9
[PATCH v15 0/7] Introduce the STACKLEAK feature and a test for it
source link: https://marc.info/?l=kernel-hardening&m=153445789810476
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
'[PATCH v15 0/7] Introduce the STACKLEAK feature and a test for it'
[prev in list] [next in list] [prev in thread] [next in thread] List: kernel-hardening Subject: [PATCH v15 0/7] Introduce the STACKLEAK feature and a test for it From: Alexander Popov <alex.popov () linux ! com> Date: 2018-08-16 22:16:57 Message-ID: 1534457824-7211-1-git-send-email-alex.popov () linux ! com [Download RAW message or body] This is the 15th version of the patch series introducing STACKLEAK to the mainline kernel for x86. This version comes with changes according to the feedback from Linus Torvalds: 1. BUG_ON() in stackleak_erase() is safely eliminated; 2. Stack Clash detection (alloca() check) is completely dropped, since global '-Wvla' should arrive soon (https://patchwork.kernel.org/patch/10489873). stackleak_check_alloca() for arm64 is dropped as well in a separate commit. This version is rebased onto Linus' tree. Previous version discussion: https://lore.kernel.org/lkml/20180813214328.GA15137@beast/T/#u Motivation ========== STACKLEAK (initially developed by PaX Team): 1. reduces the information that can be revealed through kernel stack leak bugs. The idea of erasing the thread stack at the end of syscalls is similar to CONFIG_PAGE_POISONING and memzero_explicit() in kernel crypto, which all comply with FDP_RIP.2 (Full Residual Information Protection) of the Common Criteria standard. 2. blocks some uninitialized stack variable attacks (e.g. CVE-2017-17712, CVE-2010-2963). That kind of bugs should be killed by improving C compilers in future, which might take a long time. Performance impact ================== Hardware: Intel Core i7-4770, 16 GB RAM Test #1: building the Linux kernel on a single core 0.91% slowdown Test #2: hackbench -s 4096 -l 2000 -g 15 -f 25 -P 4.2% slowdown So the STACKLEAK description in Kconfig includes: "The tradeoff is the performance impact: on a single CPU system kernel compilation sees a 1% slowdown, other systems and workloads may vary and you are advised to test this feature on your expected workload before deploying it". Alexander Popov (7): x86/entry: Add STACKLEAK erasing the kernel stack at the end of syscalls gcc-plugins: Add STACKLEAK plugin for tracking the kernel stack lkdtm: Add a test for STACKLEAK fs/proc: Show STACKLEAK metrics in the /proc file system doc: self-protection: Add information about STACKLEAK feature stackleak: Allow runtime disabling of kernel stack erasing arm64: Drop unneeded stackleak_check_alloca() Documentation/security/self-protection.rst | 10 +- Documentation/sysctl/kernel.txt | 18 ++ Documentation/x86/x86_64/mm.txt | 2 + arch/Kconfig | 7 + arch/arm64/kernel/process.c | 22 -- arch/x86/Kconfig | 1 + arch/x86/entry/calling.h | 14 + arch/x86/entry/entry_32.S | 7 + arch/x86/entry/entry_64.S | 3 + arch/x86/entry/entry_64_compat.S | 5 + drivers/misc/lkdtm/Makefile | 2 + drivers/misc/lkdtm/core.c | 1 + drivers/misc/lkdtm/lkdtm.h | 3 + drivers/misc/lkdtm/stackleak.c | 73 +++++ fs/proc/base.c | 18 ++ include/linux/sched.h | 5 + include/linux/stackleak.h | 35 +++ kernel/Makefile | 4 + kernel/fork.c | 3 + kernel/stackleak.c | 132 +++++++++ kernel/sysctl.c | 15 +- scripts/Makefile.gcc-plugins | 10 + scripts/gcc-plugins/Kconfig | 51 ++++ scripts/gcc-plugins/stackleak_plugin.c | 427 +++++++++++++++++++++++++++++ 24 files changed, 840 insertions(+), 28 deletions(-) create mode 100644 drivers/misc/lkdtm/stackleak.c create mode 100644 include/linux/stackleak.h create mode 100644 kernel/stackleak.c create mode 100644 scripts/gcc-plugins/stackleak_plugin.c -- 2.7.4 [prev in list] [next in list] [prev in thread] [next in thread]
About | News | Add a list | Sponsored by KoreLogic
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK