lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun, 6 Feb 2022 09:45:05 -0800 From: Kees Cook <keescook@...omium.org> To: Alexander Popov <alex.popov@...ux.com> Cc: Kees Cook <keescook@...omium.org>, Peter Zijlstra <peterz@...radead.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Thomas Gleixner <tglx@...utronix.de>, Josh Poimboeuf <jpoimboe@...hat.com>, Borislav Petkov <bp@...en8.de>, Masahiro Yamada <masahiroy@...nel.org>, linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org Subject: [PATCH 0/3] gcc-plugins/stackleak: Ignore .noinstr.text and .entry.text Out of an abundance of caution, do not perform stack depth analysis on .noinstr.text and .entry.text section functions, as it may be possible that "current" is not sane. Additionally, to verify results, the verbose mode is wired up the Kconfig, and the string matching is refactored for correctness. -Kees Kees Cook (3): gcc-plugins/stackleak: Provide verbose mode gcc-plugins/stackleak: Exactly match strings instead of prefixes gcc-plugins/stackleak: Ignore .noinstr.text and .entry.text scripts/Makefile.gcc-plugins | 2 ++ scripts/gcc-plugins/stackleak_plugin.c | 29 ++++++++++++++++++++++---- security/Kconfig.hardening | 10 +++++++++ 3 files changed, 37 insertions(+), 4 deletions(-) -- 2.30.2
Powered by blists - more mailing lists