mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-01-16 10:17:32 +00:00
65120498aa
With -Wmissing-prototypes enabled, the stackleak code produces a couple of warnings that have no declarations because they are only called from assembler: stackleak.c:127:25: error: no previous prototype for 'stackleak_erase' [-Werror=missing-prototypes] stackleak.c:139:25: error: no previous prototype for 'stackleak_erase_on_task_stack' [-Werror=missing-prototypes] stackleak.c:151:25: error: no previous prototype for 'stackleak_erase_off_task_stack' [-Werror=missing-prototypes] stackleak.c:159:49: error: no previous prototype for 'stackleak_track_stack' [-Werror=missing-prototypes] Add declarations to the stackleak header to shut up the warnings. Signed-off-by: Arnd Bergmann <arnd@arndb.de> Link: https://lore.kernel.org/r/20231108125843.3806765-7-arnd@kernel.org Signed-off-by: Kees Cook <keescook@chromium.org>
90 lines
2.4 KiB
C
90 lines
2.4 KiB
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
#ifndef _LINUX_STACKLEAK_H
|
|
#define _LINUX_STACKLEAK_H
|
|
|
|
#include <linux/sched.h>
|
|
#include <linux/sched/task_stack.h>
|
|
|
|
/*
|
|
* Check that the poison value points to the unused hole in the
|
|
* virtual memory map for your platform.
|
|
*/
|
|
#define STACKLEAK_POISON -0xBEEF
|
|
#define STACKLEAK_SEARCH_DEPTH 128
|
|
|
|
#ifdef CONFIG_GCC_PLUGIN_STACKLEAK
|
|
#include <asm/stacktrace.h>
|
|
#include <linux/linkage.h>
|
|
|
|
/*
|
|
* The lowest address on tsk's stack which we can plausibly erase.
|
|
*/
|
|
static __always_inline unsigned long
|
|
stackleak_task_low_bound(const struct task_struct *tsk)
|
|
{
|
|
/*
|
|
* The lowest unsigned long on the task stack contains STACK_END_MAGIC,
|
|
* which we must not corrupt.
|
|
*/
|
|
return (unsigned long)end_of_stack(tsk) + sizeof(unsigned long);
|
|
}
|
|
|
|
/*
|
|
* The address immediately after the highest address on tsk's stack which we
|
|
* can plausibly erase.
|
|
*/
|
|
static __always_inline unsigned long
|
|
stackleak_task_high_bound(const struct task_struct *tsk)
|
|
{
|
|
/*
|
|
* The task's pt_regs lives at the top of the task stack and will be
|
|
* overwritten by exception entry, so there's no need to erase them.
|
|
*/
|
|
return (unsigned long)task_pt_regs(tsk);
|
|
}
|
|
|
|
/*
|
|
* Find the address immediately above the poisoned region of the stack, where
|
|
* that region falls between 'low' (inclusive) and 'high' (exclusive).
|
|
*/
|
|
static __always_inline unsigned long
|
|
stackleak_find_top_of_poison(const unsigned long low, const unsigned long high)
|
|
{
|
|
const unsigned int depth = STACKLEAK_SEARCH_DEPTH / sizeof(unsigned long);
|
|
unsigned int poison_count = 0;
|
|
unsigned long poison_high = high;
|
|
unsigned long sp = high;
|
|
|
|
while (sp > low && poison_count < depth) {
|
|
sp -= sizeof(unsigned long);
|
|
|
|
if (*(unsigned long *)sp == STACKLEAK_POISON) {
|
|
poison_count++;
|
|
} else {
|
|
poison_count = 0;
|
|
poison_high = sp;
|
|
}
|
|
}
|
|
|
|
return poison_high;
|
|
}
|
|
|
|
static inline void stackleak_task_init(struct task_struct *t)
|
|
{
|
|
t->lowest_stack = stackleak_task_low_bound(t);
|
|
# ifdef CONFIG_STACKLEAK_METRICS
|
|
t->prev_lowest_stack = t->lowest_stack;
|
|
# endif
|
|
}
|
|
|
|
asmlinkage void noinstr stackleak_erase(void);
|
|
asmlinkage void noinstr stackleak_erase_on_task_stack(void);
|
|
asmlinkage void noinstr stackleak_erase_off_task_stack(void);
|
|
void __no_caller_saved_registers noinstr stackleak_track_stack(void);
|
|
|
|
#else /* !CONFIG_GCC_PLUGIN_STACKLEAK */
|
|
static inline void stackleak_task_init(struct task_struct *t) { }
|
|
#endif
|
|
|
|
#endif
|