From nobody Wed Feb 5 15:46:35 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=epam.com); dmarc=pass(p=quarantine dis=none) header.from=epam.com ARC-Seal: i=2; a=rsa-sha256; t=1736828790; cv=pass; d=zohomail.com; s=zohoarc; b=D2qmfZo+35KInHLw9hUb97qKcKcV57+PpgRot5kmDAAD1UPSWiX6jfXr6AR3P1e3fJ6bn0txb6UMfocCMSXPZxlJj3NWGIAW9GOC0qreI2OvLhigyZeFFCb+/TUI8qIBLXdVArjlOpiWMWRUHEiXvnW1NBedefxe9P6admVVfkQ= ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1736828790; h=Content-ID:Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=5MtrRJxarp34S2JOLx/JyEv2kwrG4QQxCgAgsBhf7Ic=; b=jRTbF4mMCOrVdyRKS1stoAMYPxiQJ87/Yg36lqIwKgvi0Xqc7bZf5dg9U3UOC7JTv83lAaaMgcSIvSrkm6o/bk2KY+OqJaoG0OV8wd0vRRUVdnSQ4teIJ0qmUJc5Rpp7c9g4Ux56KeLKtRwSYzJ4b4iwg8lnjLkOEqs2fWunC78= ARC-Authentication-Results: i=2; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=epam.com); dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1736828790585960.2626285433611; Mon, 13 Jan 2025 20:26:30 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.870901.1281960 (Exim 4.92) (envelope-from ) id 1tXYVG-0007hW-M9; Tue, 14 Jan 2025 04:26:10 +0000 Received: by outflank-mailman (output) from mailman id 870901.1281960; Tue, 14 Jan 2025 04:26:10 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tXYVG-0007hN-Im; Tue, 14 Jan 2025 04:26:10 +0000 Received: by outflank-mailman (input) for mailman id 870901; Tue, 14 Jan 2025 04:26:09 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tXYVE-0007T1-SF for xen-devel@lists.xenproject.org; Tue, 14 Jan 2025 04:26:08 +0000 Received: from EUR03-AM7-obe.outbound.protection.outlook.com (mail-am7eur03on20612.outbound.protection.outlook.com [2a01:111:f403:260e::612]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id ac958209-d22f-11ef-99a4-01e77a169b0f; Tue, 14 Jan 2025 05:26:07 +0100 (CET) Received: from GV1PR03MB10456.eurprd03.prod.outlook.com (2603:10a6:150:16a::21) by DB8PR03MB6300.eurprd03.prod.outlook.com (2603:10a6:10:13f::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8356.12; Tue, 14 Jan 2025 04:25:58 +0000 Received: from GV1PR03MB10456.eurprd03.prod.outlook.com ([fe80::a41e:5aa8:e298:757e]) by GV1PR03MB10456.eurprd03.prod.outlook.com ([fe80::a41e:5aa8:e298:757e%3]) with mapi id 15.20.8335.015; Tue, 14 Jan 2025 04:25:58 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: ac958209-d22f-11ef-99a4-01e77a169b0f ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=l17/z37zEKElYK7zOeWtDOtfKDD2KmUN35OG5ObTUa8FV46PGEj04e4gwhd+ZPcAcQm1yEfUXY9ue7tiHYpkampDoe5spSOdsFx1arurJspQzhVkYI1wLVHkIaFCO8l3v3+p5K6OmCYZW6mN5E1wBOPJSyKRx0WHPQfPbn3TVnDsd3jLqdlHl7S5xT9f2TXFleG36tWr+aV3i7cQ1tRew3zgyDBjKSQ+f3JOjv5S9lwaAls0GUHNGYH7mQdMjz6I54AFTyHKOBURklq44KDdgOlRQAf20WwLCT6vBGJ5XkWH3kdihi1cVhWpPwEj6B9zv3KoP95qnUSO1p5vS+kzSw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5MtrRJxarp34S2JOLx/JyEv2kwrG4QQxCgAgsBhf7Ic=; b=ud15TjL/x8/iOHm4aAt9ALDKbZo4uQqyhml9iGsjChfeEiftf7Fb1NnPvDWjT+ql83ATVvKgT1Hc+dn4SRRgVyaeDAhPh2ECoyIje529Pn4QcC17QqDaC3NuWriQxf6GRAuGkSEfVg2QwuOXSR36XcmsSS5pUsVtr+SGHkAky28/EE+fYbn4lHkMNWGe5DdYOkmFdv2Z+TKwIJYwyH3m6NnTA4BYoU+UjkSS7tGpJidRL7gZsNXNjGDO99cjodPBkYp/kFS+1mC7Uq7C46Vy7POORINkqgLylHtLtrYaZu5l1OI/98cIdtrEOeGm3aOD0Htu7KSMD93eQ0NJGC9JVQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=epam.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5MtrRJxarp34S2JOLx/JyEv2kwrG4QQxCgAgsBhf7Ic=; b=UnMBEl1LEJULDOTFiJerc7iC/1+DxsRUMT+wbVpeQg9Upypk00+UzM/+IRzOSVtNCQ444AdKy1P7PFLLcAUThVCr5Aga5/J03xNvwAuhxnUFdaNrgVwn5T11jPx67z1pswaCHjWKfqplqAHnn4KClHFM7GC+dRcdaGjbBkhzPcnuoDg5bexhIgJN2gwopDOt5+rqSwvCai4XbF8akUZTciciXz5Xqj6IKGkKV2YkIulEed0lMeQiIrhLq+D2Pq+Pxvxedb+P2CO/fd6ZA73Cv3g2UJ884y8O52GSaHKUAJNY43aACjp5WFqoaehe5VTjliK5gSSYci/zuZ1MP+6iuQ== From: Volodymyr Babchuk To: "xen-devel@lists.xenproject.org" CC: Volodymyr Babchuk , Andrew Cooper , Anthony PERARD , Michal Orzel , Jan Beulich , Julien Grall , =?utf-8?B?Um9nZXIgUGF1IE1vbm7DqQ==?= , Stefano Stabellini Subject: [PATCH v4 2/4] xen: common: add ability to enable stack protector Thread-Topic: [PATCH v4 2/4] xen: common: add ability to enable stack protector Thread-Index: AQHbZjxnv4AIVf4qZ0m9Cu/vUIISVg== Date: Tue, 14 Jan 2025 04:25:56 +0000 Message-ID: <20250114042553.1624831-3-volodymyr_babchuk@epam.com> References: <20250114042553.1624831-1-volodymyr_babchuk@epam.com> In-Reply-To: <20250114042553.1624831-1-volodymyr_babchuk@epam.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-mailer: git-send-email 2.47.1 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: GV1PR03MB10456:EE_|DB8PR03MB6300:EE_ x-ms-office365-filtering-correlation-id: 692dc48c-a424-493a-b2c3-08dd34538baf x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|376014|366016|38070700018; x-microsoft-antispam-message-info: =?utf-8?B?aVZ2Wk9xMGpEWFoxa3hVYTQxR25jbzVsWGFqcXlpYy9FVEt5ZnpEeHhmN0N2?= =?utf-8?B?MUpaamJuU1doSlU2K0dwOG1LZFdxSDI2d0Z3alFlRHA0U2QvNGxYaVVCMGdU?= =?utf-8?B?RTVBbDJWTmpwTVpYR2d4WUltQWZDM1A4aE5hT3dEN0puR0xROTNYRUwxSGI0?= =?utf-8?B?NW04dDlHd0dSVnZMYzQ4RFNFZytjbEpJYURqeFc1K203Q1lqMzJHb2xaZmxn?= =?utf-8?B?ZllhM0NJSVlGNzMzTlQzM0hadm5MQmhPekt0YmZaaTUyOUxIRENQV0RUakQ1?= =?utf-8?B?OHpRbzJ3T25BTHpUL1E5cmFLbWtKRzZGL0JWSWs3eTB4T3UwWXJJVnhFN0x0?= =?utf-8?B?Z2xCV01ONlY1bUJoVjhXNnArR09yY3JucEtEeWduZTFRMFpWemRVeU44M2d1?= =?utf-8?B?Q0luSHh4Z2JoOVNvQW5pSzQwVWtNT2lMZktWT2FLUm9CNlFPaU4yT1RLVDRu?= =?utf-8?B?UUlSTlJ4bzJic1NaOHgwQlY2bTk3L2hJTDFWbXFwSmxDSktvbVZvelNFckc0?= =?utf-8?B?ZHJ6YUpQcTcvakVGdnJvWmVTVjBUWEdPcUhDUXhwRllRY0lRVFBzL3RhTzR5?= =?utf-8?B?VzJ1dmdWN2hlKy9kemtXZmk3MW9EeFhvTk5mTEduQ0xQR0hid3doV3lkREFo?= =?utf-8?B?d3A0UTdqWVl5aktlMXBqWEtnNGorM3dEWHVMbVZrbjNtT3JZS0JzV0FTUzBa?= =?utf-8?B?ZFI2dHlKU3I4eDJpemRLQVZTRXd2ckUyN2NzbEFBUkkvc1RGYXpNcmt2RFJP?= =?utf-8?B?aExqeGdOdnc2VmVSYXNSV05qUGc3K1BZK3Z2N0dCMVVQZWd6TXcrb21Rd0h3?= =?utf-8?B?UW9xdFRUTmRxMUNsMXVObUgwNDlwZDBlenE1dmRaMHNUUTRHTDhmZFBwQ3Fw?= =?utf-8?B?ZWZ6anRjYlF3VTc5bTY1amxTK2Ivc1R5V3hpbHQwdnJYK0FmNjJxSWVPNDhm?= =?utf-8?B?eEhqTnF1c085QlN4N0pGN3k1dHJBTCtvZElVODNUSm96cEYwOE9oVmN2ZFNI?= =?utf-8?B?SGNBYzRiREkxV25vSFVUZWZPekxqWEtLVkNVMkZtdkwrREkvWFF5bzhaZEpn?= =?utf-8?B?SXR3UnlhdXlvY1I2UjE4ZVA5WlRieitLOE8ycTNEZmlpOVlQUU14RTlZcWVB?= =?utf-8?B?Z3V1V2h6ZHpCbEJuZlU5Qk95bWFFeGV0UFd6VXNvMGM2NXVYZnJXQzA0Q2Uw?= =?utf-8?B?ckJKNzlkSUN6ekNENkpYclRVR3FwajV2NkQvaXpRNEg1SS9KVzBYZHRhbUtW?= =?utf-8?B?Rk1yZGxZMnNZRHR0ekh5akFpNHVNaHFoOTJIeUxIbFZ4MENOSlV5dStrQUc5?= =?utf-8?B?cmIrQ01FOVpENHFXTEFzZEZnS3hNU1RRSVhFVjhHNFlvM3hRS0RlN21iS0N0?= =?utf-8?B?K1Q4QnYzZFJ0RE5MMWI5eWpVT0hZSURBTkhONU9MRlZiQVhQd3lsYXdpRkR6?= =?utf-8?B?cEVUNUVmTnFpTXR2NWRsWHN2TXVFblNoVUNUWmJrblNHcVpvcVRpU3ZXNjBH?= =?utf-8?B?OFpyQTVjUDliRDlrdzJ2Zjc5QmIxVG1Ta0Y1aHc5cEtxV3NDY256T0VBWkpa?= =?utf-8?B?cFd2UGxIcDNzTHVYRklDL3VXQWdrNWMzTEhhaGJYdVZQdzZTaW1RWkZzU1M5?= =?utf-8?B?N3VoMm90cWNqbnBXWFhOWjBnMjFER3FoTXhzRzJVYklUR2ZLN1NVWXMyUDVn?= =?utf-8?B?cWRBZHoxSElDZ3dkY1VmbFZ0aTh3Nms1Z0gzc1kyaFZMeDFqY0t2MWRQU3Fs?= =?utf-8?B?TFdqd0tnRVI2aktQc2RrdzlPU2hHcWVDY3BZQ3JjcWc4UFdHMGFUQjU1SUov?= =?utf-8?B?ZG1OUnZRT2R1ZnpQWEg1UXJsanZhWUZ2ajBqM3R5Q01nQjBIcGxXQmtHUkJD?= =?utf-8?B?R2FRajg2L3B0dGRIMDlua0FzbkFNZ0FQc3pwNVZoOTZleUMwcktDUnlyRTRh?= =?utf-8?Q?XOXKjP+ZnQcpWvf1nz9lKJuWN2eq69UZ?= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:GV1PR03MB10456.eurprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(376014)(366016)(38070700018);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?utf-8?B?VEJuQ1JFQjBBczRjZHVyVmVna25yWGVvTUJBM2VMR1hGcjdPRVROaStGVUEy?= =?utf-8?B?NExYRlNEbU9LVEVVZHE2dXZKdmVqTTBTbEhaMlV4NGpwSWZtcmtVQUdxMWxO?= =?utf-8?B?aTVrc2RtU013ck9iTkk2K2k4QWozVjkyWHdKdC9vYS95ZHdQTWg4RnhURzdW?= =?utf-8?B?VzNmZEJZclpGOFdjc2xMR3NsQk5HQ3hSdlMzeVEzZ3l1NkhwVkpNczJDaWFw?= =?utf-8?B?bit4YTVtWmZab1BHbTRwZ2hkU2xEa3dCRElkRVBhS214Vkd6YWh1aUNGUjh6?= =?utf-8?B?b2pSLzZ5RFJJUzg0b250Rk5wMFZYQmV0dWoyNE85RHRqYzJjSGV3U2ZFQmlL?= =?utf-8?B?V3UyVk5rYkNVYUhYRDdEUDR3bGVDb05EdmRJZnpmUWt5UEJhRWlCeUpCVjRT?= =?utf-8?B?TjlyOUxSRlp1L3pDeTBERC9HcDNvbTU2bXpoTWVjUHpVWlVkN3ZmaFY0SnRN?= =?utf-8?B?QUF2L3A2UXpyOHVCWmFURy9vMVFuSGpGWktObzdBbmVBZmFlYm4wZkJJbmMz?= =?utf-8?B?dXNMZU91Vjd1WXR5RWlzQm12SGdQM3U0WENRUUpITnkvemVaWjZtTFlHUjJ6?