lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Wed, 13 May 2015 12:39:14 +0200
From:	Michal Marek <mmarek@...e.cz>
To:	Josh Poimboeuf <jpoimboe@...hat.com>
CC:	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>,
	"H. Peter Anvin" <hpa@...or.com>,
	Peter Zijlstra <peterz@...radead.org>, x86@...nel.org,
	live-patching@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3 1/3] x86, stackvalidate: Compile-time stack frame pointer
 validation

On 2015-05-11 18:38, Josh Poimboeuf wrote:
> Frame pointer based stack traces aren't always reliable.  One big reason
> is that most asm functions don't set up the frame pointer.
> 
> Fix that by enforcing that all asm functions honor CONFIG_FRAME_POINTER.
> This is done with a new stackvalidate host tool which is automatically
> run for every compiled .S file and which validates that every asm
> function does the proper frame pointer setup.
> 
> Also, to make sure somebody didn't forget to annotate their callable asm code
> as a function, flag an error for any return instructions which are hiding
> outside of a function.  In almost all cases, return instructions are part of
> callable functions and should be annotated as such so that we can validate
> their frame pointer usage.  A whitelist mechanism exists for those few return
> instructions which are not actually in callable code.
> 
> It currently only supports x86_64.  It *almost* supports x86_32, but the
> stackvalidate code doesn't yet know how to deal with 32-bit REL
> relocations for the return whitelists.  I tried to make the code generic
> so that support for other architectures can be plugged in pretty easily.
> 
> As a first step, all reported non-compliances result in warnings.  Right
> now I'm seeing 200+ warnings.  Once we get them all cleaned up, we can
> change the warnings to build errors so the asm code can stay clean.
> 
> Signed-off-by: Josh Poimboeuf <jpoimboe@...hat.com>
> ---
>  MAINTAINERS                           |   6 +
>  arch/Kconfig                          |   4 +
>  arch/x86/Kconfig                      |   1 +
>  arch/x86/Makefile                     |   6 +-
>  lib/Kconfig.debug                     |  11 ++
>  scripts/Makefile                      |   1 +
>  scripts/Makefile.build                |  22 ++-

For the kbuild parts: Acked-by: Michal Marek <mmarek@...e.cz>


> +int main(int argc, char *argv[])
> +{
> +	struct args args;
> +	struct elf *elf;
> +	struct section *sec;
> +	int ret, warnings = 0;
> +
> +	argp_parse(&argp, argc, argv, 0, 0, &args);
> +
> +	elf = elf_open(args.args[0]);
> +	if (!elf) {
> +		fprintf(stderr, "error reading elf file %s\n", args.args[0]);
> +		return 1;
> +	}
> +
> +	if (is_file_whitelisted(elf))
> +		return 0;
> +
> +	list_for_each_entry(sec, &elf->sections, list) {
> +		ret = validate_section(elf, sec);
> +		if (ret < 0)
> +			return -1;

return 1? Since this is the exit status of the program.

Michal
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists