mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-11-01 08:58:07 +00:00
7053f80d96
The previous commit reduced the amount of code that is run before we
setup a paca. However there are still a few remaining functions that
run with no paca, or worse, with an arbitrary value in r13 that will
be used as a paca pointer.
In particular the stack protector canary is stored in the paca, so if
stack protector is activated for any of these functions we will read
the stack canary from wherever r13 points. If r13 happens to point
outside of memory we will get a machine check / checkstop.
For example if we modify initialise_paca() to trigger stack
protection, and then boot in the mambo simulator with r13 poisoned in
skiboot before calling the kernel:
DEBUG: 19952232: (19952232): INSTRUCTION: PC=0xC0000000191FC1E8: [0x3C4C006D]: addis r2,r12,0x6D [fetch]
DEBUG: 19952236: (19952236): INSTRUCTION: PC=0xC00000001807EAD8: [0x7D8802A6]: mflr r12 [fetch]
FATAL ERROR: 19952276: (19952276): Check Stop for 0:0: Machine Check with ME bit of MSR off
DEBUG: 19952276: (19952276): INSTRUCTION: PC=0xC0000000191FCA7C: [0xE90D0CF8]: ld r8,0xCF8(r13) [Instruction Failed]
INFO: 19952276: (19952277): ** Execution stopped: Mambo Error, Machine Check Stop, **
systemsim % bt
pc: 0xC0000000191FCA7C initialise_paca+0x54
lr: 0xC0000000191FC22C early_setup+0x44
stack:0x00000000198CBED0 0x0 +0x0
stack:0x00000000198CBF00 0xC0000000191FC22C early_setup+0x44
stack:0x00000000198CBF90 0x1801C968 +0x1801C968
So annotate the relevant functions to ensure stack protection is never
enabled for them.
Fixes: 06ec27aea9
("powerpc/64: add stack protector support")
Cc: stable@vger.kernel.org # v4.20+
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/20200320032116.1024773-2-mpe@ellerman.id.au
73 lines
1.7 KiB
C
73 lines
1.7 KiB
C
/* SPDX-License-Identifier: GPL-2.0-or-later */
|
|
/*
|
|
* Prototypes for functions that are shared between setup_(32|64|common).c
|
|
*
|
|
* Copyright 2016 Michael Ellerman, IBM Corporation.
|
|
*/
|
|
|
|
#ifndef __ARCH_POWERPC_KERNEL_SETUP_H
|
|
#define __ARCH_POWERPC_KERNEL_SETUP_H
|
|
|
|
#ifdef CONFIG_CC_IS_CLANG
|
|
#define __nostackprotector
|
|
#else
|
|
#define __nostackprotector __attribute__((__optimize__("no-stack-protector")))
|
|
#endif
|
|
|
|
void initialize_cache_info(void);
|
|
void irqstack_early_init(void);
|
|
|
|
#ifdef CONFIG_PPC32
|
|
void setup_power_save(void);
|
|
#else
|
|
static inline void setup_power_save(void) { };
|
|
#endif
|
|
|
|
#if defined(CONFIG_PPC64) && defined(CONFIG_SMP)
|
|
void check_smt_enabled(void);
|
|
#else
|
|
static inline void check_smt_enabled(void) { };
|
|
#endif
|
|
|
|
#if defined(CONFIG_PPC_BOOK3E) && defined(CONFIG_SMP)
|
|
void setup_tlb_core_data(void);
|
|
#else
|
|
static inline void setup_tlb_core_data(void) { };
|
|
#endif
|
|
|
|
#if defined(CONFIG_PPC_BOOK3E) || defined(CONFIG_BOOKE) || defined(CONFIG_40x)
|
|
void exc_lvl_early_init(void);
|
|
#else
|
|
static inline void exc_lvl_early_init(void) { };
|
|
#endif
|
|
|
|
#if defined(CONFIG_PPC64) || defined(CONFIG_VMAP_STACK)
|
|
void emergency_stack_init(void);
|
|
#else
|
|
static inline void emergency_stack_init(void) { };
|
|
#endif
|
|
|
|
#ifdef CONFIG_PPC64
|
|
u64 ppc64_bolted_size(void);
|
|
|
|
/* Default SPR values from firmware/kexec */
|
|
extern unsigned long spr_default_dscr;
|
|
#endif
|
|
|
|
/*
|
|
* Having this in kvm_ppc.h makes include dependencies too
|
|
* tricky to solve for setup-common.c so have it here.
|
|
*/
|
|
#ifdef CONFIG_KVM_BOOK3S_HV_POSSIBLE
|
|
void kvm_cma_reserve(void);
|
|
#else
|
|
static inline void kvm_cma_reserve(void) { };
|
|
#endif
|
|
|
|
#ifdef CONFIG_TAU
|
|
u32 cpu_temp(unsigned long cpu);
|
|
u32 cpu_temp_both(unsigned long cpu);
|
|
u32 tau_interrupts(unsigned long cpu);
|
|
#endif /* CONFIG_TAU */
|
|
|
|
#endif /* __ARCH_POWERPC_KERNEL_SETUP_H */
|