| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202307122305.029E76A@keescook>
Date: Wed, 12 Jul 2023 23:08:37 -0700
From: Kees Cook <keescook@...omium.org>
To: Steven Rostedt <rostedt@...dmis.org>
Cc: LKML <linux-kernel@...r.kernel.org>,
Linux Trace Kernel <linux-trace-kernel@...r.kernel.org>,
Masami Hiramatsu <mhiramat@...nel.org>,
Mark Rutland <mark.rutland@....com>,
Sven Schnelle <svens@...ux.ibm.com>,
linux-hardening@...r.kernel.org
Subject: Re: [PATCH] tracing: Stop FORTIFY_SOURCE complaining about stack
trace caller
On Wed, Jul 12, 2023 at 10:22:35PM -0700, Kees Cook wrote:
> But anyway, I think we can still do better. :)
Okay, what about this? I'm really not sure how to test this
appropriately, but it does appear to build. (famous last words)
This creates the union, but I think it ends up only being visible for
trace.c; everything else thinks it's just __array.
Anyway, maybe I'm closer, but trace internals are hurting my head right
now...
-Kees
diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c
index 4529e264cb86..fba49d6c590c 100644
--- a/kernel/trace/trace.c
+++ b/kernel/trace/trace.c
@@ -3157,7 +3157,7 @@ static void __ftrace_trace_stack(struct trace_buffer *buffer,
size = nr_entries * sizeof(unsigned long);
event = __trace_buffer_lock_reserve(buffer, TRACE_STACK,
- (sizeof(*entry) - sizeof(entry->caller)) + size,
+ (sizeof(*entry) - sizeof(entry->__legacy_caller)) + size,
trace_ctx);
if (!event)
goto out;
diff --git a/kernel/trace/trace.h b/kernel/trace/trace.h
index ed7906b13f09..29be88ad6227 100644
--- a/kernel/trace/trace.h
+++ b/kernel/trace/trace.h
@@ -83,6 +83,12 @@ enum trace_type {
#undef __dynamic_array
#define __dynamic_array(type, item) type item[];
+#define __min_array(type, item, size) \
+ union { \
+ type __legacy_ ## item[size]; \
+ DECLARE_FLEX_ARRAY(type, item); \
+ };
+
#undef __rel_dynamic_array
#define __rel_dynamic_array(type, item) type item[];
diff --git a/kernel/trace/trace_entries.h b/kernel/trace/trace_entries.h
index 340b2fa98218..311a6c338385 100644
--- a/kernel/trace/trace_entries.h
+++ b/kernel/trace/trace_entries.h
@@ -190,7 +190,7 @@ FTRACE_ENTRY(kernel_stack, stack_entry,
F_STRUCT(
__field( int, size )
- __array( unsigned long, caller, FTRACE_STACK_ENTRIES )
+ __min_array( unsigned long, caller, FTRACE_STACK_ENTRIES )
),
F_printk("\t=> %ps\n\t=> %ps\n\t=> %ps\n"
diff --git a/kernel/trace/trace_export.c b/kernel/trace/trace_export.c
index 58f3946081e2..8f6dcd616d85 100644
--- a/kernel/trace/trace_export.c
+++ b/kernel/trace/trace_export.c
@@ -57,6 +57,9 @@ static int ftrace_event_register(struct trace_event_call *call,
#undef __dynamic_array
#define __dynamic_array(type, item) type item[];
+#undef __min_array
+#define __min_array(type, item, size) type item[size];
+
#undef F_STRUCT
#define F_STRUCT(args...) args
@@ -123,6 +126,9 @@ static void __always_unused ____ftrace_check_##name(void) \
.size = 0, .align = __alignof__(_type), \
is_signed_type(_type), .filter_type = FILTER_OTHER },
+#undef __min_array
+#define __min_array(_type, _item, _len) __array(_type, _item, _len)
+
#undef FTRACE_ENTRY
#define FTRACE_ENTRY(name, struct_name, id, tstruct, print) \
static struct trace_event_fields ftrace_event_fields_##name[] = { \
@@ -155,6 +161,9 @@ static struct trace_event_fields ftrace_event_fields_##name[] = { \
#undef __dynamic_array
#define __dynamic_array(type, item)
+#undef __min_array
+#define __min_array(type, item, len)
+
#undef F_printk
#define F_printk(fmt, args...) __stringify(fmt) ", " __stringify(args)
--
Kees Cook
Powered by blists - more mailing lists