From patchwork Wed Jun 24 12:33:25 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Popov X-Patchwork-Id: 11623073 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id B94341731 for ; Wed, 24 Jun 2020 12:35:44 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 9173320857 for ; Wed, 24 Jun 2020 12:35:44 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="MuYOU5RI" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 9173320857 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:To:From: Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender :Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Owner; bh=DYHnb9XDiCf38WYIaQL/46Na8YFrNaT0JenlXj+GCVo=; b=MuYOU5RIsXeNUBT6aurnKJQgyk xYFeq88HUEbOFPdUFXj7vmC9fY1nR1e+81YK08G1yL5ZcK/93BooqR/AEPPXBPnP5q+fbi1p6Z8Wj 4awI3livlo08djQMobkxrp7nzr4UBa3+s3/xMupyKqx497yMTP7F+I+HhFy8RWE013eyIfULtEjfF rtacLqzA6mcdL5VhjViHpRMGns0ibKg3cb3+QOOjszD0aHUkKl5TQu+nfa8FSmMBSiqnQD2zRGY45 SK6odz+BnZ8rrMKH4QNTbDnrnfvmeFt816IWY26XMApyWYvvLvqnlJS1QODn9y0Akk2d7IGSIWzk4 BqWruqlQ==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1jo4bH-0006qg-5V; Wed, 24 Jun 2020 12:33:59 +0000 Received: from mail-qt1-f196.google.com ([209.85.160.196]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1jo4bE-0006oi-MK for linux-arm-kernel@lists.infradead.org; Wed, 24 Jun 2020 12:33:57 +0000 Received: by mail-qt1-f196.google.com with SMTP id e12so1466925qtr.9 for ; Wed, 24 Jun 2020 05:33:54 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=8sHQzOYVDYH3ZNMAFgn6qFPgIIglqtoHHBWYdYcv8aA=; b=HR/irdEbtNOCEzNPhRehQ3F84nXoXkBRcRIt+D5Zz12yTQzn/EFM8YKCvCLuE5uXWr HW+Dy0kqSpgP6a5/r2JisCp5eBfN/2830qTe06s3CBw6a1d6b3nM++cYfQhR9TKAivQv vrTkznKRY2rXEvpzJWoSKPix2SqGf5Ju58U3LrT2+jcNRfTD7P+Bm1Ycn39apKTAwO/r 9AwpoPYNexCiH+DT+b7BaXizteW1SCcBZCWam63sh8JG9dd1vFDCz45qJEoJ/oAQFNH4 10dcFjusBtTkajItGXeCiT2aeEUmtZlDTyUJkNtXkfROeM/ULgXTiQvhmIZUmSizKd6T GVIg== X-Gm-Message-State: AOAM532CND5cWTk/5y0XEDmMY57K9zAdDIHoOV0LygJTyZ216lqlP/rl nCfZrbtLyogdlJvN0UznN1k= X-Google-Smtp-Source: ABdhPJxblUCjOrDANsgZy0tfdbktunxAZXJLdRpPPWkvHCUo+/qzdIkUPYVzbM2mylESz5Zexu9MIA== X-Received: by 2002:ac8:22e5:: with SMTP id g34mr27227271qta.227.1593002033880; Wed, 24 Jun 2020 05:33:53 -0700 (PDT) Received: from localhost.localdomain ([185.248.161.177]) by smtp.gmail.com with ESMTPSA id x26sm3354512qtr.4.2020.06.24.05.33.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 24 Jun 2020 05:33:53 -0700 (PDT) From: Alexander Popov To: Kees Cook , Jann Horn , Emese Revfy , Miguel Ojeda , Masahiro Yamada , Michal Marek , Andrew Morton , Masahiro Yamada , Thiago Jung Bauermann , Luis Chamberlain , Jessica Yu , Sven Schnelle , Iurii Zaikin , Catalin Marinas , Will Deacon , Vincenzo Frascino , Thomas Gleixner , Peter Collingbourne , Naohiro Aota , Alexander Monakov , Mathias Krause , PaX Team , Brad Spengler , Laura Abbott , Florian Weimer , Alexander Popov , kernel-hardening@lists.openwall.com, linux-kbuild@vger.kernel.org, x86@kernel.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, gcc@gcc.gnu.org Subject: [PATCH v2 0/5] Improvements of the stackleak gcc plugin Date: Wed, 24 Jun 2020 15:33:25 +0300 Message-Id: <20200624123330.83226-1-alex.popov@linux.com> X-Mailer: git-send-email 2.25.4 MIME-Version: 1.0 X-Spam-Note: CRM114 invocation failed X-Spam-Score: 0.3 (/) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (0.3 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.160.196 listed in list.dnswl.org] 0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [209.85.160.196 listed in wl.mailspike.net] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record 0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit [a13xp0p0v88[at]gmail.com] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [a13xp0p0v88[at]gmail.com] 0.0 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and EnvelopeFrom freemail headers are different 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: notify@kernel.org Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org This is the v2 of the patch series with various improvements of the stackleak gcc plugin. The first three patches disable unneeded gcc plugin instrumentation for some files. The fourth patch is the main improvement. It eliminates an unwanted side-effect of kernel code instrumentation performed by stackleak gcc plugin. This patch is a deep reengineering of the idea described on grsecurity blog: https://grsecurity.net/resolving_an_unfortunate_stackleak_interaction The final patch adds 'verbose' stackleak parameter for printing additional info about the kernel code instrumentation during kernel building. I would like to thank Alexander Monakov for his advisory on gcc internals. This patch series was tested for gcc version 4.8, 5, 6, 7, 8, 9, and 10 on x86_64, i386 and arm64. That was done using the project 'kernel-build-containers': https://github.com/a13xp0p0v/kernel-build-containers Changes from v1: - rebase onto 5.8.0-rc2; - don't exclude alloca() from the instrumentation logic, because it will be used in kernel stack offset randomization; - reorder patches in the series; - don't use gcc plugins for building vgettimeofday.c in arm and arm64 vDSO; - follow alphabetic order in include/linux/compiler_attributes.h. Link to v1: https://lore.kernel.org/lkml/20200604134957.505389-1-alex.popov@linux.com/ Alexander Popov (5): gcc-plugins/stackleak: Don't instrument itself ARM: vdso: Don't use gcc plugins for building vgettimeofday.c arm64: vdso: Don't use gcc plugins for building vgettimeofday.c gcc-plugins/stackleak: Use asm instrumentation to avoid useless register saving gcc-plugins/stackleak: Add 'verbose' plugin parameter arch/arm/vdso/Makefile | 2 +- arch/arm64/kernel/vdso/Makefile | 2 +- include/linux/compiler_attributes.h | 13 ++ kernel/Makefile | 1 + kernel/stackleak.c | 16 +- scripts/Makefile.gcc-plugins | 2 + scripts/gcc-plugins/stackleak_plugin.c | 248 +++++++++++++++++++++---- 7 files changed, 239 insertions(+), 45 deletions(-)