRx0GOkdJFytMFMclse70PJxiJxtmOZycoi0rKc4d+QVVez6aHsTPtpW+hM HaQTxrxlSFwg+lPZ1wQ21AOGdnYxwchu8J3CI8j65hDRSQLBWr30rGRDBVIgHL8Xml5q fvr15xnwJWgAMTM3/kFZww/G6to/PixGIZ94qSlCZMnIuhLvSi3O2EYyszutWSkl7ZOm 5mW/HIQcbT3AV40tMBbDagw/2KwQ/aUMD7EY4s+8mbWbztzuNhcYnQo4SijnJY3z76+2 hywQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=gentoo.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w123si5217363oiw.119.2020.03.14.19.35.34; Sat, 14 Mar 2020 19:35:45 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=gentoo.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727021AbgCOCfE (ORCPT + 99 others); Sat, 14 Mar 2020 22:35:04 -0400 Received: from smtp.gentoo.org ([140.211.166.183]:54922 "EHLO smtp.gentoo.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726667AbgCOCfD (ORCPT ); Sat, 14 Mar 2020 22:35:03 -0400 Received: from sf.home (tunnel547699-pt.tunnel.tserv1.lon2.ipv6.he.net [IPv6:2001:470:1f1c:3e6::2]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: slyfox) by smtp.gentoo.org (Postfix) with ESMTPSA id E455134EECE; Sat, 14 Mar 2020 16:45:04 +0000 (UTC) Received: by sf.home (Postfix, from userid 1000) id A55C95A22061; Sat, 14 Mar 2020 16:45:01 +0000 (GMT) From: Sergei Trofimovich To: linux-kernel@vger.kernel.org Cc: Sergei Trofimovich , Jakub Jelinek , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , Andy Lutomirski , x86@kernel.org Subject: [PATCH] x86: fix early boot crash on gcc-10 Date: Sat, 14 Mar 2020 16:44:51 +0000 Message-Id: <20200314164451.346497-1-slyfox@gentoo.org> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The change fixes boot failure on physical machine where kernel is built with gcc-10 with stack-protector enabled by default: ``` Kernel panic — not syncing: stack-protector: Kernel stack is corrupted in: start_secondary+0x191/0x1a0 CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.6.0-rc5—00235—gfffb08b37df9 #139 Hardware name: Gigabyte Technology Co., Ltd. To be filled by O.E.M./H77M—D3H, BIOS F12 11/14/2013 Call Trace: dump_stack+0x71/0xa0 panic+0x107/0x2b8 ? start_secondary+0x191/0x1a0 __stack_chk_fail+0x15/0x20 start_secondary+0x191/0x1a0 secondary_startup_64+0xa4/0xb0 -—-[ end Kernel panic — not syncing: stack—protector: Kernel stack is corrupted in: start_secondary+0x191 ``` This happens because `start_secondary()` is responsible for setting up initial stack canary value in `smpboot.c`, but nothing prevents gcc from inserting stack canary into `start_secondary()` itself before `boot_init_stack_canary()` call. The fix passes `-fno-stack-protector` to avoid any early stack checks in `start_secondary()` or inlined functions into it. Tested the change by successfully booting the machine. A few similar crashes on VMs: - https://bugzilla.redhat.com/show_bug.cgi?id=1796780 - http://rglinuxtech.com/?p=2694 CC: Jakub Jelinek CC: Thomas Gleixner CC: Ingo Molnar CC: Borislav Petkov CC: "H. Peter Anvin" CC: Andy Lutomirski CC: x86@kernel.org Signed-off-by: Sergei Trofimovich --- arch/x86/kernel/Makefile | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile index 9b294c13809a..da9f4ea9bf4c 100644 --- a/arch/x86/kernel/Makefile +++ b/arch/x86/kernel/Makefile @@ -11,6 +11,12 @@ extra-y += vmlinux.lds CPPFLAGS_vmlinux.lds += -U$(UTS_MACHINE) +# smpboot's init_secondary initializes stack canary. +# Make sure we don't emit stack checks before it's +# initialized. +nostackp := $(call cc-option, -fno-stack-protector) +CFLAGS_smpboot.o := $(nostackp) + ifdef CONFIG_FUNCTION_TRACER # Do not profile debug and lowlevel utilities CFLAGS_REMOVE_tsc.o = -pg -- 2.25.1