x86/mm/sme: Disable stack protection for mem_encrypt_identity.c

tlendacky · KAGA-KOKO · commit ae8d1d0061ad · 2018-02-28T15:24:12.000+01:00
Stack protection is not compatible with early boot code. All of the early SME boot code is now isolated in a separate file, mem_encrypt_identity.c, so arch/x86/mm/Makefile can be updated to turn off stack protection for the entire file. This eliminates the need to worry about other functions within the file being instrumented with stack protection (as was seen when a newer version of GCC instrumented sme_encrypt_kernel() where an older version hadn't). It also allows removal of the __nostackprotector attribute from individual functions. Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Borislav Petkov <bp@suse.de> Acked-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Borislav Petkov <bp@alien8.de> Link: https://lkml.kernel.org/r/20180226232554.14108.16881.stgit@tlendack-t1.amdoffice.net
diff --git a/arch/x86/mm/Makefile b/arch/x86/mm/Makefile
@@ -19,6 +19,7 @@ obj-y	:=  init.o init_$(BITS).o fault.o ioremap.o extable.o pageattr.o mmap.o \
 nostackp := $(call cc-option, -fno-stack-protector)
 CFLAGS_physaddr.o		:= $(nostackp)
 CFLAGS_setup_nx.o		:= $(nostackp)
+CFLAGS_mem_encrypt_identity.o	:= $(nostackp)
 
 CFLAGS_fault.o := -I$(src)/../include/asm/trace
 
diff --git a/arch/x86/mm/mem_encrypt_identity.c b/arch/x86/mm/mem_encrypt_identity.c
@@ -266,7 +266,7 @@ static unsigned long __init sme_pgtable_calc(unsigned long len)
 	return entries + tables;
 }
 
-void __init __nostackprotector sme_encrypt_kernel(struct boot_params *bp)
+void __init sme_encrypt_kernel(struct boot_params *bp)
 {
 	unsigned long workarea_start, workarea_end, workarea_len;
 	unsigned long execute_start, execute_end, execute_len;
@@ -468,7 +468,7 @@ void __init __nostackprotector sme_encrypt_kernel(struct boot_params *bp)
 	native_write_cr3(__native_read_cr3());
 }
 
-void __init __nostackprotector sme_enable(struct boot_params *bp)
+void __init sme_enable(struct boot_params *bp)
 {
 	const char *cmdline_ptr, *cmdline_arg, *cmdline_on, *cmdline_off;
 	unsigned int eax, ebx, ecx, edx;

Original file line number	Diff line number	Diff line change
`@@ -266,7 +266,7 @@ static unsigned long __init sme_pgtable_calc(unsigned long len)`
`266`	`266`	`return entries + tables;`
`267`	`267`	`}`
`268`	`268`
`269`		`-void __init __nostackprotector sme_encrypt_kernel(struct boot_params *bp)`
	`269`	`+void __init sme_encrypt_kernel(struct boot_params *bp)`
`270`	`270`	`{`
`271`	`271`	`unsigned long workarea_start, workarea_end, workarea_len;`
`272`	`272`	`unsigned long execute_start, execute_end, execute_len;`
`@@ -468,7 +468,7 @@ void __init __nostackprotector sme_encrypt_kernel(struct boot_params *bp)`
`468`	`468`	`native_write_cr3(__native_read_cr3());`
`469`	`469`	`}`
`470`	`470`
`471`		`-void __init __nostackprotector sme_enable(struct boot_params *bp)`
	`471`	`+void __init sme_enable(struct boot_params *bp)`
`472`	`472`	`{`
`473`	`473`	`const char cmdline_ptr, cmdline_arg, cmdline_on, cmdline_off;`
`474`	`474`	`unsigned int eax, ebx, ecx, edx;`