[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 4/4] xen: riscv: enable stack protector feature

  • To: "oleksii.kurochko@xxxxxxxxx" <oleksii.kurochko@xxxxxxxxx>
  • From: Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
  • Date: Tue, 3 Dec 2024 19:30:15 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=dYIY7CAKecYg8EqSgltMDeirxnVgSPqchNxbYLyRC9U=; b=uK3biCUganniBB5BhACXLF0/sW4tPYg3llmesQDfphVf0/K0w1y+r39OT1DOj6bcQ37eLBd/3XPWgx8P9Hdsl/pK1t8VeHgW6cQcpXETk/s3bExwTMHkMQ8gy65iQzsJglh0P2JfnzMScncD57lqtVVGA2dgfsmfmr1UHMqgBkLKY/SVTzgQjvyiDB6mt0R2wQN+FbBpu/AwQkbyuA4xZZRx/xKBnEuO7cnY3rV6tsv4UwL2djZhXQKUQnxKc9H+XTKtdpyKNQzspzSADvov7tR7HrsQZMKGB6gYx7xWcn4RqjeWUhVeeLXL3jC2KX5LOeY1mPCcP1zzmF9yO7uamQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Je1CFuVHxhgVtZwLgQcqxk8wxxwuPv7uuMbQGQH56KDcmkrdc7H7SgSUECAGMVcgRfTlDFRNm0PbxDHw10vCUlqpCMpH5BGodRPxFsmaoTIosYgUVtGcawfHIM/0p4E4nTmGu+P1WQFhC4Z1HXX6IGf1fWSavEYt4BcdJ8Lj2JSpgYc64P1Fc3QBp6TaiT1TdK0YBqMRCb6WWP0tu1ZYZI7lbTSfDU+RYEngMjydrpoKIJh7oviR5sZWqVWno2Y5KaRfU194Vyt0pblg0XeQhTv2tCRqUynQsr1r56LcjW1zFdMdb+56TFce+jcrbFh60jbfSpoL/E2oU/Nibp0XBQ==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com;
  • Cc: Jan Beulich <jbeulich@xxxxxxxx>, Alistair Francis <alistair.francis@xxxxxxx>, Bob Eshleman <bobbyeshleman@xxxxxxxxx>, Connor Davis <connojdavis@xxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Tue, 03 Dec 2024 19:30:29 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHbQsSdrqhVO8R3/0W5bnSX25z8yw==
  • Thread-topic: [PATCH v2 4/4] xen: riscv: enable stack protector feature
Hello Oleksii,


oleksii.kurochko@xxxxxxxxx writes:

> On Mon, 2024-12-02 at 09:12 +0100, Jan Beulich wrote:
>> On 30.11.2024 02:10, Volodymyr Babchuk wrote:
>> > Enable previously added CONFIG_STACK_PROTECTOR feature for RISC-V
>> > platform. Here we can call boot_stack_chk_guard_setup() in
>> > start_xen()
>> > function, because it never returns, so stack protector code will
>> > not
>> > be triggered because of changed canary.
>> >
>> > Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@xxxxxxxx>
>> > Tested-by: Oleksii Kurochko <oleksii.kurochko@xxxxxxxxx>
>>
>> Isn't this premature? For ...
>>
>> > @@ -57,6 +58,8 @@ void __init noreturn start_xen(unsigned long
>> > bootcpu_id,
>> >      if ( !boot_fdt_info(device_tree_flattened, dtb_addr) )
>> >          BUG();
>> >
>> > +    boot_stack_chk_guard_setup();
>>
>> ... this function's use of get_random(), either arch_get_random()
>> needs
>> to be implemented, or (as Julien also pointed out for Arm64) NOW()
>> needs
>> to work. Yet get_s_time() presently expands to just BUG_ON(). Given
>> this
>> it's not even clear to me how Oleksii managed to actually test this.
> Okay, I think I found what is the problem and why my testing on staging
> wasn't really correct.
>
> In xen/include/xen/stack_protector.h (
> https://patchew.org/Xen/20241130010954.36057-1-volodymyr._5Fbabchuk@xxxxxxxx/20241130010954.36057-3-volodymyr._5Fbabchuk@xxxxxxxx/
> ) CONFIG_STACKPROTECTOR is used for ifdef-ing so the stub version of
> boot_stack_chk_guard_setup() is used and there is no need for
> get_random() implementation:
> 1. Shouldn't it be /s/CONFIG_STACKPROTECTOR/CONFIG_STACK_PROTECTOR ?
> 2. CONFIG_STACK_PROTECTOR isn't set in case of RISC-V, at least:
>       grep -Rni "STACK_PROTECTOR" xen/.config
>       38:CONFIG_HAS_STACK_PROTECTOR=y
>       76:# CONFIG_STACK_PROTECTOR is not set
>
>    Shouldn't it be default HAS_STACK_PROTECTOR ( or something similar )
>    for 'config STACK_PROTECTOR':
>       diff --git a/xen/common/Kconfig b/xen/common/Kconfig
>       index 0ffd825510..f3156dbb9a 100644
>       --- a/xen/common/Kconfig
>       +++ b/xen/common/Kconfig
>       @@ -521,6 +521,7 @@ config TRACEBUFFER
>
>        config STACK_PROTECTOR
>               bool "Stack protection"
>       +       default HAS_STACK_PROTECTOR
>               depends on HAS_STACK_PROTECTOR
>               help
>                 Use compiler's option -fstack-protector (supported both by
>       GCC
>
> With these changes, I can confirm Jan's statement that the BUG_ON()
> occurs due to the absence of the get_random()/NOW() implementation.
>
> My second test (on my downstream branch) wasn't relevant because
> get_s_time() and NOW() are implemented there.
>
>
> Aside from the changes I mentioned above, I can re-send this patch when
> I submit the patch enabling get_s_time() and NOW() for RISC-V. If you,
> Volodymyr, are okay with that, we can proceed in this way.

Thank you for testing this once more. I'll drop this patch from v3 then, so
you'll be able to include it into your series.

--
WBR, Volodymyr

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.