From: Kees Cook <kees@kernel.org>
To: Jinjie Ruan <ruanjinjie@huawei.com>
Cc: Linus Walleij <linus.walleij@linaro.org>,
linux@armlinux.org.uk, ardb@kernel.org, arnd@arndb.de,
afd@ti.com, akpm@linux-foundation.org,
rmk+kernel@armlinux.org.uk, eric.devolder@oracle.com,
robh@kernel.org, masahiroy@kernel.org, palmer@rivosinc.com,
samitolvanen@google.com, xiao.w.wang@intel.com,
alexghiti@rivosinc.com, nathan@kernel.org,
jan.kiszka@siemens.com, linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org
Subject: Re: [PATCH v2] ARM: Add support for STACKLEAK gcc plugin
Date: Thu, 27 Jun 2024 10:02:21 -0700 [thread overview]
Message-ID: <202406271001.67295EE@keescook> (raw)
In-Reply-To: <ee44c444-ab5e-b9c2-087b-5db627a72749@huawei.com>
On Thu, Jun 27, 2024 at 03:53:14PM +0800, Jinjie Ruan wrote:
>
>
> On 2024/6/24 15:30, Linus Walleij wrote:
> > On Mon, Jun 24, 2024 at 4:33 AM Jinjie Ruan <ruanjinjie@huawei.com> wrote:
> >
> >> Add the STACKLEAK gcc plugin to arm32 by adding the helper used by
> >> stackleak common code: on_thread_stack(). It initialize the stack with the
> >> poison value before returning from system calls which improves the kernel
> >> security. Additionally, this disables the plugin in EFI stub code and
> >> decompress code, which are out of scope for the protection.
> >>
> >> Before the test on Qemu versatilepb board:
> >> # echo STACKLEAK_ERASING > /sys/kernel/debug/provoke-crash/DIRECT
> >> lkdtm: Performing direct entry STACKLEAK_ERASING
> >> lkdtm: XFAIL: stackleak is not supported on this arch (HAVE_ARCH_STACKLEAK=n)
> >>
> >> After:
> >> # echo STACKLEAK_ERASING > /sys/kernel/debug/provoke-crash/DIRECT
> >> lkdtm: Performing direct entry STACKLEAK_ERASING
> >> lkdtm: stackleak stack usage:
> >> high offset: 80 bytes
> >> current: 280 bytes
> >> lowest: 696 bytes
> >> tracked: 696 bytes
> >> untracked: 192 bytes
> >> poisoned: 7220 bytes
> >> low offset: 4 bytes
> >> lkdtm: OK: the rest of the thread stack is properly erased
> >>
> >> Signed-off-by: Jinjie Ruan <ruanjinjie@huawei.com>
> >> Acked-by: Ard Biesheuvel <ardb@kernel.org>
> >
> > Reviewed-by: Linus Walleij <linus.walleij@linaro.org>
> >
> > I was digging around to see if this would interfere with BPF
> > trampolines, but the
> > BPF code seems so generic that I assume it already takes stackleak into account.
> >
> Thank you very much, as Kees said, can this patch go via
> rmk's patch tracker now?
Probably yes (we have some reviews now). Please go ahead and add it there.
--
Kees Cook
next prev parent reply other threads:[~2024-06-27 17:02 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-24 2:36 [PATCH v2] ARM: Add support for STACKLEAK gcc plugin Jinjie Ruan
2024-06-24 7:30 ` Linus Walleij
2024-06-27 7:53 ` Jinjie Ruan
2024-06-27 17:02 ` Kees Cook [this message]
2024-07-22 2:53 ` Jinjie Ruan
2024-07-29 11:12 ` Russell King (Oracle)
2024-07-29 11:24 ` Jinjie Ruan
2024-08-02 11:47 ` Russell King (Oracle)
2024-08-05 1:35 ` Jinjie Ruan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202406271001.67295EE@keescook \
--to=kees@kernel.org \
--cc=afd@ti.com \
--cc=akpm@linux-foundation.org \
--cc=alexghiti@rivosinc.com \
--cc=ardb@kernel.org \
--cc=arnd@arndb.de \
--cc=eric.devolder@oracle.com \
--cc=jan.kiszka@siemens.com \
--cc=linus.walleij@linaro.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@armlinux.org.uk \
--cc=masahiroy@kernel.org \
--cc=nathan@kernel.org \
--cc=palmer@rivosinc.com \
--cc=rmk+kernel@armlinux.org.uk \
--cc=robh@kernel.org \
--cc=ruanjinjie@huawei.com \
--cc=samitolvanen@google.com \
--cc=xiao.w.wang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.