From patchwork Mon Oct  2 11:59:36 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Thomas Gleixner <tglx@linutronix.de>
X-Patchwork-Id: 147516
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:612c:2a8e:b0:403:3b70:6f57 with SMTP id
 in14csp1719361vqb;
        Mon, 2 Oct 2023 15:11:22 -0700 (PDT)
X-Google-Smtp-Source: 
 AGHT+IG7vnoHKuP9klsfPVGFh8dfvq4NB8PK3DnhnwGEWFIOrfrMe1bKeh4mET9Q+5puYEZgGDCA
X-Received: by 2002:a17:903:1ca:b0:1c5:9d00:be84 with SMTP id
 e10-20020a17090301ca00b001c59d00be84mr1290186plh.33.1696284682286;
        Mon, 02 Oct 2023 15:11:22 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1696284682; cv=none;
        d=google.com; s=arc-20160816;
        b=nVRE5w4AY5L5TRZIxjt2qXJX9B3qgUipXobMuUaYtZM571f7iKfNHtouGrs5vMWHKB
         zDmglrWKh+Wmpxf6H/MwPz6O20WrZmZgwZRcjnoxkb/fo2/iqyXIRjiWLwkn7DojzLPd
         xFrgODbRRtHvsd7KxMHAtwmCxZO3m3b1CZjY2Q2bWxKHbAsP0ERNSkdFB+kFBCtpPBUu
         mbzYfxr0d+D7lUocgieIvSt9htcqhnY7NctKBdTphReurQc3Vz6ClUg1zu2QHCv6kGAk
         viwcpaDh6hW9IrvUpo58tOexJUey4y8SRxeOeMZW4wFOr6vMbBG3I1d7FItkgfUV3X1F
         gxmA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:date:mime-version:references:subject:cc:to:from
         :dkim-signature:dkim-signature:message-id;
        bh=MpCnK67GELVxPmL+nKHxE4OtoLy/US/2UWS6ahSC0yw=;
        fh=u57tXYamzTrJA+Ht8n1u7SfTMptrQaIb6LVW+jsaYf4=;
        b=FT5zpGzeCO2BbPSZSnLcCAiVIDASPOaXJTT0nHYCRMLSBWGaY0NGNav9HZzAt1S+0P
         ufzfokiYm2tkdrHsS4OmiVj5isveNQ+TpITaGaYw6GLAvjFKUQEoJp2DS1YvZAMUusxY
         Y0pp1YYjSa0/MWua3fEReIzuMh1y7jjNMTzmxttJ6MFMXjJNBkYGTsi+eK/Kk7JJbsfv
         rDHoxGqk4Yx1D6eF9/n5jH2GdZQ93arVmfCcbJPCxAZY5RjTrkX1dOF8jYaMdJEawY4+
         FRED+Yh6gmgbNdI+UVE7ZMilAVcVbnYqXEuQWmrBA7GsBCjPH+Rld9bW56bYaZIoEdFl
         YGUQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linutronix.de header.s=2020 header.b=KKzAKlH7;
       dkim=neutral (no key) header.i=@linutronix.de header.s=2020e
 header.b=HHGzqGpD;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 23.128.96.37 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de
Received: from snail.vger.email (snail.vger.email. [23.128.96.37])
        by mx.google.com with ESMTPS id
 c15-20020a170902d48f00b001b81fe65fa3si30718573plg.569.2023.10.02.15.11.22
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 02 Oct 2023 15:11:22 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 23.128.96.37 as permitted sender) client-ip=23.128.96.37;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linutronix.de header.s=2020 header.b=KKzAKlH7;
       dkim=neutral (no key) header.i=@linutronix.de header.s=2020e
 header.b=HHGzqGpD;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 23.128.96.37 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by snail.vger.email (Postfix) with ESMTP id C16DD8106780;
	Mon,  2 Oct 2023 04:59:48 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S236841AbjJBL7o (ORCPT <rfc822;pusanteemu@gmail.com> + 18 others);
        Mon, 2 Oct 2023 07:59:44 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60686 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S236801AbjJBL7l (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 2 Oct 2023 07:59:41 -0400
Received: from galois.linutronix.de (Galois.linutronix.de [193.142.43.55])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6EA52D3
        for <linux-kernel@vger.kernel.org>;
 Mon,  2 Oct 2023 04:59:38 -0700 (PDT)
Message-ID: <20231002115902.156063939@linutronix.de>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de;
        s=2020; t=1696247977;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         references:references;
 bh=MpCnK67GELVxPmL+nKHxE4OtoLy/US/2UWS6ahSC0yw=;
        b=KKzAKlH7CbuBMSxI0yGr7SlgHQhn+BM3XhYs8LN3BViOeoy3EZ6qW48HIPZzUZlrHdv5WN
        R5bekrTnkJzZNRLV4bTmaf/nV6spDCSibVbXD3u15tP3W7P5GafrnJ2v/LyjWQLoCCNd6p
        nVGLth1Rs3cDzIOxz6fxoS3UMDt4h6gPoNO0K6yuSyR9i3mWUZr66jYrSbCHsoYGQYR6p1
        J20dij6nXx0ThVltKAvpki2v8LLDO03C+EaCb81R1p9TLtyPTU49sFzOmKfctYf+ib9SNM
        DmvUK6r9ZDJd0Ax+LsybxI6muT8/oD9p41i/V4uDB63Xqkq9h5L9hp1q3M0PBw==
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de;
        s=2020e; t=1696247977;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         references:references;
 bh=MpCnK67GELVxPmL+nKHxE4OtoLy/US/2UWS6ahSC0yw=;
        b=HHGzqGpDHgoB65PMZaOFO1tJw+6BVaXiVwp8FJCDZpuiCtek8/uBNemv8bq4pViA56iZdt
        2E2nPs1TqqOIfbDg==
From: Thomas Gleixner <tglx@linutronix.de>
To: LKML <linux-kernel@vger.kernel.org>
Cc: x86@kernel.org, Borislav Petkov <bp@alien8.de>,
        "Chang S. Bae" <chang.seok.bae@intel.com>,
        Arjan van de Ven <arjan@linux.intel.com>,
        Nikolay Borisov <nik.borisov@suse.com>
Subject: [patch V4 02/30] x86/boot/32: Disable stackprotector and tracing for
 mk_early_pgtbl_32()
References: <20231002115506.217091296@linutronix.de>
MIME-Version: 1.0
Date: Mon,  2 Oct 2023 13:59:36 +0200 (CEST)
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED,
        SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test,
 not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]);
 Mon, 02 Oct 2023 04:59:48 -0700 (PDT)
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1778683407152020721
X-GMAIL-MSGID: 1778683407152020721

