xen/PVH: Set up GS segment for stack canary
commit 98014068328c5574de9a4a30b604111fd9d8f901 upstream
A 32bit PVH Xen kernel with CONFIG_CC_STACKPROTECTOR_STRONG fails to boot. Xen detects a triple fault and kills the domain. The IP was xen_prepare_pvh+9 corresponding to: mov %gs:0x14,%eax
The 32bit kernel hasn't setup %gs when calling into xen_prepare_pvh. Curiously, 64bit was not affected. The requested patch sets up the canary for PVH to boot successfully.
This is applicable to and has been tested on 4.14. It is also applicable to 4.17.
Thanks, Jason
On Wed, Jul 25, 2018 at 03:11:10PM -0400, Jason Andryuk wrote:
xen/PVH: Set up GS segment for stack canary
commit 98014068328c5574de9a4a30b604111fd9d8f901 upstream
A 32bit PVH Xen kernel with CONFIG_CC_STACKPROTECTOR_STRONG fails to boot. Xen detects a triple fault and kills the domain. The IP was xen_prepare_pvh+9 corresponding to: mov %gs:0x14,%eax
The 32bit kernel hasn't setup %gs when calling into xen_prepare_pvh. Curiously, 64bit was not affected. The requested patch sets up the canary for PVH to boot successfully.
This is applicable to and has been tested on 4.14. It is also applicable to 4.17.
Thanks, now queued up.
greg k-h
linux-stable-mirror@lists.linaro.org
-
Greg KH -
Jason Andryuk