From nobody Sat Dec 28 04:11:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=epam.com); dmarc=pass(p=quarantine dis=none) header.from=epam.com ARC-Seal: i=2; a=rsa-sha256; t=1733882706; cv=pass; d=zohomail.com; s=zohoarc; b=H6RuYeRSuL4M6uHwSxG6tf9do5tNYqE516iKA4z8swHx0OTxg7dw7fl3whdu7/FHOWn7HwfCTx72V4CsF1eRoAeZreyW4oYvWLiPjTnwHeV4vlZT3DnpozG89ooFTqag+/iBlrmgtAt50SctT9HWS64dGD3jZrkePiJgVdE473k= ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1733882706; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=+SBVbnyLD0YPGsHrZbGEmWYLQu4GIjmGITJeCVcu8vk=; b=J93enV5lzVzuZnqCtiGsZP++//m8b6S1daRyhMti5qBfMPD28UiiWeHXDsfrUSaJOp2Pxl+jU6Nsmdjbzw73EV+5Y6W0iktLpbIrQGtJZDKetICglixHCXd1gc/+2kZvTIgLwxOP1FOZIC8VKbeZCo7HmbUekdms/A0R02DLKAw= ARC-Authentication-Results: i=2; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=epam.com); dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1733882706262756.2246108901883; Tue, 10 Dec 2024 18:05:06 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.853575.1266993 (Exim 4.92) (envelope-from ) id 1tLC5e-0004oR-7a; Wed, 11 Dec 2024 02:04:38 +0000 Received: by outflank-mailman (output) from mailman id 853575.1266993; Wed, 11 Dec 2024 02:04:38 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tLC5e-0004oK-43; Wed, 11 Dec 2024 02:04:38 +0000 Received: by outflank-mailman (input) for mailman id 853575; Wed, 11 Dec 2024 02:04:37 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tLC5d-0004a4-8x for xen-devel@lists.xenproject.org; Wed, 11 Dec 2024 02:04:37 +0000 Received: from EUR02-VI1-obe.outbound.protection.outlook.com (mail-vi1eur02on2060a.outbound.protection.outlook.com [2a01:111:f403:2607::60a]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 4575a80b-b764-11ef-a0d5-8be0dac302b0; Wed, 11 Dec 2024 03:04:36 +0100 (CET) Received: from GV1PR03MB10456.eurprd03.prod.outlook.com (2603:10a6:150:16a::21) by AS8PR03MB9365.eurprd03.prod.outlook.com (2603:10a6:20b:57d::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8230.18; Wed, 11 Dec 2024 02:04:31 +0000 Received: from GV1PR03MB10456.eurprd03.prod.outlook.com ([fe80::a41e:5aa8:e298:757e]) by GV1PR03MB10456.eurprd03.prod.outlook.com ([fe80::a41e:5aa8:e298:757e%7]) with mapi id 15.20.8251.008; Wed, 11 Dec 2024 02:04:31 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 4575a80b-b764-11ef-a0d5-8be0dac302b0 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=uqsXJqDz9igsmEp6Br/L++gm0CBerS4O09IZEZUzmZaGtkTlELYnajTMtHIHPfrvTjgF0Rt5miJwN8Oz7sUzUESdeqQPUyoT011L5VUIcvnJi2asQ90vSYZUrqXrn77yBTh4+0ammVNAQLNUfn0lYhdkVZfufV5C4+Iimufx+h3GBBBrEwhx+EfQ7xecRk9pp8Pg3oQyeC9Lcm3FcgcpVpXfYWO3ZTeyK7jZ4RdJxx4t+ixzmmFOk4DXhlV9opKY2wO8o80/25YL45N72L+/6jzOaput/MdAF/epkZL9MRrwP4SgxNfLLy7+b+5oAfX6vOFriocGLFux8NiUvx0fpQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=+SBVbnyLD0YPGsHrZbGEmWYLQu4GIjmGITJeCVcu8vk=; b=fNnkVxVw61t8Oa3qbWWo0MTbeD1J+F9g8mZoiq1lSTPfGWpYWpyCX2DuvOE1VYL3lYWvdA6Ger8EYjl2GDdloG7w4QUGSck3vxOg0MHZDK5jH0mf+q01UykhqtUU0wxOfquD47S/vnf4Evb/j7yLi6Ik4onHqh7Ep4dXzNjmNR4b1Cecl8osIhfQk/sIkxAlIFD7kObW36haeHAWIm6eI9ozUY0M3z+WLVyGGXPcIQ5f753c5oP6NHk/Bpsm3RBso8dC+DToX1lyQ7PsulIgu2Jj6sDu9NZUL+uk4toPLbsGks2jaVO9Zo2xBJJw0NsJsX2gOj3EZpQSe91CbWYW4w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=epam.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+SBVbnyLD0YPGsHrZbGEmWYLQu4GIjmGITJeCVcu8vk=; b=UEGY2LCgSvh5EQ5iIwGEdFVE5kWvND8GihaXi7iBdGpNihebU/yBumi8K/qkaoPdbsmRfkWlfEBWzwrb+c942lB3AjabfJkrAwt7KYH5wdAoS37312zZpDHL8OzS/vKMe4ghXN53DtPXINjO12v/8ITm9chAA/H7F5E5V2vErCX4r21nULKWofbz0qe3mxiS22ld774XjeQyH010BguCwH7UHQJjObHhmQVbJCmVqPYQMqVY+CDPwlohEN/n4f1UhS8gBw0TJY2mB2vnQHc4FunkwWCJPLx4kfQIuCX4JZqu5jbDdYXuB//HbdVIo6H4eaZRteYnYxPgqiRhGHVwlw== From: Volodymyr Babchuk To: "xen-devel@lists.xenproject.org" CC: Volodymyr Babchuk , Andrew Cooper , Jan Beulich , Julien Grall , Stefano Stabellini , Anthony PERARD , Samuel Thibault , =?iso-8859-1?Q?Roger_Pau_Monn=E9?= Subject: [PATCH v3 1/3] common: remove -fno-stack-protector from EMBEDDED_EXTRA_CFLAGS Thread-Topic: [PATCH v3 1/3] common: remove -fno-stack-protector from EMBEDDED_EXTRA_CFLAGS Thread-Index: AQHbS3EDx5+OWqJotkip8Dq3lsA6Cw== Date: Wed, 11 Dec 2024 02:04:30 +0000 Message-ID: <20241211020424.401614-2-volodymyr_babchuk@epam.com> References: <20241211020424.401614-1-volodymyr_babchuk@epam.com> In-Reply-To: <20241211020424.401614-1-volodymyr_babchuk@epam.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-mailer: git-send-email 2.47.1 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: GV1PR03MB10456:EE_|AS8PR03MB9365:EE_ x-ms-office365-filtering-correlation-id: 85d67761-3a4e-4e58-b5df-08dd19882702 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0;ARA:13230040|376014|1800799024|366016|38070700018; x-microsoft-antispam-message-info: =?iso-8859-1?Q?L7L4DO48bdEtrdL4IhxWVjAp2nULU1eNfoeBmhimrjO6nwT0Ty4lCfIUHe?= =?iso-8859-1?Q?lzrxNAcfPgYzpaUA9O068zUKgLaepD92YUHkDvuFOBoJw81LgiDnKjjimd?= =?iso-8859-1?Q?zqCSfkokaCioqW4Pb0n5SXdTUMPxfmDv/egPB06H1SRQJUAHEqPEw6juLV?= =?iso-8859-1?Q?NwWsEYk8vZoprUwsiCssZuBEV0y2BfBfmiHgKVuOe8eLP36hcqJiUSMc6l?= =?iso-8859-1?Q?sOfaVvazwSAm90sGXJLesj7sjRya3JJIQmfnr5cObn1/S5Zvz3Tw2kNg2X?= =?iso-8859-1?Q?AE+NC0PNu4xyYEqGO4lKwvZ2/Q3thSAr77eFKXR6x1QKH38MskWKsIpBOX?= =?iso-8859-1?Q?b+g7L8AAwUtA8I0kw+nc2SXVx96uLQIA9QfpSRQ+aFVkrEJbmX3F0juR6C?= =?iso-8859-1?Q?kIsAWrQ588NOMF609kF8igvstOuE+XFVYUUqpfWzSlHZ2wHJVKopbx2H5H?= =?iso-8859-1?Q?Nm5r3XJ1n5K4ztfErdYVPbZC2humGuS/LS0bs6eRSdZhFsY7l/7rw2d4nA?= =?iso-8859-1?Q?c0wOhun5xMNnuBXZczlX9U73DDzcoOqpUaF1twIi/4iF9LXlEIRCjqKigu?= =?iso-8859-1?Q?53pFLUEomMkAb4oJ2x57uUNneqn/aDOHBxJdenGkAKltEv29eTwpDSIroE?= =?iso-8859-1?Q?wtED5u3Z8fgqZtA6ajoZlZQGoapivFiUEaOSjzR/F8uF1ok4bMdl3ntmFN?= =?iso-8859-1?Q?2hW5OP0btMiUdHuCx9Snw1FIHEyKEj9/dkcQ4aU/x2sDcbk0omenneTiBe?= =?iso-8859-1?Q?33Bmn6lkEbw5IP1zw881z+Lo5rxJrF6yvVe5uCZnJcGyevyDDPVIEZoswz?= =?iso-8859-1?Q?/Co5ygKpt1Pp37Wwm0fVXRH8WylxhdChmL3RQH1MAajuSJfTfWM7QjA5gL?= =?iso-8859-1?Q?xJvpUvD/Usg+h1aW82QV/HSJlj0NxNhj4USQEqj+AnKrgNtllITj2ntip+?= =?iso-8859-1?Q?IjA/B8r5fTYqPs+Q16AyeaLTaN5ZDCnb8Uq8/ZxxIu7U2dTo1ixPCnJJQh?= =?iso-8859-1?Q?H48HtBhVu0462O/dMgBpJEQhCtLv+IUsjuwY50DjJSo30toDIosKDBaTIy?= =?iso-8859-1?Q?dDwX0qYIwgUCN4cszWHQ+naqxzgwAMcou/CMWgoIvC1//P+Wpfq0hDZjNu?= =?iso-8859-1?Q?uhT4sfvBBvhgZs+SPQDh8OFF0XpnZux7s662YcgC92dEflP7HNYv+yrkis?= =?iso-8859-1?Q?Et7/+5J7adeXzOvO0eStXFnl5XKuVxvY0mfUzp0jQrwtSiKzAxnFBfXytZ?= =?iso-8859-1?Q?M+8ofZ4fgh0YJloqims3+74Bb5R2C4jetggANV4tuUn9zRFVGlobIRkwiZ?= =?iso-8859-1?Q?Il3vmx9sinKdXJ0NwLHwvqlS4+u7KrsfBSH+/s40ORGtrtbH6aJvV1i57e?= =?iso-8859-1?Q?DDjXjKeELZEodksvKcEmkFWEfD28wu3FEv7BVrFycBUPtjPrNswGi8AhSn?= =?iso-8859-1?Q?PKpYsTZIDSJBsVO/R32j2runrd3ERqvYDwfcWA=3D=3D?= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:GV1PR03MB10456.eurprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016)(38070700018);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?Q?PBTosIs+MohPGckGf68nIKsdSyx47ohfCF9DAwZDWDcReFgw4aGrZMR6/3?= =?iso-8859-1?Q?l2tJjEO64ODzszXl4u6YmXsZZ8rscfLQOqCOMcIKpyXzPZgSu/EK9K7hlo?= =?iso-8859-1?Q?KKeQKgmkaBuUClN5h2epe1quwzJZXVCBBRg4vWQsJ+TxVOJKGW7zQemRsT?= =?iso-8859-1?Q?SfYuyzQOmeLXu6Q4wWUp40tvs32ojZOZlwKAizW/ZHJjAQGCdSlvTENvfL?= =?iso-8859-1?Q?QQ5qSvqa2bUc41XM9FmwG2XAYsUuJVMSlhbvciRmbGY3aXw8Pga+TLksI7?= =?iso-8859-1?Q?xZJur4Nc2CMIPyWHDTCVTNboLUYn/GtZpYQ+LKPefPIn1YhcsfMlulsiOg?= =?iso-8859-1?Q?umHqDQTiDt3/idP5Z+MjAYctAtWapvl0GoVq4WVLX4vZcIITUK24ZN2jEM?= =?iso-8859-1?Q?En3mEAZHaPzrJ+DlXl7lPKVvkfuUL0//XHCOhHHiSg4REKwdliSteMdWrU?= =?iso-8859-1?Q?HLaPK6SczRIMZfrLWwUWK7r1o1TUcW6ZOv1TBr9qohCqsNhqcMhHjDri+y?= =?iso-8859-1?Q?NBlODKO/3WZ4/qsr1LtvcSXasEjX0C1BxqRMCRr6uJLKYaUD92dUVbRzrJ?= =?iso-8859-1?Q?NU3BSgmegnoidJUF9ut/OubQVfII54r8otjwv5OtonObwALzH8Ca82IdI3?= =?iso-8859-1?Q?pp519gpe51wcMRMHzreDfC2UXQ/S2qcuj9oEdaZc0B2XqhtHZkEjvtETt+?= =?iso-8859-1?Q?PI6a4FU1oxbOxSRtXp39+v4L5MDAUjoHMTjfNIB4Yf/xFdeMV2cCrdltri?= =?iso-8859-1?Q?bxJ7lFCmZuJsHQehNRYkGrWLCUDZypj2xQ2+LzLYQMjP73tcrc6s9Okbq6?= =?iso-8859-1?Q?R/2Kp4+4Irc547ejsMDrE/hTN8ykaO3uumcIZFpqDKb8X6u6d1LEgMSUyG?= =?iso-8859-1?Q?U/5yajxCrazxdwz+KWBGHqamaE9xc4gUJ+FDzPRX6wnsBVfwfDP3dfEGV2?= =?iso-8859-1?Q?gpsCDqK0zpSQ4kVfKT5H52s57DpghFDwHt52/srUCBLdX+iamjuJ6XjDaX?= =?iso-8859-1?Q?LufoL8bVitj7lMZv5eUucHhoXdpctcQeYp6MruvXzdaTUWlegZtGGxpngC?= =?iso-8859-1?Q?fWRmo2vvZ7FxC11APNsXO8/x2kAWT1eW/jwDZb2tFOatmkonuLgYnwdbzo?= =?iso-8859-1?Q?jd86UDE/rQvfxXkW/TIzn2TDcVvk13QH0ZA0cdLeYOck2zz7IR6vVMz7DT?= =?iso-8859-1?Q?ccNxKfC2/omyuLTmuULK8neTeuLGTq5VMWfCvvjFA/KYTB3FRIVsdwFhyx?= =?iso-8859-1?Q?5kERgDtghIceb/7AOEgrI5qO5kgflrwPdkCmfwgpcSuxvaPZMG5bon7ICw?= =?iso-8859-1?Q?mMG8b4Ma29Zi3TStvlfgzR3EMPih2Z75uYb3kA/ikjZreirVhKxMx/AHGF?= =?iso-8859-1?Q?+EePH+Ksd+OHPKBmjaJ1PWi9Iq+bOCAjVeuU28AfsnrusihxvBZ+nyq/Pg?= =?iso-8859-1?Q?XxKWuOnEl71AfGekKOzcDrbvSYlcFlUNdC3yLGsrjTCRVz6EiVu0siZHo0?= =?iso-8859-1?Q?8jvCUH9/XsiwffVedHsluRvX6gMfm+BfbsyktTg5/TDP0yKQB6o34vXrdr?= =?iso-8859-1?Q?RMrBuclfQ/s3YJYKqUJ4LaVS1E9LCzs3qfaBBrcLJ9w2U6SJIZR6i5Mb3s?= =?iso-8859-1?Q?OSP048ojnuDdsGsin7YixpGjP8LR2ZFlxMZuT8+V127+I5/Z1P12HoHQ?= =?iso-8859-1?Q?=3D=3D?= Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: epam.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: GV1PR03MB10456.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 85d67761-3a4e-4e58-b5df-08dd19882702 X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Dec 2024 02:04:30.2690 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: b41b72d0-4e9f-4c26-8a69-f949f367c91d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: igq6fdkktG3Hpo2lOAzuztof057LWBbvvv0PG0S6RVCspnQ8jEb6JE7NBfnlucAI3cv7bVYgk7MT6NrrXqXHp+LJ+KTLdL+Qx7ERui52vd4= X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS8PR03MB9365 X-ZohoMail-DKIM: pass (identity @epam.com) X-ZM-MESSAGEID: 1733882707395116600 Content-Type: text/plain; charset="utf-8" This patch is preparation for making stack protector configurable. First step is to remove -fno-stack-protector flag from EMBEDDED_EXTRA_CFLAGS so separate components (Hypervisor in this case) can enable/disable this feature by themselves. Signed-off-by: Volodymyr Babchuk Reviewed-by: Jan Beulich --- Changes in v3: - Reword commit message - Use CFLAGS +=3D instead of cc-optios-add Changes in v2: - New in v2 --- Config.mk | 2 +- stubdom/Makefile | 3 +++ tools/firmware/Rules.mk | 2 ++ tools/tests/x86_emulator/testcase.mk | 2 +- xen/Makefile | 2 ++ 5 files changed, 9 insertions(+), 2 deletions(-) diff --git a/Config.mk b/Config.mk index fa0414055b..c9fef4659f 100644 --- a/Config.mk +++ b/Config.mk @@ -190,7 +190,7 @@ endif APPEND_LDFLAGS +=3D $(foreach i, $(APPEND_LIB), -L$(i)) APPEND_CFLAGS +=3D $(foreach i, $(APPEND_INCLUDES), -I$(i)) =20 -EMBEDDED_EXTRA_CFLAGS :=3D -fno-pie -fno-stack-protector +EMBEDDED_EXTRA_CFLAGS :=3D -fno-pie EMBEDDED_EXTRA_CFLAGS +=3D -fno-exceptions -fno-asynchronous-unwind-tables =20 XEN_EXTFILES_URL ?