From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Mon, 09 Oct 2023 13:54:05 +0200 Received: from metis.whiteo.stw.pengutronix.de ([2a0a:edc0:2:b01:1d::104]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1qpopp-001qa7-H4 for lore@lore.pengutronix.de; Mon, 09 Oct 2023 13:54:05 +0200 Received: from bombadil.infradead.org ([2607:7c80:54:3::133]) by metis.whiteo.stw.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1qpopl-0002KF-VM for lore@pengutronix.de; Mon, 09 Oct 2023 13:54:04 +0200 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=2Qx/rkUFrg7fdTygMZBbrZ4aSgPtBNrKFoKCB+jdIXY=; b=bQSOn/QRT7n7qBSELPQwOBIAXc mO69jMtO2OyRpZ/zLiOrMkTNXOlTbS4Ql5SEosc6a2QbWaF6SMDUW/vIB7rVz2UDKdrdRqbmT9liQ xCF0imMNADyrzUBEZ/UP0zc3J/3cu2kj/X1RGlUUFx0mjB72T2i5V6fC5UZQPNr5JSpbkdqEhqRCp uG3VWkbcGf00mY1wnfVmEkX4rYr+bCzZo0KMVRV90HT759JTwIXNLoDY2sx6PJG7sQsjxLa0g1cZi LymEacB7R4ZEHccHKZBYbmzM6RZW8QErs7V6VLh69MX4PNpgL0OJBufc6Vm9ZeXA3jMKOnKrIRiin TzsZDnSA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1qpooe-00AWFx-33; Mon, 09 Oct 2023 11:52:52 +0000 Received: from metis.whiteo.stw.pengutronix.de ([2a0a:edc0:2:b01:1d::104]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1qpoob-00AWDj-1x for barebox@lists.infradead.org; Mon, 09 Oct 2023 11:52:50 +0000 Received: from drehscheibe.grey.stw.pengutronix.de ([2a0a:edc0:0:c01:1d::a2]) by metis.whiteo.stw.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1qpooS-0001fr-FB; Mon, 09 Oct 2023 13:52:40 +0200 Received: from [2a0a:edc0:0:1101:1d::54] (helo=dude05.red.stw.pengutronix.de) by drehscheibe.grey.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1qpooS-000P3W-1n; Mon, 09 Oct 2023 13:52:40 +0200 Received: from afa by dude05.red.stw.pengutronix.de with local (Exim 4.96) (envelope-from ) id 1qpooS-009nmb-00; Mon, 09 Oct 2023 13:52:40 +0200 From: Ahmad Fatoum To: barebox@lists.infradead.org Cc: Ahmad Fatoum Date: Mon, 9 Oct 2023 13:52:38 +0200 Message-Id: <20231009115239.2291016-4-a.fatoum@pengutronix.de> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20231009115239.2291016-1-a.fatoum@pengutronix.de> References: <20231009115239.2291016-1-a.fatoum@pengutronix.de> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20231009_045249_645915_E0F24AD4 X-CRM114-Status: GOOD ( 12.17 ) X-BeenThere: barebox@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "barebox" X-SA-Exim-Connect-IP: 2607:7c80:54:3::133 X-SA-Exim-Mail-From: barebox-bounces+lore=pengutronix.de@lists.infradead.org X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on metis.whiteo.stw.pengutronix.de X-Spam-Level: X-Spam-Status: No, score=-4.9 required=4.0 tests=AWL,BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.2 Subject: [PATCH 4/5] lib: stackprot: don't directly write stack protector from HWRNG driver X-SA-Exim-Version: 4.2.1 (built Wed, 08 May 2019 21:11:16 +0000) X-SA-Exim-Scanned: Yes (on metis.whiteo.stw.pengutronix.de) get_crypto_bytes itself or some function it calls down to the driver may require a stack protector, so passing the address of the stack protector value down may end up tripping the stack protector during function return. To avoid this, let's write the stack protector in a function chain that eithr has stack protector disabled or that never returns. This fixes a crash using the virtio RNG driver to generate the stack protector. Signed-off-by: Ahmad Fatoum --- lib/stackprot.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/lib/stackprot.c b/lib/stackprot.c index c1cc19aadd09..7a8d0a4c1064 100644 --- a/lib/stackprot.c +++ b/lib/stackprot.c @@ -16,7 +16,7 @@ void __stack_chk_fail(void); -unsigned long __stack_chk_guard = (unsigned long)(0xfeedf00ddeadbeef & ~0UL); +volatile ulong __stack_chk_guard = (ulong)(0xfeedf00ddeadbeef & ~0UL); /* * Called when gcc's -fstack-protector feature is used, and @@ -30,11 +30,15 @@ EXPORT_SYMBOL(__stack_chk_fail); static __no_stack_protector int stackprot_randomize_guard(void) { + ulong chk_guard; int ret; - ret = get_crypto_bytes(&__stack_chk_guard, sizeof(__stack_chk_guard)); + ret = get_crypto_bytes(&chk_guard, sizeof(chk_guard)); if (ret) pr_warn("proceeding without randomized stack protector\n"); + else + __stack_chk_guard = chk_guard; + return 0; } late_initcall(stackprot_randomize_guard); -- 2.39.2