= =?utf-8?B?bHJTaDQ2MWxTSTFid1VzcG9pVVNOenZla0ZkSlkxZXhxMTFEZG1SQmRRc0VN?= =?utf-8?B?UURnYmJPQWlaYzUwYm95SnNEeDZJUUM5cjhnWTRBakMxL0JITXY3QWJMY1RL?= =?utf-8?B?eHUzOGN1R3ZRZUZmZ1NFcGYwL29MUDZlR3Q3dFExS29Xa2UrT0tMVDJ5VmNq?= =?utf-8?B?UjVOQk1Pd0tnVlZCVkVlUEgrdlBFTkJ0YmtkS0taekdxL1RQY3RaR09yLzlQ?= =?utf-8?B?djhMS0YzU05ielBSMmtQVGIxSFFLejAwMzlxaGNWZ0tqMjIyZGgvdVc1c2Ru?= =?utf-8?B?d3NlUmRUNGdoZFhlS01DR2FRNU1WWHp2cVhSSGNMYXNFdDJ6VzBqVGZVRjE5?= =?utf-8?B?NEhWNWpXUGdNRUNtbWN6WElOTVZBWTkvT25UbmJFV0UvSmFTcFpHL01EdG5K?= =?utf-8?B?bDFrcE5GKzRVSlYvc2tNektJNzZYUHpBZVJqaElsU0RZaWNPRVNxUnhWS0dT?= =?utf-8?B?azZLVm5MSE01blJEQmo3aERNMzArTUwra2ptVC9FOW1LNzJDOXhHcUIrdVho?= =?utf-8?B?S0tjaDlsRWhJUmRkdWpqelVHY2lEMWhMRlc2ZWM1UFVpcS8rVzVKZDljOGsx?= =?utf-8?B?d0h5S3R4WlFMSHExTWNrdnJLTVQ2aUp3ZW5NbXdSc2pFVkRoMW1hOGhwL004?= =?utf-8?B?RTAwTHJrK0tQc2tIZDhmZ2lYQkxocWgydGg1S003Y0JkcWh3YzhnQVFRdExZ?= =?utf-8?B?L3kvNHhaQUk0UmVxdDI5QVVQMWVRRHdnWFAzeE5VK2pyL1h5MTVGRVM2YXQ5?= =?utf-8?B?WkNlRWNrSUdZODFFbjlTN1g0RzJkY2RjVUJlL1ZsUkFXMUpvMmxOZWxtemRj?= =?utf-8?B?eWJnTG0rV2daZ1ZMQ0MreFRXVFoyU3hKcmYrTUg1VUg0dHB0TTA3bDlsK0Yx?= =?utf-8?B?alI0TjZrNVR1ZDZQYWRlem54cWcvOHdXVGlTeUZIUGFDRnZoMVE2TUNaSXc5?= =?utf-8?B?TTBSbERmNitLS0d0K2g5YTRVUkcvN0Ercnc4bk9wY1Z5dm0xOVJxODlIZnJo?= =?utf-8?B?SmJBNDZtdGFCbWV0V25wWGVpeWNXUGFuNllsTzdNT2xyelZIUHZtU2FqZnlu?= =?utf-8?B?WmI2ZG1BaXh1RGRoT0V0b0JWRm9EdnVrUkNzWUlsdjBnckljN3BNM1BLVkNL?= =?utf-8?B?NjBZTFFHMmNKSzQ0TEIrMVRwWW1sNmZ2cDVuSjZObE85cVp3MUlRN3Zzd2tn?= =?utf-8?B?RzFVbnNqelE1UkZRekpiYkpDZlFDd2Zydk5qKzJjWDFrbmpKQkk1T0ZTN3I5?= =?utf-8?B?UjVaOWxFRnFQNHdQanNBazJxaHJtK0Zxd1hvY3kwMDAvak5TMUsxYnRpdndS?= =?utf-8?B?cFFYNVlWa053bk9wM0drTHFqK1B4ZlJRbjNySHBhUFdlOWE3QjNNVTZ4Z0FY?= =?utf-8?B?Qm1zbjNoa1Q0ejlPL3BOYlFkdVljVks0alg4TlRVUzNDNHhhdTJwUG41eWlC?= =?utf-8?B?ZWRBUEE4NDEzVHp3UzRONkZWcjJOaHJsYTNKWWhLWkZNNXJmcmd0RkpBNUNh?= =?utf-8?B?VGhmVHQrTEhYRFljMDRXdDB3N3RwaUFoYXZmL3AyVDBJelpCWHBYV1RTOWdh?= =?utf-8?B?RFE9PQ==?= Content-Type: text/plain; charset="utf-8" Content-ID: Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: epam.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: GV1PR03MB10456.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 692dc48c-a424-493a-b2c3-08dd34538baf X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Jan 2025 04:25:56.3138 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: b41b72d0-4e9f-4c26-8a69-f949f367c91d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: lOPPHbF1PoRrJIxzKkAceFvrnygGLR1CNJlNvqAXLOd8KCfBIYmjb6lxz3+R/K3GiE7GjPwNAG1E5myl+8p0GmEEiLBF5KAO1QK7t7d81xE= X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB8PR03MB6300 X-ZohoMail-DKIM: pass (identity @epam.com) X-ZM-MESSAGEID: 