From patchwork Wed Aug 16 10:02:21 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Borislav Petkov X-Patchwork-Id: 135996 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp1259817vqi; Fri, 18 Aug 2023 02:05:38 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHdJaIlx8gWIPkvqtQq/LhcDaI0vrFGS/h8emnLDSgwYQbiKnXNO2ufmoGX/pZH9DZ/ss8k X-Received: by 2002:a05:6808:1453:b0:3a7:5611:a53b with SMTP id x19-20020a056808145300b003a75611a53bmr2914299oiv.0.1692349538300; Fri, 18 Aug 2023 02:05:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1692349538; cv=none; d=google.com; s=arc-20160816; b=iy33aDqJ0jcjx7bumJg7kt6GFXheIvAZ/QI+DX2mI58KefOgLdMIkiRi+8QXnXgavY WpSStWb/ywTeLtJK2bJYoUiaTfQ4xi5cWVb7dHxAO30FdeTHSWDIGDxiKMvKw6uwCuBi 1XBmvqiRjKVACDwnuFkNo40e7WPcdDnifUvnGNiR0yjRAnvf8ngeuS4r7GvpshWAzgEq DoVg/FnBKRRZFewbKW5iVBIgB0EFJXPUhYYR0a+o033YroEfvbB5OYmiRVrHsszPzlpB AH/0S52tzPJt58ucRwVhx4pq3mksdFcI6ZX1w0u+BAWepWRqRuu+hDm607emnB/yJVY7 Q7QA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=VoAn3daUdUdYhse6urGbpDolwceR8ehj0o0K2xG39UU=; fh=QTBkJbKn4/NtiZrEoE/0EDb2pX9XUEueEii6skiQINc=; b=BdPXMRwYD2i4mf28spl22wcKDTmswXnKcG+0eFhrEL/wZgEJLy8VB1tmSGIIJ2GEvN wAPAluF5CyA4ErpHnBVdYMpTfyiImTxx3RPndq7JV8LPuEu+t6dCCb9k6eBlqew1vqCN MC23M/+NDMVXOPmTGC+WDF7Xz+wuIvmUE2XvLyHtRkwaVmVuYCU6g1WTbGZ8PyoEAaes vbPNus0fZpNH4YEDs/kqUqjM1kVqW2+sOI/iUd6MOYbftIFyp8LDFPAOupQPxXDLj34U 1YRAeOTcBjK817rpwsVl5kjM/MybRpk/+ShP2FYnz/kW8uKn2SCoba/tDOk5b/l87CKO 3Wog== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@alien8.de header.s=alien8 header.b=IP3hNbkp; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b21-20020a639315000000b0055ac8f8526dsi1048302pge.530.2023.08.18.02.05.24; Fri, 18 Aug 2023 02:05:38 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@alien8.de header.s=alien8 header.b=IP3hNbkp; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S243654AbjHPKCv (ORCPT + 99 others); Wed, 16 Aug 2023 06:02:51 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46074 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S243644AbjHPKCk (ORCPT ); Wed, 16 Aug 2023 06:02:40 -0400 Received: from mail.alien8.de (mail.alien8.de [65.109.113.108]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 580EEC1 for ; Wed, 16 Aug 2023 03:02:39 -0700 (PDT) Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTP id A07FA40E0196; Wed, 16 Aug 2023 10:02:37 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at mail.alien8.de Authentication-Results: mail.alien8.de (amavisd-new); dkim=fail (4096-bit key) reason="fail (body has been altered)" header.d=alien8.de Received: from mail.alien8.de ([127.0.0.1]) by localhost (mail.alien8.de [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id BQ9N2dWi0aiA; Wed, 16 Aug 2023 10:02:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=alien8; t=1692180154; bh=Cys/IyeqTrL4SPpTDB0UXFPjUx1lfw4Hf5gKLKoX6E0=; h=From:To:Cc:Subject:Date:From; b=IP3hNbkpdQTOTuJaSingsntPAxBgC5WsTB1KogG9K0UfIpxs9FBFiGjoJJL72QJUP 5QQJUAo84iII8ryeeD2cZEOB6f91pl8HsWWaL9i7mzP0vu9C/3hM1v42l+ZK7XkW8H PV4VLqY16GFNiYsVDY0mngKM+7Mbj66M3y3z8uIyZycbG0+fxKydDBt/q4KM96rGnA nVBFbTaRRqU1lwA2oU6GMkqWdwvCOU+BuvtdY70+qH9SDmq2ZARCHmwGOCLBDEpwl1 CghAq9dEIL3CkR25jaVYpWqIkvIdzcuyB/9Kp1wg65vEPFQDy9nPWqxx7V9TMVwG+s 6d6bRrXOYAQ8zpCvuCHz0jk8Xfy1JtZxMolCH7mh6zFNl4OOOnV+XF2AGwXbL1VJYz IdhyPuseZD70fXAEh6JJiSL4EvC1QqJ9Ve0QkSGvR/QY7D2fsPE8KxBeNlhkl5fC3X A7hkz7/aNeNyWWhYGnP0YE/5npHOvO+dtr5jCbf/K4LaRJzDsjoJAFQlwhiXtLiYnA +Co8qwPz7jJrgraNBngPZZvxB7gS+9oX4YDOOqp2dZ95Wk2vuexiv3C9zWqI61bxKv yu4PxIiO5x0G4ZXpy45jS8i2g6Byx4uwMeORXCdwGvgRhLURYIBEhDZu/FOVkgSgjo xvM+DS/ylp1WTU4yiLvTmDLo= Received: from zn.tnic (pd9530d32.dip0.t-ipconnect.de [217.83.13.50]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 9A22A40E0193; Wed, 16 Aug 2023 10:02:31 +0000 (UTC) From: Borislav Petkov To: Thomas Gleixner Cc: X86 ML , LKML Subject: [PATCH] lib/earlycpio: Mark find_cpio_data() __no_stack_protector Date: Wed, 16 Aug 2023 12:02:21 +0200 Message-ID: <20230816100221.12209-1-bp@alien8.de> X-Mailer: git-send-email 2.42.0.rc0.25.ga82fb66fed25 MIME-Version: 1.0 X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1774557109338827193 X-GMAIL-MSGID: 1774557109338827193 From: "Borislav Petkov (AMD)" find_cpio_data() is called by the 32-bit x86 microcode loader while paging is not yet enabled and the CPU is running off physical addresses. However, when stack protector is enabled, the compiler adds the stack protection check for this function: c1846480 : c1846480: 55 push %ebp c1846481: 89 e5 mov %esp,%ebp c1846483: 57 push %edi ... c1846676: e9 85 fe ff ff jmp c1846500 c184667b: e8 20 9e 02 00 call c18704a0 <__stack_chk_fail> which cannot work yet. Prevent that from happening. Signed-off-by: Borislav Petkov (AMD) --- lib/earlycpio.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/earlycpio.c b/lib/earlycpio.c index d2c37d64fd0c..d3efe707c3f7 100644 --- a/lib/earlycpio.c +++ b/lib/earlycpio.c @@ -56,8 +56,8 @@ enum cpio_fields { * the match returned an empty filename string. */ -struct cpio_data find_cpio_data(const char *path, void *data, - size_t len, long *nextoff) +struct cpio_data __no_stack_protector find_cpio_data(const char *path, void *data, + size_t len, long *nextoff) { const size_t cpio_header_len = 8*C_NFIELDS - 2; struct cpio_data cd = { NULL, 0, "" };