mirror of
https://github.com/FEX-Emu/linux.git
synced 2025-01-07 01:51:42 +00:00
stackprotector: Unify the HAVE_CC_STACKPROTECTOR logic between architectures
Instead of duplicating the CC_STACKPROTECTOR Kconfig and Makefile logic in each architecture, switch to using HAVE_CC_STACKPROTECTOR and keep everything in one place. This retains the x86-specific bug verification scripts. Signed-off-by: Kees Cook <keescook@chromium.org> Cc: Arjan van de Ven <arjan@linux.intel.com> Cc: Michal Marek <mmarek@suse.cz> Cc: Russell King <linux@arm.linux.org.uk> Cc: Ralf Baechle <ralf@linux-mips.org> Cc: Paul Mundt <lethal@linux-sh.org> Cc: James Hogan <james.hogan@imgtec.com> Cc: Stephen Rothwell <sfr@canb.auug.org.au> Cc: Shawn Guo <shawn.guo@linaro.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: linux-arm-kernel@lists.infradead.org Cc: linux-mips@linux-mips.org Cc: linux-arch@vger.kernel.org Link: http://lkml.kernel.org/r/1387481759-14535-2-git-send-email-keescook@chromium.org Signed-off-by: Ingo Molnar <mingo@kernel.org>
This commit is contained in:
parent
b0031f227e
commit
19952a9203
14
Makefile
14
Makefile
@ -595,10 +595,18 @@ ifneq ($(CONFIG_FRAME_WARN),0)
|
|||||||
KBUILD_CFLAGS += $(call cc-option,-Wframe-larger-than=${CONFIG_FRAME_WARN})
|
KBUILD_CFLAGS += $(call cc-option,-Wframe-larger-than=${CONFIG_FRAME_WARN})
|
||||||
endif
|
endif
|
||||||
|
|
||||||
# Force gcc to behave correct even for buggy distributions
|
# Handle stack protector mode.
|
||||||
ifndef CONFIG_CC_STACKPROTECTOR
|
ifdef CONFIG_CC_STACKPROTECTOR
|
||||||
KBUILD_CFLAGS += $(call cc-option, -fno-stack-protector)
|
stackp-flag := -fstack-protector
|
||||||
|
ifeq ($(call cc-option, $(stackp-flag)),)
|
||||||
|
$(warning Cannot use CONFIG_CC_STACKPROTECTOR: \
|
||||||
|
-fstack-protector not supported by compiler))
|
||||||
endif
|
endif
|
||||||
|
else
|
||||||
|
# Force off for distro compilers that enable stack protector by default.
|
||||||
|
stackp-flag := $(call cc-option, -fno-stack-protector)
|
||||||
|
endif
|
||||||
|
KBUILD_CFLAGS += $(stackp-flag)
|
||||||
|
|
||||||
# This warning generated too much noise in a regular build.
|
# This warning generated too much noise in a regular build.
|
||||||
# Use make W=1 to enable this warning (see scripts/Makefile.build)
|
# Use make W=1 to enable this warning (see scripts/Makefile.build)
|
||||||
|
22
arch/Kconfig
22
arch/Kconfig
@ -336,6 +336,28 @@ config SECCOMP_FILTER
|
|||||||
|
|
||||||
See Documentation/prctl/seccomp_filter.txt for details.
|
See Documentation/prctl/seccomp_filter.txt for details.
|
||||||
|
|
||||||
|
config HAVE_CC_STACKPROTECTOR
|
||||||
|
bool
|
||||||
|
help
|
||||||
|
An arch should select this symbol if:
|
||||||
|
- its compiler supports the -fstack-protector option
|
||||||
|
- it has implemented a stack canary (e.g. __stack_chk_guard)
|
||||||
|
|
||||||
|
config CC_STACKPROTECTOR
|
||||||
|
bool "Enable -fstack-protector buffer overflow detection"
|
||||||
|
depends on HAVE_CC_STACKPROTECTOR
|
||||||
|
help
|
||||||
|
This option turns on the -fstack-protector GCC feature. This
|
||||||
|
feature puts, at the beginning of functions, a canary value on
|
||||||
|
the stack just before the return address, and validates
|
||||||
|
the value just before actually returning. Stack based buffer
|
||||||
|
overflows (that need to overwrite this return address) now also
|
||||||
|
overwrite the canary, which gets detected and the attack is then
|
||||||
|
neutralized via a kernel panic.
