This is a note to let you know that I've just added the patch titled

kbuild: add '-fno-stack-check' to kernel build options

to the 3.18-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git%3Ba=su...

The filename of the patch is: kbuild-add-fno-stack-check-to-kernel-build-options.patch and it can be found in the queue-3.18 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree, please let stable@vger.kernel.org know about it.

From 3ce120b16cc548472f80cf8644f90eda958cf1b6 Mon Sep 17 00:00:00 2001

From: Linus Torvalds torvalds@linux-foundation.org Date: Fri, 29 Dec 2017 17:34:43 -0800 Subject: kbuild: add '-fno-stack-check' to kernel build options MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit

From: Linus Torvalds torvalds@linux-foundation.org

commit 3ce120b16cc548472f80cf8644f90eda958cf1b6 upstream.

It appears that hardened gentoo enables "-fstack-check" by default for gcc.

That doesn't work _at_all_ for the kernel, because the kernel stack doesn't act like a user stack at all: it's much smaller, and it doesn't auto-expand on use. So the extra "probe one page below the stack" code generated by -fstack-check just breaks the kernel in horrible ways, causing infinite double faults etc.

[ I have to say, that the particular code gcc generates looks very stupid even for user space where it works, but that's a separate issue. ]

Reported-and-tested-by: Alexander Tsoy alexander@tsoy.me Reported-and-tested-by: Toralf Förster toralf.foerster@gmx.de Cc: Dave Hansen dave.hansen@intel.com Cc: Jiri Kosina jikos@kernel.org Cc: Andy Lutomirski luto@amacapital.net Signed-off-by: Linus Torvalds torvalds@linux-foundation.org Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org

--- Makefile | 3 +++ 1 file changed, 3 insertions(+)

--- a/Makefile +++ b/Makefile @@ -762,6 +762,9 @@ KBUILD_CFLAGS += $(call cc-disable-warni # disable invalid "can't wrap" optimizations for signed / pointers KBUILD_CFLAGS += $(call cc-option,-fno-strict-overflow)

+# Make sure -fstack-check isn't enabled (like gentoo apparently did) +KBUILD_CFLAGS += $(call cc-option,-fno-stack-check,) + # conserve stack if available KBUILD_CFLAGS += $(call cc-option,-fconserve-stack)

Patches currently in stable-queue which might be from torvalds@linux-foundation.org are

queue-3.18/kbuild-add-fno-stack-check-to-kernel-build-options.patch