Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-27 22:51:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
2d6bb6adb7
linux/scripts
History
Linus Torvalds 2d6bb6adb7 New gcc plugin: stackleak 
- Introduces the stackleak gcc plugin ported from grsecurity by Alexander
   Popov, with x86 and arm64 support.
 -----BEGIN PGP SIGNATURE-----
 Comment: Kees Cook <kees@outflux.net>
 
 iQJKBAABCgA0FiEEpcP2jyKd1g9yPm4TiXL039xtwCYFAlvQvn4WHGtlZXNjb29r
 QGNocm9taXVtLm9yZwAKCRCJcvTf3G3AJpSfD/sErFreuPT1beSw994Lr9Zx4k9v
 ERsuXxWBENaJOJXbOOHMfVEcEeG/1uhPSp7hlw/dpHfh0anATTrcYqm8RNKbfK+k
 o06+JK14OJfpm5Ghq/7OizhdNLCMT8wMU3XZtWfy65VSJGjEFx8Y48vMeQtpWtUK
 ylSzi9JV6j2iUBF9oibtiT53+yqsqAtX80X1G7HRCgv9kxuKMhZr+Q5oGV6+ViyQ
 Azj8mNn06iRnhHKd17WxDJr0GjSibzz4weS/9XgP3t3EcNWJo1EgBlD2KV3tOfP5
 nzmqfqTqrcjxs/tyjdh6vVCSlYucNtyCQGn63qyShQYSg6mZwclR2fY8YSTw6PWw
 GfYWFOWru9z+qyQmwFkQ9bSQS2R+JIT0oBCj9VmtF9XmPCy7K2neJsQclzSPBiCW
 wPgXVQS4IA4684O5CmDOVMwmDpGvhdBNUR6cqSzGLxQOHY1csyXubMNUsqU3g9xk
 Ob4pEy/xrrIw4WpwHcLHSEW5gV1/OLhsT0fGRJJiC947L3cN5s9EZp7FLbIS0zlk
 qzaXUcLmn6AgcfkYwg5cI3RMLaN2V0eDCMVTWZJ1wbrmUV9chAaOnTPTjNqLOTht
 v3b1TTxXG4iCpMmOFf59F8pqgAwbBDlfyNSbySZ/Pq5QH69udz3Z9pIUlYQnSJHk
 u6q++2ReDpJXF81rBw==
 =Ks6B
 -----END PGP SIGNATURE-----

Merge tag 'stackleak-v4.20-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Pull stackleak gcc plugin from Kees Cook:
 "Please pull this new GCC plugin, stackleak, for v4.20-rc1. This plugin
  was ported from grsecurity by Alexander Popov. It provides efficient
  stack content poisoning at syscall exit. This creates a defense
  against at least two classes of flaws:

   - Uninitialized stack usage. (We continue to work on improving the
     compiler to do this in other ways: e.g. unconditional zero init was
     proposed to GCC and Clang, and more plugin work has started too).

   - Stack content exposure. By greatly reducing the lifetime of valid
     stack contents, exposures via either direct read bugs or unknown
     cache side-channels become much more difficult to exploit. This
     complements the existing buddy and heap poisoning options, but
     provides the coverage for stacks.

  The x86 hooks are included in this series (which have been reviewed by
  Ingo, Dave Hansen, and Thomas Gleixner). The arm64 hooks have already
  been merged through the arm64 tree (written by Laura Abbott and
  reviewed by Mark Rutland and Will Deacon).

  With VLAs having been removed this release, there is no need for
  alloca() protection, so it has been removed from the plugin"

