[PATCH 2/3] x86/hw_breakpoint: Add stack_canary to hw_breakpoints denylist
From: Lai Jiangshan
Date: Sun Dec 12 2021 - 23:22:28 EST
From: Lai Jiangshan <laijs@xxxxxxxxxxxxxxxxx>
When stack-protector is enabled, entry functions may access
to the stack_canary.
Signed-off-by: Lai Jiangshan <laijs@xxxxxxxxxxxxxxxxx>
---
arch/x86/kernel/hw_breakpoint.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/arch/x86/kernel/hw_breakpoint.c b/arch/x86/kernel/hw_breakpoint.c
index 668a4a6533d9..b2b64afdf9c0 100644
--- a/arch/x86/kernel/hw_breakpoint.c
+++ b/arch/x86/kernel/hw_breakpoint.c
@@ -315,6 +315,14 @@ static inline bool within_cpu_entry(unsigned long addr, unsigned long end)
if (within_area(addr, end, (unsigned long)&per_cpu(cpu_dr7, cpu),
sizeof(cpu_dr7)))
return true;
+
+ /*
+ * When stack-protector is enabled, entry functions may access
+ * to the stack_canary.
+ */
+ if (within_area(addr, end, (unsigned long)&per_cpu(fixed_percpu_data, cpu),
+ sizeof(struct fixed_percpu_data)))
+ return true;
}
return false;
--
2.19.1.6.gb485710b