| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 13 May 2015 08:51:09 -0500
From: Josh Poimboeuf <jpoimboe@...hat.com>
To: Michal Marek <mmarek@...e.cz>
Cc: Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>,
"H. Peter Anvin" <hpa@...or.com>,
Peter Zijlstra <peterz@...radead.org>, x86@...nel.org,
live-patching@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3 1/3] x86, stackvalidate: Compile-time stack frame
pointer validation
On Wed, May 13, 2015 at 12:39:14PM +0200, Michal Marek wrote:
> On 2015-05-11 18:38, Josh Poimboeuf wrote:
> > Frame pointer based stack traces aren't always reliable. One big reason
> > is that most asm functions don't set up the frame pointer.
> >
> > Fix that by enforcing that all asm functions honor CONFIG_FRAME_POINTER.
> > This is done with a new stackvalidate host tool which is automatically
> > run for every compiled .S file and which validates that every asm
> > function does the proper frame pointer setup.
> >
> > Also, to make sure somebody didn't forget to annotate their callable asm code
> > as a function, flag an error for any return instructions which are hiding
> > outside of a function. In almost all cases, return instructions are part of
> > callable functions and should be annotated as such so that we can validate
> > their frame pointer usage. A whitelist mechanism exists for those few return
> > instructions which are not actually in callable code.
> >
> > It currently only supports x86_64. It *almost* supports x86_32, but the
> > stackvalidate code doesn't yet know how to deal with 32-bit REL
> > relocations for the return whitelists. I tried to make the code generic
> > so that support for other architectures can be plugged in pretty easily.
> >
> > As a first step, all reported non-compliances result in warnings. Right
> > now I'm seeing 200+ warnings. Once we get them all cleaned up, we can
> > change the warnings to build errors so the asm code can stay clean.
> >
> > Signed-off-by: Josh Poimboeuf <jpoimboe@...hat.com>
> > ---
> > MAINTAINERS | 6 +
> > arch/Kconfig | 4 +
> > arch/x86/Kconfig | 1 +
> > arch/x86/Makefile | 6 +-
> > lib/Kconfig.debug | 11 ++
> > scripts/Makefile | 1 +
> > scripts/Makefile.build | 22 ++-
>
> For the kbuild parts: Acked-by: Michal Marek <mmarek@...e.cz>
Thanks!
> > +int main(int argc, char *argv[])
> > +{
> > + struct args args;
> > + struct elf *elf;
> > + struct section *sec;
> > + int ret, warnings = 0;
> > +
> > + argp_parse(&argp, argc, argv, 0, 0, &args);
> > +
> > + elf = elf_open(args.args[0]);
> > + if (!elf) {
> > + fprintf(stderr, "error reading elf file %s\n", args.args[0]);
> > + return 1;
> > + }
> > +
> > + if (is_file_whitelisted(elf))
> > + return 0;
> > +
> > + list_for_each_entry(sec, &elf->sections, list) {
> > + ret = validate_section(elf, sec);
> > + if (ret < 0)
> > + return -1;
>
> return 1? Since this is the exit status of the program.
Ok, I'll change it to 1.
--
Josh
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists