Re: [PATCH] s390: Support global stack protector canary

Thu, 31 Jul 2025 07:31:35 -0700 

Hello Stefan!

On 7/10/2025 4:16 PM, Stefan Schulze Frielinghaus wrote:
> So far only a per thread canary in the TLS block is supported.  This
> patch adds support for a global canary, too.  For this the new option
> -mstack-protector-guard={global,tls} is added which defaults to tls.

To be on par with x86 and the generic (?) option Clang, wouldn't it make
sense to implement option -mstack-protector-guard-symbol=<symbol> as
well?

> The global canary is expected at symbol __stack_chk_guard which means
> for a function prologue instructions larl/l(g)fr + mvc are emitted and
> for an epilogue larl/l(g)fr + clc.
> 
> Furthermore, option -mstack-protector-guard-record is added which is
> inspired by -mrecord-mcount and generates section __stack_protector_loc
> containing pointers to all instructions which load the address of the
> global guard.  Thus, this option has only an effect in conjunction with
> -mstack-protector-guard=global.  The intended use is for the Linux
> kernel in order to support run-time patching.  In each task_struct of
> the kernel a canary is held which will be copied into the lowcore.
> Since the kernel supports migration of the lowcore, addresses are not
> necessarily constant.  Therefore, the kernel expects that all
> instructions loading the address of the canary to be of format RIL or
> more precisely are either larl or lgrl and that the instructions
> addresses are recorded in section __stack_protector_loc.  The kernel is
> then required to patch those instructions e.g. to llilf, prior first
> execution or whenever the lowcore moves.
> 
> In total this means -mstack-protector-guard=global emits code suitable
> for user and kernel space.
Thanks and regards,
Jens
-- 
Jens Remus
Linux on Z Development (D3303)
+49-7031-16-1128 Office
jre...@de.ibm.com

IBM

IBM Deutschland Research & Development GmbH; Vorsitzender des Aufsichtsrats: 
Wolfgang Wendt; Geschäftsführung: David Faller; Sitz der Gesellschaft: 
Böblingen; Registergericht: Amtsgericht Stuttgart, HRB 243294
IBM Data Privacy Statement: https://www.ibm.com/privacy/

Reply via email to