lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 03 Mar 2022 12:23:21 +0100 From: Peter Zijlstra <peterz@...radead.org> To: x86@...nel.org, joao@...rdrivepizza.com, hjl.tools@...il.com, jpoimboe@...hat.com, andrew.cooper3@...rix.com Cc: linux-kernel@...r.kernel.org, peterz@...radead.org, ndesaulniers@...gle.com, keescook@...omium.org, samitolvanen@...gle.com, mark.rutland@....com, alyssa.milburn@...el.com, mbenes@...e.cz, rostedt@...dmis.org, mhiramat@...nel.org, alexei.starovoitov@...il.com Subject: [PATCH v3 00/39] x86: Kernel IBT Hi, another week, another series. Since last time: - fixed and tested kexec (redgecomb) - s/4*HAS_KERNEL_IBT/ENDBR_INSN_SIZE/ (jpoimboe) - re-arranged Xen patches to avoid churn (andyhpp) - folded IBT_SEAL Kconfig and objtool options (jpoimboe) - dropped direct call/jmp rewrite from objtool (jpoimboe) - dropped UD1 poison (jpoimboe) - fixed kprobe selftests (masami,naveen) - fixed ftrace selftests (rostedt) - simplified CET/INT3 selftests (jpoimboe) - boot time msg on IBT (kees) - objtool WARN_FUNC sym+off fallback (jpoimboe) - picked up tags for unchanged patches - probably more Supposedly clang-14-rc2 will work on this series, I'll validate the moment the Debian package gets updated. Patches go on top of tip/master + arm64/for-next/linkage. Also available here: git://git.kernel.org/pub/scm/linux/kernel/git/peterz/queue.git x86/wip.ibt Enjoy! --- arch/powerpc/include/asm/livepatch.h | 10 - arch/powerpc/kernel/kprobes.c | 34 +-- arch/um/kernel/um_arch.c | 4 + arch/x86/Kconfig | 27 +++ arch/x86/Makefile | 7 +- arch/x86/crypto/crc32c-pcl-intel-asm_64.S | 3 + arch/x86/entry/entry_64.S | 27 ++- arch/x86/entry/entry_64_compat.S | 5 + arch/x86/include/asm/alternative.h | 1 + arch/x86/include/asm/cpu.h | 4 + arch/x86/include/asm/cpufeatures.h | 1 + arch/x86/include/asm/efi.h | 9 +- arch/x86/include/asm/ibt.h | 92 ++++++++ arch/x86/include/asm/idtentry.h | 25 +- arch/x86/include/asm/irqflags.h | 5 - arch/x86/include/asm/linkage.h | 39 ++++ arch/x86/include/asm/msr-index.h | 20 +- arch/x86/include/asm/paravirt.h | 1 + arch/x86/include/asm/paravirt_types.h | 1 - arch/x86/include/asm/qspinlock_paravirt.h | 3 + arch/x86/include/asm/segment.h | 5 +- arch/x86/include/asm/setup.h | 3 +- arch/x86/include/asm/text-patching.h | 30 ++- arch/x86/include/asm/traps.h | 2 + arch/x86/include/uapi/asm/processor-flags.h | 2 + arch/x86/kernel/alternative.c | 57 ++++- arch/x86/kernel/apm_32.c | 7 + arch/x86/kernel/cpu/bugs.c | 13 ++ arch/x86/kernel/cpu/common.c | 59 ++++- arch/x86/kernel/ftrace.c | 9 +- arch/x86/kernel/ftrace_64.S | 23 +- arch/x86/kernel/head_64.S | 14 +- arch/x86/kernel/idt.c | 9 +- arch/x86/kernel/kprobes/core.c | 29 ++- arch/x86/kernel/kvm.c | 3 +- arch/x86/kernel/machine_kexec_64.c | 2 + arch/x86/kernel/module.c | 21 +- arch/x86/kernel/paravirt.c | 29 +-- arch/x86/kernel/relocate_kernel_64.S | 10 + arch/x86/kernel/traps.c | 61 +++++ arch/x86/kernel/vmlinux.lds.S | 9 + arch/x86/kvm/emulate.c | 6 +- arch/x86/lib/error-inject.c | 2 + arch/x86/lib/retpoline.S | 1 + arch/x86/net/bpf_jit_comp.c | 16 +- arch/x86/xen/enlighten_pv.c | 10 +- arch/x86/xen/xen-asm.S | 10 + arch/x86/xen/xen-head.S | 8 +- include/asm-generic/vmlinux.lds.h | 4 + include/linux/cfi.h | 11 +- include/linux/kprobes.h | 3 +- include/linux/objtool.h | 16 ++ kernel/bpf/trampoline.c | 20 +- kernel/kprobes.c | 66 ++++-- kernel/livepatch/patch.c | 19 +- kernel/trace/ftrace.c | 34 ++- samples/ftrace/ftrace-direct-modify.c | 5 + samples/ftrace/ftrace-direct-multi-modify.c | 10 +- samples/ftrace/ftrace-direct-multi.c | 5 +- samples/ftrace/ftrace-direct-too.c | 3 + samples/ftrace/ftrace-direct.c | 3 + scripts/Makefile.build | 44 +--- scripts/Makefile.lib | 56 +++++ scripts/Makefile.modfinal | 1 + scripts/link-vmlinux.sh | 12 +- tools/objtool/arch/x86/decode.c | 34 ++- tools/objtool/builtin-check.c | 8 +- tools/objtool/check.c | 346 +++++++++++++++++++++++++++- tools/objtool/elf.c | 3 + tools/objtool/include/objtool/arch.h | 1 + tools/objtool/include/objtool/builtin.h | 3 +- tools/objtool/include/objtool/check.h | 14 +- tools/objtool/include/objtool/objtool.h | 4 + tools/objtool/include/objtool/warn.h | 2 + tools/objtool/objtool.c | 1 + 75 files changed, 1254 insertions(+), 242 deletions(-)
Powered by blists - more mailing lists