Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Wed, 15 Nov 2017 01:03:58 +0300
From: Alexander Popov <alex.popov@...ux.com>
To: Andy Lutomirski <luto@...nel.org>
Cc: Mark Rutland <mark.rutland@....com>,
 "kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>,
 Kees Cook <keescook@...omium.org>, PaX Team <pageexec@...email.hu>,
 Brad Spengler <spender@...ecurity.net>, Ingo Molnar <mingo@...nel.org>,
 Peter Zijlstra <peterz@...radead.org>, Tycho Andersen <tycho@...ker.com>,
 Laura Abbott <labbott@...hat.com>, Ard Biesheuvel
 <ard.biesheuvel@...aro.org>, Borislav Petkov <bp@...en8.de>,
 Thomas Gleixner <tglx@...utronix.de>, "H . Peter Anvin" <hpa@...or.com>,
 X86 ML <x86@...nel.org>
Subject: Re: [PATCH RFC v5 2/5] gcc-plugins: Add STACKLEAK plugin for tracking
 the kernel stack

On 15.11.2017 00:17, Andy Lutomirski wrote:
> On Tue, Nov 14, 2017 at 1:09 PM, Alexander Popov <alex.popov@...ux.com> wrote:
>> Thanks, Mark!
>>
>> Please see my comments below.
>>
>> On 14.11.2017 19:33, Mark Rutland wrote:
>>> On Tue, Nov 14, 2017 at 08:13:43AM -0800, Andy Lutomirski wrote:
>>>> What does the STEAKLACK plugin actually do?  I haven't followed this enough.
>>>
>>> The plugin adds instrumentation to track the maximum stack depth, though only
>>> functions with a sufficiently large stackframe are instrumented.
>>
>> Yes. Functions with a big stack frame call track_stack() to update the
>> lowest_stack value. If CONFIG_VMAP_STACK is disabled, track_stack() is compiled
>> with a check for detecting stack depth overflow. This check is what I'm asking
>> about.
> 
> Then you'll probably have to do something like what I did in the
> VMAP_STACK code.

Yes!

> That being said, I don't entirely see the point.  If you want a
> hardened kernel, you're going to enable VMAP_STACK.  Are there really
> users of hardened 32-bit kernels?

You know, STACKLEAK already supports x86_32. It's a pity for me to make
STACKLEAK dependent on VMAP_STACK and hence to drop STACKLEAK support for this
platform.

I hope there is a way to add a good-looking check to track_stack() and have at
least some profit (although it will not catch all overflow cases).

Best regards,
Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.