From: Lai Jiangshan <jiangshanlai@gmail.com>
To: linux-kernel@vger.kernel.org
Cc: x86@kernel.org, Lai Jiangshan <laijs@linux.alibaba.com>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
"H. Peter Anvin" <hpa@zytor.com>, Joerg Roedel <jroedel@suse.de>,
Javier Martinez Canillas <javierm@redhat.com>,
Daniel Bristot de Oliveira <bristot@redhat.com>,
Brijesh Singh <brijesh.singh@amd.com>,
Andy Shevchenko <andriy.shevchenko@linux.intel.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
Arvind Sankar <nivedita@alum.mit.edu>,
Chester Lin <clin@suse.com>, Juergen Gross <jgross@suse.com>
Subject: [PATCH V3 03/49] x86/traps: Remove stack-protector from traps.c
Date: Thu, 14 Oct 2021 11:13:26 +0800 [thread overview]
Message-ID: <20211014031413.14471-4-jiangshanlai@gmail.com> (raw)
In-Reply-To: <20211014031413.14471-1-jiangshanlai@gmail.com>
From: Lai Jiangshan <laijs@linux.alibaba.com>
When stack-protector is enabled, the compiler adds some instrument code
at the beginning and the end of some functions. Many functions in traps.c
are non-instrumentable. Moreover, stack-protector code in the beginning
of the affected function accesses the canary that might be watched by
hardware breakpoints which also violate the non-instrumentable
nature of some functions and might cause infinite recursive #DB because
the canary is accessed before resetting the dr7.
So it is better to remove stack-protector from traps.c.
It is also prepared for later patches that move some entry code into
traps.c, some of which can NOT use percpu register until gsbase is
properly switched. And stack-protector depends on the percpu register
to work.
Signed-off-by: Lai Jiangshan <laijs@linux.alibaba.com>
---
arch/x86/kernel/Makefile | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile
index 2ff3e600f426..8ac45801ba8b 100644
--- a/arch/x86/kernel/Makefile
+++ b/arch/x86/kernel/Makefile
@@ -50,6 +50,7 @@ KCOV_INSTRUMENT := n
CFLAGS_head$(BITS).o += -fno-stack-protector
CFLAGS_cc_platform.o += -fno-stack-protector
+CFLAGS_traps.o += -fno-stack-protector
CFLAGS_irq.o := -I $(srctree)/$(src)/../include/asm/trace
--
2.19.1.6.gb485710b
next prev parent reply other threads:[~2021-10-14 3:14 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-14 3:13 [PATCH V3 00/49] x86/entry/64: Convert a bunch of ASM entry code into C code Lai Jiangshan
2021-10-14 3:13 ` [PATCH V3 01/49] x86/entry: Add fence for kernel entry swapgs in paranoid_entry() Lai Jiangshan
2021-10-14 3:13 ` [PATCH V3 02/49] x86/entry: Use the correct fence macro after swapgs in kernel CR3 Lai Jiangshan
2021-10-14 3:13 ` Lai Jiangshan [this message]
2021-10-14 3:13 ` [PATCH V3 04/49] x86/xen: Add xenpv_restore_regs_and_return_to_usermode() Lai Jiangshan
2021-10-16 18:08 ` Boris Ostrovsky
2021-10-14 3:13 ` [PATCH V3 05/49] x86/entry: Use swapgs and native_iret directly in swapgs_restore_regs_and_return_to_usermode Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 06/49] compiler_types.h: Add __noinstr_section() for noinstr Lai Jiangshan
2021-10-14 18:29 ` Nick Desaulniers
2021-10-14 18:35 ` Miguel Ojeda
2021-10-18 9:16 ` Lai Jiangshan
2021-10-18 11:29 ` Miguel Ojeda
2021-10-14 3:33 ` [PATCH V3 07/49] x86/entry: Introduce __entry_text for entry code written in C Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 08/49] x86/entry: Move PTI_USER_* to arch/x86/include/asm/processor-flags.h Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 09/49] x86: Remove unused kernel_to_user_p4dp() and user_to_kernel_p4dp() Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 10/49] x86: Replace PTI_PGTABLE_SWITCH_BIT with PTI_USER_PGTABLE_BIT Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 11/49] x86: Mark __native_read_cr3() & native_write_cr3() as __always_inline Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 12/49] x86/traps: Move the declaration of native_irq_return_iret into proto.h Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 13/49] x86/entry: Add arch/x86/entry/entry64.c for C entry code Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 14/49] x86/entry: Expose the address of .Lgs_change to entry64.c Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 15/49] x86/entry: Add C verion of SWITCH_TO_KERNEL_CR3 as