|
||||||
|
|
||||||
|
This feature requires gcc version 4.2 or above, or a distribution
|
||||||
|
gcc with the feature backported.
|
||||||
|
|
||||||
config HAVE_CONTEXT_TRACKING
|
config HAVE_CONTEXT_TRACKING
|
||||||
bool
|
bool
|
||||||
help
|
help
|
||||||
|
@ -30,6 +30,7 @@ config ARM
|
|||||||
select HAVE_BPF_JIT
|
select HAVE_BPF_JIT
|
||||||
select HAVE_CONTEXT_TRACKING
|
select HAVE_CONTEXT_TRACKING
|
||||||
select HAVE_C_RECORDMCOUNT
|
select HAVE_C_RECORDMCOUNT
|
||||||
|
select HAVE_CC_STACKPROTECTOR
|
||||||
select HAVE_DEBUG_KMEMLEAK
|
select HAVE_DEBUG_KMEMLEAK
|
||||||
select HAVE_DMA_API_DEBUG
|
select HAVE_DMA_API_DEBUG
|
||||||
select HAVE_DMA_ATTRS
|
select HAVE_DMA_ATTRS
|
||||||
@ -1856,18 +1857,6 @@ config SECCOMP
|
|||||||
and the task is only allowed to execute a few safe syscalls
|
and the task is only allowed to execute a few safe syscalls
|
||||||
defined by each seccomp mode.
|
defined by each seccomp mode.
|
||||||
|
|
||||||
config CC_STACKPROTECTOR
|
|
||||||
bool "Enable -fstack-protector buffer overflow detection (EXPERIMENTAL)"
|
|
||||||
help
|
|
||||||
This option turns on the -fstack-protector GCC feature. This
|
|
||||||
feature puts, at the beginning of functions, a canary value on
|
|
||||||
the stack just before the return address, and validates
|
|
||||||
the value just before actually returning. Stack based buffer
|
|
||||||
overflows (that need to overwrite this return address) now also
|
|
||||||
overwrite the canary, which gets detected and the attack is then
|
|
||||||
neutralized via a kernel panic.
|
|
||||||
This feature requires gcc version 4.2 or above.
|
|
||||||
|
|
||||||
config SWIOTLB
|
config SWIOTLB
|
||||||
def_bool y
|
def_bool y
|
||||||
|
|
||||||
|
@ -40,10 +40,6 @@ ifeq ($(CONFIG_FRAME_POINTER),y)
|
|||||||
KBUILD_CFLAGS +=-fno-omit-frame-pointer -mapcs -mno-sched-prolog
|
KBUILD_CFLAGS +=-fno-omit-frame-pointer -mapcs -mno-sched-prolog
|
||||||
endif
|
endif
|
||||||
|
|
||||||
ifeq ($(CONFIG_CC_STACKPROTECTOR),y)
|
|
||||||
KBUILD_CFLAGS +=-fstack-protector
|
|
||||||
endif
|
|
||||||
|
|
||||||
ifeq ($(CONFIG_CPU_BIG_ENDIAN),y)
|
ifeq ($(CONFIG_CPU_BIG_ENDIAN),y)
|
||||||
KBUILD_CPPFLAGS += -mbig-endian
|
KBUILD_CPPFLAGS += -mbig-endian
|
||||||
AS += -EB
|
AS += -EB
|
||||||
|
@ -47,6 +47,7 @@ config MIPS
|
|||||||
select MODULES_USE_ELF_RELA if MODULES && 64BIT
|
select MODULES_USE_ELF_RELA if MODULES && 64BIT
|
||||||
select CLONE_BACKWARDS
|
select CLONE_BACKWARDS
|
||||||
select HAVE_DEBUG_STACKOVERFLOW
|
select HAVE_DEBUG_STACKOVERFLOW
|
||||||
|
select HAVE_CC_STACKPROTECTOR
|
||||||
|
|
||||||
menu "Machine selection"
|
menu "Machine selection"
|
||||||
|
|
||||||
@ -2322,19 +2323,6 @@ config SECCOMP
|
|||||||
|
|
||||||
If unsure, say Y. Only embedded should say N here.