=3D https://xenbits.xen.org/xen-extfiles diff --git a/stubdom/Makefile b/stubdom/Makefile index 2a81af28a1..4c9186499d 100644 --- a/stubdom/Makefile +++ b/stubdom/Makefile @@ -14,6 +14,8 @@ export debug=3Dy # Moved from config/StdGNU.mk CFLAGS +=3D -O1 -fno-omit-frame-pointer =20 +CFLAGS +=3D -fno-stack-protector + ifeq (,$(findstring clean,$(MAKECMDGOALS))) ifeq ($(wildcard $(MINI_OS)/Config.mk),) $(error Please run 'make mini-os-dir' in top-level directory) @@ -54,6 +56,7 @@ TARGET_CFLAGS +=3D $(CFLAGS) TARGET_CPPFLAGS +=3D $(CPPFLAGS) $(call cc-options-add,TARGET_CFLAGS,CC,$(EMBEDDED_EXTRA_CFLAGS)) =20 + # Do not use host headers and libs GCC_INSTALL =3D $(shell LANG=3DC gcc -print-search-dirs | sed -n -e 's/ins= tall: \(.*\)/\1/p') TARGET_CPPFLAGS +=3D -U __linux__ -U __FreeBSD__ -U __sun__ diff --git a/tools/firmware/Rules.mk b/tools/firmware/Rules.mk index d3482c9ec4..be2692695d 100644 --- a/tools/firmware/Rules.mk +++ b/tools/firmware/Rules.mk @@ -11,6 +11,8 @@ ifneq ($(debug),y) CFLAGS +=3D -DNDEBUG endif =20 +CFLAGS +=3D -fno-stack-protector + $(call cc-options-add,CFLAGS,CC,$(EMBEDDED_EXTRA_CFLAGS)) =20 $(call cc-option-add,CFLAGS,CC,-fcf-protection=3Dnone) diff --git a/tools/tests/x86_emulator/testcase.mk b/tools/tests/x86_emulato= r/testcase.mk index fc95e24589..7875b95d7c 100644 --- a/tools/tests/x86_emulator/testcase.mk +++ b/tools/tests/x86_emulator/testcase.mk @@ -4,7 +4,7 @@ include $(XEN_ROOT)/tools/Rules.mk =20 $(call cc-options-add,CFLAGS,CC,$(EMBEDDED_EXTRA_CFLAGS)) =20 -CFLAGS +=3D -fno-builtin -g0 $($(TESTCASE)-cflags) +CFLAGS +=3D -fno-builtin -fno-stack-protector -g0 $($(TESTCASE)-cflags) =20 LDFLAGS_DIRECT +=3D $(shell { $(LD) -v --warn-rwx-segments; } >/dev/null 2= >&1 && echo --no-warn-rwx-segments) =20 diff --git a/xen/Makefile b/xen/Makefile index 2e1a925c84..34ed8c0fc7 100644 --- a/xen/Makefile +++ b/xen/Makefile @@ -432,6 +432,8 @@ else CFLAGS_UBSAN :=3D endif =20 +CFLAGS +=3D -fno-stack-protector + ifeq ($(CONFIG_LTO),y) CFLAGS +=3D -flto LDFLAGS-$(CONFIG_CC_IS_CLANG) +=3D -plugin LLVMgold.so --=20 2.47.1 From nobody Sat Dec 28 04:11:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=epam.com); dmarc=pass(p=quarantine dis=none) header.from=epam.com ARC-Seal: i=2; a=rsa-sha256; t=1733882706; cv=pass; d=zohomail.com; s=zohoarc; b=ToCWQGmuVrS8rRzmXc1lbR9cSIz9maOg0Z9xdv9vyDaXvKmehhoY6QtVBKsLlXgchPl39bF1aYa6FeFX2IIiK1RVE8SvGeVJi4E+njtyYrrk7FcPXf5yscephWHLExb3Ot6PmGcnHVNRKJ30EPal6dD64nV07mmXakie+Xd6WrE= ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1733882706; h=Content-ID:Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=pj/nhgXuxO2BrnIrOHAoc56dHIEuF1g5kUOJqX9YgsA=; b=gDAkpd2BxecCVcijj4ETs7W9JWqp5dLessdvz0pyYqEju2FSOGRo/Sef8KLi7JVCPvdb1jtAEUig3T4hBnXsXGw7TlRzbhqqaK8zOAOfdZgEdAXh+MCVQyZ647wXfdYBYHn4BwuaZlWiL/nKtSAaJRIjTT0DJ4SaJ1P7o4woGac= ARC-Authentication-Results: i=2; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=epam.com); dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1733882706854248.98598983417628; Tue, 10 Dec 2024 18:05:06 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.853577.1267010 (Exim 4.92) (envelope-from ) id 1tLC5f-00059P-UM; Wed, 11 Dec 2024 02:04:39 +0000 Received: by outflank-mailman (output) from mailman id 853577.1267010; Wed, 11 Dec 2024 02:04:39 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tLC5f-00057Z-Nq; Wed, 11 Dec 2024 02:04:39 +0000 Received: by outflank-mailman (input) for mailman id 853577; Wed, 11 Dec 2024 02:04:39 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tLC5f-0004a4-9a for xen-devel@lists.xenproject.org; Wed, 11 Dec 2024 02:04:39 +0000 Received: from EUR02-VI1-obe.outbound.protection.outlook.com (mail-vi1eur02on2060a.outbound.protection.outlook.com [2a01:111:f403:2607::60a]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 460fbfa0-b764-11ef-a0d5-8be0dac302b0; Wed, 11 Dec 2024 03:04:37 +0100 (CET) Received: from GV1PR03MB10456.eurprd03.prod.outlook.com (2603:10a6:150:16a::21) by AS8PR03MB9365.eurprd03.prod.outlook.com (2603:10a6:20b:57d::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8230.18; Wed, 11 Dec 2024 02:04:32 +0000 Received: from GV1PR03MB10456.eurprd03.prod.outlook.com ([fe80::a41e:5aa8:e298:757e]) by GV1PR03MB10456.eurprd03.prod.outlook.com ([fe80::a41e:5aa8:e298:757e%7]) with mapi id 15.20.8251.008; Wed, 11 Dec 2024 02:04:32 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 460fbfa0-b764-11ef-a0d5-8be0dac302b0 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=OT78h65K4E9xQWiZ7n65iJPNFV5XhFzfqBj/3omUeJ1E7tD5XIX/iESfZPfJgAhdPz3mNc3oD93nH+xpI4dsAWYjXZX826XXTRbrKTd0iqUDrLLuGKHpzFeljWh15O1yUIsD8PUKwhhMHzmlf0Dhx/yntGuiEEg+V1cKnI9avH9t6RiiBGo6tARkFEqaWwKBmruCaQ0vLeZxhV7XE9tAkSCATU5txi0EfEbso+YgpXMg6Jb762k8YOMd2+ar5ycPdPC17GyvnNJfmlzAK38T60J0krsOXvL8KnMTPdwlXndtWXqZ1t0z5rmJ5bHUC1mWPJbvc0YJKBuAXaBlqVbV6w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pj/nhgXuxO2BrnIrOHAoc56dHIEuF1g5kUOJqX9YgsA=; b=jj/Yg9F6HmwqkQUL7de8jIcL0uvlOvloUL5Iwi55RDBK//mWk84i2NoTfEe+DWCG3Fto+E0O78Qy5aiHo215vd+R+Lxsu2QLSYBblOCy1xHaeRtAMJNxr4u9Vn5uW6KpJ+OoIzbzKU03jXm7dOJ7mBK/wOs/s8GDdDk0tTuceYUwBEpJK8h2iidsgloy5y7I5JIegWv+O6llB1pqXV+UYjVs3cpJPldGaCYxTXfCt/gTa7q1q/0PbUk+Ax+YUhCsboNSSQdInLkqGlQt1okTbFjqx+p4QqIx4rbxTnksL6DaL//aZLllwqUa4BFSyWXDHqdBON0vLKcCtuCpzQEePQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=epam.