leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity
afaef01c00
linux/arch/x86
History
Alexander Popov afaef01c00 x86/entry: Add STACKLEAK erasing the kernel stack at the end of syscalls 
The STACKLEAK feature (initially developed by PaX Team) has the following
benefits:

1. Reduces the information that can be revealed through kernel stack leak
   bugs. The idea of erasing the thread stack at the end of syscalls is
   similar to CONFIG_PAGE_POISONING and memzero_explicit() in kernel
   crypto, which all comply with FDP_RIP.2 (Full Residual Information
   Protection) of the Common Criteria standard.

2. Blocks some uninitialized stack variable attacks (e.g. CVE-2017-17712,
   CVE-2010-2963). That kind of bugs should be killed by improving C
   compilers in future, which might take a long time.

This commit introduces the code filling the used part of the kernel
stack with a poison value before returning to userspace. Full
STACKLEAK feature also contains the gcc plugin which comes in a
separate commit.

The STACKLEAK feature is ported from grsecurity/PaX. More information at:
  https://grsecurity.net/
  https://pax.grsecurity.net/

This code is modified from Brad Spengler/PaX Team's code in the last
public patch of grsecurity/PaX based on our understanding of the code.
Changes or omissions from the original code are ours and don't reflect
the original grsecurity/PaX code.

Performance impact:

Hardware: Intel Core i7-4770, 16 GB RAM

Test #1: building the Linux kernel on a single core
        0.91% slowdown

Test #2: hackbench -s 4096 -l 2000 -g 15 -f 25 -P
        4.2% slowdown

So the STACKLEAK description in Kconfig includes: "The tradeoff is the
performance impact: on a single CPU system kernel compilation sees a 1%
slowdown, other systems and workloads may vary and you are advised to
test this feature on your expected workload before deploying it".

Signed-off-by: Alexander Popov <alex.popov@linux.com>
Acked-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Dave Hansen <dave.hansen@linux.intel.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
2018-09-04 10:35:47 -07:00
..
boot Kbuild updates for v4.19 (2nd) 2018-08-25 13:40:38 -07:00
configs
crypto Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2018-08-29 13:38:39 -07:00
entry x86/entry: Add STACKLEAK erasing the kernel stack at the end of syscalls 2018-09-04 10:35:47 -07:00
events x86/nmi: Fix NMI uaccess race against CR3 switching 2018-08-31 17:08:22 +02:00
hyperv x86/mm: Only use tlb_remove_table() for paravirt 2018-08-23 11:56:31 -07:00
ia32 syscalls/x86: auto-create compat_sys_*() prototypes 2018-04-02 20:16:18 +02:00
include Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-09-02 10:11:30 -07:00
kernel x86/dumpstack: Don't dump kernel memory based on usermode RIP 2018-08-31 17:08:22 +02:00
kvm Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-08-26 10:13:21 -07:00
lib x86/nmi: Fix NMI uaccess race against CR3 switching 2018-08-31 17:08:22 +02:00
math-emu
mm x86/pti: Fix section mismatch warning/error 2018-09-02 11:24:41 +02:00
net bpf, x32: Fix regression caused by commit 24dea04767 2018-07-26 02:51:12 +02:00
oprofile x86/oprofile: Fix bogus GCC-8 warning in nmi_setup() 2018-02-21 09:54:17 +01:00
pci PCI: Make early dump functionality generic 2018-06-29 20:06:07 -05:00
platform x86/efi: Load fixmap GDT in efi_call_phys_epilog() 2018-08-31 17:45:54 +02:00
power Power management updates for 4.19-rc1 2018-08-14 13:12:24 -07:00
purgatory kbuild: move bin2c back to scripts/ from scripts/basic/ 2018-07-18 01:18:05 +09:00
ras
realmode x86-64/realmode: Add instruction suffix 2018-02-20 09:33:41 +01:00
tools x86/relocs: Add __end_rodata_aligned to S_REL 2018-08-09 20:42:07 +02:00
um Consolidation of Kconfig files by Christoph Hellwig. 2018-08-15 13:05:12 -07:00
video
xen xen: fixes for 4.19-rc2 2018-08-31 08:45:16 -07:00
.gitignore
Kbuild
Kconfig x86/entry: Add STACKLEAK erasing the kernel stack at the end of syscalls 2018-09-04 10:35:47 -07:00
Kconfig.cpu Merge branch 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-03-25 07:36:02 -10:00
Kconfig.debug Kconfig: consolidate the "Kernel hacking" menu 2018-08-02 08:06:48 +09:00
Makefile x86: Allow generating user-space headers without a compiler 2018-08-31 17:08:22 +02:00
Makefile_32.cpu
Makefile.um kbuild: rename LDFLAGS to KBUILD_LDFLAGS 2018-08-24 08:22:08 +09:00