Received: by 2002:a17:90a:1609:0:0:0:0 with SMTP id n9csp2484573pja; Thu, 26 Mar 2020 16:19:23 -0700 (PDT) X-Google-Smtp-Source: ADFU+vsU9211ScDiNTihWsrE6juXPTC5aPZ5yKjhA+5oxxfcKbNZdcbzmdNOMHNkKYjfRQoR+g1Q X-Received: by 2002:a9d:7617:: with SMTP id k23mr7869028otl.329.1585264763365; Thu, 26 Mar 2020 16:19:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1585264763; cv=none; d=google.com; s=arc-20160816; b=RjOGV0odtg3z2x3YzaA70o3E/8N+OIVI6z4Cf9mfuxScEtxt7MlEw6UiFp3MOJzMg2 r3Nr1ZeCXQ4aMHpzh/HSQ4Ggsm6nAGy9XFt0Ty+3meIzQ5qvYdCbB5ds/1/vwIjuM7En R5mAnigkZpwTpi9BOPuUqmmY+YuLHQrhqYRhW0plFCDIqZUuwb/8GwLe3q6hR+cJd4pr 87PQVrRY3JjSjEKZjBiy7FvJmz0wMBFo9AkpfKXWf885Aat14T/5L3OTbkZlQAR2kgqH vDLpaKmRWNHjnWMkCwnk+w6Msd8La0GcfmP6OlAwT5JFRZHsEz1gfaKwBTRbAiWSndQj kkzA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=+tBLGVT6kJvU7BrarU0ToF3t86SaHbS8M5tLcaJrQDI=; b=qxDqBBGnR9wUSYrQU4Z0y+HRvwOnNlfiUalgfqB4IltDKPHG9fegJixqD1BMftmA5L DtQECvhFb2s+Qz5dN1541IsXOi0JjlhvXfo4k/mkk+WJHhiA4kh9bUSubodInDpVmm0p qtGs+4CvnEBPC3Eq86B9O/kuBKL7MYWOMMn3wQ5pQECXaMk3M/IPmMVldMDvRPIMzIYg 4H8b795XvpZ5iBDX3p0XIJxk/dnumoqVLwTserCQl2IzzXQkNwfCD4FS7ic7JLxA0sKn dnTxyfUWOqtJlGQivW8ogTCcnOJDxEZxkOY9inaEYlHSKxqqxU2AqMgEG3K9iktuiuc8 D81Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=gentoo.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w23si1669521oti.18.2020.03.26.16.19.09; Thu, 26 Mar 2020 16:19:23 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=gentoo.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727548AbgCZXRM (ORCPT + 99 others); Thu, 26 Mar 2020 19:17:12 -0400 Received: from smtp.gentoo.org ([140.211.166.183]:35148 "EHLO smtp.gentoo.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726296AbgCZXRM (ORCPT ); Thu, 26 Mar 2020 19:17:12 -0400 Received: from sf.home (host86-151-215-168.range86-151.btcentralplus.com [86.151.215.168]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: slyfox) by smtp.gentoo.org (Postfix) with ESMTPSA id 5915034F9CF; Thu, 26 Mar 2020 23:17:10 +0000 (UTC) Received: by sf.home (Postfix, from userid 1000) id 9140B5A22061; Thu, 26 Mar 2020 23:17:05 +0000 (GMT) From: Sergei Trofimovich To: linux-kernel@vger.kernel.org Cc: Sergei Trofimovich , Jakub Jelinek , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , Andy Lutomirski , Peter Zijlstra , Michael Matz , x86@kernel.org Subject: [PATCH v2] x86: fix early boot crash on gcc-10 Date: Thu, 26 Mar 2020 23:16:16 +0000 Message-Id: <20200326231616.186924-1-slyfox@gentoo.org> X-Mailer: git-send-email 2.26.0 In-Reply-To: <20200314164451.346497-1-slyfox@gentoo.org> References: <20200314164451.346497-1-slyfox@gentoo.org> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The change fixes boot failure on physical machine where kernel is built with gcc-10 with stack protector enabled by default: ``` Kernel panic — not syncing: stack-protector: Kernel stack is corrupted in: start_secondary+0x191/0x1a0 CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.6.0-rc5—00235—gfffb08b37df9 #139 Hardware name: Gigabyte Technology Co., Ltd. To be filled by O.E.M./H77M—D3H, BIOS F12 11/14/2013 Call Trace: dump_stack+0x71/0xa0 panic+0x107/0x2b8 ? start_secondary+0x191/0x1a0 __stack_chk_fail+0x15/0x20 start_secondary+0x191/0x1a0 secondary_startup_64+0xa4/0xb0 -—-[ end Kernel panic — not syncing: stack—protector: Kernel stack is corrupted in: start_secondary+0x191 ``` This happens because `start_secondary()` is responsible for setting up initial stack canary value in `smpboot.c`, but nothing prevents gcc from inserting stack canary into `start_secondary()` itself before `boot_init_stack_canary()` call. The fix inhibits stack canary check foa single `start_secondary()` function. Tested the change by successfully booting the machine. A few similar crashes on VMs: - https://bugzilla.redhat.com/show_bug.cgi?id=1796780 - http://rglinuxtech.com/?p=2694 CC: Jakub Jelinek CC: Thomas Gleixner CC: Ingo Molnar CC: Borislav Petkov CC: "H. Peter Anvin" CC: Andy Lutomirski CC: Peter Zijlstra CC: Michael Matz CC: x86@kernel.org Signed-off-by: Sergei Trofimovich --- arch/x86/kernel/smpboot.c | 5 ++++- include/linux/compiler-gcc.h | 1 + include/linux/compiler_types.h | 4 ++++ 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/smpboot.c b/arch/x86/kernel/smpboot.c index 69881b2d446c..99a4cb631a64 100644 --- a/arch/x86/kernel/smpboot.c +++ b/arch/x86/kernel/smpboot.c @@ -207,8 +207,11 @@ static int cpu0_logical_apicid; static int enable_start_cpu0; /* * Activate a secondary processor. + * + * Note: 'boot_init_stack_canary' changes canary value. Omit + * stack protection to avoid canary check (and boot) failure. */ -static void notrace start_secondary(void *unused) +static void __no_stack_protector notrace start_secondary(void *unused) { /* * Don't put *anything* except direct CPU state initialization diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h index d7ee4c6bad48..fb67c743138c 100644 --- a/include/linux/compiler-gcc.h +++ b/include/linux/compiler-gcc.h @@ -172,3 +172,4 @@ #endif #define __no_fgcse __attribute__((optimize("-fno-gcse"))) +#define __no_stack_protector __attribute__((optimize("-fno-stack-protector"))) diff --git a/include/linux/compiler_types.h b/include/linux/compiler_types.h index 72393a8c1a6c..9d5de1ea0b03 100644 --- a/include/linux/compiler_types.h +++ b/include/linux/compiler_types.h @@ -212,6 +212,10 @@ struct ftrace_likely_data { #define asm_inline asm #endif +#ifndef __no_stack_protector +# define __no_stack_protector +#endif + #ifndef __no_fgcse # define __no_fgcse #endif -- 2.26.0