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pj/nhgXuxO2BrnIrOHAoc56dHIEuF1g5kUOJqX9YgsA=; b=voZhMb8qzCJ/xuIwjPXo29EdKK3USyXGlLVRvi4HbLfS76lDjLS6pube1vTzaqyiRm2sCtVdx5p3E3JrW8KkQEXUCcGGJryKQziGxo0djoO27X+omimlfRBXiKZvtqxofwSxNN2k0O+4XFywx8sbERuW1gSx5COv6J+Cq/JPJX3O3It0UEb3C9wkqzFKyAPvKrx3Tjt+0l6lXSDNDFPCO3LO5i6Vt9sgTd0O65Bl1IwI6C8oEcOd1k2kmQ1LjgCaFxBrMA530BN5MJfTxsHYNBIucnqHIc9KXK786tD8pEXOrwjOOH/qsYUzQ1onNfTRT+ZnmYglk8ROOs+iOmqdgQ== From: Volodymyr Babchuk To: "xen-devel@lists.xenproject.org" CC: Volodymyr Babchuk , Andrew Cooper , Jan Beulich , Julien Grall , Stefano Stabellini Subject: [PATCH v3 2/3] xen: common: add ability to enable stack protector Thread-Topic: [PATCH v3 2/3] xen: common: add ability to enable stack protector Thread-Index: AQHbS3ED5ZENsqu4Z0+AIfWfHmGdmQ== Date: Wed, 11 Dec 2024 02:04:30 +0000 Message-ID: <20241211020424.401614-3-volodymyr_babchuk@epam.com> References: <20241211020424.401614-1-volodymyr_babchuk@epam.com> In-Reply-To: <20241211020424.401614-1-volodymyr_babchuk@epam.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-mailer: git-send-email 2.47.1 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: GV1PR03MB10456:EE_|AS8PR03MB9365:EE_ x-ms-office365-filtering-correlation-id: 52bfae58-3baa-4e48-f333-08dd19882730 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0;ARA:13230040|376014|1800799024|366016|38070700018; x-microsoft-antispam-message-info: =?utf-8?B?MnpDMnVWZElTYXFlclgzN3hVQ3B1WjhTQWMvMDE3NW56bW9tZWhjb0xPbytu?= =?utf-8?B?dXpnRTFqUWN5U1pvN1ZQeVVOT21sSnBuVXFUWEFoUWFUa2hkSDJ3dCtnc1hJ?= =?utf-8?B?am9kTzJmRG50NXhvb3M5ZTFBRHN5V2FBVVdSZjN3N25iSm93aTlwK2xLN1ls?= =?utf-8?B?RGdRaHdOZC83QVZzYnlKaVVFRXFYNThkYStKcmF1QktmemR3dy9tU1NpajBw?= =?utf-8?B?ZWZFcG4vVGthVzRhekV4N2xtYzRYM3ZXbGFvS0lCdFY4VThhUTl6UC9OSC9m?= =?utf-8?B?b3lpUnF6OXhqK1Uvby9TNmQ4N0FnWkdxbkIyeEdNV0tVQkM4emVkbk9oYWg4?= =?utf-8?B?L0VkV25mYTdmQnhlcTQ2amtNVmRSZXMzSUZTNXdhZkxFSzI5azFPdmJMelNM?= =?utf-8?B?aTU0TExxcjUrU2FDODhrdDA5bm5JZ1l6QXZRSSt6MFgxQjRSQmpSOGQrV21w?= =?utf-8?B?RlEyekhVN1lRbEFjODR1SXJIL0JjNytXd25mNmVqTFp5S1Zhb3RhbTRnOU9q?= =?utf-8?B?cUFLRXZwNXhIczJJQlVUZTdXK3JlYlBXeWNxTm5TZm40ckdodi9XN3VDYnNq?= =?utf-8?B?ckxmcDFLQmlWQTFZVGNnbmZURUNGcURXdEdvQURjVk1WNDUyc3RTK29mZ1Vw?= =?utf-8?B?a1Vhb1BuU092K1YvYm9aRW5DN0RoeFJjVWlPR0lxeWxiUVZ2N1I0b1RveXBQ?= =?utf-8?B?MFplT2dJUHkzUWRDRnhXSGNYV1JqNG5sVUhxMVJyRE5nd3FGZHJZZEpKNlJa?= =?utf-8?B?VnZtcko0OHNGTGdPenJOT1NSTWF4ekM1NGl1L0JFY0hLNThJRXh6aXB5Z2tw?= =?utf-8?B?dGRpZXEvaVdOR0RxMVFRK1o2S2IwUjIyQmRNczhXdW5EUFJQR0tyWG1EWGtW?= =?utf-8?B?ZFplUWlnT1l4dXUyQ1M5V3FDRFBFVGJ5dEJKeHN6WEFPRW5tdG5qT2pDbW5u?= =?utf-8?B?ZTJZM2NpKzJqOVF0MSt6SVYyaFc0bEtCWlE0ZFh3UEpjM09Vei94N3JLK0tD?= =?utf-8?B?V1E5RzMrbk41WVVPcjZyK2haSFN3K3pOeU9abFJNalU5U2k5VlF6SWQ1cnBa?= =?utf-8?B?UFZXa29McHloSm5FUktEUkV3U2U3TWVNU2dOQ3pDaElLSC8vVWljWmIwRzhC?= =?utf-8?B?dU5URG5CRmNla2xqUjMyS0FyWGxGNUlQUFlTRktVaVJGK1MzMDI5bWJPcEtX?= =?utf-8?B?aURmWVp3b2NJZkw3OGI4Z09uTnpxbHpQSWkrTkU0Y3llVG5EN1FHcDJETzVa?= =?utf-8?B?K21qS1h0QVZNcktuZHNLV0l4S2hMZFE1TVRnMTRnWGYreGpKVmZzby9aMFFG?= =?utf-8?B?bmg0akdhWStxUm9IVWlKSXhVdkxBZjhTMmM4elFkampkZVg0emNDRGJ6aGov?= =?utf-8?B?eUdacHBDcC83MHI3Ujh6V2JvSnZ3Vy9ZaERXTXY0K2FNUjRsL0lsMFdkU3RX?= =?utf-8?B?azE0b2l0NEpZanFqeGh4WDhEVEtHVWF6eFZhai9wR2pxQndYTktvRHRkeHNU?= =?utf-8?B?QUU1Ly9ac0tGWGljMXNCajBYTDMxUnIyMCs4TEFwaDBkWVR4dTk4ZERpTGVD?= =?utf-8?B?VW5KV3BaVVdvOWtnalcvcTg3V2NOelNuWlMybjJvZjlvREM2TUQ2NDZZWDBp?= =?utf-8?B?U3Bibm1uVXJqNlc2S3dVdkdxKzJJTWkvV09pT0VmN2tEL0lhTVFnUCtzQjNh?= =?utf-8?B?RE5XQ1YyelRkTExpMGcydUpybE5PUnE2V08zZHEvMmlXNEJGMVpROVBiM0kr?= =?utf-8?B?VzhKNkx2ZERRZVdqcVJlTlhhOWdSdFk4eFZ0NE92aks4T09wcGFPaEF4Ly9n?= =?utf-8?B?MzFmS1JwRWdLV05TL1E5ejNqamN5THpKN3FDVlNOWFpuZTJ1UDBWckNQUEt6?= =?utf-8?B?ZE1peWpFQXZlUWlkVUJjRmU1dDViMkk4VG5JYnhqaHYyQ0E9PQ==?= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:GV1PR03MB10456.eurprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016)(38070700018);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?utf-8?B?bk1CWHIxM1NZMnNyZzE2b3dYUUw2MFZDMUpGOE1CclY0aHkvMHJBVnJlclNi?= =?utf-8?B?YlpGMGRkZDVPY3pxSnFRWVZlR3JyMkhDNFpHUVlVVkFITjdwV0R3NHZxbzds?= =?utf-8?B?TWNiajRrczNkY21TUTA5M0ZMbmpPMkhsa2l0M2J1RmdUSnVFaFNuT1B5dWNH?= =?utf-8?B?WU45YVdSaDM2NC8rLzR0cHNPc25HblY3TCtCWUdxWkwvbHFIaXcrWUlEb3dn?= =?utf-8?B?S1VzNzdGUUtDWWVwbUJja2hkSnlxRE1iNFlaNkZOY1IvaGVkbEFkZy9WV2hu?= =?utf-8?B?QitXZ1F1NHZmaVZqbTM1d3ZGVExLVnB2bG9rUHFzNG9CYWV0L25weTVEem9W?= =?utf-8?B?amIwWW4wM1VDb1pvWmwxMkVTYWlROElsZExJeTNqYTd1YmxwZ2tWbnU2RmxP?= =?utf-8?B?ekRyVk9vSGdEcVJzOHpZVzFCalF0aVJLbjFqVmtKYzJWd2JjR0RxSm92Q29S?= =?utf-8?B?bjllWUF6MldPKzhyaWV0N05jR0k3d01TRGx1TG1UM1dOVGJHSlJ4eUowT2Fw?= =?utf-8?B?QnIyeFMvTkVBYXE4OFI4aktkNEFrQVhTOHpLa3FqS2crZzB3eTNjMjRacXp1?= =?utf-8?B?b203TXhYcDQ5UURESE1OSFVwTVNTVkF1MStFSVQ3aTBuMzZpUXo2VHdOckRn?= =?utf-8?B?ZXFNMC9selQ4UlpqQVN0ZlFNNDlvV3piazB5Y0xCQVBHVEhkeU5BNGdRVnEv?= =?utf-8?B?cDlQbkpxNEd3Q0xjK1lqNmZ1TzhjYnhjWWlZRTVZTTNRRjZpUVoxR05OWlEw?= =?utf-8?B?azc0RlpxVXlsVXgvcGdFemlMc2RZY0poQzRra0J2emwxU0tyS2h0WnpJUnRW?= =?utf-8?B?dEJ2TnB3MHhOdVAvZTBoaDQ5blFQZk14WjY3QzhDd0Zxa3NPb2JwaThXeXRr?= =?utf-8?B?bXJ4RUFNQm5Ca1c0QkFmVzJhUWd4ODV3MkM0RDN0YXhrMjlEMXh3L3VVWUN4?= =?utf-8?B?VTlHMEJGL05haFhuam1WdXYzc0s2N0ZsZlhOOFFqRGJ2UDcwdEpBY2RJeHVT?= =?utf-8?B?aEViWlR1c2lTNXJ5SnBJS3IxUDhtTGpsUzVGZElWM0JKNytXZ3Z1ZGI1NG15?= =?utf-8?B?WUt0SW1WQVE3RTZlSE9rREV0TXREckFMZVhpUGZsbkRvVVo3ZG9PODFhRG5M?= =?utf-8?B?QkloL2k0dThHOWJYRHZGVkk0QjJyeG4zNFVwUUVWZmRHM2RZeFFieTAyS1NM?= =?utf-8?B?ZThFWmFzbXFFVzdMVHZnQWR6NXV6ZnN5RWZLWXJPZG1ZNkhvVjc5d1J5c0FN?= =?utf-8?B?L1B0RGN1cTIwa3R2VzlHZ0VGQmdSWW9qc1JrRWhjQVNEZkwzTWJ0VVRQZzJH?= =?utf-8?B?VFVtcmFFUFhMY29xK1p3MmwzYnBMVG9iNmxWbmR3TE84T2pwSHc0S3k4MXRK?= =?utf-8?B?RG00all5ZXowQXE5blVIUjJWWW02cnExZU04d2hxUUR3VE5TMFpVY1M5cVVQ?= =?utf-8?B?SVhlOU1GTGI3RVRWUkl2R3k3WW02ZEg1UzBXV1I1eHF0b214VVBGZlBQKzN1?= =?utf-8?B?eDVhdmJycXVGbWNIc1FLeGlPaTBvN0dWNVo5aER4Z2pTeklLZ29XQWJCL2tt?= =?utf-8?B?dXRybW1TZVJOUTFHckIzRlRpakI0K3FPSlB4NWl0ZzVjRlhITHUyQzlhZmhU?= =?utf-8?B?SUtWbHh4MG1sdmtucWphMUFBYkpjMWEyczQvOHl3UnFSamVTNFVBSHNmdElQ?= =?utf-8?B?UmRGclU3T29CbzU4OEwyRWxjVDg0N3JRaXM5bTkrc1pwdm9hakduenl0OS9w?= =?utf-8?B?N2Nza1pyeTRjS0lBS3FoaW41TERmZ1JEaWpSaVRlRnFHajM2N0FkTjE2YVpr?= =?utf-8?B?akd0MnJqcTRXWVJBN2ZMTUw2V1dlQURVZ3dJcjBRdmxZRVNLWFhybnVDZFBx?= =?utf-8?B?V3l0ZXltT0FYRlp6aytQNVVUb3BtNms1VTFnMm1VemhLZ0h4bVc5UkdOYXJY?= =?utf-8?B?bEtRYjRoVll5dGN4VS9lMXhaKzdFUnR3L0J6cmJMMjJ5dDNxMkJTTlhHSFVN?= =?utf-8?B?Zm03L0IvQUVsMmMraXNZakhuVHdMdTU0M2tVRkEzSEJweE5TMDVuZkNmUGNi?= =?utf-8?B?bG92QmtKRTFPMUZHSEk1WFIrd3dzSFMzeEYzbzd5UEFZN3R5VXh6ZDZxcWdZ?= =?utf-8?B?WFUzUVJjc1NrWmpNVFZOMFUzd2RPblYxcE85RXlRZkdFeHpydUZCcm1JalB2?= =?utf-8?B?R2c9PQ==?= Content-Type: text/plain; charset="utf-8" Content-ID: <549BB8EE78CD0E44856ABAF33634CF3D@eurprd03.prod.outlook.com> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: epam.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: GV1PR03MB10456.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 52bfae58-3baa-4e48-f333-08dd19882730 X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Dec 2024 02:04:30.6083 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: b41b72d0-4e9f-4c26-8a69-f949f367c91d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: und5uM0Y6qfmy3kFhAOaLA9gHjBVUXlMDrlOS+vGfshN3Oq4ZaX+4xv7sbS8L4ooynsDL9zxC7aB33VeiLtD7EqLE87kLpWA7qV0Pg0r9/Q= X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS8PR03MB9365 X-ZohoMail-DKIM: pass (identity @epam.com) X-ZM-MESSAGEID: 1733882707516116600 Both GCC and Clang support -fstack-protector feature, which add stack canaries to functions where stack corruption is possible. This patch makes general preparations to enable this feature on different supported architectures: - Added CONFIG_HAS_STACK_PROTECTOR option so each architecture can enable this feature individually - Added user-selectable CONFIG_STACK_PROTECTOR option - Implemented code that sets up random stack canary and a basic handler for stack protector failures Stack guard value is initialized in three phases: 1. Pre-defined randomly-selected value. 2. Early use of linear congruent random number generator. It relies on get_cycles() being available very early. If get_cycles() returns zero, it would leave pre-defined value from the previous step. Even when get_cycles() is available, it's return value may be easily predicted, especially on embedded systems, where boot time is quite consistent. 3. After hypervisor is sufficiently initialized, stack guard can be set-up with get_random() function, which is expected to provide better randomness. Also this patch adds comment to asm-generic/random.h about stack protector dependency on it. Signed-off-by: Volodymyr Babchuk --- Changes in v3: - Fixed coding style in stack-protector.h - Extended panic() message - Included missed random.h - Renamed Kconfig option - Used Andrew's suggestion for the Kconfig help text - Added "asmlinkage" attribute to __stack_chk_fail() to make Eclair happy - Initial stack guard value is random - Added LCG to generate stack guard value at early boot stages - Added comment to asm-generic/random.h about dependencies - Extended the commit message Changes in v2: - Moved changes to EMBEDDED_EXTRA_CFLAGS into separate patch - Renamed stack_protector.c to stack-protector.c - Renamed stack_protector.h to stack-protector.h - Removed #ifdef CONFIG_X86 in stack-protector.h - Updated comment in stack-protector.h (also, we can't call boot_stack_chk_guard_setup() from asm code in general case, because it calls get_random() and get_random() may depend in per_cpu infrastructure, which is initialized later) - Fixed coding style - Moved CONFIG_STACK_PROTECTOR into newly added "Compiler options" submenu - Marked __stack_chk_guard as __ro_after_init --- xen/Makefile | 4 +++ xen/common/Kconfig | 15 ++++++++++ xen/common/Makefile | 1 + xen/common/stack-protector.c | 47 +++++++++++++++++++++++++++++++ xen/include/asm-generic/random.h | 5 ++++ xen/include/xen/stack-protector.h | 30 ++++++++++++++++++++ 6 files changed, 102 insertions(+) create mode 100644 xen/common/stack-protector.c create mode 100644 xen/include/xen/stack-protector.h diff --git a/xen/Makefile b/xen/Makefile index 34ed8c0fc7..0de0101fd0 100644 --- a/xen/Makefile +++ b/xen/Makefile @@ -432,7 +432,11 @@ else CFLAGS_UBSAN :=3D endif =20 +ifeq ($(CONFIG_STACK_PROTECTOR),y) +CFLAGS +=3D -fstack-protector +else CFLAGS +=3D -fno-stack-protector +endif =20 ifeq ($(CONFIG_LTO),y) CFLAGS +=3D -flto diff --git a/xen/common/Kconfig b/xen/common/Kconfig index 90268d9249..5676339a66 100644 --- a/xen/common/Kconfig +++ b/xen/common/Kconfig @@ -86,6 +86,9 @@ config HAS_UBSAN config HAS_VMAP bool =20 +config HAS_STACK_PROTECTOR + bool + config MEM_ACCESS_ALWAYS_ON bool =20 @@ -213,6 +216,18 @@ config SPECULATIVE_HARDEN_LOCK =20 endmenu =20 +menu "Compiler options" + +config STACK_PROTECTOR + bool "Stack protector" + depends on HAS_STACK_PROTECTOR + help + Enable the Stack Protector compiler hardening option. This inserts a + canary value in the stack frame of functions, and performs an integrity + check on exit. + +endmenu + config DIT_DEFAULT bool "Data Independent Timing default" depends on HAS_DIT diff --git a/xen/common/Makefile b/xen/common/Makefile index b279b09bfb..ceb5b2f32b 100644 --- a/xen/common/Makefile +++ b/xen/common/Makefile @@ -45,6 +45,7 @@ obj-y +=3D shutdown.o obj-y +=3D softirq.o obj-y +=3D smp.o obj-y +=3D spinlock.o +obj-$(CONFIG_STACK_PROTECTOR) +=3D stack-protector.o obj-y +=3D stop_machine.o obj-y +=3D symbols.o obj-y +=3D tasklet.o diff --git a/xen/common/stack-protector.c b/xen/common/stack-protector.c new file mode 100644 index 0000000000..922511555f --- /dev/null +++ b/xen/common/stack-protector.c @@ -0,0 +1,47 @@ +// SPDX-License-Identifier: GPL-2.0-only +#include +#include +#include +#include + +/* + * Initial value is chosen by a fair dice roll. + * It will be updated during boot process. + */ +#if BITS_PER_LONG =3D=3D 32 +unsigned long __ro_after_init __stack_chk_guard =3D 0xdd2cc927UL; +#else +unsigned long __ro_after_init __stack_chk_guard =3D 0x2d853605a4d9a09cUL; +#endif + +/* This function should be called from ASM only */ +void __init asmlinkage boot_stack_chk_guard_setup_early(void) +{ + /* + * Linear congruent generator (X_n+1 =3D X_n * a + c). + * + * Constant is taken from "Tables Of Linear Congruential + * Generators Of Different Sizes And Good Lattice Structure" by + * Pierre L=E2=80=99Ecuyer. + */ +#if BITS_PER_LONG =3D=3D 32 + const unsigned long a =3D 2891336453UL; +#else + const unsigned long a =3D 2862933555777941757UL; +#endif + const unsigned long c =3D 1; + + unsigned long cycles =3D get_cycles(); + + /* Use the initial value if we can't generate random one */ + if ( !cycles ) + return; + + __stack_chk_guard =3D cycles * a + c; +} + +void asmlinkage __stack_chk_fail(void) +{ + panic("Stack Protector integrity violation identified in %ps\n", + __builtin_return_address(0)); +} diff --git a/xen/include/asm-generic/random.h b/xen/include/asm-generic/ran= dom.h index d0d35dd217..7f6d8790c4 100644 --- a/xen/include/asm-generic/random.h +++ b/xen/include/asm-generic/random.h @@ -2,6 +2,11 @@ #ifndef __ASM_GENERIC_RANDOM_H__ #define __ASM_GENERIC_RANDOM_H__ =20 +/* + * When implementing arch_get_random(), please make sure that + * it can provide random data before stack protector is initialized + * (i.e. before boot_stack_chk_guard_setup() is called). + */ static inline unsigned int arch_get_random(void) { return 0; diff --git a/xen/include/xen/stack-protector.h b/xen/include/xen/stack-prot= ector.h new file mode 100644 index 0000000000..bd324d9003 --- /dev/null +++ b/xen/include/xen/stack-protector.h @@ -0,0 +1,30 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ + +#ifndef XEN__STACK_PROTECTOR_H +#define XEN__STACK_PROTECTOR_H + +#ifdef CONFIG_STACK_PROTECTOR + +#include + +extern unsigned long __stack_chk_guard; + +/* + * This function should be always inlined. Also it should be called + * from a function that never returns or a function that has + * stack-protector disabled. + */ +static always_inline void boot_stack_chk_guard_setup(void) +{ + __stack_chk_guard =3D get_random(); + if (BITS_PER_LONG =3D=3D 64) + __stack_chk_guard |=3D ((unsigned long)get_random()) << 32; +} + +#else + +static inline void boot_stack_chk_guard_setup(void) {} + +#endif /* CONFIG_STACK_PROTECTOR */ + +#endif /* XEN__STACK_PROTECTOR_H */ --=20 2.47.1 From nobody Sat Dec 28 04:11:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=epam.com); dmarc=pass(p=quarantine dis=none) header.from=epam.com ARC-Seal: i=2; a=rsa-sha256; t=1733882707; cv=pass; d=zohomail.com; s=zohoarc; b=j8X1odjNqMmzYk+PJYrGG1/MSQw68Y1Tz35/RN6jsUJquMNDhhoL4VR0PZmfKvywZ4KC2XjXQLcVJrC2gQGR6CpLRSLeIGeG7uLt2cYRMNMBQjzUQZuL4hxN2KQyM+fPAW1TLE7HbTLbIWNf3gtvlHFJaFc84WXTUPddLk3jJlg= ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1733882707; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=7IPKT9OsPoDBg5bm90YN85uCTHQcge+IDT3Vd6o2ITA=; b=HxpfKiMDgxanvKnahYumhiuP9GL8D5zOEUpiBJHN8crhl2KzRkcD6R6GJrE7QKV30fYmpEOETbtH0N7P0qTRiZEhjZ4gBNtXmVWqGlaOe0xzSt6moVf4C1lruiTrZzdlmta4XC4jSMBRpGzwIUW2dUEM4u7EYI+wxGCOuD1xWjM= ARC-Authentication-Results: i=2; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=epam.com); dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1733882707067673.0738917903869; Tue, 10 Dec 2024 18:05:07 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.853576.1267003 (Exim 4.92) (envelope-from ) id 1tLC5f-00052i-Dt; Wed, 11 Dec 2024 02:04:39 +0000 Received: by outflank-mailman (output) from