From: Josh Poimboeuf <jpoimboe@redhat.com>
To: Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>
Cc: Michal Marek <mmarek@suse.cz>,
Peter Zijlstra <peterz@infradead.org>,
Andy Lutomirski <luto@kernel.org>, Borislav Petkov <bp@alien8.de>,
Linus Torvalds <torvalds@linux-foundation.org>,
Andi Kleen <andi@firstfloor.org>, Pedro Alves <palves@redhat.com>,
Namhyung Kim <namhyung@gmail.com>,
Bernd Petrovitsch <bernd@petrovitsch.priv.at>,
x86@kernel.org, live-patching@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: [PATCH v8 00/21] Compile-time stack validation
Date: Tue, 28 Jul 2015 09:46:51 -0500 [thread overview]
Message-ID: <cover.1438093915.git.jpoimboe@redhat.com> (raw)
This is v8 of the compile-time stack validation patch set, based on the
tip/master branch.
The frame pointer macros are still called FRAME and ENDFRAME because I
don't think we converged on anything else yet. Otherwise I tried to
address all the other review comments from v7.
v7 can be found here:
https://lkml.kernel.org/r/cover.1436893563.git.jpoimboe@redhat.com
For more information about the motivation behind this patch set, and
more details about what it does, please see the changelog in patch 3.
Patches 1-5 are the stackvalidate tool and some related macros.
Patches 6-21 are some proposed fixes for several of the warnings
reported by stackvalidate. They've been compile-tested and boot tested
in a VM, but I haven't attempted any meaningful testing for many of
them.
v8:
- add proposed fixes for warnings
- fix all memory leaks
- process ignores earlier and add more ignore checks
- always assume POPCNT alternative is enabled
- drop hweight inline asm fix
- drop __schedule() ignore patch
- change .Ltemp_\@ to .Lstackvalidate_ignore_\@ in asm macro
- fix CONFIG_* checks in asm macros
- add C versions of ignore macros and frame macros
- change ";" to "\n" in C macros
- add ifdef CONFIG_STACK_VALIDATION checks in C ignore macros
- use numbered label in C ignore macro
- add missing break in switch case statement in arch-x86.c
v7:
- sibling call support
- document proposed solution for inline asm() frame pointer issues
- say "kernel entry/exit" instead of "context switch"
- clarify the checking of switch statement jump tables
- discard __stackvalidate_ignore_* sections in linker script
- use .Ltemp_\@ to get a unique label instead of static 3-digit number
- change STACKVALIDATE_IGNORE_FUNC variable to a static
- move STACKVALIDATE_IGNORE_INSN to arch-specific .h file
v6:
- rename asmvalidate -> stackvalidate (again)
- gcc-generated object file support
- recursive branch state analysis
- external jump support
- fixup/exception table support
- jump label support
- switch statement jump table support
- added documentation
- detection of "noreturn" dead end functions
- added a Kbuild mechanism for skipping files and dirs
- moved frame pointer macros to arch/x86/include/asm/frame.h
- moved ignore macros to include/linux/stackvalidate.h
v5:
- stackvalidate -> asmvalidate
- frame pointers only required for non-leaf functions
- check for the use of the FP_SAVE/RESTORE macros instead of manually
analyzing code to detect frame pointer usage
- additional checks to ensure each function doesn't leave its boundaries
- make the macros simpler and more flexible
- support for analyzing ALTERNATIVE macros
- simplified the arch interfaces in scripts/asmvalidate/arch.h
- fixed some asmvalidate warnings
- rebased onto latest tip asm cleanups
- many more small changes
v4:
- Changed the default to CONFIG_STACK_VALIDATION=n, until all the asm
code can get cleaned up.
- Fixed a stackvalidate error path exit code issue found by Michal
Marek.
