[GIT PULL] hardening updates for v5.18-rc1

* [GIT PULL] hardening updates for v5.18-rc1
@ 2022-03-21 15:03 Kees Cook
  2022-03-22  3:06 ` pr-tracker-bot
  0 siblings, 1 reply; 2+ messages in thread
From: Kees Cook @ 2022-03-21 15:03 UTC (permalink / raw)
  To: Linus Torvalds
  Cc: linux-kernel, Alexander Popov, Andrew Morton, Chris Zankel,
	Dan Li, Geert Uytterhoeven, Josh Poimboeuf, Kees Cook,
	Marco Elver, Marc Zyngier, Matthew Wilcox, Max Filippov,
	Muhammad Usama Anjum, Nathan Chancellor, Nick Desaulniers,
	Peter Zijlstra

Hi Linus,

Please pull these hardening updates for v5.18-rc1. A notable change is
support for arm64 Shadow Call Stack under GCC 12, which was originally
proposed[1] as a kernel-specific gcc plugin, but was instead implemented
in upstream[2] GCC.

Thanks!

-Kees

[1] https://lore.kernel.org/linux-hardening/1632069436-25075-1-git-send-email-ashimida@linux.alibaba.com/
[2] https://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=ce09ab17ddd21f73ff2caf6eec3b0ee9b0e1a11e

The following changes since commit 26291c54e111ff6ba87a164d85d4a4e134b7315c:

  Linux 5.17-rc2 (2022-01-30 15:37:07 +0200)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/hardening-v5.18-rc1

for you to fetch changes up to afcf5441b9ff22ac57244cd45ff102ebc2e32d1a:

  arm64: Add gcc Shadow Call Stack support (2022-03-10 09:22:09 -0800)

----------------------------------------------------------------
hardening updates for v5.18-rc1

- Add arm64 Shadow Call Stack support for GCC 12 (Dan Li)
- Avoid memset with stack offset randomization under Clang (Marco Elver)
- Clean up stackleak plugin to play nice with .noinstr (Kees Cook)
- Check stack depth for greater usercopy hardening coverage (Kees Cook)

----------------------------------------------------------------
Dan Li (1):
      arm64: Add gcc Shadow Call Stack support

Kees Cook (6):
      gcc-plugins/stackleak: Provide verbose mode
      gcc-plugins/stackleak: Exactly match strings instead of prefixes
      gcc-plugins/stackleak: Ignore .noinstr.text and .entry.text
      usercopy: Check valid lifetime via stack depth
      xtensa: Implement "current_stack_pointer"
      m68k: Implement "current_stack_pointer"

Marco Elver (2):
      stack: Introduce CONFIG_RANDOMIZE_KSTACK_OFFSET
      stack: Constrain and fix stack offset randomization with Clang builds

 arch/Kconfig                           | 43 +++++++++++++++++++++++-----------
 arch/arm/Kconfig                       |  1 +
 arch/arm64/Kconfig                     |  3 ++-
 arch/m68k/Kconfig                      |  1 +
 arch/m68k/include/asm/current.h        |  4 +++-
 arch/powerpc/Kconfig                   |  1 +
 arch/s390/Kconfig                      |  1 +
 arch/sh/Kconfig                        |  1 +
 arch/x86/Kconfig                       |  1 +
 arch/xtensa/Kconfig                    |  1 +
 arch/xtensa/include/asm/current.h      |  2 ++
 arch/xtensa/include/asm/stacktrace.h   |  8 +++----
 arch/xtensa/kernel/irq.c               |  3 +--
 include/linux/compiler-gcc.h           |  4 ++++
 include/linux/randomize_kstack.h       | 21 +++++++++++++++--
 init/main.c                            |  2 +-
 mm/Kconfig                             |  9 +++++++
 mm/usercopy.c                          | 23 ++++++++++++++++--
 scripts/Makefile.gcc-plugins           |  2 ++
 scripts/gcc-plugins/stackleak_plugin.c | 29 +++++++++++++++++++----
 security/Kconfig.hardening             | 10 ++++++++
 21 files changed, 139 insertions(+), 31 deletions(-)

-- 
Kees Cook

^ permalink raw reply	[flat|nested] 2+ messages in thread