From patchwork Wed Jun 24 12:33:30 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Popov X-Patchwork-Id: 11623085 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4A0E690 for ; Wed, 24 Jun 2020 12:37:01 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 23B6720789 for ; Wed, 24 Jun 2020 12:37:01 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="A1R2wIqw" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 23B6720789 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:Message-Id:Date: Subject:To:From:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=KJQZfPU7dqLb9duXYn/HvgkRpdpCG34LQn5UEzi3QEY=; b=A1R2wIqwL0s+aUEEcJYVvIAV6 UTSbCmZWn78GhMlmlNyaIgjxXyGx3JtlOpKAkx8pbtKTl8XfRLJUQ+DyMBHeDpRBB4VyeqjheMVSQ qgSvoexMQzMB1w+ns/G6iHIBfa4tmElhIBPZZhWYJCQDzL9DJR2LXvt1aoGGxRLu3DxkgjVaWP8Z7 m+IxlmMKkfXLm4wtqfipCVWmG6jgLKwK+UcbwgP4SWTmZmxoQLnVfJAx/wSXSEDLKyQragWHHBQ3I 5r6xJHKcEKjj1Z9La5Qxe9r1hoPSoZXtFpqywJ8Ez9SSt8Am4xAw/qv/SYPx2ytBk6Gbt0HWg1Gb1 rfMwlnmOQ==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1jo4cN-0007Qx-3z; Wed, 24 Jun 2020 12:35:07 +0000 Received: from mail-qk1-f194.google.com ([209.85.222.194]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1jo4c8-0007IP-Mg for linux-arm-kernel@lists.infradead.org; Wed, 24 Jun 2020 12:34:53 +0000 Received: by mail-qk1-f194.google.com with SMTP id l17so1575679qki.9 for ; Wed, 24 Jun 2020 05:34:49 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=U/neUUCsqT0PlemfvVIM6cUhi6vcMD7QDpY9m0/55MY=; b=gaW5HX32VUiubf92BTE6Tisng0RpKdV46dmQw6Hv+VVY5M9E5HU5BrxJ6xBgM+OEQj 0ofEHZsRNT1s5g1/ejBn469aVgyl89JV2HtvXasVWWTvMjHVsvER00Tbet6aOw4JOGx1 KLY65wiVIZj8ZVeSbzi9sCmunvXw84gmAlI0CFY1qMrstU/apZ39V5A4vPfFJSl1h9yJ ojq4LZu7j6vC1EXxSglxB9Oigzpu+49mosIBdH3j6x9ohKmMDIHxLEX5/CmzyElEzeZ8 U4AK8jqGNSXF8wJg3SwCZGrDjyfaQmLAW2lPjtqf96mjcyltx+dBb3CATcCo+0MsDR9+ QJHg== X-Gm-Message-State: AOAM533az1q9QJzRuxvD1cHn0q8ZPIKUkdwDE7M0DJMJvppXu51yj1Ln 4Rr6P580RQOBJk7d27yLKx8= X-Google-Smtp-Source: ABdhPJz9JvvyfA9b1/190kREHa6PK+V5IrA3vD+WvU3Zfs4N16fAWbTWXRT7gUAU+aWUjakQ5UQxCQ== X-Received: by 2002:a05:620a:10a4:: with SMTP id h4mr24496106qkk.320.1593002088433; Wed, 24 Jun 2020 05:34:48 -0700 (PDT) Received: from localhost.localdomain ([185.248.161.177]) by smtp.gmail.com with ESMTPSA id x26sm3354512qtr.4.2020.06.24.05.34.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 24 Jun 2020 05:34:47 -0700 (PDT) From: Alexander Popov To: Kees Cook , Jann Horn , Emese Revfy , Miguel Ojeda , Masahiro Yamada , Michal Marek , Andrew Morton , Masahiro Yamada , Thiago Jung Bauermann , Luis Chamberlain , Jessica Yu , Sven Schnelle , Iurii Zaikin , Catalin Marinas , Will Deacon , Vincenzo Frascino , Thomas Gleixner , Peter Collingbourne , Naohiro Aota , Alexander Monakov , Mathias Krause , PaX Team , Brad Spengler , Laura Abbott , Florian Weimer , Alexander Popov , kernel-hardening@lists.openwall.com, linux-kbuild@vger.kernel.org, x86@kernel.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, gcc@gcc.gnu.org Subject: [PATCH v2 5/5] gcc-plugins/stackleak: Add 'verbose' plugin parameter Date: Wed, 24 Jun 2020 15:33:30 +0300 Message-Id: <20200624123330.83226-6-alex.popov@linux.com> X-Mailer: git-send-email 2.25.4 In-Reply-To: <20200624123330.83226-1-alex.popov@linux.com> References: <20200624123330.83226-1-alex.popov@linux.com> MIME-Version: 1.0 X-Spam-Note: CRM114 invocation failed X-Spam-Score: 0.3 (/) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (0.3 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.222.194 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record 0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit [a13xp0p0v88[at]gmail.com] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [a13xp0p0v88[at]gmail.com] -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.222.194 listed in wl.mailspike.net] 0.0 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and EnvelopeFrom freemail headers are different X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: notify@kernel.org Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org Add 'verbose' plugin parameter for stackleak gcc plugin. It can be used for printing additional info about the kernel code instrumentation. For using it add the following to scripts/Makefile.gcc-plugins: gcc-plugin-cflags-$(CONFIG_GCC_PLUGIN_STACKLEAK) \ += -fplugin-arg-stackleak_plugin-verbose Signed-off-by: Alexander Popov --- scripts/gcc-plugins/stackleak_plugin.c | 47 +++++++++++++++++++++++--- 1 file changed, 42 insertions(+), 5 deletions(-) diff --git a/scripts/gcc-plugins/stackleak_plugin.c b/scripts/gcc-plugins/stackleak_plugin.c index a18b0d4af456..48e141e07956 100644 --- a/scripts/gcc-plugins/stackleak_plugin.c +++ b/scripts/gcc-plugins/stackleak_plugin.c @@ -34,6 +34,8 @@ __visible int plugin_is_GPL_compatible; static int track_frame_size = -1; static bool build_for_x86 = false; static const char track_function[] = "stackleak_track_stack"; +static bool disable = false; +static bool verbose = false; /* * Mark these global variables (roots) for gcc garbage collector since @@ -46,6 +48,7 @@ static struct plugin_info stackleak_plugin_info = { .help = "track-min-size=nn\ttrack stack for functions with a stack frame size >= nn bytes\n" "arch=target_arch\tspecify target build arch\n" "disable\t\tdo not activate the plugin\n" + "verbose\t\tprint info about the instrumentation\n" }; static void add_stack_tracking_gcall(gimple_stmt_iterator *gsi, bool after) @@ -102,6 +105,10 @@ static tree get_current_stack_pointer_decl(void) return var; } + if (verbose) { + fprintf(stderr, "stackleak: missing current_stack_pointer in %s()\n", + DECL_NAME_POINTER(current_function_decl)); + } return NULL_TREE; } @@ -195,6 +202,11 @@ static unsigned int stackleak_instrument_execute(void) if (!is_alloca(stmt)) continue; + if (verbose) { + fprintf(stderr, "stackleak: be careful, alloca() in %s()\n", + DECL_NAME_POINTER(current_function_decl)); + } + /* Insert stackleak_track_stack() call after alloca() */ add_stack_tracking(&gsi, true); if (bb == entry_bb) @@ -384,13 +396,31 @@ static bool remove_stack_tracking_gasm(void) */ static unsigned int stackleak_cleanup_execute(void) { + const char *fn = DECL_NAME_POINTER(current_function_decl); bool removed = false; - if (cfun->calls_alloca) + /* + * Leave stack tracking in functions that call alloca(). + * Additional case: + * gcc before version 7 called allocate_dynamic_stack_space() from + * expand_stack_vars() for runtime alignment of constant-sized stack + * variables. That caused cfun->calls_alloca to be set for functions + * that in fact don't use alloca(). + * For more info see gcc commit 7072df0aae0c59ae437e. + * Let's leave such functions instrumented as well. + */ + if (cfun->calls_alloca) { + if (verbose) + fprintf(stderr, "stackleak: instrument %s(): calls_alloca\n", fn); return 0; + } - if (large_stack_frame()) + /* Leave stack tracking in functions with large stack frame */ + if (large_stack_frame()) { + if (verbose) + fprintf(stderr, "stackleak: instrument %s()\n", fn); return 0; + } if (lookup_attribute_spec(get_identifier("no_caller_saved_registers"))) removed = remove_stack_tracking_gasm(); @@ -516,9 +546,6 @@ __visible int plugin_init(struct plugin_name_args *plugin_info, /* Parse the plugin arguments */ for (i = 0; i < argc; i++) { - if (!strcmp(argv[i].key, "disable")) - return 0; - if (!strcmp(argv[i].key, "track-min-size")) { if (!argv[i].value) { error(G_("no value supplied for option '-fplugin-arg-%s-%s'"), @@ -541,6 +568,10 @@ __visible int plugin_init(struct plugin_name_args *plugin_info, if (!strcmp(argv[i].value, "x86")) build_for_x86 = true; + } else if (!strcmp(argv[i].key, "disable")) { + disable = true; + } else if (!strcmp(argv[i].key, "verbose")) { + verbose = true; } else { error(G_("unknown option '-fplugin-arg-%s-%s'"), plugin_name, argv[i].key); @@ -548,6 +579,12 @@ __visible int plugin_init(struct plugin_name_args *plugin_info, } } + if (disable) { + if (verbose) + fprintf(stderr, "stackleak: disabled for this translation unit\n"); + return 0; + } + /* Give the information about the plugin */ register_callback(plugin_name, PLUGIN_INFO, NULL, &stackleak_plugin_info);