From: Mark Rutland <mark.rutland@arm.com>
To: Kees Cook <keescook@chromium.org>
Cc: kernel-hardening@lists.openwall.com,
PaX Team <pageexec@freemail.hu>, Emese Revfy <re.emese@gmail.com>,
"AKASHI, Takahiro" <takahiro.akashi@linaro.org>,
park jinbum <jinb.park7@gmail.com>,
Daniel Micay <danielmicay@gmail.com>,
linux-kernel@vger.kernel.org, dave.martin@arm.com
Subject: Re: [kernel-hardening] Re: [PATCH] gcc-plugins: Add structleak for more stack initialization
Date: Mon, 16 Jan 2017 12:26:22 +0000 [thread overview]
Message-ID: <20170116122622.GF5908@leverpostej> (raw)
In-Reply-To: <20170116115435.GB5908@leverpostej>
On Mon, Jan 16, 2017 at 11:54:35AM +0000, Mark Rutland wrote:
> Hi,
>
> [adding Dave, so retaining full context below]
>
> On Fri, Jan 13, 2017 at 02:02:56PM -0800, Kees Cook wrote:
> > This plugin detects any structures that contain __user attributes and
> > makes sure it is being fulling initialized so that a specific class of
>
> Nit: s/fulling/fully/
>
> > information exposure is eliminated. (For example, the exposure of siginfo
> > in CVE-2013-2141 would have been blocked by this plugin.)
> >
> > Ported from grsecurity/PaX. This version adds a verbose option to the
> > plugin and the Kconfig.
> >
> > Signed-off-by: Kees Cook <keescook@chromium.org>
> > ---
> > arch/Kconfig | 22 +++
> > include/linux/compiler.h | 6 +-
> > scripts/Makefile.gcc-plugins | 4 +
> > scripts/gcc-plugins/structleak_plugin.c | 246 ++++++++++++++++++++++++++++++++
> > 4 files changed, 277 insertions(+), 1 deletion(-)
> > create mode 100644 scripts/gcc-plugins/structleak_plugin.c
>
> I tried giving this a go, but I got the build failure below:
Looking again, I see that there was another patch to add PASS_INFO() and
other bits that the patch required. Sorry for the noise there.
In the mean time, I cribbed from the latent entropy plugin, and built
with the below applied:
----
diff --git a/scripts/gcc-plugins/structleak_plugin.c b/scripts/gcc-plugins/structleak_plugin.c
index deddb72..1e01763 100644
--- a/scripts/gcc-plugins/structleak_plugin.c
+++ b/scripts/gcc-plugins/structleak_plugin.c
@@ -210,8 +210,12 @@ __visible int plugin_init(struct plugin_name_args *plugin_info, struct plugin_gc
const int argc = plugin_info->argc;
const struct plugin_argument * const argv = plugin_info->argv;
bool enable = true;
-
- PASS_INFO(structleak, "early_optimizations", 1, PASS_POS_INSERT_BEFORE);
+ struct register_pass_info structleak_pass_info = {
+ .pass = make_structleak_pass(),
+ .reference_pass_name = "early_optimizations",
+ .ref_pass_instance_number = 1,
+ .pos_op = PASS_POS_INSERT_BEFORE,
+ };
if (!plugin_default_version_check(version, &gcc_version)) {
error(G_("incompatible gcc/plugin versions"));
----
With verbose mode, I see quite a few initializations, mostly in signal
handling. Something to add to the queue of things to investigate...
Mark.
next prev parent reply other threads:[~2017-01-16 12:27 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-13 22:02 [PATCH] gcc-plugins: Add structleak for more stack initialization Kees Cook
2017-01-13 22:02 ` [kernel-hardening] " Kees Cook
2017-01-14 10:03 ` PaX Team
2017-01-14 10:03 ` [kernel-hardening] " PaX Team
2017-01-16 15:24 ` Mark Rutland
2017-01-16 15:24 ` [kernel-hardening] " Mark Rutland
2017-01-16 19:08 ` Daniel Micay
2017-01-16 19:08 ` [kernel-hardening] " Daniel Micay
2017-01-16 19:30 ` PaX Team
2017-01-16 19:30 ` [kernel-hardening] " PaX Team
2017-01-17 17:48 ` Mark Rutland
2017-01-17 17:48 ` [kernel-hardening] " Mark Rutland
2017-01-17 18:54 ` PaX Team
2017-01-17 18:54 ` [kernel-hardening] " PaX Team
2017-01-18 10:48 ` Mark Rutland
2017-01-18 10:48 ` [kernel-hardening] " Mark Rutland
2017-01-17 17:48 ` Kees Cook
2017-01-17 17:48 ` [kernel-hardening] " Kees Cook
2017-01-16 11:54 ` Mark Rutland
2017-01-16 11:54 ` [kernel-hardening] " Mark Rutland
2017-01-16 12:26 ` Mark Rutland [this message]
2017-01-16 19:22 ` PaX Team
2017-01-16 19:22 ` [kernel-hardening] " PaX Team
2017-01-17 10:42 ` Dave P Martin
2017-01-17 10:42 ` [kernel-hardening] " Dave P Martin
2017-01-17 17:09 ` PaX Team
2017-01-17 18:07 ` Dave P Martin
2017-01-17 18:07 ` [kernel-hardening] " Dave P Martin
2017-01-17 19:25 ` PaX Team
2017-01-17 19:25 ` [kernel-hardening] " PaX Team
2017-01-17 22:04 ` Dave P Martin
2017-01-17 22:04 ` [kernel-hardening] " Dave P Martin
2017-01-17 17:56 ` Kees Cook
2017-01-17 17:56 ` [kernel-hardening] " Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170116122622.GF5908@leverpostej \
--to=mark.rutland@arm.com \
--cc=danielmicay@gmail.com \
--cc=dave.martin@arm.com \
--cc=jinb.park7@gmail.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-kernel@vger.kernel.org \
--cc=pageexec@freemail.hu \
--cc=re.emese@gmail.com \
--cc=takahiro.akashi@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.