linux

History

Alexander Popov feee1b8c49 gcc-plugins/stackleak: Use asm instrumentation to avoid useless register saving The kernel code instrumentation in stackleak gcc plugin works in two stages. At first, stack tracking is added to GIMPLE representation of every function (except some special cases). And later, when stack frame size info is available, stack tracking is removed from the RTL representation of the functions with small stack frame. There is an unwanted side-effect for these functions: some of them do useless work with caller-saved registers. As an example of such case, proc_sys_write without() instrumentation: 55 push %rbp 41 b8 01 00 00 00 mov $0x1,%r8d 48 89 e5 mov %rsp,%rbp e8 11 ff ff ff callq ffffffff81284610 <proc_sys_call_handler> 5d pop %rbp c3 retq 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) 66 2e 0f 1f 84 00 00 nopw %cs:0x0(%rax,%rax,1) 00 00 00 proc_sys_write() with instrumentation: 55 push %rbp 48 89 e5 mov %rsp,%rbp 41 56 push %r14 41 55 push %r13 41 54 push %r12 53 push %rbx 49 89 f4 mov %rsi,%r12 48 89 fb mov %rdi,%rbx 49 89 d5 mov %rdx,%r13 49 89 ce mov %rcx,%r14 4c 89 f1 mov %r14,%rcx 4c 89 ea mov %r13,%rdx 4c 89 e6 mov %r12,%rsi 48 89 df mov %rbx,%rdi 41 b8 01 00 00 00 mov $0x1,%r8d e8 f2 fe ff ff callq ffffffff81298e80 <proc_sys_call_handler> 5b pop %rbx 41 5c pop %r12 41 5d pop %r13 41 5e pop %r14 5d pop %rbp c3 retq 66 0f 1f 84 00 00 00 nopw 0x0(%rax,%rax,1) 00 00 Let's improve the instrumentation to avoid this: 1. Make stackleak_track_stack() save all register that it works with. Use no_caller_saved_registers attribute for that function. This attribute is available for x86_64 and i386 starting from gcc-7. 2. Insert calling stackleak_track_stack() in asm: asm volatile("call stackleak_track_stack" :: "r" (current_stack_pointer)) Here we use ASM_CALL_CONSTRAINT trick from arch/x86/include/asm/asm.h. The input constraint is taken into account during gcc shrink-wrapping optimization. It is needed to be sure that stackleak_track_stack() call is inserted after the prologue of the containing function, when the stack frame is prepared. This work is a deep reengineering of the idea described on grsecurity blog https://grsecurity.net/resolving_an_unfortunate_stackleak_interaction Signed-off-by: Alexander Popov <alex.popov@linux.com> Acked-by: Miguel Ojeda <miguel.ojeda.sandonis@gmail.com> Link: https://lore.kernel.org/r/20200624123330.83226-5-alex.popov@linux.com Signed-off-by: Kees Cook <keescook@chromium.org>		2020-06-24 07:48:28 -07:00
..
bpf	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2020-06-13 16:27:13 -07:00
cgroup	mmap locking API: convert mmap_sem comments	2020-06-09 09:39:14 -07:00
configs	compiler: remove CONFIG_OPTIMIZE_INLINING entirely	2020-04-07 10:43:42 -07:00
debug	maccess: rename probe_kernel_{read,write} to copy_{from,to}_kernel_nofault	2020-06-17 10:57:41 -07:00
dma	dma-pool: decouple DMA_REMAP from DMA_COHERENT_POOL	2020-06-15 08:35:30 +02:00
events	Merge branch 'akpm' (patches from Andrew)	2020-06-09 09:54:46 -07:00
gcov	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
irq	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
kcsan	kcsan: Support distinguishing volatile accesses	2020-06-11 20:04:01 +02:00
livepatch	livepatch: Make klp_apply_object_relocs static	2020-05-11 00:31:38 +02:00
locking	The X86 entry, exception and interrupt code rework	2020-06-13 10:05:47 -07:00
