| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250818122720.434981-2-wangjinchao600@gmail.com> Date: Mon, 18 Aug 2025 20:26:06 +0800 From: Jinchao Wang <wangjinchao600@...il.com> To: akpm@...ux-foundation.org Cc: mhiramat@...nel.org, naveen@...nel.org, davem@...emloft.net, linux-mm@...ck.org, linux-kernel@...r.kernel.org, linux-trace-kernel@...r.kernel.org, Jinchao Wang <wangjinchao600@...il.com> Subject: [RFC PATCH 01/13] mm: Add kstackwatch build infrastructure Introduce the build system for kstackwatch, a new kernel stack corruption debugging tool. This patch adds the necessary Kconfig and Makefile infrastructure to support the kstackwatch subsystem. kstackwatch uses hardware write breakpoints to detect stack corruption in real-time, providing precise identification of the instruction that overwrites stack canaries or local variables. This is a significant improvement over traditional stack protection mechanisms that only detect corruption at function exit. The implementation is placed in mm/kstackwatch/ alongside other memory debugging tools like KASAN, KFENCE, and KMSAN. The tool requires STACKPROTECTOR, hardware breakpoint support, and kprobes functionality to operate. The modular design splits functionality across: - kernel.c: Main logic and module lifecycle - stack.c: Stack canary detection and probing - watch.c: Hardware breakpoint management Signed-off-by: Jinchao Wang <wangjinchao600@...il.com> --- mm/Kconfig.debug | 12 ++++++++++++ mm/Makefile | 1 + mm/kstackwatch/Makefile | 3 +++ mm/kstackwatch/kernel.c | 0 mm/kstackwatch/kstackwatch.h | 0 mm/kstackwatch/stack.c | 0 mm/kstackwatch/watch.c | 0 7 files changed, 16 insertions(+) create mode 100644 mm/kstackwatch/Makefile create mode 100644 mm/kstackwatch/kernel.c create mode 100644 mm/kstackwatch/kstackwatch.h create mode 100644 mm/kstackwatch/stack.c create mode 100644 mm/kstackwatch/watch.c diff --git a/mm/Kconfig.debug b/mm/Kconfig.debug index 32b65073d0cc..dd9c1bb7f549 100644 --- a/mm/Kconfig.debug +++ b/mm/Kconfig.debug @@ -309,3 +309,15 @@ config PER_VMA_LOCK_STATS overhead in the page fault path. If in doubt, say N. + + +config KSTACK_WATCH + tristate "Kernel Stack Watch" + depends on STACKPROTECTOR && HAVE_HW_BREAKPOINT && KPROBES && HAVE_KRETPROBES + help + This debugging tool monitors kernel stack usage. When enabled, + it can detect potential stack corruption by watching the remaining + stack space. This provides real-time warnings before a crash occurs, + which is useful for debugging stability issues. + + If unsure, say N. diff --git a/mm/Makefile b/mm/Makefile index ef54aa615d9d..665c9f2bf987 100644 --- a/mm/Makefile +++ b/mm/Makefile @@ -92,6 +92,7 @@ obj-$(CONFIG_PAGE_POISONING) += page_poison.o obj-$(CONFIG_KASAN) += kasan/ obj-$(CONFIG_KFENCE) += kfence/ obj-$(CONFIG_KMSAN) += kmsan/ +obj-$(CONFIG_KSTACK_WATCH) += kstackwatch/ obj-$(CONFIG_FAILSLAB) += failslab.o obj-$(CONFIG_FAIL_PAGE_ALLOC) += fail_page_alloc.o obj-$(CONFIG_MEMTEST) += memtest.o diff --git a/mm/kstackwatch/Makefile b/mm/kstackwatch/Makefile new file mode 100644 index 000000000000..076822eb7661 --- /dev/null +++ b/mm/kstackwatch/Makefile @@ -0,0 +1,3 @@ +obj-$(CONFIG_KSTACK_WATCH) += kstackwatch.o + +kstackwatch-y := kernel.o stack.o watch.o diff --git a/mm/kstackwatch/kernel.c b/mm/kstackwatch/kernel.c new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/mm/kstackwatch/kstackwatch.h b/mm/kstackwatch/kstackwatch.h new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/mm/kstackwatch/stack.c b/mm/kstackwatch/stack.c new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/mm/kstackwatch/watch.c b/mm/kstackwatch/watch.c new file mode 100644 index 000000000000..e69de29bb2d1 -- 2.43.0
Powered by blists - more mailing lists