git.karo-electronics.de Git - karo-tx-linux.git/commit

xen: make -fstack-protector work under Xen

commit 577eebeae34d340685d8985dfdb7dfe337c511e8 upstream.

-fstack-protector uses a special per-cpu "stack canary" value.
gcc generates special code in each function to test the canary to make
sure that the function's stack hasn't been overrun.

On x86-64, this is simply an offset of %gs, which is the usual per-cpu
base segment register, so setting it up simply requires loading %gs's
base as normal.

On i386, the stack protector segment is %gs (rather than the usual kernel
percpu %fs segment register). This requires setting up the full kernel
GDT and then loading %gs accordingly. We also need to make sure %gs is
initialized when bringing up secondary cpus too.

To keep things consistent, we do the full GDT/segment register setup on
both architectures.

Because we need to avoid -fstack-protected code before setting up the GDT
and because there's no way to disable it on a per-function basis, several
files need to have stack-protector inhibited.

[ Impact: allow Xen booting with stack-protector enabled ]

Signed-off-by: Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

author	Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com>
	Thu, 27 Aug 2009 19:46:35 +0000 (12:46 -0700)
committer	Greg Kroah-Hartman <gregkh@suse.de>
	Mon, 5 Oct 2009 16:31:43 +0000 (09:31 -0700)
commit	b04a12a2837b961139be63eb4b4f23c38a140e4a
tree	c19868262f8db97f2c60652dddc42ff98363237d	tree \| snapshot
parent	bdef3346158b95e07be5045df8c71cd93e5e5152	commit \| diff

arch/x86/mm/Makefile		diff \| blob \| history
arch/x86/xen/Makefile		diff \| blob \| history
arch/x86/xen/enlighten.c		diff \| blob \| history
arch/x86/xen/smp.c		diff \| blob \| history
drivers/xen/Makefile		diff \| blob \| history