linux-mips
[Top] [All Lists]

[PATCH] MIPS: r4k,octeon,r2300: stack protector: change canary per task

To: ralf@linux-mips.org
Subject: [PATCH] MIPS: r4k,octeon,r2300: stack protector: change canary per task
From: Gregory Fong <gregory.0xf0@gmail.com>
Date: Mon, 17 Jun 2013 13:36:07 -0700
Cc: linux-mips@linux-mips.org, Gregory Fong <gregory.0xf0@gmail.com>
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:subject:date:message-id:x-mailer; bh=DcVywaK/+x59KtQOQOxcI1NDf4bqgw3oD7XuwTLoz8s=; b=QumFG9BvH0rjp22VAI5yx1arX6EflvgIOh1ZZSsZJ1aCSrOiw5WMauvl22miuIgPMR SfjEkJ+ClxH/iaC1WuYvJfk0huZy05+4Mxdp+gv+q8tK1itRFqq1HVqGE70J88JnSqeg RAG1KrNoQfOMUdYXqB0V5LsTVkLX8V0pU5HIt52LaTnRYOp9OL7LxXWLWj+kVE6bbwTd 8K20mChmxF/cCSzxqac9idWWSTnBdr3uUA/WpY7ygmV6IjPSQWvYjCGs93i6opbB2UXa 1RXmIzn1NC8C7RpW8gdCEwoH4nq79PX3jwVq7OZiDK8pxkWPjNYV9fP/5nyhwG/iP288 A7Zw==
List-archive: <http://www.linux-mips.org/archives/linux-mips/>
List-help: <mailto:ecartis@linux-mips.org?Subject=help>
List-id: linux-mips <linux-mips.eddie.linux-mips.org>
List-owner: <mailto:ralf@linux-mips.org>
List-post: <mailto:linux-mips@linux-mips.org>
List-software: Ecartis version 1.0.0
List-subscribe: <mailto:ecartis@linux-mips.org?subject=subscribe%20linux-mips>
List-unsubscribe: <mailto:ecartis@linux-mips.org?subject=unsubscribe%20linux-mips>
Original-recipient: rfc822;linux-mips@linux-mips.org
Sender: linux-mips-bounce@linux-mips.org
For non-SMP, uses the new random canary value that is stored in the
task struct whenever a new task is forked.  Based on ARM version in
df0698be14c6683606d5df2d83e3ae40f85ed0d9 and subject to the same
limitations: the variable GCC expects, __stack_chk_guard, is global,
so this will not work on SMP.

Quoting Nicolas Pitre <nico@fluxnic.net>: "One way to overcome this
GCC limitation would be to locate the __stack_chk_guard variable into
a memory page of its own for each CPU, and then use TLB locking to
have each CPU see its own page at the same virtual address for each of
them."

Signed-off-by: Gregory Fong <gregory.0xf0@gmail.com>
---
 arch/mips/kernel/asm-offsets.c   | 3 +++
 arch/mips/kernel/octeon_switch.S | 7 +++++++
 arch/mips/kernel/r2300_switch.S  | 7 +++++++
 arch/mips/kernel/r4k_switch.S    | 6 ++++++
 4 files changed, 23 insertions(+)

This patch depends on patch "MIPS: initial stack protector support"
(5448 in patchwork)

I only have the hardware to test r4k.  I don't see why it shouldn't
work on r2300 and octeon as well, but it should probably be checked
anyway.  If some kind volunteers could verify r2300 and octeon, it'd
be much appreciated!

diff --git a/arch/mips/kernel/asm-offsets.c b/arch/mips/kernel/asm-offsets.c
index 0845091..0c2e853 100644
--- a/arch/mips/kernel/asm-offsets.c
+++ b/arch/mips/kernel/asm-offsets.c
@@ -82,6 +82,9 @@ void output_task_defines(void)
        OFFSET(TASK_FLAGS, task_struct, flags);
        OFFSET(TASK_MM, task_struct, mm);
        OFFSET(TASK_PID, task_struct, pid);
+#if defined(CONFIG_CC_STACKPROTECTOR)
+       OFFSET(TASK_STACK_CANARY, task_struct, stack_canary);
+#endif
        DEFINE(TASK_STRUCT_SIZE, sizeof(struct task_struct));
        BLANK();
 }
diff --git a/arch/mips/kernel/octeon_switch.S b/arch/mips/kernel/octeon_switch.S
index 0e23343..94c29ec 100644
--- a/arch/mips/kernel/octeon_switch.S
+++ b/arch/mips/kernel/octeon_switch.S
@@ -98,6 +98,13 @@
        mtc0    t0, $11,7       /* CvmMemCtl */
 #endif
 3:
+
+#if defined(CONFIG_CC_STACKPROTECTOR) && !defined(CONFIG_SMP)
+       PTR_L   t8, __stack_chk_guard
+       LONG_L  t9, TASK_STACK_CANARY(a1)
+       LONG_S  t9, 0(t8)
+#endif
+
        /*
         * The order of restoring the registers takes care of the race
         * updating $28, $29 and kernelsp without disabling ints.
diff --git a/arch/mips/kernel/r2300_switch.S b/arch/mips/kernel/r2300_switch.S
index 5266c6e..38af83f 100644
--- a/arch/mips/kernel/r2300_switch.S
+++ b/arch/mips/kernel/r2300_switch.S
@@ -65,6 +65,13 @@ LEAF(resume)
        fpu_save_single a0, t0                  # clobbers t0
 
 1:
+
+#if defined(CONFIG_CC_STACKPROTECTOR) && !defined(CONFIG_SMP)
+       PTR_L   t8, __stack_chk_guard
+       LONG_L  t9, TASK_STACK_CANARY(a1)
+       LONG_S  t9, 0(t8)
+#endif
+
        /*
         * The order of restoring the registers takes care of the race
         * updating $28, $29 and kernelsp without disabling ints.
diff --git a/arch/mips/kernel/r4k_switch.S b/arch/mips/kernel/r4k_switch.S
index 5e51219..921238a 100644
--- a/arch/mips/kernel/r4k_switch.S
+++ b/arch/mips/kernel/r4k_switch.S
@@ -68,6 +68,12 @@
                                                # clobbers t1
 1:
 
+#if defined(CONFIG_CC_STACKPROTECTOR) && !defined(CONFIG_SMP)
+       PTR_L   t8, __stack_chk_guard
+       LONG_L  t9, TASK_STACK_CANARY(a1)
+       LONG_S  t9, 0(t8)
+#endif
+
        /*
         * The order of restoring the registers takes care of the race
         * updating $28, $29 and kernelsp without disabling ints.
-- 
1.8.1.2


<Prev in Thread] Current Thread [Next in Thread>
  • [PATCH] MIPS: r4k,octeon,r2300: stack protector: change canary per task, Gregory Fong <=