power	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
printk	One more printk change for 5.8	2020-06-12 12:13:36 -07:00
rcu	TTY/Serial driver updates for 5.8-rc1	2020-06-07 09:52:36 -07:00
sched	Rebase locking/kcsan to locking/urgent	2020-06-11 20:02:46 +02:00
time	The X86 entry, exception and interrupt code rework	2020-06-13 10:05:47 -07:00
trace	A few fixes and small cleanups for tracing:	2020-06-20 13:17:47 -07:00
.gitignore	.gitignore: add SPDX License Identifier	2020-03-25 11:50:48 +01:00
acct.c	mmap locking API: convert mmap_sem comments	2020-06-09 09:39:14 -07:00
async.c
audit_fsnotify.c	fsnotify: use helpers to access data by data_type	2020-03-23 18:19:06 +01:00
audit_tree.c
audit_watch.c	\n	2020-04-06 08:58:42 -07:00
audit.c	audit/stable-5.8 PR 20200601	2020-06-02 17:13:37 -07:00
audit.h	audit: fix a net reference leak in audit_list_rules_send()	2020-04-22 15:23:10 -04:00
auditfilter.c	audit: fix a net reference leak in audit_list_rules_send()	2020-04-22 15:23:10 -04:00
auditsc.c	audit: add subj creds to NETFILTER_CFG record to	2020-05-20 18:09:19 -04:00
backtracetest.c
bounds.c
capability.c
compat.c	uaccess: Selectively open read or write user access	2020-05-01 12:35:21 +10:00
configs.c	proc: convert everything to "struct proc_ops"	2020-02-04 03:05:26 +00:00
context_tracking.c	context_tracking: Ensure that the critical path cannot be instrumented	2020-06-11 15:14:36 +02:00
cpu_pm.c	kernel/cpu_pm: Fix uninitted local in cpu_pm	2020-05-15 11:44:34 -07:00
cpu.c	The changes in this cycle are:	2020-06-03 13:06:42 -07:00
crash_core.c
crash_dump.c	crash_dump: Remove no longer used saved_max_pfn	2020-04-15 11:21:54 +02:00
cred.c	exec: Teach prepare_exec_creds how exec treats uids & gids	2020-05-20 14:44:21 -05:00
delayacct.c
dma.c
elfcore.c
exec_domain.c
exit.c	mmap locking API: convert mmap_sem comments	2020-06-09 09:39:14 -07:00
extable.c	kernel/extable.c: use address-of operator on section symbols	2020-04-07 10:43:42 -07:00
fail_function.c
fork.c	mmap locking API: convert nested write lock sites	2020-06-09 09:39:14 -07:00
freezer.c
futex.c	mmap locking API: use coccinelle to convert mmap_sem rwsem call sites	2020-06-09 09:39:14 -07:00
gen_kheaders.sh	kbuild: add variables for compression tools	2020-06-06 23:42:01 +09:00
groups.c	mm: remove the pgprot argument to __vmalloc	2020-06-02 10:59:11 -07:00
hung_task.c	kernel/hung_task.c: introduce sysctl to print all traces when a hung task is detected	2020-06-08 11:05:56 -07:00
iomem.c
irq_work.c	irq_work, smp: Allow irq_work on call_single_queue	2020-05-28 10:54:15 +02:00
jump_label.c
kallsyms.c	kallsyms: unexport kallsyms_lookup_name() and kallsyms_on_each_symbol()	2020-04-07 10:43:44 -07:00
kcmp.c	kernel/kcmp.c: Use new infrastructure to fix deadlocks in execve	2020-03-25 10:04:01 -05:00
Kconfig.freezer
Kconfig.hz
Kconfig.locks
Kconfig.preempt
kcov.c	kcov: check kcov_softirq in kcov_remote_stop()	2020-06-10 19:14:17 -07:00
kexec_core.c
kexec_elf.c
kexec_file.c	kexec_file: don't place kexec images on IORESOURCE_MEM_DRIVER_MANAGED	2020-06-04 19:06:23 -07:00
kexec_internal.h
kexec.c
kheaders.c
kmod.c	kmod: make request_module() return an error when autoloading is disabled	2020-04-10 15:36:22 -07:00
kprobes.c	kretprobe: Prevent triggering kretprobe from within kprobe_flush_task	2020-06-16 21:21:01 -04:00
ksysfs.c
kthread.c	maccess: rename probe_kernel_{read,write} to copy_{from,to}_kernel_nofault	2020-06-17 10:57:41 -07:00
