From: Ahmad Fatoum <a.fatoum@pengutronix.de>
To: barebox@lists.infradead.org
Cc: Ahmad Fatoum <a.fatoum@pengutronix.de>
Subject: [PATCH 4/5] lib: stackprot: don't directly write stack protector from HWRNG driver
Date: Mon, 9 Oct 2023 13:52:38 +0200 [thread overview]
Message-ID: <20231009115239.2291016-4-a.fatoum@pengutronix.de> (raw)
In-Reply-To: <20231009115239.2291016-1-a.fatoum@pengutronix.de>
get_crypto_bytes itself or some function it calls down to the driver may
require a stack protector, so passing the address of the stack protector
value down may end up tripping the stack protector during function
return.
To avoid this, let's write the stack protector in a function
chain that eithr has stack protector disabled or that never returns.
This fixes a crash using the virtio RNG driver to generate the stack
protector.
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
---
lib/stackprot.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/lib/stackprot.c b/lib/stackprot.c
index c1cc19aadd09..7a8d0a4c1064 100644
--- a/lib/stackprot.c
+++ b/lib/stackprot.c
@@ -16,7 +16,7 @@
void __stack_chk_fail(void);
-unsigned long __stack_chk_guard = (unsigned long)(0xfeedf00ddeadbeef & ~0UL);
+volatile ulong __stack_chk_guard = (ulong)(0xfeedf00ddeadbeef & ~0UL);
/*
* Called when gcc's -fstack-protector feature is used, and
@@ -30,11 +30,15 @@ EXPORT_SYMBOL(__stack_chk_fail);
static __no_stack_protector int stackprot_randomize_guard(void)
{
+ ulong chk_guard;
int ret;
- ret = get_crypto_bytes(&__stack_chk_guard, sizeof(__stack_chk_guard));
+ ret = get_crypto_bytes(&chk_guard, sizeof(chk_guard));
if (ret)
pr_warn("proceeding without randomized stack protector\n");
+ else
+ __stack_chk_guard = chk_guard;
+
return 0;
}
late_initcall(stackprot_randomize_guard);
--
2.39.2
next prev parent reply other threads:[~2023-10-09 11:54 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-09 11:52 [PATCH 1/5] lib: ubsan: disable sanitization for UBSAN implementation Ahmad Fatoum
2023-10-09 11:52 ` [PATCH 2/5] lib: random: don't duplicate error/warning prefix in log message Ahmad Fatoum
2023-10-09 11:52 ` [PATCH 3/5] lib: stackprot: improve error message on missing HWRNG Ahmad Fatoum
2023-10-09 11:52 ` Ahmad Fatoum [this message]
2023-10-09 11:52 ` [PATCH 5/5] lib: stackprot: hide symbols when not applicable Ahmad Fatoum
2023-10-13 9:17 ` [PATCH 1/5] lib: ubsan: disable sanitization for UBSAN implementation Sascha Hauer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231009115239.2291016-4-a.fatoum@pengutronix.de \
--to=a.fatoum@pengutronix.de \
--cc=barebox@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox