diff options
5 files changed, 8 insertions, 267 deletions
diff --git a/libre/linux-libre-hardened/0001-gcc-plugins-drop-support-for-GCC-4.7.patch b/libre/linux-libre-hardened/0001-gcc-plugins-drop-support-for-GCC-4.7.patch index d94b356ba..855a734b4 100644 --- a/libre/linux-libre-hardened/0001-gcc-plugins-drop-support-for-GCC-4.7.patch +++ b/libre/linux-libre-hardened/0001-gcc-plugins-drop-support-for-GCC-4.7.patch @@ -264,7 +264,7 @@ diff --git a/scripts/gcc-plugins/Makefile b/scripts/gcc-plugins/Makefile index f2ee8bd7abc6..f22858b2c3d6 100644 --- a/scripts/gcc-plugins/Makefile +++ b/scripts/gcc-plugins/Makefile -@@ -1,30 +1,21 @@ +@@ -1,31 +1,22 @@ # SPDX-License-Identifier: GPL-2.0 -PLUGINCC := $(CONFIG_PLUGIN_HOSTCC:"%"=%) GCC_PLUGINS_DIR := $(shell $(CC) -print-file-name=plugin) @@ -278,11 +278,13 @@ index f2ee8bd7abc6..f22858b2c3d6 100644 - HOST_EXTRACXXFLAGS += -I$(GCC_PLUGINS_DIR)/include -I$(src) -std=gnu++98 -fno-rtti - HOST_EXTRACXXFLAGS += -fno-exceptions -fasynchronous-unwind-tables -ggdb - HOST_EXTRACXXFLAGS += -Wno-narrowing -Wno-unused-variable +- HOST_EXTRACXXFLAGS += -Wno-format-diag - export HOST_EXTRACXXFLAGS -endif +HOST_EXTRACXXFLAGS += -I$(GCC_PLUGINS_DIR)/include -I$(src) -std=gnu++98 -fno-rtti +HOST_EXTRACXXFLAGS += -fno-exceptions -fasynchronous-unwind-tables -ggdb +HOST_EXTRACXXFLAGS += -Wno-narrowing -Wno-unused-variable -Wno-c++11-compat ++HOST_EXTRACXXFLAGS += -Wno-format-diag $(obj)/randomize_layout_plugin.o: $(objtree)/$(obj)/randomize_layout_seed.h quiet_cmd_create_randomize_layout_seed = GENSEED $@ diff --git a/libre/linux-libre-hardened/0002-gcc-common.h-Update-for-GCC-10.patch b/libre/linux-libre-hardened/0002-gcc-common.h-Update-for-GCC-10.patch deleted file mode 100644 index ea1357195..000000000 --- a/libre/linux-libre-hardened/0002-gcc-common.h-Update-for-GCC-10.patch +++ /dev/null @@ -1,92 +0,0 @@ -From 41e53fdbbf5121960fd44427c2ae7536d8fdd701 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?= - <frederic.pierret@qubes-os.org> -Date: Tue, 7 Apr 2020 13:32:59 +0200 -Subject: [PATCH 2/4] gcc-common.h: Update for GCC 10 -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Remove "params.h" include, which has been dropped in GCC 10. - -Remove is_a_helper() macro, which is now defined in gimple.h, as seen -when running './scripts/gcc-plugin.sh g++ g++ gcc': - -In file included from <stdin>:1: -./gcc-plugins/gcc-common.h:852:13: error: redefinition of ‘static bool is_a_helper<T>::test(U*) [with U = const gimple; T = const ggoto*]’ - 852 | inline bool is_a_helper<const ggoto *>::test(const_gimple gs) - | ^~~~~~~~~~~~~~~~~~~~~~~~~~ -In file included from ./gcc-plugins/gcc-common.h:125, - from <stdin>:1: -/usr/lib/gcc/x86_64-redhat-linux/10/plugin/include/gimple.h:1037:1: note: ‘static bool is_a_helper<T>::test(U*) [with U = const gimple; T = const ggoto*]’ previously declared here - 1037 | is_a_helper <const ggoto *>::test (const gimple *gs) - | ^~~~~~~~~~~~~~~~~~~~~~~~~~~ - -Add -Wno-format-diag to scripts/gcc-plugins/Makefile to avoid -meaningless warnings from error() formats used by plugins: - -scripts/gcc-plugins/structleak_plugin.c: In function ‘int plugin_init(plugin_name_args*, plugin_gcc_version*)’: -scripts/gcc-plugins/structleak_plugin.c:253:12: warning: unquoted sequence of 2 consecutive punctuation characters ‘'-’ in format [-Wformat-diag] - 253 | error(G_("unknown option '-fplugin-arg-%s-%s'"), plugin_name, argv[i].key); - | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -Signed-off-by: Frédéric Pierret (fepitre) <frederic.pierret@qubes-os.org> -Link: https://lore.kernel.org/r/20200407113259.270172-1-frederic.pierret@qubes-os.org -[kees: include -Wno-format-diag for plugin builds] -Signed-off-by: Kees Cook <keescook@chromium.org> ---- - scripts/gcc-plugins/Makefile | 1 + - scripts/gcc-plugins/gcc-common.h | 4 ++++ - 2 files changed, 5 insertions(+) - -diff --git a/scripts/gcc-plugins/Makefile b/scripts/gcc-plugins/Makefile -index f22858b2c3d6..80f354289eeb 100644 ---- a/scripts/gcc-plugins/Makefile -+++ b/scripts/gcc-plugins/Makefile -@@ -4,6 +4,7 @@ GCC_PLUGINS_DIR := $(shell $(CC) -print-file-name=plugin) - HOST_EXTRACXXFLAGS += -I$(GCC_PLUGINS_DIR)/include -I$(src) -std=gnu++98 -fno-rtti - HOST_EXTRACXXFLAGS += -fno-exceptions -fasynchronous-unwind-tables -ggdb - HOST_EXTRACXXFLAGS += -Wno-narrowing -Wno-unused-variable -Wno-c++11-compat -+HOST_EXTRACXXFLAGS += -Wno-format-diag - - $(obj)/randomize_layout_plugin.o: $(objtree)/$(obj)/randomize_layout_seed.h - quiet_cmd_create_randomize_layout_seed = GENSEED $@ -diff --git a/scripts/gcc-plugins/gcc-common.h b/scripts/gcc-plugins/gcc-common.h -index 17f06079a712..9ad76b7f3f10 100644 ---- a/scripts/gcc-plugins/gcc-common.h -+++ b/scripts/gcc-plugins/gcc-common.h -@@ -35,7 +35,9 @@ - #include "ggc.h" - #include "timevar.h" - -+#if BUILDING_GCC_VERSION < 10000 - #include "params.h" -+#endif - - #if BUILDING_GCC_VERSION <= 4009 - #include "pointer-set.h" -@@ -847,19 +849,21 @@ static inline gimple gimple_build_assign_with_ops(enum tree_code subcode, tree l - return gimple_build_assign(lhs, subcode, op1, op2 PASS_MEM_STAT); - } - -+#if BUILDING_GCC_VERSION < 10000 - template <> - template <> - inline bool is_a_helper<const ggoto *>::test(const_gimple gs) - { - return gs->code == GIMPLE_GOTO; - } - - template <> - template <> - inline bool is_a_helper<const greturn *>::test(const_gimple gs) - { - return gs->code == GIMPLE_RETURN; - } -+#endif - - static inline gasm *as_a_gasm(gimple stmt) - { --- -2.26.2 - diff --git a/libre/linux-libre-hardened/0003-Makefile-disallow-data-races-on-gcc-10-as-well.patch b/libre/linux-libre-hardened/0003-Makefile-disallow-data-races-on-gcc-10-as-well.patch deleted file mode 100644 index a645f7547..000000000 --- a/libre/linux-libre-hardened/0003-Makefile-disallow-data-races-on-gcc-10-as-well.patch +++ /dev/null @@ -1,32 +0,0 @@ -From af805f5f1d2e61dd2cf907d9635f0abc66fe1197 Mon Sep 17 00:00:00 2001 -From: Sergei Trofimovich <slyfox@gentoo.org> -Date: Tue, 17 Mar 2020 00:07:18 +0000 -Subject: [PATCH 3/4] Makefile: disallow data races on gcc-10 as well - -gcc-10 will rename --param=allow-store-data-races=0 -to -fno-allow-store-data-races. - -The flag change happened at https://gcc.gnu.org/PR92046. - -Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org> -Acked-by: Jiri Kosina <jkosina@suse.cz> -Signed-off-by: Masahiro Yamada <masahiroy@kernel.org> ---- - Makefile | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/Makefile b/Makefile -index 5dedd6f9ad75..6899bfc9dc7b 100644 ---- a/Makefile -+++ b/Makefile -@@ -714,6 +714,7 @@ endif - - # Tell gcc to never replace conditional load with a non-conditional one - KBUILD_CFLAGS += $(call cc-option,--param=allow-store-data-races=0) -+KBUILD_CFLAGS += $(call cc-option,-fno-allow-store-data-races) - - include scripts/Makefile.kcov - include scripts/Makefile.gcc-plugins --- -2.26.2 - diff --git a/libre/linux-libre-hardened/0004-x86-Fix-early-boot-crash-on-gcc-10-next-try.patch b/libre/linux-libre-hardened/0004-x86-Fix-early-boot-crash-on-gcc-10-next-try.patch deleted file mode 100644 index 50c139f1f..000000000 --- a/libre/linux-libre-hardened/0004-x86-Fix-early-boot-crash-on-gcc-10-next-try.patch +++ /dev/null @@ -1,131 +0,0 @@ -From 309b6eca2e2605accf7a3b02b47b5c2732dbe543 Mon Sep 17 00:00:00 2001 -From: Borislav Petkov <bp@suse.de> -Date: Wed, 22 Apr 2020 18:11:30 +0200 -Subject: [PATCH 4/4] x86: Fix early boot crash on gcc-10, next try -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -... or the odyssey of trying to disable the stack protector for the -function which generates the stack canary value. - -The whole story started with Sergei reporting a boot crash with a kernel -built with gcc-10: - - Kernel panic — not syncing: stack-protector: Kernel stack is corrupted in: start_secondary - CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.6.0-rc5—00235—gfffb08b37df9 #139 - Hardware name: Gigabyte Technology Co., Ltd. To be filled by O.E.M./H77M—D3H, BIOS F12 11/14/2013 - Call Trace: - dump_stack - panic - ? start_secondary - __stack_chk_fail - start_secondary - secondary_startup_64 - -—-[ end Kernel panic — not syncing: stack—protector: Kernel stack is corrupted in: start_secondary - -This happens because gcc-10 tail-call optimizes the last function call -in start_secondary() - cpu_startup_entry() - and thus emits a stack -canary check which fails because the canary value changes after the -boot_init_stack_canary() call. - -To fix that, the initial attempt was to mark the one function which -generates the stack canary with: - - __attribute__((optimize("-fno-stack-protector"))) ... start_secondary(void *unused) - -however, using the optimize attribute doesn't work cumulatively -as the attribute does not add to but rather replaces previously -supplied optimization options - roughly all -fxxx options. - -The key one among them being -fno-omit-frame-pointer and thus leading to -not present frame pointer - frame pointer which the kernel needs. - -The next attempt to prevent compilers from tail-call optimizing -the last function call cpu_startup_entry(), shy of carving out -start_secondary() into a separate compilation unit and building it with --fno-stack-protector, is this one. - -The current solution is short and sweet, and reportedly, is supported by -both compilers so let's see how far we'll get this time. - -Reported-by: Sergei Trofimovich <slyfox@gentoo.org> -Signed-off-by: Borislav Petkov <bp@suse.de> -Reviewed-by: Nick Desaulniers <ndesaulniers@google.com> -Reviewed-by: Kees Cook <keescook@chromium.org> -Link: https://lkml.kernel.org/r/20200314164451.346497-1-slyfox@gentoo.org ---- - arch/x86/include/asm/stackprotector.h | 7 ++++++- - arch/x86/kernel/smpboot.c | 8 ++++++++ - arch/x86/xen/smp_pv.c | 1 + - include/linux/compiler.h | 6 ++++++ - 4 files changed, 21 insertions(+), 1 deletion(-) - -diff --git a/arch/x86/include/asm/stackprotector.h b/arch/x86/include/asm/stackprotector.h -index 91e29b6a86a5..9804a7957f4e 100644 ---- a/arch/x86/include/asm/stackprotector.h -+++ b/arch/x86/include/asm/stackprotector.h -@@ -55,8 +55,13 @@ - /* - * Initialize the stackprotector canary value. - * -- * NOTE: this must only be called from functions that never return, -+ * NOTE: this must only be called from functions that never return - * and it must always be inlined. -+ * -+ * In addition, it should be called from a compilation unit for which -+ * stack protector is disabled. Alternatively, the caller should not end -+ * with a function call which gets tail-call optimized as that would -+ * lead to checking a modified canary value. - */ - static __always_inline void boot_init_stack_canary(void) - { -diff --git a/arch/x86/kernel/smpboot.c b/arch/x86/kernel/smpboot.c -index 69881b2d446c..9674321ce3a3 100644 ---- a/arch/x86/kernel/smpboot.c -+++ b/arch/x86/kernel/smpboot.c -@@ -262,6 +262,14 @@ static void notrace start_secondary(void *unused) - - wmb(); - cpu_startup_entry(CPUHP_AP_ONLINE_IDLE); -+ -+ /* -+ * Prevent tail call to cpu_startup_entry() because the stack protector -+ * guard has been changed a couple of function calls up, in -+ * boot_init_stack_canary() and must not be checked before tail calling -+ * another function. -+ */ -+ prevent_tail_call_optimization(); - } - - /** -diff --git a/arch/x86/xen/smp_pv.c b/arch/x86/xen/smp_pv.c -index 802ee5bba66c..0cebe5db691d 100644 ---- a/arch/x86/xen/smp_pv.c -+++ b/arch/x86/xen/smp_pv.c -@@ -92,6 +92,7 @@ asmlinkage __visible void cpu_bringup_and_idle(void) - cpu_bringup(); - boot_init_stack_canary(); - cpu_startup_entry(CPUHP_AP_ONLINE_IDLE); -+ prevent_tail_call_optimization(); - } - - void xen_smp_intr_free_pv(unsigned int cpu) -diff --git a/include/linux/compiler.h b/include/linux/compiler.h -index 034b0a644efc..732754d96039 100644 ---- a/include/linux/compiler.h -+++ b/include/linux/compiler.h -@@ -356,4 +356,10 @@ static inline void *offset_to_ptr(const int *off) - /* &a[0] degrades to a pointer: a different type from an array */ - #define __must_be_array(a) BUILD_BUG_ON_ZERO(__same_type((a), &(a)[0])) - -+/* -+ * This is needed in functions which generate the stack canary, see -+ * arch/x86/kernel/smpboot.c::start_secondary() for an example. -+ */ -+#define prevent_tail_call_optimization() asm("") -+ - #endif /* __LINUX_COMPILER_H */ --- -2.26.2 - diff --git a/libre/linux-libre-hardened/PKGBUILD b/libre/linux-libre-hardened/PKGBUILD index f6cf44359..0cc995c68 100644 --- a/libre/linux-libre-hardened/PKGBUILD +++ b/libre/linux-libre-hardened/PKGBUILD @@ -5,11 +5,11 @@ # Based on linux-hardened package _replacesarchkernel=('linux%') # '%' gets replaced with kernel suffix -_replacesoldkernels=('linux-grsec' 'linux-libre-grsec') # '%' gets replaced with kernel suffix +_replacesoldkernels=() # '%' gets replaced with kernel suffix _replacesoldmodules=() # '%' gets replaced with kernel suffix pkgbase=linux-libre-hardened -pkgver=5.6.13.a +pkgver=5.6.18.a pkgrel=1 pkgdesc='Security-Hardened Linux-libre' url='https://linux-libre.fsfla.org/' @@ -37,9 +37,6 @@ source=( 0002-fix-Atmel-maXTouch-touchscreen-support.patch # Arch Linux patches 0001-gcc-plugins-drop-support-for-GCC-4.7.patch - 0002-gcc-common.h-Update-for-GCC-10.patch - 0003-Makefile-disallow-data-races-on-gcc-10-as-well.patch - 0004-x86-Fix-early-boot-crash-on-gcc-10-next-try.patch sphinx-workaround.patch ) validpgpkeys=( @@ -50,9 +47,9 @@ validpgpkeys=( ) sha512sums=('df473a228ca2bbefbcc630aee710c78c83083269b4939adf698a9adf3a5760391b24529704bfc0b108bc67054ebed047746810e1b41be1fd9019a911a563114d' 'SKIP' - '913c307a2dd5509d8b559223e7f4dc3e800a5030b7d401db661617a781d849a8627f09ced8e825dd0222758ef4976994d214c40b2e5eaa5f30864597859c9fb7' + 'f84dc2838aabc75b0b1d7924a94c081101c36a28ad2d8676076fd4526de319b642ae8b6f09ed955f9b975efab6fba3955057b7313a2d9256b586de7fab79ae67' 'SKIP' - 'd5cc0a66546055212489fa647ae2cc4eb48571314b20c368adbb26ca8ce9fc5a7f657f0d1c9cbbe131637c776c6f19e347c9c341b8c21b08e31b57d9c8bdcff8' + '6fd8763ea28f7e363d1a0ee27131b220e8bb31b297785959ad2e922f4c3d835eef3495e7bbc216e37fed6649b5fc9943524c90d8c960aa33ef604cdc0d120b72' 'SKIP' '13cb5bc42542e7b8bb104d5f68253f6609e463b6799800418af33eb0272cc269aaa36163c3e6f0aacbdaaa1d05e2827a4a7c4a08a029238439ed08b89c564bb3' 'SKIP' @@ -63,10 +60,7 @@ sha512sums=('df473a228ca2bbefbcc630aee710c78c83083269b4939adf698a9adf3a5760391b2 '00e18e3cf55f391723ceb398da56de4632eed32fef17fcc6cd8ca0c820e55bfc2b66d64a0c7aada3c4a64daaab656964c6d4720e16aa3a2ff1a0984494ed9f47' '02af4dd2a007e41db0c63822c8ab3b80b5d25646af1906dc85d0ad9bb8bbf5236f8e381d7f91cf99ed4b0978c50aee37cb9567cdeef65b7ec3d91b882852b1af' 'b8fe56e14006ab866970ddbd501c054ae37186ddc065bb869cf7d18db8c0d455118d5bda3255fb66a0dde38b544655cfe9040ffe46e41d19830b47959b2fb168' - '39b98cc0889b617f052a25f4aed9b90df6907886dd890cfb26ad86c3fcc3c7af960d7422ec1ff00328507c99f681f9bc1cb174dda71eb39b99c30c595eb988a8' - 'f3875930073b3f77c98a30eddda03548602cce80ac4c3fcccf77cf97ca53aa79ba7ef508ef80c1f3aadf7ae8769bcabfdab7ff9344ff22ca9947883afbae7bf3' - 'ba8439195b4989b8aa562a9d91307bcc285e748ce7cdea89079866bf24f41e3a1869ec3ad1396622825c3a0900fa05c5e6c9f777fa35f02e77d062a7c801bb16' - 'c494fea02bf5f7a325614915291d555a343332b1f0c16d942ebfd2c534cec2c0872c0a9d2db7bfeb3a9d199ecc52e95741e9b6a9a144586e78e029b17508e0c7' + '30696498f27b65f4ba70081747a231460e8d5a2d3336db54394511eefc19b7bcd1cf1ec463eb6d954b9fbe209c84b409f67a07bbf49a90bde502053ce04df83c' '98e97155f86bbe837d43f27ec1018b5b6fdc6c372d6f7f2a0fe29da117d53979d9f9c262f886850d92002898682781029b80d4ee923633fc068f979e6c8254be') _replacesarchkernel=("${_replacesarchkernel[@]/\%/${pkgbase#linux-libre}}") |