Re: [PATCH 2/3] x86/hw_breakpoint: Add stack_canary to hw_breakpoints denylist
From: Peter Zijlstra
Date: Mon Dec 13 2021 - 14:57:55 EST
On Mon, Dec 13, 2021 at 12:22:14PM +0800, Lai Jiangshan wrote:
> From: Lai Jiangshan <laijs@xxxxxxxxxxxxxxxxx>
>
> When stack-protector is enabled, entry functions may access
> to the stack_canary.
>
> Signed-off-by: Lai Jiangshan <laijs@xxxxxxxxxxxxxxxxx>
> ---
> arch/x86/kernel/hw_breakpoint.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/arch/x86/kernel/hw_breakpoint.c b/arch/x86/kernel/hw_breakpoint.c
> index 668a4a6533d9..b2b64afdf9c0 100644
> --- a/arch/x86/kernel/hw_breakpoint.c
> +++ b/arch/x86/kernel/hw_breakpoint.c
> @@ -315,6 +315,14 @@ static inline bool within_cpu_entry(unsigned long addr, unsigned long end)
> if (within_area(addr, end, (unsigned long)&per_cpu(cpu_dr7, cpu),
> sizeof(cpu_dr7)))
> return true;
> +
> + /*
> + * When stack-protector is enabled, entry functions may access
> + * to the stack_canary.
> + */
> + if (within_area(addr, end, (unsigned long)&per_cpu(fixed_percpu_data, cpu),
> + sizeof(struct fixed_percpu_data)))
> + return true;
Isn't fixed_percpu_data x86_64 only?
> }
>
> return false;