mailman id 853576.1267003; Wed, 11 Dec 2024 02:04:39 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tLC5f-00052b-Ab; Wed, 11 Dec 2024 02:04:39 +0000 Received: by outflank-mailman (input) for mailman id 853576; Wed, 11 Dec 2024 02:04:38 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tLC5e-0004a4-9E for xen-devel@lists.xenproject.org; Wed, 11 Dec 2024 02:04:38 +0000 Received: from EUR02-VI1-obe.outbound.protection.outlook.com (mail-vi1eur02on2060a.outbound.protection.outlook.com [2a01:111:f403:2607::60a]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 45c0db06-b764-11ef-a0d5-8be0dac302b0; Wed, 11 Dec 2024 03:04:36 +0100 (CET) Received: from GV1PR03MB10456.eurprd03.prod.outlook.com (2603:10a6:150:16a::21) by AS8PR03MB9365.eurprd03.prod.outlook.com (2603:10a6:20b:57d::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8230.18; Wed, 11 Dec 2024 02:04:32 +0000 Received: from GV1PR03MB10456.eurprd03.prod.outlook.com ([fe80::a41e:5aa8:e298:757e]) by GV1PR03MB10456.eurprd03.prod.outlook.com ([fe80::a41e:5aa8:e298:757e%7]) with mapi id 15.20.8251.008; Wed, 11 Dec 2024 02:04:32 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 45c0db06-b764-11ef-a0d5-8be0dac302b0 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=ge1XlQbgH1UdvXJE/zBdwMM2tr9pint8/IVqDbnY23Vuc2xRCSaSH/mcrW1GSGysffF99uWSk4PDlRnXeKD6lVFgbuRCyNzrnd+xmCtAvb+TSmHgjz4r6JTZqPVtNjOt0+7mHAHNKCuti40MUM2phKD9Lrhf4atS6ggaqMIIAZX6QMa7gTPcPJ0eKQR3cMf7UVZQTnxEhGj/IrGPkRr7ti87mVehX+8vLpy54caluz2bLNzn49skrcQM9JD1egXOdl9/xmrX1iJzJfMDaryFugzAuF7xyPEitUqEVOMB+PaLjPX5DOiEn6jNxEz78/38sMfZiZgFf/iYniGSEHcBqw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=7IPKT9OsPoDBg5bm90YN85uCTHQcge+IDT3Vd6o2ITA=; b=kfdsdpr1YmBYed+3+BE0uKapBXpbhffr3W5CNd6dCGqrreqdWdxrrFWkDpRf1DWv+2lSWhR5rjRtu9m/tAEfCJ5qj9spQ4o6P3vGC5HlwJEtqji3vij/XkZuDkfpeynhNBx4BYlQUy0BIM+kg8TJQPFOAsJmaOQ4uW0ukRI2B0liQWyGZtdgKpaDzdknKAb6r8VBQaO6K5EBLD4FG8p5880w1n9+vO5yghBrVTOANrN91H0y8Moyx8LLrOrcGg4L190522IkmNccS+ItTYKUysXcnwstYiNUe8euND81/6ja76Pose3sTR7AfN0c7ojDnBs70/sCzqkXacTW14YjLw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=epam.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7IPKT9OsPoDBg5bm90YN85uCTHQcge+IDT3Vd6o2ITA=; b=Md2K9cE77jlIxbt/OCJj1y8uelR4NjHUlqevPKRQ+vu2sNlDKg09O/RH93HYfhIW8pXHQ8if3cvKYui2w4SxuuzHZZ0MlHEXUGG1PWLhgGs9eKh10YV+SoRtOc6qPcJREQoiwrlE9y2ZLQ94Iu6fdaHOga10DSU6BU+Q2TdCR+4BOLfj1U1uad/a5uvk80fewSfZCOfSWJQUNDmMZ6ztLcjlSUR6HSRoNWzr+PfHBHmE/6dOnID516fvbvxxAVlGPt0EQox5aEMssaGMbRleWLRpOzft0X1wD98+EeMWW3dmQ36Lcwc4jjbwYWnBl8iq34ccDmD7iA9lxqnP0vIoFQ== From: Volodymyr Babchuk To: "xen-devel@lists.xenproject.org" CC: Volodymyr Babchuk , Stefano Stabellini , Julien Grall , Bertrand Marquis , Michal Orzel , Volodymyr Babchuk Subject: [PATCH v3 3/3] xen: arm: enable stack protector feature Thread-Topic: [PATCH v3 3/3] xen: arm: enable stack protector feature Thread-Index: AQHbS3EEEJvy+ytb5UyNE3P+n1UzAQ== Date: Wed, 11 Dec 2024 02:04:30 +0000 Message-ID: <20241211020424.401614-4-volodymyr_babchuk@epam.com> References: <20241211020424.401614-1-volodymyr_babchuk@epam.com> In-Reply-To: <20241211020424.401614-1-volodymyr_babchuk@epam.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-mailer: git-send-email 2.47.1 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: GV1PR03MB10456:EE_|AS8PR03MB9365:EE_ x-ms-office365-filtering-correlation-id: 6e5c4183-8777-428b-92d9-08dd19882762 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0;ARA:13230040|376014|1800799024|366016|38070700018; x-microsoft-antispam-message-info: =?iso-8859-1?Q?hVPl6/Ig6716rtq6aoGkm0navVKZuwGYQAQfGQDQ5qvOEGDaEHdMqHJgeF?= =?iso-8859-1?Q?GPwI8OLIkbc+jkWs99X2LjPtj9KOnKhmDReD8mexFAWRMuwDbG9jeGYS+0?= =?iso-8859-1?Q?cJA78ULyDF40yh9Dcsv0cpb41ee/S26kbdzDr5BpBC3c8hmWFKS94Hg/SX?= =?iso-8859-1?Q?CB/pMjexRwzfWwcCUgET/8rX+LUPnYFjNTNdBDtTb0pWjYm0dlZ/SWBePL?= =?iso-8859-1?Q?n0xq+kpmxOjVcBMqyfDnePdccZ3gHJVAY/HRP1LmL8ctHUU9geD1xU8df7?= =?iso-8859-1?Q?GejT7VZD3FherS5mvtsTUentO+RuP/aORLyVlQwYlsEH0bkxOFAImXJL+a?= =?iso-8859-1?Q?koEkHml2Nnm+9Zx1EoIno50k+GNO/91Nh4h5n7ri2cdIKBJSnmWZOzPHt8?= =?iso-8859-1?Q?cJx+FO5MO6Pny89Jvml5cK8hvUcL++3XuyNXAxCWQqg8eyyJvX/qawRTET?= =?iso-8859-1?Q?my66BXEV00n0mDv5YyPk5HAS4FxxBXzWJ2btBPL3zJyEXhGh8T9GxSVI5e?= =?iso-8859-1?Q?b0dnnkyLYrvTlEw0Hl7+WYOyNHukMvJaHfhZQ6R2huvzelWFEzZRMAiQag?= =?iso-8859-1?Q?TNB4JWNn2bj2oE1/MBXOJI84RV+lqsFhajtmPvrRnonUITPY0sI2bpnDNX?= =?iso-8859-1?Q?npXzGPryn9POE/xaOBNa+9XGyDnxcSDv5GDJ69jJ0DYGjguNDHc5J4DFcc?= =?iso-8859-1?Q?o+4Rau2wDWauLH4MokpkIm0nI9vdbuCOUfb8HQoZhp2LXwONm+1GusTnKa?= =?iso-8859-1?Q?1yj82dhoDojS/sJRM5P68+MNZEhOPVaEDv6dyP4rL2/n8yHKPCtmecvCTF?= =?iso-8859-1?Q?5jmW1eAOjIlLCcKvzYYqZWJpv8Vz9ZGWfPiuB381N15lDgf39Z7zuLGlXg?= =?iso-8859-1?Q?+FG8R4rz7kE+kS1NT1uvYn177uxMRQfwVKVoF7mbJbV6D59o+E7xXX9HKa?= =?iso-8859-1?Q?VH+41C4hatC8ijX1bW/0W936H9UmhvzPHswOUddDRnZIvL/3aGQCro9bYb?= =?iso-8859-1?Q?86kSI2sC58dKtxay67zGN+pj1HqsDellkizvjlaVvXgoT0BiBrWtJZc/Tn?= =?iso-8859-1?Q?kZesuD0ANdGWmj0tjszUWJyfn7O8Rfob1mTKmk0+PWCvDvSR522K7+2Lhg?= =?iso-8859-1?Q?IYYXH9XqAZ/4uIjZd9f0ukTwUZxbf2kLSJSqkmCvOchzq4rjVlZVrAmj6S?= =?iso-8859-1?Q?nH+sAfjwHVhyJSFqhFiXIyyqLX1Dpf8lcyRVpkTSugA+lT7WYbZcT9xQtW?= =?iso-8859-1?Q?eyFX+eAo5zrJ5J2FKxqQGVrf2yIKRaBWo3KRTaqYaxoLX19pcaS+seFaq1?= =?iso-8859-1?Q?euQdQQMpK4YeUy7bMFQYk1wyx70OaaKIhrEY4tmqFxcKZF7ipPWn6xJO76?