1
linux/arch/arm/boot/compressed
Jinjie Ruan 2335c9cb83 ARM: 9407/1: Add support for STACKLEAK gcc plugin
Add the STACKLEAK gcc plugin to arm32 by adding the helper used by
stackleak common code: on_thread_stack(). It initialize the stack with the
poison value before returning from system calls which improves the kernel
security. Additionally, this disables the plugin in EFI stub code and
decompress code, which are out of scope for the protection.

Before the test on Qemu versatilepb board:
	# echo STACKLEAK_ERASING  > /sys/kernel/debug/provoke-crash/DIRECT
	lkdtm: Performing direct entry STACKLEAK_ERASING
	lkdtm: XFAIL: stackleak is not supported on this arch (HAVE_ARCH_STACKLEAK=n)

After:
	# echo STACKLEAK_ERASING  > /sys/kernel/debug/provoke-crash/DIRECT
	lkdtm: Performing direct entry STACKLEAK_ERASING
	lkdtm: stackleak stack usage:
	  high offset: 80 bytes
	  current:     280 bytes
	  lowest:      696 bytes
	  tracked:     696 bytes
	  untracked:   192 bytes
	  poisoned:    7220 bytes
	  low offset:  4 bytes
	lkdtm: OK: the rest of the thread stack is properly erased

Signed-off-by: Jinjie Ruan <ruanjinjie@huawei.com>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk>
2024-07-02 09:18:43 +01:00
..
.gitignore ARM: 9154/1: decompressor: do not copy source files while building 2021-12-17 11:34:30 +00:00
ashldi3.S ARM: 9154/1: decompressor: do not copy source files while building 2021-12-17 11:34:30 +00:00
atags_to_fdt.c ARM: 9311/1: decompressor: move function prototypes to misc.h 2023-06-19 09:35:57 +01:00
big-endian.S
bswapsdi2.S ARM: 9154/1: decompressor: do not copy source files while building 2021-12-17 11:34:30 +00:00
debug.S
decompress.c ARM: dyndbg: allow including dyndbg.h in decompressor 2023-03-10 10:28:29 -08:00
efi-header.S ARM: 9159/1: decompressor: Avoid UNPREDICTABLE NOP encoding 2021-12-17 11:34:32 +00:00
fdt_check_mem_start.c ARM: 9311/1: decompressor: move function prototypes to misc.h 2023-06-19 09:35:57 +01:00
fdt_ro.c
fdt_rw.c ARM: 8969/1: decompressor: simplify libfdt builds 2020-04-29 13:28:59 +01:00
fdt_wip.c
fdt.c ARM: 8969/1: decompressor: simplify libfdt builds 2020-04-29 13:28:59 +01:00
font.c ARM: 9154/1: decompressor: do not copy source files while building 2021-12-17 11:34:30 +00:00
head-sa1100.S ARM: sa1100: remove unused board files 2023-01-12 10:53:12 +01:00
head-sharpsl.S License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
head-xscale.S License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
head.S ARM: remove check for CONFIG_DEBUG_LL_SER3 2022-09-28 22:39:21 +02:00
hyp-stub.S ARM: 9154/1: decompressor: do not copy source files while building 2021-12-17 11:34:30 +00:00
lib1funcs.S ARM: 9154/1: decompressor: do not copy source files while building 2021-12-17 11:34:30 +00:00
ll_char_wr.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
Makefile ARM: 9407/1: Add support for STACKLEAK gcc plugin 2024-07-02 09:18:43 +01:00
misc-ep93xx.h ARM: ep93xx: remove old board files 2023-01-10 23:10:27 +01:00
misc.c fortify: Improve buffer overflow reporting 2024-02-29 13:38:02 -08:00
misc.h fortify: Improve buffer overflow reporting 2024-02-29 13:38:02 -08:00
piggy.S
string.c lib/string: Move helper functions out of string.c 2021-09-25 08:20:49 -07:00
vmlinux.lds.S ARM: 9404/1: arm32: enable HAVE_LD_DEAD_CODE_DATA_ELIMINATION 2024-06-10 12:01:33 +01:00