|
If unsure, say Y. Only embedded should say N here.
|
||||||
|
|
||||||
config CC_STACKPROTECTOR
|
|
||||||
bool "Enable -fstack-protector buffer overflow detection (EXPERIMENTAL)"
|
|
||||||
help
|
|
||||||
This option turns on the -fstack-protector GCC feature. This
|
|
||||||
feature puts, at the beginning of functions, a canary value on
|
|
||||||
the stack just before the return address, and validates
|
|
||||||
the value just before actually returning. Stack based buffer
|
|
||||||
overflows (that need to overwrite this return address) now also
|
|
||||||
overwrite the canary, which gets detected and the attack is then
|
|
||||||
neutralized via a kernel panic.
|
|
||||||
|
|
||||||
This feature requires gcc version 4.2 or above.
|
|
||||||
|
|
||||||
config USE_OF
|
config USE_OF
|
||||||
bool
|
bool
|
||||||
select OF
|
select OF
|
||||||
|
@ -232,10 +232,6 @@ bootvars-y = VMLINUX_LOAD_ADDRESS=$(load-y) \
|
|||||||
|
|
||||||
LDFLAGS += -m $(ld-emul)
|
LDFLAGS += -m $(ld-emul)
|
||||||
|
|
||||||
ifdef CONFIG_CC_STACKPROTECTOR
|
|
||||||
KBUILD_CFLAGS += -fstack-protector
|
|
||||||
endif
|
|
||||||
|
|
||||||
ifdef CONFIG_MIPS
|
ifdef CONFIG_MIPS
|
||||||
CHECKFLAGS += $(shell $(CC) $(KBUILD_CFLAGS) -dM -E -x c /dev/null | \
|
CHECKFLAGS += $(shell $(CC) $(KBUILD_CFLAGS) -dM -E -x c /dev/null | \
|
||||||
egrep -vw '__GNUC_(|MINOR_|PATCHLEVEL_)_' | \
|
egrep -vw '__GNUC_(|MINOR_|PATCHLEVEL_)_' | \
|
||||||
|
@ -66,6 +66,7 @@ config SUPERH32
|
|||||||
select PERF_EVENTS
|
select PERF_EVENTS
|
||||||
select ARCH_HIBERNATION_POSSIBLE if MMU
|
select ARCH_HIBERNATION_POSSIBLE if MMU
|
||||||
select SPARSE_IRQ
|
select SPARSE_IRQ
|
||||||
|
select HAVE_CC_STACKPROTECTOR
|
||||||
|
|
||||||
config SUPERH64
|
config SUPERH64
|
||||||
def_bool ARCH = "sh64"
|
def_bool ARCH = "sh64"
|
||||||
@ -695,20 +696,6 @@ config SECCOMP
|
|||||||
|
|
||||||
If unsure, say N.
|
If unsure, say N.
|
||||||
|
|
||||||
config CC_STACKPROTECTOR
|
|
||||||
bool "Enable -fstack-protector buffer overflow detection (EXPERIMENTAL)"
|
|
||||||
depends on SUPERH32
|
|
||||||
help
|
|
||||||
This option turns on the -fstack-protector GCC feature. This
|
|
||||||
feature puts, at the beginning of functions, a canary value on
|
|
||||||
the stack just before the return address, and validates
|
|
||||||
the value just before actually returning. Stack based buffer
|
|
||||||
overflows (that need to overwrite this return address) now also
|
|
||||||
overwrite the canary, which gets detected and the attack is then
|
|
||||||
neutralized via a kernel panic.
|
|
||||||
|
|
||||||
This feature requires gcc version 4.2 or above.