Stackprotector cannot work before paging is enabled. The read from the per
CPU variable __stack_chk_guard is always accessing the virtual address
either directly on UP or via FS on SMP. In physical address mode this
results in an access to memory above 3GB.

So this works by chance as the hardware returns the same value when there
is no RAM at this physical address. When there is RAM populated above 3G
then the read is by chance the same as nothing changes that memory during
the very early boot stage.

Stop relying on pure luck and disable the stack protector for the only C
function which is called during early boot before paging is enabled.

Remove function tracing from the whole source file as there is no way to
trace this at all, but in case of CONFIG_DYNAMIC_FTRACE=n
mk_early_pgtbl_32() would access global function tracer variables in
physical address mode which again might work by chance.

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
---
 arch/x86/kernel/Makefile |    1 +
 arch/x86/kernel/head32.c |    3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

--- a/arch/x86/kernel/Makefile
+++ b/arch/x86/kernel/Makefile
@@ -16,6 +16,7 @@ CFLAGS_REMOVE_kvmclock.o = -pg
 CFLAGS_REMOVE_ftrace.o = -pg
 CFLAGS_REMOVE_early_printk.o = -pg
 CFLAGS_REMOVE_head64.o = -pg
+CFLAGS_REMOVE_head32.o = -pg
 CFLAGS_REMOVE_sev.o = -pg
 CFLAGS_REMOVE_rethook.o = -pg
 endif
--- a/arch/x86/kernel/head32.c
+++ b/arch/x86/kernel/head32.c
@@ -73,7 +73,8 @@ asmlinkage __visible void __init __noret
  * always zero at this stage.
  */
 void __init mk_early_pgtbl_32(void);
-void __init mk_early_pgtbl_32(void)
+
+void __init __no_stack_protector mk_early_pgtbl_32(void)
 {
 #ifdef __pa
 #undef __pa