linux/arch/arm64/kernel
Linus Torvalds 2d6bb6adb7 New gcc plugin: stackleak
- Introduces the stackleak gcc plugin ported from grsecurity by Alexander
   Popov, with x86 and arm64 support.
 -----BEGIN PGP SIGNATURE-----
 Comment: Kees Cook <kees@outflux.net>
 
 iQJKBAABCgA0FiEEpcP2jyKd1g9yPm4TiXL039xtwCYFAlvQvn4WHGtlZXNjb29r
 QGNocm9taXVtLm9yZwAKCRCJcvTf3G3AJpSfD/sErFreuPT1beSw994Lr9Zx4k9v
 ERsuXxWBENaJOJXbOOHMfVEcEeG/1uhPSp7hlw/dpHfh0anATTrcYqm8RNKbfK+k
 o06+JK14OJfpm5Ghq/7OizhdNLCMT8wMU3XZtWfy65VSJGjEFx8Y48vMeQtpWtUK
 ylSzi9JV6j2iUBF9oibtiT53+yqsqAtX80X1G7HRCgv9kxuKMhZr+Q5oGV6+ViyQ
 Azj8mNn06iRnhHKd17WxDJr0GjSibzz4weS/9XgP3t3EcNWJo1EgBlD2KV3tOfP5
 nzmqfqTqrcjxs/tyjdh6vVCSlYucNtyCQGn63qyShQYSg6mZwclR2fY8YSTw6PWw
 GfYWFOWru9z+qyQmwFkQ9bSQS2R+JIT0oBCj9VmtF9XmPCy7K2neJsQclzSPBiCW
 wPgXVQS4IA4684O5CmDOVMwmDpGvhdBNUR6cqSzGLxQOHY1csyXubMNUsqU3g9xk
 Ob4pEy/xrrIw4WpwHcLHSEW5gV1/OLhsT0fGRJJiC947L3cN5s9EZp7FLbIS0zlk
 qzaXUcLmn6AgcfkYwg5cI3RMLaN2V0eDCMVTWZJ1wbrmUV9chAaOnTPTjNqLOTht
 v3b1TTxXG4iCpMmOFf59F8pqgAwbBDlfyNSbySZ/Pq5QH69udz3Z9pIUlYQnSJHk
 u6q++2ReDpJXF81rBw==
 =Ks6B
 -----END PGP SIGNATURE-----

Merge tag 'stackleak-v4.20-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Pull stackleak gcc plugin from Kees Cook:
 "Please pull this new GCC plugin, stackleak, for v4.20-rc1. This plugin
  was ported from grsecurity by Alexander Popov. It provides efficient
  stack content poisoning at syscall exit. This creates a defense
  against at least two classes of flaws:

   - Uninitialized stack usage. (We continue to work on improving the
     compiler to do this in other ways: e.g. unconditional zero init was
     proposed to GCC and Clang, and more plugin work has started too).

   - Stack content exposure. By greatly reducing the lifetime of valid
     stack contents, exposures via either direct read bugs or unknown
     cache side-channels become much more difficult to exploit. This
     complements the existing buddy and heap poisoning options, but
     provides the coverage for stacks.

  The x86 hooks are included in this series (which have been reviewed by
  Ingo, Dave Hansen, and Thomas Gleixner). The arm64 hooks have already
  been merged through the arm64 tree (written by Laura Abbott and
  reviewed by Mark Rutland and Will Deacon).

  With VLAs having been removed this release, there is no need for
  alloca() protection, so it has been removed from the plugin"

