Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 15 Nov 2017 01:03:58 +0300
From: Alexander Popov <alex.popov@...ux.com>
To: Andy Lutomirski <luto@...nel.org>
Cc: Mark Rutland <mark.rutland@....com>,
 "kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>,
 Kees Cook <keescook@...omium.org>, PaX Team <pageexec@...email.hu>,
 Brad Spengler <spender@...ecurity.net>, Ingo Molnar <mingo@...nel.org>,
 Peter Zijlstra <peterz@...radead.org>, Tycho Andersen <tycho@...ker.com>,
 Laura Abbott <labbott@...hat.com>, Ard Biesheuvel
 <ard.biesheuvel@...aro.org>, Borislav Petkov <bp@...en8.de>,
 Thomas Gleixner <tglx@...utronix.de>, "H . Peter Anvin" <hpa@...or.com>,
 X86 ML <x86@...nel.org>
Subject: Re: [PATCH RFC v5 2/5] gcc-plugins: Add STACKLEAK plugin for tracking
 the kernel stack

On 15.11.2017 00:17, Andy Lutomirski wrote:
> On Tue, Nov 14, 2017 at 1:09 PM, Alexander Popov <alex.popov@...ux.com> wrote:
>> Thanks, Mark!
>>
>> Please see my comments below.
>>
>> On 14.11.2017 19:33, Mark Rutland wrote:
>>> On Tue, Nov 14, 2017 at 08:13:43AM -0800, Andy Lutomirski wrote:
>>>> What does the STEAKLACK plugin actually do?  I haven't followed this enough.
>>>
>>> The plugin adds instrumentation to track the maximum stack depth, though only
>>> functions with a sufficiently large stackframe are instrumented.
>>
>> Yes. Functions with a big stack frame call track_stack() to update the
>> lowest_stack value. If CONFIG_VMAP_STACK is disabled, track_stack() is compiled
>> with a check for detecting stack depth overflow. This check is what I'm asking
>> about.
> 
> Then you'll probably have to do something like what I did in the
> VMAP_STACK code.

Yes!

> That being said, I don't entirely see the point.  If you want a
> hardened kernel, you're going to enable VMAP_STACK.  Are there really
> users of hardened 32-bit kernels?

You know, STACKLEAK already supports x86_32. It's a pity for me to make
STACKLEAK dependent on VMAP_STACK and hence to drop STACKLEAK support for this
platform.

I hope there is a way to add a good-looking check to track_stack() and have at
least some profit (although it will not catch all overflow cases).

Best regards,
Alexander

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