switch_to_kernel_cr3() Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 16/49] x86/traps: Add fence_swapgs_{user,kernel}_entry() Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 17/49] x86/entry: Add C {user,kernel}_entry_swapgs_and_fence() Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 18/49] x86/traps: Move pt_regs only in fixup_bad_iret() Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 19/49] x86/entry: Switch the stack after error_entry() returns Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 20/49] x86/entry: move PUSH_AND_CLEAR_REGS out of error_entry Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 21/49] x86/entry: Move cld to the start of idtentry Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 22/49] x86/entry: Don't call error_entry for XENPV Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 23/49] x86/entry: Convert SWAPGS to swapgs in error_entry() Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 24/49] x86/entry: Implement the whole error_entry() as C code Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 25/49] x86/entry: Use idtentry macro for entry_INT80_compat Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 26/49] x86/entry: Convert SWAPGS to swapgs in entry_SYSENTER_compat() Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 27/49] x86: Remove the definition of SWAPGS Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 28/49] x86/entry: Make paranoid_exit() callable Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 29/49] x86/entry: Call paranoid_exit() in asm_exc_nmi() Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 30/49] x86/entry: move PUSH_AND_CLEAR_REGS out of paranoid_entry Lai Jiangshan
2021-10-14 3:33 ` [PATCH V3 31/49] x86/entry: Add the C version ist_switch_to_kernel_cr3() Lai Jiangshan
2021-10-14 3:41 ` [PATCH V3 32/49] x86/entry: Add the C version ist_restore_cr3() Lai Jiangshan
2021-10-25 0:34 ` Lai Jiangshan
2021-10-14 3:41 ` [PATCH V3 33/49] x86/entry: Add the C version get_percpu_base() Lai Jiangshan
2021-10-14 3:41 ` [PATCH V3 34/49] x86/entry: Add the C version ist_switch_to_kernel_gsbase() Lai Jiangshan
2021-10-14 3:41 ` [PATCH V3 35/49] x86/entry: Implement the C version ist_paranoid_entry() Lai Jiangshan
2021-10-14 3:50 ` [PATCH V3 36/49] x86/entry: Implement the C version ist_paranoid_exit() Lai Jiangshan
2021-10-14 3:50 ` [PATCH V3 37/49] x86/entry: Add a C macro to define the function body for IST in .entry.text Lai Jiangshan
2021-10-14 3:50 ` [PATCH V3 38/49] x86/debug, mce: Use C entry code Lai Jiangshan
2021-10-14 3:50 ` [PATCH V3 39/49] x86/idtentry.h: Move the definitions *IDTENTRY_{MCE|DEBUG}* up Lai Jiangshan
2021-10-14 3:50 ` [PATCH V3 40/49] x86/nmi: Use DEFINE_IDTENTRY_NMI for nmi Lai Jiangshan
2021-10-14 3:50 ` [PATCH V3 41/49] x86/nmi: Use C entry code Lai Jiangshan
2021-10-14 3:50 ` [PATCH V3 42/49] x86/entry: Add a C macro to define the function body for IST in .entry.text with an error code Lai Jiangshan
2021-10-14 3:58 ` [PATCH V3 43/49] x86/doublefault: Use C entry code Lai Jiangshan
2021-10-14 3:58 ` [PATCH V3 44/49] x86/sev: Add and use ist_vc_switch_off_ist() Lai Jiangshan
2021-10-14 3:58 ` [PATCH V3 45/49] x86/sev: Use C entry code Lai Jiangshan
2021-10-14 3:58 ` [PATCH V3 46/49] x86/entry: Remove ASM function paranoid_entry() and paranoid_exit() Lai Jiangshan
2021-10-14 3:58 ` [PATCH V3 47/49] x86/entry: Remove the unused ASM macros Lai Jiangshan
2021-10-14 3:58 ` [PATCH V3 48/49] x86/entry: Remove save_ret from PUSH_AND_CLEAR_REGS Lai Jiangshan
2021-10-14 3:58 ` [PATCH V3 49/49] x86/syscall/64: Move the checking for sysret to C code Lai Jiangshan
2021-10-23 0:01 ` [PATCH V3 00/49] x86/entry/64: Convert a bunch of ASM entry code into " Lai Jiangshan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211014031413.14471-4-jiangshanlai@gmail.com \
--to=jiangshanlai@gmail.com \
--cc=andriy.shevchenko@linux.intel.com \
--cc=bp@alien8.de \
--cc=brijesh.singh@amd.com \
--cc=bristot@redhat.com \
--cc=clin@suse.com \
--cc=hpa@zytor.com \
--cc=javierm@redhat.com \
--cc=jgross@suse.com \
--cc=jroedel@suse.de \
--cc=laijs@linux.alibaba.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=nivedita@alum.mit.edu \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.