* tag 'stackleak-v4.20-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
  arm64: Drop unneeded stackleak_check_alloca()
  stackleak: Allow runtime disabling of kernel stack erasing
  doc: self-protection: Add information about STACKLEAK feature
  fs/proc: Show STACKLEAK metrics in the /proc file system
  lkdtm: Add a test for STACKLEAK
  gcc-plugins: Add STACKLEAK plugin for tracking the kernel stack
  x86/entry: Add STACKLEAK erasing the kernel stack at the end of syscalls
2018-11-01 11:46:27 -07:00
..
basic kbuild: move bin2c back to scripts/ from scripts/basic/ 2018-07-18 01:18:05 +09:00
coccinelle Coccinelle: remove pci_alloc_consistent semantic to detect in zalloc-simple.cocci 2018-08-22 23:21:43 +09:00
dtc Merge branch 'all-dtbs' into dt/next 2018-10-04 14:16:15 -05:00
gcc-plugins stackleak: Allow runtime disabling of kernel stack erasing 2018-09-04 10:35:48 -07:00
gdb scripts/gdb/linux/tasks.py: fix get_thread_info 2018-01-19 10:09:41 -08:00
genksyms genksyms: remove symbol prefix support 2018-05-17 22:43:35 +09:00
kconfig kconfig: do not require pkg-config on make {menu,n}config 2018-09-03 02:13:48 +09:00
ksymoops Fix dead URLs to ftp.kernel.org 2017-03-28 16:16:52 +02:00
mod Kbuild updates for v4.20 2018-10-28 13:22:35 -07:00
package builddeb: Add automatic support for sh{3,4}{,eb} architectures 2018-07-28 10:53:44 +09:00
selinux staging: lustre: delete the filesystem from the tree. 2018-06-05 19:22:35 +02:00
tracing scripts: Add Python 3 support to tracing/draw_functrace.py 2018-07-29 11:08:38 +09:00
.gitignore kbuild: move bin2c back to scripts/ from scripts/basic/ 2018-07-18 01:18:05 +09:00
adjust_autoksyms.sh kbuild: remove CONFIG_HAVE_UNDERSCORE_SYMBOL_PREFIX 2018-05-17 22:44:57 +09:00
asn1_compiler.c ASN.1: Remove unnecessary shadowed local variable 2018-10-29 00:19:41 +09:00
bin2c.c kbuild: move bin2c back to scripts/ from scripts/basic/ 2018-07-18 01:18:05 +09:00
bloat-o-meter syscalls/core, syscalls/x86: Clean up compat syscall stub naming convention 2018-04-09 16:47:28 +02:00
bootgraph.pl scripts: Switch to more portable Perl shebang 2017-05-14 11:20:44 +09:00
bpf_helpers_doc.py bpf: change eBPF helper doc parsing script to allow for smaller indent 2018-05-17 17:34:43 +02:00
cc-can-link.sh bpfilter: check compiler capability in Kconfig 2018-06-28 13:36:39 +09:00
check_extable.sh License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
checkincludes.pl License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
checkkconfigsymbols.py checkkconfigsymbols.py: support Kconfig's 'imply' statement 2017-02-03 11:49:06 +01:00
checkpatch.pl checkpatch: remove GCC_BINARY_CONSTANT warning 2018-10-31 08:54:13 -07:00
checkstack.pl scripts: Add ppc64le support for checkstack.pl 2018-07-02 23:54:28 +10:00
checksyscalls.sh License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
checkversion.pl License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
clang-version.sh kbuild: Add a space after ! to prevent parsing as file pattern 2018-08-22 23:21:40 +09:00
cleanfile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
cleanpatch License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
coccicheck coccicheck: return proper error code on fail 2018-08-14 08:58:56 +09:00
config License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
conmakehash.c
const_structs.checkpatch
decode_stacktrace.sh License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
decodecode scripts/decodecode: make it take multiline Code line 2018-01-31 17:18:34 -08:00
depmod.sh kbuild: modules_install: warn when missing System.map file 2018-09-09 09:14:07 +09:00
diffconfig License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
documentation-file-ref-check scripts/documentation-file-ref-check: ignore sched-pelt false positive 2018-07-02 11:25:00 -06:00
export_report.pl scripts: Switch to more portable Perl shebang 2017-05-14 11:20:44 +09:00
extract_xc3028.pl MAINTAINERS & files: Canonize the e-mails I use at files 2018-05-04 06:21:06 -04:00
extract-cert.c
extract-ikconfig
extract-module-sig.pl License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
extract-sys-certs.pl License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
extract-vmlinux extract-vmlinux: Check for uncompressed image as fallback 2018-10-17 08:18:01 +02:00
faddr2line scripts/faddr2line: make the new code listing format optional 2018-06-05 09:04:37 -07:00
file-size.sh kbuild: Use ls(1) instead of stat(1) to obtain file size 2018-03-26 02:01:24 +09:00
find-unused-docs.sh scripts: Add a script to find unused documentation 2017-10-23 08:01:37 -06:00
gcc-goto.sh License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
gcc-ld License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
gcc-plugin.sh License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
gcc-version.sh License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
gcc-x86_32-has-stack-protector.sh stack-protector: test compiler capability in Kconfig and drop AUTO mode 2018-06-08 18:56:00 +09:00
gcc-x86_64-has-stack-protector.sh stack-protector: Fix test with 32-bit userland and CONFIG_64BIT=y 2018-06-25 23:21:13 +09:00
