Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp2514186pxb; Tue, 9 Mar 2021 04:38:11 -0800 (PST) X-Google-Smtp-Source: ABdhPJynx5iJyflhvJk8H2qkncpcUEIaHvIeHqYCg0hWkI/qfX/43UpDAr5aK1HGlH1IQqEchnO4 X-Received: by 2002:a05:6402:220a:: with SMTP id cq10mr3859684edb.345.1615293491132; Tue, 09 Mar 2021 04:38:11 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1615293491; cv=none; d=google.com; s=arc-20160816; b=qwh9JNfz8eH/KfZsTMQEOLUW5MupDJPQeBpYA7CCMKpy9qV0oNh3bi7VSqlYM6V5ur 5oO2B4NTXytDa3hTvVJ0ANF9qxzQLQwVqk3CiP7wxibieP83i9qXIVwB19UjRe2H/icq 0VozWvYMcKJX7t90GWteWAJT4bVmBqnDSShS+rLMliUZ/NBvSl6wmK7ogaWtzcoWxdrB djhhoBx8ohyAsvT79K565WiiMbOl5/ZXjx0piBiNCD5cM/Jq3VU+FWztvTmSUD77b5E0 WO1JVbdIKI1Ky6gC0YYiMcH0LVJf8K4lj8UQhfxltWpUkmVeE2eWuHNc6S/SLdiI5o/C 3L8w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=1V903cpmkAYcjek8PtfoYBC275ogxDLTf4Ljd5MWAwQ=; b=NYzljUXV6/5JFnOvNlVWxEmaLXpdsC9YdHJDxAfM34wla5j3DzoFln9FAhspX1YFW9 NaSM+BFdsqPbbzTz+ej4pdo8UR+btWSqLeGaxjjkK+0X5shB622wYeNjvUAIFDUJ2KsY ncNYZGPLezWw08d5kEIUdMVcT1Fmz/nvkTOESelF03Uam46jAQ/SvJRnJVuUUHu1q0jT z1Rm1IQXs98f4QIqFomUa7IKseBFWagTvzpN90K6HmGl6YaGOBxJiD3vtfXZfeafFecL F115PjzV1dylYlk/jOH+SiZzotRqS2xrRhIM4wUWHr56II+F1B+rX8utD5KygRSj/p4Q IA2w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id j2si9130935ejv.381.2021.03.09.04.37.48; Tue, 09 Mar 2021 04:38:11 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230299AbhCIMgP (ORCPT + 99 others); Tue, 9 Mar 2021 07:36:15 -0500 Received: from mx2.suse.de ([195.135.220.15]:59944 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230122AbhCIMf4 (ORCPT ); Tue, 9 Mar 2021 07:35:56 -0500 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.221.27]) by mx2.suse.de (Postfix) with ESMTP id AEF72AB8C; Tue, 9 Mar 2021 12:35:55 +0000 (UTC) From: Michal Suchanek To: linux-arm-kernel@lists.infradead.org Cc: Michal Suchanek , Catalin Marinas , Will Deacon , linux-kernel@vger.kernel.org, Masahiro Yamada Subject: [PATCH] arm64: make STACKPROTECTOR_PER_TASK configurable. Date: Tue, 9 Mar 2021 13:35:44 +0100 Message-Id: <20210309123544.14040-1-msuchanek@suse.de> X-Mailer: git-send-email 2.26.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org When using dummy-tools STACKPROTECTOR_PER_TASK is unconditionally selected. This defeats the purpose of the all-enabled tool. Description copied from arm Cc: Masahiro Yamada Signed-off-by: Michal Suchanek --- arch/arm64/Kconfig | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index a8ff7cd5f096..f59d391e31a4 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -1549,9 +1549,20 @@ config RANDOMIZE_MODULE_REGION_FULL config CC_HAVE_STACKPROTECTOR_SYSREG def_bool $(cc-option,-mstack-protector-guard=sysreg -mstack-protector-guard-reg=sp_el0 -mstack-protector-guard-offset=0) + config STACKPROTECTOR_PER_TASK - def_bool y + bool "Use a unique stack canary value for each task" depends on STACKPROTECTOR && CC_HAVE_STACKPROTECTOR_SYSREG + default y + help + Due to the fact that GCC uses an ordinary symbol reference from + which to load the value of the stack canary, this value can only + change at reboot time on SMP systems, and all tasks running in the + kernel's address space are forced to use the same canary value for + the entire duration that the system is up. + + Enable this option to switch to a different method that uses a + different canary value for each task. endmenu -- 2.26.2