Date: Wed, 15 Nov 2017 01:03:58 +0300 From: Alexander Popov <alex.popov@...ux.com> To: Andy Lutomirski <luto@...nel.org> Cc: Mark Rutland <mark.rutland@....com>, "kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>, Kees Cook <keescook@...omium.org>, PaX Team <pageexec@...email.hu>, Brad Spengler <spender@...ecurity.net>, Ingo Molnar <mingo@...nel.org>, Peter Zijlstra <peterz@...radead.org>, Tycho Andersen <tycho@...ker.com>, Laura Abbott <labbott@...hat.com>, Ard Biesheuvel <ard.biesheuvel@...aro.org>, Borislav Petkov <bp@...en8.de>, Thomas Gleixner <tglx@...utronix.de>, "H . Peter Anvin" <hpa@...or.com>, X86 ML <x86@...nel.org> Subject: Re: [PATCH RFC v5 2/5] gcc-plugins: Add STACKLEAK plugin for tracking the kernel stack On 15.11.2017 00:17, Andy Lutomirski wrote: > On Tue, Nov 14, 2017 at 1:09 PM, Alexander Popov <alex.popov@...ux.com> wrote: >> Thanks, Mark! >> >> Please see my comments below. >> >> On 14.11.2017 19:33, Mark Rutland wrote: >>> On Tue, Nov 14, 2017 at 08:13:43AM -0800, Andy Lutomirski wrote: >>>> What does the STEAKLACK plugin actually do? I haven't followed this enough. >>> >>> The plugin adds instrumentation to track the maximum stack depth, though only >>> functions with a sufficiently large stackframe are instrumented. >> >> Yes. Functions with a big stack frame call track_stack() to update the >> lowest_stack value. If CONFIG_VMAP_STACK is disabled, track_stack() is compiled >> with a check for detecting stack depth overflow. This check is what I'm asking >> about. > > Then you'll probably have to do something like what I did in the > VMAP_STACK code. Yes! > That being said, I don't entirely see the point. If you want a > hardened kernel, you're going to enable VMAP_STACK. Are there really > users of hardened 32-bit kernels? You know, STACKLEAK already supports x86_32. It's a pity for me to make STACKLEAK dependent on VMAP_STACK and hence to drop STACKLEAK support for this platform. I hope there is a way to add a good-looking check to track_stack() and have at least some profit (although it will not catch all overflow cases). Best regards, Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.