From patchwork Wed Jan 23 11:03:46 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 1030048 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=osuosl.org (client-ip=140.211.166.138; helo=whitealder.osuosl.org; envelope-from=intel-wired-lan-bounces@osuosl.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=chromium.org Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.b="Wr6sF2dn"; dkim-atps=neutral Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 43l9mY4z5zz9s3l for ; Thu, 24 Jan 2019 03:32:13 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 981A686B47; Wed, 23 Jan 2019 16:32:11 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f4aBkjbsXqAW; Wed, 23 Jan 2019 16:32:10 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by whitealder.osuosl.org (Postfix) with ESMTP id 85D0386416; Wed, 23 Jan 2019 16:32:10 +0000 (UTC) X-Original-To: intel-wired-lan@lists.osuosl.org Delivered-To: intel-wired-lan@lists.osuosl.org Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by ash.osuosl.org (Postfix) with ESMTP id DD9621BF853 for ; Wed, 23 Jan 2019 11:09:47 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id D99D284BB6 for ; Wed, 23 Jan 2019 11:09:47 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l1tsi9mrGY07 for ; Wed, 23 Jan 2019 11:09:44 +0000 (UTC) X-Greylist: delayed 00:05:11 by SQLgrey-1.7.6 Received: from mail-pl1-f194.google.com (mail-pl1-f194.google.com [209.85.214.194]) by fraxinus.osuosl.org (Postfix) with ESMTPS id A500B84BBE for ; Wed, 23 Jan 2019 11:09:26 +0000 (UTC) Received: by mail-pl1-f194.google.com with SMTP id e11so1005498plt.11 for ; Wed, 23 Jan 2019 03:09:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=eOH0evUuoYnXDQzpGOjj3b0HOCtKjXfnS8BAvgmzoB0=; b=Wr6sF2dnqShAFPTeXkP0pt6mBKUJKO97OmiEruwT4K55nJajA+h03gbSSobjz2XPfv dmHCD/XalktgqQ0IiUYMC5jVtzQxKJiJoguJ4OOCavlkG9DFAMd11Miq++jy+d12pAW9 urv3sOXBGTMXSshhkP6/iBRMUbWJT7/wXVNA4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=eOH0evUuoYnXDQzpGOjj3b0HOCtKjXfnS8BAvgmzoB0=; b=sKKSawxAzQE1Q36UuKYRdX08lkHye6On2g3TJ5Gbx1/j7fcp6TQKf4UEqy43UjQ6eJ mgmROaxRpMJaT3Jr0RBW8wSb8mxQhgQNc+RWI8dEZrYqWM9riJ8+0D6Z/ei0Q7HyCWMt OqMN89ur0NITm01YUy7YIjL1Uq5OcJzOzmeGa4PBNBv7U9/Uhkd5KBGAWTq+xz4tFTcn N5d1/5K2hbqifekFhtCiY93GpxWXy+yfmPBKSBfT6fPZSO1zojTLwu+k/HEEuDkGSQnZ 7loPE/0v9tvR3tb1sW1bIIu1sUab3gazOn80H8tXu2DVU/7kKbegkFLTM//dq/l8cnQj 6vng== X-Gm-Message-State: AJcUuke7mfMtffpLvc7zcL3iXjhoDv1kq5kJtbMG36WtTTOwI0GUco6R g5LvO0rXJHVQeoiGLejLYd7F1Q== X-Google-Smtp-Source: ALg8bN4MaWR5XqsDsgdWgLwpfKZxt4LUG4ZZGKgogh3VDQfDjkiUg54eL3BLTvjTOGXKhvj7c+hNuQ== X-Received: by 2002:a17:902:714c:: with SMTP id u12mr1770044plm.234.1548241455187; Wed, 23 Jan 2019 03:04:15 -0800 (PST) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id n186sm23207263pfn.137.2019.01.23.03.04.12 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 23 Jan 2019 03:04:12 -0800 (PST) From: Kees Cook To: linux-kernel@vger.kernel.org Date: Wed, 23 Jan 2019 03:03:46 -0800 Message-Id: <20190123110349.35882-1-keescook@chromium.org> X-Mailer: git-send-email 2.17.1 MIME-Version: 1.0 X-Mailman-Approved-At: Wed, 23 Jan 2019 16:32:09 +0000 Subject: [Intel-wired-lan] [PATCH 0/3] gcc-plugins: Introduce stackinit plugin X-BeenThere: intel-wired-lan@osuosl.