get_dvb_firmware scripts: Switch to more portable Perl shebang 2017-05-14 11:20:44 +09:00
get_maintainer.pl get_maintainer: allow option --mpath <directory> to read all files in <directory> 2018-08-22 10:52:48 -07:00
gfp-translate
headerdep.pl License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
headers_check.pl License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
headers_install.sh kbuild: Improve portability of some sed invocations 2018-03-26 02:01:18 +09:00
headers.sh License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
insert-sys-cert.c
kallsyms.c kallsyms: remove left-over Blackfin code 2018-09-10 22:54:33 +09:00
Kbuild.include Kbuild updates for v4.20 2018-10-28 13:22:35 -07:00
Kconfig.include gcc-plugins: test plugin support in Kconfig and clean up Makefile 2018-06-11 09:16:22 +09:00
kernel-doc kernel-doc: fix declaration type determination 2018-10-18 12:20:35 -06:00
ld-version.sh License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
leaking_addresses.pl leaking_addresses: check if file name contains address 2018-04-07 08:50:34 +10:00
Lindent License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
link-vmlinux.sh kbuild: rename LDFLAGS to KBUILD_LDFLAGS 2018-08-24 08:22:08 +09:00
Makefile kbuild: consolidate Devicetree dtb build rules 2018-10-02 09:23:21 -05:00
Makefile.asm-generic Kbuild updates for v4.15 2017-11-17 17:45:29 -08:00
Makefile.build Kbuild updates for v4.20 2018-10-28 13:22:35 -07:00
Makefile.clean kbuild: remove deprecated host-progs variable 2018-08-09 21:51:17 +09:00
Makefile.dtbinst DeviceTree for 4.15: 2017-11-14 18:25:40 -08:00
Makefile.extrawarn Makefile: Globally enable VLA warning 2018-10-11 08:17:50 -07:00
Makefile.gcc-plugins gcc-plugins: Add STACKLEAK plugin for tracking the kernel stack 2018-09-04 10:35:47 -07:00
Makefile.headersinst Kbuild updates for v4.15 2017-11-17 17:45:29 -08:00
Makefile.host kbuild: Rename HOST_LOADLIBES to KBUILD_HOSTLDLIBS 2018-07-18 01:18:05 +09:00
Makefile.kasan kasan: rework Kconfig settings 2018-02-06 18:32:47 -08:00
Makefile.kcov kcov: test compiler capability in Kconfig and correct dependency 2018-06-11 09:14:08 +09:00
Makefile.lib kbuild: consolidate Devicetree dtb build rules 2018-10-02 09:23:21 -05:00
Makefile.modbuiltin Kbuild: Makefile.modbuiltin: include auto.conf and tristate.conf mandatory 2018-08-03 00:47:00 +09:00
Makefile.modinst kbuild: remove duplicated comments about PHONY 2018-07-06 22:04:03 +09:00
Makefile.modpost kbuild: rename LDFLAGS to KBUILD_LDFLAGS 2018-08-24 08:22:08 +09:00
Makefile.modsign kbuild: remove duplicated comments about PHONY 2018-07-06 22:04:03 +09:00
Makefile.ubsan lib/ubsan: remove null-pointer checks 2018-08-10 20:19:58 -07:00
makelst License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
markup_oops.pl scripts: Switch to more portable Perl shebang 2017-05-14 11:20:44 +09:00
mkcompile_h Kbuild updates for v4.15 2017-11-17 17:45:29 -08:00
mkmakefile kbuild: simplify command line creation in scripts/mkmakefile 2018-10-04 22:56:02 +09:00
mksysmap
mkuboot.sh License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
module-common.lds module: set .init_array alignment to 8 2017-03-13 09:40:28 -07:00
namespace.pl kbuild: rename built-in.o to built-in.a 2018-03-26 02:01:19 +09:00
objdiff scripts: objdiff: Ignore debug info when comparing 2017-03-11 11:13:38 +09:00
parse-maintainers.pl parse-maintainers: add ability to specify filenames 2017-11-17 16:10:01 -08:00
patch-kernel License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
pnmtologo.c
profile2linkerlist.pl License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
prune-kernel License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
recordmcount.c scripts: Fixed printf format mismatch 2018-05-29 22:04:12 +09:00
recordmcount.h scripts: Fixed printf format mismatch 2018-05-29 22:04:12 +09:00
recordmcount.pl nds32/ftrace: Add RECORD_MCOUNT support 2018-09-04 14:45:18 +08:00
setlocalversion scripts/setlocalversion: git: Make -dirty check more robust 2018-09-01 01:21:42 +09:00
show_delta
sign-file.c sign-file: fix build error in sign-file.c with libressl 2017-02-10 12:43:47 +11:00
sortextable.c powerpc: Build-time sort the exception table 2016-11-14 11:11:51 +11:00
sortextable.h
spdxcheck.py scripts: add Python 3 compatibility to spdxcheck.py 2018-08-17 16:20:27 -07:00
spelling.txt treewide: correct "differenciate" and "instanciate" typos 2018-08-23 18:48:43 -07:00
sphinx-pre-install docs-rst: don't require adjustbox anymore 2017-09-08 10:02:55 -06:00
split-man.pl MAINTAINERS & files: Canonize the e-mails I use at files 2018-05-04 06:21:06 -04:00
stackdelta License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
stackusage License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
subarch.include selftests: add headers_install to lib.mk 2018-09-05 08:12:09 -06:00
tags.sh scripts/tags.sh: add DECLARE_HASHTABLE() 2018-10-26 16:25:18 -07:00
unifdef.c
ver_linux ver_linux: Do not check for ver_linux pattern in version function 2018-07-07 17:44:52 +02:00
xen-hypercalls.sh License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xz_wrap.sh