[PATCH RFC 0/4] stackleak: Support Clang stack depth tracking
Kees Cook
kees at kernel.org
Fri May 2 19:01:23 UTC 2025
Hi,
As part of looking at what GCC plugins could be replaced with Clang
implementations, this series uses the recently proposed stack depth
tracking callback in Clang[1] to implement the stackleak feature.
-Kees
[1] https://github.com/llvm/llvm-project/pull/138323
Kees Cook (4):
stackleak: Rename CONFIG_GCC_PLUGIN_STACKLEAK to CONFIG_STACKLEAK
stackleak: Rename stackleak_track_stack to __sanitizer_cov_stack_depth
stackleak: Split STACKLEAK_CFLAGS from GCC_PLUGINS_CFLAGS
stackleak: Support Clang stack depth tracking
Documentation/admin-guide/sysctl/kernel.rst | 2 +-
Documentation/security/self-protection.rst | 2 +-
arch/arm/boot/compressed/Makefile | 2 +-
arch/arm/kernel/entry-common.S | 2 +-
arch/arm/vdso/Makefile | 2 +-
arch/arm64/kernel/entry.S | 2 +-
arch/arm64/kernel/pi/Makefile | 2 +-
arch/arm64/kernel/vdso/Makefile | 1 +
arch/arm64/kvm/hyp/nvhe/Makefile | 2 +-
arch/riscv/kernel/entry.S | 2 +-
arch/riscv/kernel/pi/Makefile | 2 +-
arch/riscv/purgatory/Makefile | 2 +-
arch/s390/kernel/entry.S | 2 +-
arch/sparc/vdso/Makefile | 3 +-
arch/x86/entry/calling.h | 4 +-
arch/x86/entry/vdso/Makefile | 3 +-
arch/x86/include/asm/init.h | 2 +-
arch/x86/purgatory/Makefile | 2 +-
drivers/firmware/efi/libstub/Makefile | 6 +--
drivers/misc/lkdtm/stackleak.c | 8 ++--
include/linux/init.h | 4 +-
include/linux/sched.h | 4 +-
include/linux/stackleak.h | 6 +--
kernel/Makefile | 4 +-
kernel/stackleak.c | 4 +-
lib/Makefile | 2 +-
scripts/Makefile.gcc-plugins | 13 +++---
scripts/Makefile.ubsan | 12 +++++
scripts/gcc-plugins/stackleak_plugin.c | 52 ++++++++++-----------
security/Kconfig.hardening | 25 ++++++----
tools/objtool/check.c | 2 +-
tools/testing/selftests/lkdtm/config | 2 +-
32 files changed, 105 insertions(+), 78 deletions(-)
--
2.34.1
More information about the Linux-security-module-archive
mailing list