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Intel Wired Ethernet Linux Kernel Driver Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: dev@openvswitch.org, Kees Cook , Ard Biesheuvel , netdev@vger.kernel.org, intel-gfx@lists.freedesktop.org, linux-usb@vger.kernel.org, dri-devel@lists.freedesktop.org, linux-mm@kvack.org, linux-security-module@vger.kernel.org, kernel-hardening@lists.openwall.com, intel-wired-lan@lists.osuosl.org, linux-fsdevel@vger.kernel.org, xen-devel@lists.xenproject.org, Laura Abbott , linux-kbuild@vger.kernel.org, Alexander Popov Errors-To: intel-wired-lan-bounces@osuosl.org Sender: "Intel-wired-lan" This adds a new plugin "stackinit" that attempts to perform unconditional initialization of all stack variables[1]. It has wider effects than GCC_PLUGIN_STRUCTLEAK_BYREF_ALL=y since BYREF_ALL does not consider non-structures. A notable weakness is that padding bytes in many cases remain uninitialized since GCC treats these bytes as "undefined". I'm hoping we can improve the compiler (or the plugin) to cover that too. (It's worth noting that BYREF_ALL actually does handle the padding -- I think this is due to the different method of detecting if initialization is needed.) Included is a tree-wide change to move switch variables up and out of their switch and into the top-level variable declarations. Included is a set of test cases for evaluating stack initialization, which checks for padding, different types, etc. Feedback welcome! :) -Kees [1] https://lkml.kernel.org/r/CA+55aFykZL+cSBJjBBts7ebEFfyGPdMzTmLSxKnT_29=j942dA@mail.gmail.com Kees Cook (3): treewide: Lift switch variables out of switches gcc-plugins: Introduce stackinit plugin lib: Introduce test_stackinit module arch/x86/xen/enlighten_pv.c | 7 +- drivers/char/pcmcia/cm4000_cs.c | 2 +- drivers/char/ppdev.c | 20 +- drivers/gpu/drm/drm_edid.c | 4 +- drivers/gpu/drm/i915/intel_display.c | 2 +- drivers/gpu/drm/i915/intel_pm.c | 4 +- drivers/net/ethernet/intel/e1000/e1000_main.c | 3 +- drivers/tty/n_tty.c | 3 +- drivers/usb/gadget/udc/net2280.c | 5 +- fs/fcntl.c | 3 +- lib/Kconfig.debug | 9 + lib/Makefile | 1 + lib/test_stackinit.c | 327 ++++++++++++++++++ mm/shmem.c | 5 +- net/core/skbuff.c | 4 +- net/ipv6/ip6_gre.c | 4 +- net/ipv6/ip6_tunnel.c | 4 +- net/openvswitch/flow_netlink.c | 7 +- scripts/Makefile.gcc-plugins | 6 + scripts/gcc-plugins/Kconfig | 9 + scripts/gcc-plugins/gcc-common.h | 11 +- scripts/gcc-plugins/stackinit_plugin.c | 79 +++++ security/tomoyo/common.c | 3 +- security/tomoyo/condition.c | 7 +- security/tomoyo/util.c | 4 +- 25 files changed, 484 insertions(+), 49 deletions(-) create mode 100644 lib/test_stackinit.c create mode 100644 scripts/gcc-plugins/stackinit_plugin.c