From: Greg Kroah-Hartman Date: Thu, 16 Apr 2020 11:40:04 +0000 (+0200) Subject: 5.4-stable patches X-Git-Tag: v4.19.116~19 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=05666d24dd641fc105a5502a4513c435fa307257;p=thirdparty%2Fkernel%2Fstable-queue.git 5.4-stable patches added patches: arm64-always-force-a-branch-protection-mode-when-the-compiler-has-one.patch --- diff --git a/queue-5.4/arm64-always-force-a-branch-protection-mode-when-the-compiler-has-one.patch b/queue-5.4/arm64-always-force-a-branch-protection-mode-when-the-compiler-has-one.patch new file mode 100644 index 00000000000..38481454455 --- /dev/null +++ b/queue-5.4/arm64-always-force-a-branch-protection-mode-when-the-compiler-has-one.patch @@ -0,0 +1,54 @@ +From b8fdef311a0bd9223f10754f94fdcf1a594a3457 Mon Sep 17 00:00:00 2001 +From: Mark Brown +Date: Tue, 31 Mar 2020 20:44:59 +0100 +Subject: arm64: Always force a branch protection mode when the compiler has one + +From: Mark Brown + +commit b8fdef311a0bd9223f10754f94fdcf1a594a3457 upstream. + +Compilers with branch protection support can be configured to enable it by +default, it is likely that distributions will do this as part of deploying +branch protection system wide. As well as the slight overhead from having +some extra NOPs for unused branch protection features this can cause more +serious problems when the kernel is providing pointer authentication to +userspace but not built for pointer authentication itself. In that case our +switching of keys for userspace can affect the kernel unexpectedly, causing +pointer authentication instructions in the kernel to corrupt addresses. + +To ensure that we get consistent and reliable behaviour always explicitly +initialise the branch protection mode, ensuring that the kernel is built +the same way regardless of the compiler defaults. + +[This is a reworked version of b8fdef311a0bd9223f1075 ("arm64: Always +force a branch protection mode when the compiler has one") for backport. +Kernels prior to 74afda4016a7 ("arm64: compile the kernel with ptrauth +return address signing") don't have any Makefile machinery for forcing +on pointer auth but still have issues if the compiler defaults it on so +need this reworked version. -- broonie] + +Fixes: 7503197562567 (arm64: add basic pointer authentication support) +Reported-by: Szabolcs Nagy +Signed-off-by: Mark Brown +Cc: stable@vger.kernel.org +[catalin.marinas@arm.com: remove Kconfig option in favour of Makefile check] +Signed-off-by: Catalin Marinas +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arm64/Makefile | 4 ++++ + 1 file changed, 4 insertions(+) + +--- a/arch/arm64/Makefile ++++ b/arch/arm64/Makefile +@@ -72,6 +72,10 @@ stack_protector_prepare: prepare0 + include/generated/asm-offsets.h)) + endif + ++# Ensure that if the compiler supports branch protection we default it ++# off. ++KBUILD_CFLAGS += $(call cc-option,-mbranch-protection=none) ++ + ifeq ($(CONFIG_CPU_BIG_ENDIAN), y) + KBUILD_CPPFLAGS += -mbig-endian + CHECKFLAGS += -D__AARCH64EB__ diff --git a/queue-5.4/series b/queue-5.4/series index 8feacd01200..9437daca3cf 100644 --- a/queue-5.4/series +++ b/queue-5.4/series @@ -115,7 +115,6 @@ mips-tlbex-fix-lddir-usage-in-setup_pw-for-loongson-3.patch mips-octeon-irq-fix-potential-null-pointer-dereference.patch pm-domains-allow-no-domain-idle-states-dt-property-in-genpd-when-parsing.patch pm-sleep-wakeup-skip-wakeup_source_sysfs_remove-if-device-is-not-there.patch -sdhci-tegra-implement-tegra-specific-set_timeout-callback.patch ath9k-handle-txpower-changes-even-when-tpc-is-disabled.patch signal-extend-exec_id-to-64bits.patch x86-tsc_msr-use-named-struct-initializers.patch @@ -215,3 +214,4 @@ powerpc-kprobes-ignore-traps-that-happened-in-real-mode.patch powerpc-64-prevent-stack-protection-in-early-boot.patch scsi-mpt3sas-fix-kernel-panic-observed-on-soft-hba-unplug.patch powerpc-make-setjmp-longjmp-signature-standard.patch +arm64-always-force-a-branch-protection-mode-when-the-compiler-has-one.patch