[PATCH] uml: fix compilation and execution with hardened GCC
To make some half-assembly stubs compile, disable various "hardened" GCC features: *) we can't make it build PIC code as we need %ebx to do syscalls and GCC wants it free for PIC *) we can't leave stack protection as the stub is moved (not relocated!) in memory so the RIP-relative access to the canary tries reading from an unmapped address and causes a segfault, since we move the stub of various megabytes (the exact amount will be decided at runtime) away from the link-time address. Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it> Acked-by: Jeff Dike <jdike@addtoit.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This commit is contained in:
parent
cb8aa3d29b
commit
275e6e1ee2
4 changed files with 17 additions and 2 deletions
|
@ -118,6 +118,10 @@ prepare: $(ARCH_DIR)/include/kern_constants.h
|
||||||
LINK-$(CONFIG_LD_SCRIPT_STATIC) += -static
|
LINK-$(CONFIG_LD_SCRIPT_STATIC) += -static
|
||||||
LINK-$(CONFIG_LD_SCRIPT_DYN) += -Wl,-rpath,/lib
|
LINK-$(CONFIG_LD_SCRIPT_DYN) += -Wl,-rpath,/lib
|
||||||
|
|
||||||
|
CFLAGS_NO_HARDENING := $(call cc-option, -fno-PIC,) $(call cc-option, -fno-pic,) \
|
||||||
|
$(call cc-option, -fno-stack-protector,) \
|
||||||
|
$(call cc-option, -fno-stack-protector-all,)
|
||||||
|
|
||||||
CPP_MODE-$(CONFIG_MODE_TT) := -DMODE_TT
|
CPP_MODE-$(CONFIG_MODE_TT) := -DMODE_TT
|
||||||
CONFIG_KERNEL_STACK_ORDER ?= 2
|
CONFIG_KERNEL_STACK_ORDER ?= 2
|
||||||
STACK_SIZE := $(shell echo $$[ 4096 * (1 << $(CONFIG_KERNEL_STACK_ORDER)) ] )
|
STACK_SIZE := $(shell echo $$[ 4096 * (1 << $(CONFIG_KERNEL_STACK_ORDER)) ] )
|
||||||
|
@ -227,4 +231,4 @@ $(ARCH_DIR)/include/kern_constants.h: $(objtree)/$(ARCH_DIR)/include
|
||||||
@echo ' SYMLINK $@'
|
@echo ' SYMLINK $@'
|
||||||
$(Q)ln -sf ../../../include/asm-um/asm-offsets.h $@
|
$(Q)ln -sf ../../../include/asm-um/asm-offsets.h $@
|
||||||
|
|
||||||
export SUBARCH USER_CFLAGS OS
|
export SUBARCH USER_CFLAGS CFLAGS_NO_HARDENING OS
|
||||||
|
|
|
@ -11,4 +11,11 @@ USER_OBJS := clone.o
|
||||||
include arch/um/scripts/Makefile.rules
|
include arch/um/scripts/Makefile.rules
|
||||||
|
|
||||||
# clone.o is in the stub, so it can't be built with profiling
|
# clone.o is in the stub, so it can't be built with profiling
|
||||||
$(obj)/clone.o : c_flags = -Wp,-MD,$(depfile) $(call unprofile,$(USER_CFLAGS))
|
# GCC hardened also auto-enables -fpic, but we need %ebx so it can't work ->
|
||||||
|
# disable it
|
||||||
|
|
||||||
|
CFLAGS_clone.o := $(CFLAGS_NO_HARDENING)
|
||||||
|
|
||||||
|
# since we're setting c_flags we _must_ add $(CFLAGS_$(*F).o).
|
||||||
|
|
||||||
|
$(obj)/clone.o : c_flags = -Wp,-MD,$(depfile) $(call unprofile,$(USER_CFLAGS)) $(CFLAGS_$(*F).o)
|
||||||
|
|
|
@ -13,6 +13,8 @@ USER_OBJS := bugs.o ptrace_user.o sigcontext.o fault.o stub_segv.o
|
||||||
USER_OBJS += user-offsets.s
|
USER_OBJS += user-offsets.s
|
||||||
extra-y += user-offsets.s
|
extra-y += user-offsets.s
|
||||||
|
|
||||||
|
CFLAGS_stub_segv.o := $(CFLAGS_NO_HARDENING)
|
||||||
|
|
||||||
extra-$(CONFIG_MODE_TT) += unmap.o
|
extra-$(CONFIG_MODE_TT) += unmap.o
|
||||||
|
|
||||||
include arch/um/scripts/Makefile.rules
|
include arch/um/scripts/Makefile.rules
|
||||||
|
|
|
@ -21,6 +21,8 @@ USER_OBJS := ptrace_user.o sigcontext.o stub_segv.o
|
||||||
USER_OBJS += user-offsets.s
|
USER_OBJS += user-offsets.s
|
||||||
extra-y += user-offsets.s
|
extra-y += user-offsets.s
|
||||||
|
|
||||||
|
CFLAGS_stub_segv.o := $(CFLAGS_NO_HARDENING)
|
||||||
|
|
||||||
extra-$(CONFIG_MODE_TT) += unmap.o
|
extra-$(CONFIG_MODE_TT) += unmap.o
|
||||||
|
|
||||||
include arch/um/scripts/Makefile.rules
|
include arch/um/scripts/Makefile.rules
|
||||||
|
|
Loading…
Reference in a new issue