|
|
||||||
|
|
||||||
config SMP
|
config SMP
|
||||||
bool "Symmetric multi-processing support"
|
bool "Symmetric multi-processing support"
|
||||||
depends on SYS_SUPPORTS_SMP
|
depends on SYS_SUPPORTS_SMP
|
||||||
|
@ -199,10 +199,6 @@ ifeq ($(CONFIG_DWARF_UNWINDER),y)
|
|||||||
KBUILD_CFLAGS += -fasynchronous-unwind-tables
|
KBUILD_CFLAGS += -fasynchronous-unwind-tables
|
||||||
endif
|
endif
|
||||||
|
|
||||||
ifeq ($(CONFIG_CC_STACKPROTECTOR),y)
|
|
||||||
KBUILD_CFLAGS += -fstack-protector
|
|
||||||
endif
|
|
||||||
|
|
||||||
libs-$(CONFIG_SUPERH32) := arch/sh/lib/ $(libs-y)
|
libs-$(CONFIG_SUPERH32) := arch/sh/lib/ $(libs-y)
|
||||||
libs-$(CONFIG_SUPERH64) := arch/sh/lib64/ $(libs-y)
|
libs-$(CONFIG_SUPERH64) := arch/sh/lib64/ $(libs-y)
|
||||||
|
|
||||||
|
@ -125,6 +125,7 @@ config X86
|
|||||||
select RTC_LIB
|
select RTC_LIB
|
||||||
select HAVE_DEBUG_STACKOVERFLOW
|
select HAVE_DEBUG_STACKOVERFLOW
|
||||||
select HAVE_IRQ_EXIT_ON_IRQ_STACK if X86_64
|
select HAVE_IRQ_EXIT_ON_IRQ_STACK if X86_64
|
||||||
|
select HAVE_CC_STACKPROTECTOR
|
||||||
|
|
||||||
config INSTRUCTION_DECODER
|
config INSTRUCTION_DECODER
|
||||||
def_bool y
|
def_bool y
|
||||||
@ -1617,22 +1618,6 @@ config SECCOMP
|
|||||||
|
|
||||||
If unsure, say Y. Only embedded should say N here.
|
If unsure, say Y. Only embedded should say N here.
|
||||||
|
|
||||||
config CC_STACKPROTECTOR
|
|
||||||
bool "Enable -fstack-protector buffer overflow detection"
|
|
||||||
---help---
|
|
||||||
This option turns on the -fstack-protector GCC feature. This
|
|
||||||
feature puts, at the beginning of functions, a canary value on
|
|
||||||
the stack just before the return address, and validates
|
|
||||||
the value just before actually returning. Stack based buffer
|
|
||||||
overflows (that need to overwrite this return address) now also
|
|
||||||
overwrite the canary, which gets detected and the attack is then
|
|
||||||
neutralized via a kernel panic.
|
|
||||||
|
|
||||||
This feature requires gcc version 4.2 or above, or a distribution
|
|
||||||
gcc with the feature backported. Older versions are automatically
|
|
||||||
detected and for those versions, this configuration option is
|
|
||||||
ignored. (and a warning is printed during bootup)
|
|
||||||
|
|
||||||
source kernel/Kconfig.hz
|
source kernel/Kconfig.hz
|
||||||
|
|
||||||
config KEXEC
|
config KEXEC
|
||||||
|
@ -89,13 +89,11 @@ else
|
|||||||
KBUILD_CFLAGS += -maccumulate-outgoing-args
|
KBUILD_CFLAGS += -maccumulate-outgoing-args
|
||||||
endif
|
endif
|
||||||
|
|
||||||
|
# Make sure compiler does not have buggy stack-protector support.
|
||||||
ifdef CONFIG_CC_STACKPROTECTOR
|
ifdef CONFIG_CC_STACKPROTECTOR
|
||||||
cc_has_sp := $(srctree)/scripts/gcc-x86_$(BITS)-has-stack-protector.sh
|
cc_has_sp := $(srctree)/scripts/gcc-x86_$(BITS)-has-stack-protector.sh
|
||||||
ifeq ($(shell $(CONFIG_SHELL) $(cc_has_sp) $(CC) $(KBUILD_CPPFLAGS) $(biarch)),y)
|
ifneq ($(shell $(CONFIG_SHELL) $(cc_has_sp) $(CC) $(KBUILD_CPPFLAGS) $(biarch)),y)
|
||||||
stackp-y := -fstack-protector
|
$(warning stack-protector enabled but compiler support broken)
|
||||||
KBUILD_CFLAGS += $(stackp-y)
|
|
||||||
else
|
|
||||||
$(warning stack protector enabled but no compiler support)
|
|
||||||
endif
|
endif
|
||||||
endif
|
endif
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user