= =?iso-8859-1?Q?qWr46nsWzWfMcV1xyT6zeGIxcAjB37U/JfEJ+mkXNaVydVmLWU/kEMOOZT?= =?iso-8859-1?Q?ZQ3WpXEjXtduOGbkYdu0DDUSNuE/YCn5rN5APA=3D=3D?= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:GV1PR03MB10456.eurprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016)(38070700018);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?Q?pD0sBpJOYKmmehoupz++PSwernoJYdJl7f/12ljuTNjBL+cCWLEbiaOyKp?= =?iso-8859-1?Q?fX06RlqffU1/UaP68ZmOTRB4Agc1ch0p05s5tQl6xe70h8z6/7CJhPxyQu?= =?iso-8859-1?Q?hu3duBBbcSVLPklkSIZu/tc3O03RFQwldGryTUc+rcMUbEAkMQ5yKa3twr?= =?iso-8859-1?Q?QJoLg7HhH8gGM4+S4ZyDfJH+iQSN3N7XCTWFBPKZqxVKTvQBJvtEogFbfU?= =?iso-8859-1?Q?LXGJ56YeqgBTy32d4r+UmMR3mhEyMoqA9a+1lgm0Rr5ShNij1ZbnAUhs+F?= =?iso-8859-1?Q?RYyBYuLdHMgeBSC5h3DNmD0Kg5ArgwrmwlV6gCKXaN7+isJTDlKfh2l6B+?= =?iso-8859-1?Q?x9npubACfSUhveIil+IkOfbVN5umiMzX6riSFER6Gv5xMzntFBObOoU/SX?= =?iso-8859-1?Q?An8WdFiIoLINJJ+A4YOMUjazPLqLLpwwNVKFoxn2o1k8KbadQjdEGUuEQ7?= =?iso-8859-1?Q?sHe8RQ42/O50vR/bMuLgUIpF4sae6ctA47VgflV55or4/4fTo1Fs0E+oDw?= =?iso-8859-1?Q?dKnwnE9RTXbwSD3a2WBDWv5nAedQKpiRnJ2MTujH1LG3qw4KKx5CBW57Ga?= =?iso-8859-1?Q?hHTWE244AM0dGByes6WWbqwrcPlx7KEUCphNWkIWlyZnPohnnYHV44DjEj?= =?iso-8859-1?Q?jJ06UOZum0iJSEiCMRIHZfz0rlEyEWVzjVQK/Ws40PXYjpifCLXBr4X1+X?= =?iso-8859-1?Q?jp2N1UtS89JK+3kfcQk31KTXOsmjXyOvQgEV/wvz56f9fM9y+JB5gzogOy?= =?iso-8859-1?Q?zzmBChNnfUh1DsQ/0r02u659H6/Jnmm2SS+qUxcbKUp83zhpjIq9jK0Puz?= =?iso-8859-1?Q?aRXAnG5p/urHoSqtl3cF/Ai+z6s4FP2YdEiJq/HnlKyvnY3LLt16/v/jOK?= =?iso-8859-1?Q?JpklWDpqF3uqlNm9gRTPglx/TQc94r73z7frM26fHxqomk4Chj0ESzpfDT?= =?iso-8859-1?Q?/mbloAXkKTV2V9biRHNxpZysk72ZVyLJjFQj7aAML7EPuQrpCu7nVdZ7wU?= =?iso-8859-1?Q?Z0IThgRIMWckp63z9BTkq3/dr5txWbldybmo+pd4/UGEes9rPjCmt0mIrn?= =?iso-8859-1?Q?s++oFlwZIAXJW2QPQm/rMR/FS6VkVlNJpAX5Pn8OpJ7XMAOjLcMMWLicVj?= =?iso-8859-1?Q?8WOIhv85orc2eAT4joa3//8ORPPmCA9h7O9xYP+Ct4ZLvBEIFJKfQjIj9w?= =?iso-8859-1?Q?kCbKZYHECQ/wTAH8UuJp5KZt/D80bz/Mf2PQrKfv/FjSjZwH8P0u1NX561?= =?iso-8859-1?Q?1CZP5WBTtgFVChVWpedM6Co/jUK3M5Bqs6u12yk0x3QcTLW+OwktJzo3H0?= =?iso-8859-1?Q?QEQDGYr04MGs9R4JAf7Y1wntO9GJ54gmgPttKQL4a3TD0W34Q7sXIpSpst?= =?iso-8859-1?Q?sLhGenk1BNKW/X1KxJlGlUSF9uN7OlcOEma4q8cs+uUiP1sl/Xq0whhu/S?= =?iso-8859-1?Q?TxmrGqFaRTScndeTVWSCAI4GkrkMf3jRLpPa8gBu/qvm10iVn5ErQgcWYw?= =?iso-8859-1?Q?K9kLYrCf5CJHrs6XED0ASphsFNSGa0szWyrpnCst4/h2V/cE1o35c36L9Y?= =?iso-8859-1?Q?rvC6Xv9Uzx607aiukzwQALs+H6nnfSaU7E6DXCtTbp7yk8kTxqbz1+IvdF?= =?iso-8859-1?Q?G8iipinlU8vMiNvrWeM+NDvheWs2gikKki4GK9E8ueN/hIX9u8NM7VCw?= =?iso-8859-1?Q?=3D=3D?= Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: epam.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: GV1PR03MB10456.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 6e5c4183-8777-428b-92d9-08dd19882762 X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Dec 2024 02:04:30.8888 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: b41b72d0-4e9f-4c26-8a69-f949f367c91d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: ABwBQlfrdAtLHOy924ucylAJfEmT8zySnjxFlbC8bJt3K7r+4+xW0i5gchVFJoI04RqNInswVjiYE0mHdZ1PSH6gRGOIrfa2w0LwCkX89Es= X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS8PR03MB9365 X-ZohoMail-DKIM: pass (identity @epam.com) X-ZM-MESSAGEID: 1733882709147116600 Content-Type: text/plain; charset="utf-8" Enable previously added CONFIG_STACK_PROTECTOR feature for ARM platform. We initialize stack protector in two stages: from head.S using boot_stack_chk_guard_setup_early() function and from start_xen() using boot_stack_chk_guard_setup(). This ensures that all C code from the very beginning can use stack protector. We call boot_stack_chk_guard_setup() only after time subsystem was initialized to make sure that generic random number generator will be working properly. Signed-off-by: Volodymyr Babchuk --- In v3: - Call boot_stack_chk_guard_setup_early from head.S to ensure that stack is protected from early boot stages - Call boot_stack_chk_guard_setup() later, when time subsystem is sufficiently initialized to provide values for the random number generator. In v2: - Reordered Kconfig entry --- xen/arch/arm/Kconfig | 1 + xen/arch/arm/arm64/head.S | 3 +++ xen/arch/arm/setup.c | 3 +++ 3 files changed, 7 insertions(+) diff --git a/xen/arch/arm/Kconfig b/xen/arch/arm/Kconfig index 23bbc91aad..a24c88c327 100644 --- a/xen/arch/arm/Kconfig +++ b/xen/arch/arm/Kconfig @@ -16,6 +16,7 @@ config ARM select HAS_ALTERNATIVE if HAS_VMAP select HAS_DEVICE_TREE select HAS_PASSTHROUGH + select HAS_STACK_PROTECTOR select HAS_UBSAN select IOMMU_FORCE_PT_SHARE =20 diff --git a/xen/arch/arm/arm64/head.S b/xen/arch/arm/arm64/head.S index 72c7b24498..535969e9c0 100644 --- a/xen/arch/arm/arm64/head.S +++ b/xen/arch/arm/arm64/head.S @@ -250,6 +250,9 @@ real_start_efi: #endif PRINT("- Boot CPU booting -\r\n") =20 +#ifdef CONFIG_STACK_PROTECTOR + bl boot_stack_chk_guard_setup_early +#endif bl check_cpu_mode bl cpu_init =20 diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c index 2e27af4560..3587baab21 100644 --- a/xen/arch/arm/setup.c +++ b/xen/arch/arm/setup.c @@ -13,6 +13,7 @@ #include #include #include +#include #include #include #include @@ -359,6 +360,8 @@ void asmlinkage __init start_xen(unsigned long fdt_padd= r) =20 preinit_xen_time(); =20 + boot_stack_chk_guard_setup(); + gic_preinit(); =20 uart_init(); --=20 2.47.1