v3:
- Added a patch to make the push/pop CFI macros arch-independent, as
suggested by H. Peter Anvin
v2:
- Fixed memory leaks reported by Petr Mladek
Josh Poimboeuf (21):
x86/asm: Frame pointer macro cleanup
x86/asm: Add C versions of FRAME and ENDFRAME macros
x86/stackvalidate: Compile-time stack validation
x86/stackvalidate: Add file and directory ignores
x86/stackvalidate: Add ignore macros
x86/xen: Add stack frame dependency to hypercall inline asm calls
x86/paravirt: Add stack frame dependency to PVOP inline asm calls
x86/paravirt: Fix frame pointer usage in PV_CALLEE_SAVE_REGS_THUNK
x86/paravirt: Align paravirt thunk functions at 16-byte boundaries
x86/amd: Set ELF function type for vide()
x86/reboot: Add ljmp instructions to stackvalidate whitelist
x86/xen: Add xen_cpuid() and xen_setup_gdt() to stackvalidate
whitelists
x86/asm/crypto: Fix frame pointer usage in aesni-intel_asm.S
x86/asm/crypto: Move .Lbswap_mask data to .rodata section
x86/asm/crypto: Move jump_table to .rodata section
x86/asm/crypto: Fix frame pointer usage in clmul_ghash_mul/update()
x86/asm/entry: Fix frame pointer usage in thunk functions
x86/asm/acpi: Fix frame pointer usage in do_suspend_lowlevel()
x86/asm: Fix frame pointer usage in rwsem functions
x86/asm/efi: Fix frame pointer usage in efi_call()
x86/asm/power: Fix frame pointer usage in hibernate_asm_64.S
Documentation/stack-validation.txt | 193 ++++++
MAINTAINERS | 8 +
arch/Kconfig | 6 +
arch/x86/Kconfig | 1 +
arch/x86/Makefile | 6 +-
arch/x86/boot/Makefile | 3 +-
arch/x86/boot/compressed/Makefile | 3 +-
arch/x86/crypto/aesni-intel_asm.S | 21 +
arch/x86/crypto/crc32c-pcl-intel-asm_64.S | 8 +-
arch/x86/crypto/ghash-clmulni-intel_asm.S | 5 +
arch/x86/entry/thunk_64.S | 4 +
arch/x86/entry/vdso/Makefile | 5 +-
arch/x86/include/asm/frame.h | 51 +-
arch/x86/include/asm/paravirt.h | 10 +-
arch/x86/include/asm/paravirt_types.h | 18 +-
arch/x86/include/asm/stackvalidate.h | 45 ++
arch/x86/include/asm/xen/hypercall.h | 5 +-
arch/x86/kernel/acpi/wakeup_64.S | 3 +
arch/x86/kernel/cpu/amd.c | 5 +-
arch/x86/kernel/reboot.c | 7 +-
arch/x86/kernel/vmlinux.lds.S | 5 +-
arch/x86/lib/rwsem.S | 11 +-
arch/x86/platform/efi/efi_stub_64.S | 3 +
arch/x86/power/hibernate_asm_64.S | 7 +
arch/x86/purgatory/Makefile | 2 +
arch/x86/realmode/Makefile | 4 +-
arch/x86/realmode/rm/Makefile | 3 +-
arch/x86/xen/enlighten.c | 4 +-
drivers/firmware/efi/libstub/Makefile | 1 +
include/linux/stackvalidate.h | 28 +
lib/Kconfig.debug | 11 +
scripts/Makefile | 1 +
scripts/Makefile.build | 34 +-
scripts/stackvalidate/Makefile | 24 +
scripts/stackvalidate/arch-x86.c | 160 +++++
scripts/stackvalidate/arch.h | 44 ++
scripts/stackvalidate/elf.c | 427 ++++++++++++++
scripts/stackvalidate/elf.h | 92 +++
scripts/stackvalidate/list.h | 217 +++++++
scripts/stackvalidate/special.c | 197 +++++++
scripts/stackvalidate/special.h | 41 ++
scripts/stackvalidate/stackvalidate.c | 949 ++++++++++++++++++++++++++++++
42 files changed, 2624 insertions(+), 48 deletions(-)
create mode 100644 Documentation/stack-validation.txt
create mode 100644 arch/x86/include/asm/stackvalidate.h
create mode 100644 include/linux/stackvalidate.h
create mode 100644 scripts/stackvalidate/Makefile
create mode 100644 scripts/stackvalidate/arch-x86.c
create mode 100644 scripts/stackvalidate/arch.h
create mode 100644 scripts/stackvalidate/elf.c
create mode 100644 scripts/stackvalidate/elf.h
create mode 100644 scripts/stackvalidate/list.h
create mode 100644 scripts/stackvalidate/special.c
