Build the kernel with -fstack-protector-strong to gain the additional
checks without the performance hit of -fstack-protector-all. This grows
the uncompressed kernel image by less than 0.16% on x86:
-rwxr-xr-x 1 keescook portage
118219343 Apr 17 12:26 /build/link/var/cache/portage/sys-kernel/chromeos-kernel/vmlinux
-rwxr-xr-x 1 keescook portage
118407919 Apr 19 15:00 /build/link/var/cache/portage/sys-kernel/chromeos-kernel/vmlinux
ARM's compressed boot code now triggers stack protection, so a static
guard was added. Since it is only doing decompression and it's been
validated by the firmware, the exposure here is very small. Once it
switches to the full kernel, random stack protection is back to normal.
BUG=chromium:233757
TEST=link and daisy build & boot
Change-Id: I512fb6444463e12a8e04428b6203a00b460a79ae
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/48703
Reviewed-by: Will Drewry <wad@chromium.org>
endif
ifeq ($(CONFIG_CC_STACKPROTECTOR),y)
-KBUILD_CFLAGS +=-fstack-protector
+KBUILD_CFLAGS +=-fstack-protector-strong
endif
ifeq ($(CONFIG_CPU_BIG_ENDIAN),y)
error("Attempting division by 0!");
}
+unsigned long __stack_chk_guard;
+
+void __stack_chk_guard_setup(void)
+{
+ __stack_chk_guard = 0x000a0dff;
+}
+
+void __stack_chk_fail(void)
+{
+ error("stack-protector: Kernel stack is corrupted\n");
+}
+
extern int do_decompress(u8 *input, int len, u8 *output, void (*error)(char *x));
{
int ret;
+ __stack_chk_guard_setup();
+
output_data = (unsigned char *)output_start;
free_mem_ptr = free_mem_ptr_p;
free_mem_end_ptr = free_mem_ptr_end_p;
ifdef CONFIG_CC_STACKPROTECTOR
cc_has_sp := $(srctree)/scripts/gcc-x86_$(BITS)-has-stack-protector.sh
ifeq ($(shell $(CONFIG_SHELL) $(cc_has_sp) $(CC) $(KBUILD_CPPFLAGS) $(biarch)),y)
- stackp-y := -fstack-protector
+ stackp-y := -fstack-protector-strong
KBUILD_CFLAGS += $(stackp-y)
else
$(warning stack protector enabled but no compiler support)
projects / cascardo / linux.git / commitdiff