1736828791299019000 Both GCC and Clang support -fstack-protector feature, which add stack canaries to functions where stack corruption is possible. This patch makes general preparations to enable this feature on different supported architectures: - Added CONFIG_HAS_STACK_PROTECTOR option so each architecture can enable this feature individually - Added user-selectable CONFIG_STACK_PROTECTOR option - Implemented code that sets up random stack canary and a basic handler for stack protector failures Stack guard value is initialized in two phases: 1. Pre-defined randomly-selected value. 2. Own implementation linear congruent random number generator. It relies on get_cycles() being available very early. If get_cycles() returns zero, it would leave pre-defined value from the previous step. Signed-off-by: Volodymyr Babchuk --- Changes in v4: - Removed third phase of initialization (it was using Xen's RNG) - remove stack-protector.h because it is not required anymore - Reworded comments - __stack_chk_fail() now dumps execution state before calling panic() - "Compiler option" Kconfig entry renamed to "Other hardening" Changes in v3: - Fixed coding style in stack-protector.h - Extended panic() message - Included missed random.h - Renamed Kconfig option - Used Andrew's suggestion for the Kconfig help text - Added "asmlinkage" attribute to __stack_chk_fail() to make Eclair happy - Initial stack guard value is random - Added LCG to generate stack guard value at early boot stages - Added comment to asm-generic/random.h about dependencies - Extended the commit message Changes in v2: - Moved changes to EMBEDDED_EXTRA_CFLAGS into separate patch - Renamed stack_protector.c to stack-protector.c - Renamed stack_protector.h to stack-protector.h - Removed #ifdef CONFIG_X86 in stack-protector.h - Updated comment in stack-protector.h (also, we can't call boot_stack_chk_guard_setup() from asm code in general case, because it calls get_random() and get_random() may depend in per_cpu infrastructure, which is initialized later) - Fixed coding style - Moved CONFIG_STACK_PROTECTOR into newly added "Compiler options" submenu - Marked __stack_chk_guard as __ro_after_init --- xen/Makefile | 4 +++ xen/common/Kconfig | 15 +++++++++++ xen/common/Makefile | 1 + xen/common/stack-protector.c | 51 ++++++++++++++++++++++++++++++++++++ 4 files changed, 71 insertions(+) create mode 100644 xen/common/stack-protector.c diff --git a/xen/Makefile b/xen/Makefile index a0c774ab7d..48bc17c418 100644 --- a/xen/Makefile +++ b/xen/Makefile @@ -435,7 +435,11 @@ else CFLAGS_UBSAN :=3D endif =20 +ifeq ($(CONFIG_STACK_PROTECTOR),y) +CFLAGS +=3D -fstack-protector +else CFLAGS +=3D -fno-stack-protector +endif =20 ifeq ($(CONFIG_LTO),y) CFLAGS +=3D -flto diff --git a/xen/common/Kconfig b/xen/common/Kconfig index 6166327f4d..bd53dae43c 100644 --- a/xen/common/Kconfig +++ b/xen/common/Kconfig @@ -83,6 +83,9 @@ config HAS_PMAP config HAS_SCHED_GRANULARITY bool =20 +config HAS_STACK_PROTECTOR + bool + config HAS_UBSAN bool =20 @@ -216,6 +219,18 @@ config SPECULATIVE_HARDEN_LOCK =20 endmenu =20 +menu "Other hardening" + +config STACK_PROTECTOR + bool "Stack protector" + depends on HAS_STACK_PROTECTOR + help + Enable the Stack Protector compiler hardening option. This inserts a + canary value in the stack frame of functions, and performs an integrity + check on function exit. + +endmenu + config DIT_DEFAULT bool "Data Independent Timing default" depends on HAS_DIT diff --git a/xen/common/Makefile b/xen/common/Makefile index cba3b32733..8adbf6a3b5 100644 --- a/xen/common/Makefile +++ b/xen/common/Makefile @@ -46,6 +46,7 @@ obj-y +=3D shutdown.o obj-y +=3D softirq.o obj-y +=3D smp.o obj-y +=3D spinlock.o +obj-$(CONFIG_STACK_PROTECTOR) +=3D stack-protector.o obj-y +=3D stop_machine.o obj-y +=3D symbols.o obj-y +=3D tasklet.o diff --git a/xen/common/stack-protector.c b/xen/common/stack-protector.c new file mode 100644 index 0000000000..8fa9f6147f --- /dev/null +++ b/xen/common/stack-protector.c @@ -0,0 +1,51 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +#include +#include +#include +#include + +/* + * Initial value is chosen by a fair dice roll. + * It will be updated during boot process. + */ +#if BITS_PER_LONG =3D=3D 32 +unsigned long __ro_after_init __stack_chk_guard =3D 0xdd2cc927UL; +#else +unsigned long __ro_after_init __stack_chk_guard =3D 0x2d853605a4d9a09cUL; +#endif + +/* + * This function should be called from early asm or from a C function + * that escapes stack canary tracking (by calling + * reset_stack_and_jump() for example). + */ +void __init asmlinkage boot_stack_chk_guard_setup(void) +{ + /* + * Linear congruent generator (X_n+1 =3D X_n * a + c). + * + * Constant is taken from "Tables Of Linear Congruential + * Generators Of Different Sizes And Good Lattice Structure" by + * Pierre L=E2=80=99Ecuyer. + */ +#if BITS_PER_LONG =3D=3D 32 + const unsigned long a =3D 2891336453UL; +#else + const unsigned long a =3D 2862933555777941757UL; +#endif + const unsigned long c =3D 1; + + unsigned long cycles =3D get_cycles(); + + /* Use the initial value if we can't generate random one */ + if ( !cycles ) + return; + + __stack_chk_guard =3D cycles * a + c; +} + +void asmlinkage __stack_chk_fail(void) +{ + dump_execution_state(); + panic("Stack Protector integrity violation identified\n"); +} --=20 2.47.1