create mode 100644 scripts/stackvalidate/special.h
create mode 100644 scripts/stackvalidate/stackvalidate.c
--
2.1.0
next reply other threads:[~2015-07-28 14:47 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-28 14:46 Josh Poimboeuf [this message]
2015-07-28 14:46 ` [PATCH v8 01/21] x86/asm: Frame pointer macro cleanup Josh Poimboeuf
2015-07-28 14:46 ` [PATCH v8 02/21] x86/asm: Add C versions of FRAME and ENDFRAME macros Josh Poimboeuf
2015-07-28 14:46 ` [PATCH v8 03/21] x86/stackvalidate: Compile-time stack validation Josh Poimboeuf
2015-07-28 14:46 ` [PATCH v8 04/21] x86/stackvalidate: Add file and directory ignores Josh Poimboeuf
2015-07-28 14:46 ` [PATCH v8 05/21] x86/stackvalidate: Add ignore macros Josh Poimboeuf
2015-07-28 14:46 ` [PATCH v8 06/21] x86/xen: Add stack frame dependency to hypercall inline asm calls Josh Poimboeuf
2015-07-28 14:46 ` [PATCH v8 07/21] x86/paravirt: Add stack frame dependency to PVOP " Josh Poimboeuf
2015-07-28 14:46 ` [PATCH v8 08/21] x86/paravirt: Fix frame pointer usage in PV_CALLEE_SAVE_REGS_THUNK Josh Poimboeuf
2015-07-28 14:47 ` [PATCH v8 09/21] x86/paravirt: Align paravirt thunk functions at 16-byte boundaries Josh Poimboeuf
2015-07-28 15:23 ` Andy Lutomirski
2015-07-28 15:28 ` Josh Poimboeuf
2015-07-28 14:47 ` [PATCH v8 10/21] x86/amd: Set ELF function type for vide() Josh Poimboeuf
2015-07-28 14:47 ` [PATCH v8 11/21] x86/reboot: Add ljmp instructions to stackvalidate whitelist Josh Poimboeuf
2015-07-28 14:47 ` [PATCH v8 12/21] x86/xen: Add xen_cpuid() and xen_setup_gdt() to stackvalidate whitelists Josh Poimboeuf
2015-07-28 14:47 ` [PATCH v8 13/21] x86/asm/crypto: Fix frame pointer usage in aesni-intel_asm.S Josh Poimboeuf
2015-07-28 14:47 ` [PATCH v8 14/21] x86/asm/crypto: Move .Lbswap_mask data to .rodata section Josh Poimboeuf
2015-07-28 14:47 ` [PATCH v8 15/21] x86/asm/crypto: Move jump_table " Josh Poimboeuf
2015-07-28 14:47 ` [PATCH v8 16/21] x86/asm/crypto: Fix frame pointer usage in clmul_ghash_mul/update() Josh Poimboeuf
2015-07-28 14:47 ` [PATCH v8 17/21] x86/asm/entry: Fix frame pointer usage in thunk functions Josh Poimboeuf
2015-07-28 14:47 ` [PATCH v8 18/21] x86/asm/acpi: Fix frame pointer usage in do_suspend_lowlevel() Josh Poimboeuf
2015-07-28 14:47 ` [PATCH v8 19/21] x86/asm: Fix frame pointer usage in rwsem functions Josh Poimboeuf
2015-07-28 14:47 ` [PATCH v8 20/21] x86/asm/efi: Fix frame pointer usage in efi_call() Josh Poimboeuf
2015-07-28 14:47 ` [PATCH v8 21/21] x86/asm/power: Fix frame pointer usage in hibernate_asm_64.S Josh Poimboeuf
2015-08-06 8:07 ` [PATCH v8 00/21] Compile-time stack validation Ingo Molnar
2015-08-06 16:06 ` Josh Poimboeuf
2015-08-06 17:23 ` Josh Poimboeuf
2015-08-06 17:46 ` Josh Poimboeuf
-- strict thread matches above, loose matches on Subject: below --
2015-08-11 21:31 Chris J Arges
2015-08-12 4:43 ` Josh Poimboeuf
2015-08-12 21:24 ` Chris J Arges
2015-08-13 2:07 ` Josh Poimboeuf
2015-08-13 11:22 ` Josh Poimboeuf
2015-08-13 14:42 ` Chris J Arges
2015-08-13 14:50 ` Josh Poimboeuf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1438093915.git.jpoimboe@redhat.com \
--to=jpoimboe@redhat.com \
--cc=andi@firstfloor.org \
--cc=bernd@petrovitsch.priv.at \
--cc=bp@alien8.de \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=live-patching@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=mmarek@suse.cz \
--cc=namhyung@gmail.com \
--cc=palves@redhat.com \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.