* tag 'stackleak-v4.20-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
  arm64: Drop unneeded stackleak_check_alloca()
  stackleak: Allow runtime disabling of kernel stack erasing
  doc: self-protection: Add information about STACKLEAK feature
  fs/proc: Show STACKLEAK metrics in the /proc file system
  lkdtm: Add a test for STACKLEAK
  gcc-plugins: Add STACKLEAK plugin for tracking the kernel stack
  x86/entry: Add STACKLEAK erasing the kernel stack at the end of syscalls
2018-11-01 11:46:27 -07:00
..
probes arm64/kprobes: remove an extra semicolon in arch_prepare_kprobe 2018-10-01 14:36:49 +01:00
vdso arm64: Add build salt to the vDSO 2018-07-18 01:18:05 +09:00
.gitignore
acpi_numa.c mm: remove include/linux/bootmem.h 2018-10-31 08:54:16 -07:00
acpi_parking_protocol.c
acpi.c mm: remove include/linux/bootmem.h 2018-10-31 08:54:16 -07:00
alternative.c arm64: alternative: Use true and false for boolean values 2018-08-08 11:20:54 +01:00
arm64ksyms.c arm64: lib: use C string functions with KASAN enabled 2018-10-26 16:25:18 -07:00
armv8_deprecated.c arm64: kill config_sctlr_el1() 2018-07-12 14:40:38 +01:00
asm-offsets.c arm64: KVM: Handle guest's ARCH_WORKAROUND_2 requests 2018-05-31 18:00:57 +01:00
cacheinfo.c arm64: Add support for ACPI based firmware tables 2018-05-17 17:28:09 +01:00
cpu_errata.c arm64: KVM: Guests can skip __install_bp_hardening_cb()s HYP work 2018-10-19 15:37:25 +01:00
cpu_ops.c arm64: cpu_ops: Add missing 'const' qualifiers 2017-12-01 13:05:08 +00:00
cpu-reset.h arm64: kexec: always reset to EL2 if present 2018-07-04 18:34:24 +01:00
cpu-reset.S arm64: idmap: Use "awx" flags for .idmap.text .pushsection directives 2018-02-06 22:53:27 +00:00
cpufeature.c arm64: cpufeature: Fix handling of CTR_EL0.IDC field 2018-10-16 11:53:31 +01:00
cpuidle.c ARM64 / cpuidle: Use new cpuidle macro for entering retention state 2018-01-02 13:50:34 +00:00
cpuinfo.c arm64: cpufeature: Fix handling of CTR_EL0.IDC field 2018-10-16 11:53:31 +01:00
crash_core.c arm64: kernel: arch_crash_save_vmcoreinfo() should depend on CONFIG_CRASH_CORE 2018-09-11 11:08:49 +01:00
crash_dump.c
debug-monitors.c signal/arm64: Add and use arm64_force_sig_fault where appropriate 2018-09-27 21:54:43 +02:00
efi-entry.S arm64: Add software workaround for Falkor erratum 1041 2018-02-06 22:53:13 +00:00
efi-header.S
efi-rt-wrapper.S efi/arm64: Check whether x18 is preserved by runtime services calls 2018-03-09 08:58:22 +01:00
efi.c efi/arm64: Check whether x18 is preserved by runtime services calls 2018-03-09 08:58:22 +01:00
entry-fpsimd.S arm64/sve: Write ZCR_EL1 on context switch only if changed 2018-05-17 18:19:53 +01:00
entry-ftrace.S arm64: Fix static use of function graph 2017-11-03 12:05:23 +00:00
entry.S arm64: Trap WFI executed in userspace 2018-10-01 16:52:24 +01:00
fpsimd.c signal/arm64: Use send_sig_fault where appropriate 2018-09-27 21:55:23 +02:00
ftrace.c arm64: ftrace: emit ftrace-mod.o contents through code 2017-12-01 13:04:59 +00:00
head.S arm64/mm: move runtime pgds to rodata 2018-09-25 15:10:55 +01:00
hibernate-asm.S arm64: assembler: Change order of macro arguments in phys_to_ttbr 2018-02-06 22:53:21 +00:00
hibernate.c arm64: ssbd: Restore mitigation status on CPU resume 2018-05-31 17:35:19 +01:00
hw_breakpoint.c perf/arch/arm64: Implement hw_breakpoint_arch_parse() 2018-06-26 09:07:56 +02:00
hyp-stub.S
image.h arm64/efi: Make strrchr() available to the EFI namespace 2018-03-05 13:45:38 -06:00
insn.c arm64: insn: Don't fallback on nosync path for general insn patching 2018-07-05 17:24:48 +01:00
