[PATCH 0/3] gcc-plugins/stackleak: Ignore .noinstr.text and .entry.text

From: Kees Cook
Date: Sun Feb 06 2022 - 12:45:28 EST

Next message: Kees Cook: "[PATCH 1/3] gcc-plugins/stackleak: Provide verbose mode"
Previous message: Jisheng Zhang: "[PATCH] riscv: add irq stack support"
Next in thread: Kees Cook: "[PATCH 1/3] gcc-plugins/stackleak: Provide verbose mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Out of an abundance of caution, do not perform stack depth analysis on
.noinstr.text and .entry.text section functions, as it may be possible
that "current" is not sane.

Additionally, to verify results, the verbose mode is wired up the Kconfig,
and the string matching is refactored for correctness.

-Kees

Kees Cook (3):
gcc-plugins/stackleak: Provide verbose mode
gcc-plugins/stackleak: Exactly match strings instead of prefixes
gcc-plugins/stackleak: Ignore .noinstr.text and .entry.text

scripts/Makefile.gcc-plugins | 2 ++
scripts/gcc-plugins/stackleak_plugin.c | 29 ++++++++++++++++++++++----
security/Kconfig.hardening | 10 +++++++++
3 files changed, 37 insertions(+), 4 deletions(-)

--
2.30.2

Next message: Kees Cook: "[PATCH 1/3] gcc-plugins/stackleak: Provide verbose mode"
Previous message: Jisheng Zhang: "[PATCH] riscv: add irq stack support"
Next in thread: Kees Cook: "[PATCH 1/3] gcc-plugins/stackleak: Provide verbose mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]