From: "ndesaulniers@google.com" <ndesaulniers@google.com> mainline inclusion from mainline-v6.5-rc1 commit 514ca14ed5444b911de59ed3381dfd195d99fe4b category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/ID0RFA CVE: CVE-2023-53491 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i... -------------------------------- Back during the discussion of commit a9a3ed1eff36 ("x86: Fix early boot crash on gcc-10, third try") we discussed the need for a function attribute to control the omission of stack protectors on a per-function basis; at the time Clang had support for no_stack_protector but GCC did not. This was fixed in gcc-11. Now that the function attribute is available, let's start using it. Callers of boot_init_stack_canary need to use this function attribute unless they're compiled with -fno-stack-protector, otherwise the canary stored in the stack slot of the caller will differ upon the call to boot_init_stack_canary. This will lead to a call to __stack_chk_fail() then panic. Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=94722 Link: https://lore.kernel.org/all/20200316130414.GC12561@hirez.programming.kicks-a... Tested-by: Nathan Chancellor <nathan@kernel.org> Acked-by: Michael Ellerman <mpe@ellerman.id.au> (powerpc) Acked-by: Miguel Ojeda <ojeda@kernel.org> Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org> Signed-off-by: Nick Desaulniers <ndesaulniers@google.com> Link: https://lore.kernel.org/r/20230412-no_stackp-v2-1-116f9fe4bbe7@google.com Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org> Signed-off-by: ndesaulniers@google.com <ndesaulniers@google.com> Conflicts: arch/powerpc/kernel/smp.c include/linux/compiler_attributes.h init/main.c [fix context conflicts] Signed-off-by: Lin Yujun <linyujun809@h-partners.com> --- arch/powerpc/kernel/smp.c | 1 + include/linux/compiler_attributes.h | 12 ++++++++++++ init/main.c | 3 ++- 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/arch/powerpc/kernel/smp.c b/arch/powerpc/kernel/smp.c index b12e4437bf0a..f3fea3928efc 100644 --- a/arch/powerpc/kernel/smp.c +++ b/arch/powerpc/kernel/smp.c @@ -1467,10 +1467,11 @@ static void add_cpu_to_masks(int cpu) free_cpumask_var(mask); } /* Activate a secondary processor. */ +__no_stack_protector void start_secondary(void *unused) { unsigned int cpu = raw_smp_processor_id(); mmgrab(&init_mm); diff --git a/include/linux/compiler_attributes.h b/include/linux/compiler_attributes.h index 08eb06301791..6f495fca9d79 100644 --- a/include/linux/compiler_attributes.h +++ b/include/linux/compiler_attributes.h @@ -249,10 +249,22 @@ * clang: https://clang.llvm.org/docs/AttributeReference.html#noreturn * clang: https://clang.llvm.org/docs/AttributeReference.html#id1 */ #define __noreturn __attribute__((__noreturn__)) +/* + * Optional: only supported since GCC >= 11.1, clang >= 7.0. + * + * gcc: https://gcc.gnu.org/onlinedocs/gcc/Common-Function-Attributes.html#index-no_... + * clang: https://clang.llvm.org/docs/AttributeReference.html#no-stack-protector-safeb... + */ +#if __has_attribute(__no_stack_protector__) +# define __no_stack_protector __attribute__((__no_stack_protector__)) +#else +# define __no_stack_protector +#endif + /* * gcc: https://gcc.gnu.org/onlinedocs/gcc/Common-Type-Attributes.html#index-packed-... * clang: https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html#index-pac... */ #define __packed __attribute__((__packed__)) diff --git a/init/main.c b/init/main.c index 2b466bd04110..5d73bd096bd0 100644 --- a/init/main.c +++ b/init/main.c @@ -872,11 +872,12 @@ early_param("randomize_kstack_offset", early_randomize_kstack_offset); void __init __weak arch_call_rest_init(void) { rest_init(); } -asmlinkage __visible void __init __no_sanitize_address start_kernel(void) +asmlinkage __visible __init __no_sanitize_address __noreturn __no_stack_protector +void start_kernel(void) { char *command_line; char *after_dashes; set_task_stack_end_magic(&init_task); -- 2.34.1