latencytop.c	sysctl: pass kernel pointers to ->proc_handler	2020-04-27 02:07:40 -04:00
Makefile	gcc-plugins/stackleak: Don't instrument itself	2020-06-24 07:48:13 -07:00
module_signature.c
module_signing.c
module-internal.h
module.c	module: move the set_fs hack for flush_icache_range to m68k	2020-06-08 11:05:58 -07:00
notifier.c	mm: remove vmalloc_sync_(un)mappings()	2020-06-02 10:59:12 -07:00
nsproxy.c	nsproxy: attach to namespaces via pidfds	2020-05-13 11:41:22 +02:00
padata.c	padata: add basic support for multithreaded jobs	2020-06-03 20:09:45 -07:00
panic.c	bug: Annotate WARN/BUG/stackfail as noinstr safe	2020-06-11 15:14:36 +02:00
params.c
pid_namespace.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next	2020-06-03 16:27:18 -07:00
pid.c	remove the no longer needed pid_alive() check in __task_pid_nr_ns()	2020-04-30 06:40:14 -05:00
profile.c	proc: convert everything to "struct proc_ops"	2020-02-04 03:05:26 +00:00
ptrace.c	ptrace: reintroduce usage of subjective credentials in ptrace_has_cap()	2020-01-18 13:51:39 +01:00
range.c
reboot.c	printk: Collapse shutdown types into a single dump reason	2020-05-30 10:34:03 -07:00
relay.c	mmap locking API: convert mmap_sem comments	2020-06-09 09:39:14 -07:00
resource.c	/dev/mem: Revoke mappings when a driver claims the region	2020-05-27 11:10:05 +02:00
rseq.c
scs.c	scs: Report SCS usage in bytes rather than number of entries	2020-06-04 16:14:56 +01:00
seccomp.c	sysctl: pass kernel pointers to ->proc_handler	2020-04-27 02:07:40 -04:00
signal.c	Merge branch 'work.set_fs-exec' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs	2020-06-01 16:21:46 -07:00
smp.c	The changes in this cycle are:	2020-06-03 13:06:42 -07:00
smpboot.c
smpboot.h
softirq.c	x86/entry: Clarify irq_{enter,exit}_rcu()	2020-06-11 15:15:24 +02:00
stackleak.c	gcc-plugins/stackleak: Use asm instrumentation to avoid useless register saving	2020-06-24 07:48:28 -07:00
stacktrace.c
stop_machine.c	stop_machine: Make stop_cpus() static	2020-01-17 10:19:21 +01:00
sys_ni.c
sys.c	Add additional LSM hooks for SafeSetID	2020-06-14 11:39:31 -07:00
sysctl_binary.c
sysctl-test.c	kunit: allow kunit tests to be loaded as a module	2020-01-09 16:42:29 -07:00
sysctl.c	kernel/sysctl.c: ignore out-of-range taint bits introduced via kernel.tainted	2020-06-08 11:05:56 -07:00
task_work.c	task_work_run: don't take ->pi_lock unconditionally	2020-03-02 14:06:33 -07:00
taskstats.c
test_kprobes.c
torture.c	CPU (hotplug) updates:	2020-03-30 18:06:39 -07:00
tracepoint.c
tsacct.c
ucount.c	ucount: Make sure ucounts in /proc/sys/user don't regress again	2020-04-07 21:51:27 +02:00
uid16.c
uid16.h
umh.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2020-05-15 13:48:59 -07:00
up.c	smp/up: Make smp_call_function_single() match SMP semantics	2020-02-07 15:34:12 +01:00
user_namespace.c	nsproxy: add struct nsset	2020-05-09 13:57:12 +02:00
user-return-notifier.c
user.c	user.c: make uidhash_table static	2020-06-04 19:06:24 -07:00
utsname_sysctl.c	sysctl: pass kernel pointers to ->proc_handler	2020-04-27 02:07:40 -04:00
utsname.c	nsproxy: add struct nsset	2020-05-09 13:57:12 +02:00
watch_queue.c	Notifications over pipes + Keyring notifications	2020-06-13 09:56:21 -07:00
watchdog_hld.c
watchdog.c	kernel/watchdog.c: convert {soft/hard}lockup boot parameters to sysctl aliases	2020-06-08 11:05:56 -07:00
workqueue_internal.h
workqueue.c	maccess: rename probe_kernel_{read,write} to copy_{from,to}_kernel_nofault	2020-06-17 10:57:41 -07:00