Acasă Explorează Ajutor
Înregistrare Autentificare
phyus
/
linux-vybrid_public
8
0
Bifurcare 0
Fisiere Probleme 0 Trageți solicitările 0 Wiki
Răsfoiți Sursa

stackprotector: remove self-test

turns out gcc generates such stackprotector-failure sequences
in certain circumstances:

        movq    -8(%rbp), %rax  # D.16032,
        xorq    %gs:40, %rax    #,
        jne     .L17    #,
        leave
        ret
.L17:
        call    __stack_chk_fail        #
        .size   __stack_chk_test_func, .-__stack_chk_test_func
        .section        .init.text,"ax",@progbits
        .type   panic_setup, @function
panic_setup:
        pushq   %rbp    #

note that there's no jump back to the failing context after the
call to __stack_chk_fail - i.e. it has a ((noreturn)) attribute.

Which is fair enough in the normal case but kills the self-test.
(as we cannot reliably return in the self-test)

Signed-off-by: Ingo Molnar <mingo@elte.hu>
Ingo Molnar 17 ani în urmă
părinte
af9ff7868f
comite
4f962d4d65
1 a modificat fișierele cu 0 adăugiri și 47 ștergeri
Vizualizare divizată Arată Statisticile Diff
  1. 0 47
      kernel/panic.c

+ 0 - 47
kernel/panic.c
Vizualizați fișierul 

@@ -329,62 +329,15 @@ EXPORT_SYMBOL(warn_on_slowpath);
 
 #warning You have selected the CONFIG_CC_STACKPROTECTOR option, but the gcc used does not support this.
 
 #endif
 
 
-static unsigned long __stack_check_testing;
 
-
 
-/*
 
- * Self test function for the stack-protector feature.
 
- * This test requires that the local variable absolutely has
 
- * a stack slot.
 
- */
 
-static noinline void __stack_chk_test_func(void)
 
-{
 
-	unsigned long dummy_buffer[64]; /* force gcc to use the canary */
 
-
 
-	current->stack_canary = ~current->stack_canary;
 
-	refresh_stack_canary();
 
-	dummy_buffer[3] = 1; /* fool gcc into keeping the variable */
 
-}
 
-
 
-static int __stack_chk_test(void)
 
-{
 
-	printk(KERN_INFO "Testing -fstack-protector-all feature\n");
 
-	__stack_check_testing = (unsigned long)&__stack_chk_test_func;
 
-	__stack_chk_test_func();
 
-	if (__stack_check_testing) {
 
-		printk(KERN_ERR "-fstack-protector-all test failed\n");
 
-		WARN_ON(1);
 
-	};
 
-	current->stack_canary = ~current->stack_canary;
 
-	refresh_stack_canary();
 
-	return 0;
 
-}
 
 /*
 
  * Called when gcc's -fstack-protector feature is used, and
 
  * gcc detects corruption of the on-stack canary value
 
  */
 
 void __stack_chk_fail(void)
 
 {
 
-	if (__stack_check_testing == (unsigned long)&__stack_chk_test_func) {
 
-		long delta;
 
-
 
-		delta = (unsigned long)__builtin_return_address(0) -
 
-				__stack_check_testing;
 
-		/*
 
-		 * The test needs to happen inside the test function, so
 
-		 * check if the return address is close to that function.
 
-		 * The function is only 2 dozen bytes long, but keep a wide
 
-		 * safety margin to avoid panic()s for normal users regardless
 
-		 * of the quality of the compiler.
 
-		 */
 
-		if (delta >= 0 && delta <= 400) {
 
-			__stack_check_testing = 0;
 
-			return;
 
-		}
 
-	}
 
 	panic("stack-protector: Kernel stack is corrupted in: %p\n",
 
 		__builtin_return_address(0));
 
 }
 
 EXPORT_SYMBOL(__stack_chk_fail);
 
 
-late_initcall(__stack_chk_test);
 
 #endif