• Linus Torvalds's avatar
    Merge tag 'stackleak-v4.20-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux · 2d6bb6ad
    Linus Torvalds authored
    Pull stackleak gcc plugin from Kees Cook:
     "Please pull this new GCC plugin, stackleak, for v4.20-rc1. This plugin
      was ported from grsecurity by Alexander Popov. It provides efficient
      stack content poisoning at syscall exit. This creates a defense
      against at least two classes of flaws:
    
       - Uninitialized stack usage. (We continue to work on improving the
         compiler to do this in other ways: e.g. unconditional zero init was
         proposed to GCC and Clang, and more plugin work has started too).
    
       - Stack content exposure. By greatly reducing the lifetime of valid
         stack contents, exposures via either direct read bugs or unknown
         cache side-channels become much more difficult to exploit. This
         complements the existing buddy and heap poisoning options, but
         provides the coverage for stacks.
    
      The x86 hooks are included in this series (which have been reviewed by
      Ingo, Dave Hansen, and Thomas Gleixner). The arm64 hooks have already
      been merged through the arm64 tree (written by Laura Abbott and
      reviewed by Mark Rutland and Will Deacon).
    
      With VLAs having been removed this release, there is no need for
      alloca() protection, so it has been removed from the plugin"
    
    * tag 'stackleak-v4.20-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
      arm64: Drop unneeded stackleak_check_alloca()
      stackleak: Allow runtime disabling of kernel stack erasing
      doc: self-protection: Add information about STACKLEAK feature
      fs/proc: Show STACKLEAK metrics in the /proc file system
      lkdtm: Add a test for STACKLEAK
      gcc-plugins: Add STACKLEAK plugin for tracking the kernel stack
      x86/entry: Add STACKLEAK erasing the kernel stack at the end of syscalls
    2d6bb6ad
process.c 12.3 KB