io.c arm64: Avoid aligning normal memory pointers in __memcpy_{to,from}io 2017-10-24 16:23:07 +01:00
irq.c arm64: Use the new GENERIC_IRQ_MULTI_HANDLER 2018-08-03 12:14:09 +02:00
jump_label.c arm64/kernel: jump_label: Switch to relative references 2018-09-27 17:56:47 +02:00
kaslr.c arm64/kernel: kaslr: reduce module randomization range to 4 GB 2018-03-08 13:49:26 +00:00
kgdb.c arm64/debug: Fix registers on sleeping tasks 2018-03-06 18:52:34 +00:00
kuser32.S
machine_kexec.c arm64: kernel: arch_crash_save_vmcoreinfo() should depend on CONFIG_CRASH_CORE 2018-09-11 11:08:49 +01:00
Makefile arm64: kernel: arch_crash_save_vmcoreinfo() should depend on CONFIG_CRASH_CORE 2018-09-11 11:08:49 +01:00
module-plts.c arm64/kernel: rename module_emit_adrp_veneer->module_emit_veneer_for_adrp 2018-04-24 19:07:35 +01:00
module.c arm64: Avoid flush_icache_range() in alternatives patching code 2018-06-27 18:21:53 +01:00
module.lds arm64: ftrace: emit ftrace-mod.o contents through code 2017-12-01 13:04:59 +00:00
paravirt.c x86/paravirt: Use a single ops structure 2018-09-03 16:50:35 +02:00
pci.c arm64: PCI: Remove node-local allocations when initialising host controller 2018-09-17 16:33:23 -05:00
perf_callchain.c
perf_event.c arm64: perf: Reject stand-alone CHAIN events for PMUv3 2018-10-12 15:25:17 +01:00
perf_regs.c compat: Move compat_timespec/ timeval to compat_time.h 2018-04-19 13:29:54 +02:00
process.c New gcc plugin: stackleak 2018-11-01 11:46:27 -07:00
psci.c arm64: remove unused asm/compiler.h header file 2018-10-01 11:57:04 +01:00
ptrace.c signal/arm64: Add and use arm64_force_sig_ptrace_errno_trap 2018-09-27 21:55:15 +02:00
reloc_test_core.c arm64: fix undefined reference to 'printk' 2018-03-19 18:14:25 +00:00
reloc_test_syms.S arm64: fix undefined reference to 'printk' 2018-03-19 18:14:25 +00:00
relocate_kernel.S arm64: Add software workaround for Falkor erratum 1041 2018-02-06 22:53:13 +00:00
return_address.c
sdei.c arm64: sdei: Mark sdei stack helper functions as static 2018-07-31 12:08:22 +01:00
setup.c memblock: stop using implicit alignment to SMP_CACHE_BYTES 2018-10-31 08:54:16 -07:00
signal32.c arm64: use {COMPAT,}SYSCALL_DEFINE0 for sigreturn 2018-07-12 14:49:48 +01:00
signal.c arm64: use {COMPAT,}SYSCALL_DEFINE0 for sigreturn 2018-07-12 14:49:48 +01:00
sleep.S arm64/mm: Pass ttbr1 as a parameter to __enable_mmu() 2018-09-25 15:10:54 +01:00
smccc-call.S
smp_spin_table.c
smp.c arm64: use for_each_of_cpu_node iterator 2018-09-28 14:25:58 -05:00
ssbd.c arm64: ssbd: Add support for PSTATE.SSBS rather than trapping to EL3 2018-09-14 17:46:19 +01:00
stacktrace.c arm64: Add stack information to on_accessible_stack 2018-07-26 11:36:07 +01:00
suspend.c arm64: mm: Support Common Not Private translations 2018-09-18 12:02:27 +01:00
sys32.c arm64: implement syscall wrappers 2018-07-12 14:49:48 +01:00
sys_compat.c signal/arm64: Push siginfo generation into arm64_notify_die 2018-09-27 21:52:54 +02:00
sys.c arm64: implement syscall wrappers 2018-07-12 14:49:48 +01:00
syscall.c arm64: svc: Ensure hardirq tracing is updated before return 2018-07-30 17:43:39 +01:00
time.c arm64: fix unwind_frame() for filtered out fn for function graph tracing 2018-02-23 13:46:38 +00:00
topology.c arm64: topology: re-introduce numa mask check for scheduler MC selection 2018-07-06 13:18:18 +01:00
trace-events-emulation.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
traps.c Merge branch 'siginfo-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2018-10-24 11:22:39 +01:00
vdso.c
vmlinux.lds.S Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2018-10-24 11:49:35 +01:00