From: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
To: Kees Cook <keescook@chromium.org>, linux-kernel@vger.kernel.org
Cc: Emese Revfy <re.emese@gmail.com>, Arnd Bergmann <arnd@arndb.de>,
Josh Triplett <josh@joshtriplett.org>,
pageexec@freemail.hu, yamada.masahiro@socionext.com,
minipli@ld-linux.so, linux@armlinux.org.uk,
catalin.marinas@arm.com, linux@rasmusvillemoes.dk,
david.brown@linaro.org, benh@kernel.crashing.org,
tglx@linutronix.de, akpm@linux-foundation.org,
jlayton@poochiereds.net, sam@ravnborg.org,
kernel-hardening@lists.openwall.com
Subject: Re: [kernel-hardening] [PATCH v5 1/4] gcc-plugins: Add the initify gcc plugin
Date: Mon, 27 Mar 2017 18:38:20 +1100 [thread overview]
Message-ID: <851a0c99-db08-c3a8-f5c6-2e567971e2eb@au1.ibm.com> (raw)
In-Reply-To: <1485894263-91051-2-git-send-email-keescook@chromium.org>
On 01/02/17 07:24, Kees Cook wrote:
> From: Emese Revfy <re.emese@gmail.com>
>
> The kernel already has a mechanism to free up code and data memory that
> is only used during kernel or module initialization. This plugin will
> teach the compiler to find more such code and data that can be freed
> after initialization.
Currently checking whether we can wire this up for powerpc without too
many problems...
> diff --git a/arch/x86/lib/Makefile b/arch/x86/lib/Makefile
> index 34a74131a12c..b98b8fdb7aaf 100644
> --- a/arch/x86/lib/Makefile
> +++ b/arch/x86/lib/Makefile
> @@ -29,6 +29,10 @@ lib-$(CONFIG_RANDOMIZE_BASE) += kaslr.o
> obj-y += msr.o msr-reg.o msr-reg-export.o hweight.o
>
> ifeq ($(CONFIG_X86_32),y)
> + CFLAGS_strstr_32.o += $(INITIFY_DISABLE_VERIFIY_NOCAPTURE_FUNCTIONS)
> + CFLAGS_string_32.o += $(INITIFY_DISABLE_VERIFIY_NOCAPTURE_FUNCTIONS)
> + CFLAGS_memcpy_32.o += $(INITIFY_DISABLE_VERIFIY_NOCAPTURE_FUNCTIONS)
s/VERIFIY/VERIFY/g here + Makefile.gcc-plugins?
--
Andrew Donnellan OzLabs, ADL Canberra
andrew.donnellan@au1.ibm.com IBM Australia Limited
next prev parent reply other threads:[~2017-03-27 9:30 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-31 20:24 [PATCH v5 0/4] Introduce the initify gcc plugin Kees Cook
2017-01-31 20:24 ` [kernel-hardening] " Kees Cook
2017-01-31 20:24 ` [PATCH v5 1/4] gcc-plugins: Add " Kees Cook
2017-01-31 20:24 ` [kernel-hardening] " Kees Cook
2017-03-27 7:38 ` Andrew Donnellan [this message]
2017-03-27 16:14 ` Kees Cook
2017-03-27 16:14 ` Kees Cook
2017-03-27 19:31 ` Rasmus Villemoes
2017-03-27 19:31 ` [kernel-hardening] " Rasmus Villemoes
2017-03-27 19:33 ` Kees Cook
2017-03-27 19:33 ` [kernel-hardening] " Kees Cook
2017-03-28 7:49 ` [kernel-hardening] " Arnd Bergmann
2017-03-28 7:49 ` Arnd Bergmann
2017-03-28 19:03 ` Kees Cook
2017-03-28 19:03 ` Kees Cook
2017-03-28 20:31 ` Arnd Bergmann
2017-03-28 20:31 ` Arnd Bergmann
2017-03-28 3:03 ` Andrew Donnellan
2017-03-28 19:00 ` Kees Cook
2017-03-28 19:00 ` Kees Cook
2017-03-29 8:32 ` Arnd Bergmann
2017-03-29 8:32 ` [kernel-hardening] " Arnd Bergmann
2017-03-29 8:56 ` Arnd Bergmann
2017-03-29 8:56 ` [kernel-hardening] " Arnd Bergmann
2017-03-30 11:04 ` Arnd Bergmann
2017-03-30 11:04 ` [kernel-hardening] " Arnd Bergmann
2017-01-31 20:24 ` [PATCH v5 2/4] util: Move type casts into is_kernel_rodata Kees Cook
2017-01-31 20:24 ` [kernel-hardening] " Kees Cook
2017-01-31 20:24 ` [PATCH v5 3/4] initify: Mark functions with the __nocapture attribute Kees Cook
2017-01-31 20:24 ` [kernel-hardening] " Kees Cook
2017-01-31 20:24 ` [PATCH v5 4/4] initify: Mark functions with the __unverified_nocapture attribute Kees Cook
2017-01-31 20:24 ` [kernel-hardening] " Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=851a0c99-db08-c3a8-f5c6-2e567971e2eb@au1.ibm.com \
--to=andrew.donnellan@au1.ibm.com \
--cc=akpm@linux-foundation.org \
--cc=arnd@arndb.de \
--cc=benh@kernel.crashing.org \
--cc=catalin.marinas@arm.com \
--cc=david.brown@linaro.org \
--cc=jlayton@poochiereds.net \
--cc=josh@joshtriplett.org \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@armlinux.org.uk \
--cc=linux@rasmusvillemoes.dk \
--cc=minipli@ld-linux.so \
--cc=pageexec@freemail.hu \
--cc=re.emese@gmail.com \
--cc=sam@ravnborg.org \
--cc=tglx@linutronix.de \
--cc=yamada.masahiro@socionext.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.