Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp1315400iob; Wed, 4 May 2022 20:57:19 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyINhr2UxlZtuYEhiXkYk+vZGM/Em/KmIKsAW1TL3sFxcyE1+AkpquEkqd106xCdqyTmEXU X-Received: by 2002:a63:df18:0:b0:3ab:938b:e6c5 with SMTP id u24-20020a63df18000000b003ab938be6c5mr20899939pgg.165.1651723039630; Wed, 04 May 2022 20:57:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1651723039; cv=none; d=google.com; s=arc-20160816; b=y3ijV5nhWkdtnE9w492qLJhfvF14kGG5c5iu6tc5ggYOLO6mGah2MstR8pp2SYyPf/ MfjitpVBYRQhr5yUGXYBvfqrz0HT0bWPfjTL5yEZ28wwJK0KiA4gzg5CiyIg0tcYQEcI nB4HTY5FaydoBts0PQ54NQznYZ+hxxcTiiM7s59S59AHj6Hl3OIrIYf1hFiz7t9qfC4c pCdfzLFZJgJknjwgTNvnoaCnoVc8vLWgRqM/cyBuovA6EdyKZeb7d6USE3b1qSmM2muK THnP0jXt6kKe/4gI166boHc9d6aMu8OqP97YMVzhXYiCaqYed97crck6OXW9+fpqur8c Q6FA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=RJ458gvu2KUZx9lG1pwBIKjP4BeRT8/YIZK4NnO4oyY=; b=kfEKvhcrakujVBIJsJqnh2gNyql2Xvr+RAaluHlX7Gb8Z/Dtcijd2C6qRlejfKp2D2 D5IPAbwQdb/5wkvVMC7CAsm0FgaQ+FxF+4Hw1WYQS4IC8euVYNDYleC5bvqdY/RvTnuo zgo5W5ud0DcbjH7zO294iuvp5QCg5kkZBelK0RxW3yBykGbURqvbFlZtAZAWoUNNlOf+ bv41g3TppL9yoiggzVOGl1O4ZqLjhC9+JRHq6cB9a1eO/lAwGZcJS4Mdyk+VRRQ1gOwo RUrxkSOq4YQ8C+XtxLAQDnAUGClot9BmxYt3sAQsbupwsZtJ4PndPx5jszlh+OkbpQa/ aemg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=Do0dXlMZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id g19-20020a056a0023d300b00505cc5e6ae9si402068pfc.312.2022.05.04.20.57.04; Wed, 04 May 2022 20:57:19 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=Do0dXlMZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1355387AbiEDTVk (ORCPT + 99 others); Wed, 4 May 2022 15:21:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48542 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1355757AbiEDTVi (ORCPT ); Wed, 4 May 2022 15:21:38 -0400 Received: from mail-pj1-x102f.google.com (mail-pj1-x102f.google.com [IPv6:2607:f8b0:4864:20::102f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F113C289A5 for ; Wed, 4 May 2022 12:18:01 -0700 (PDT) Received: by mail-pj1-x102f.google.com with SMTP id fv2so2079848pjb.4 for ; Wed, 04 May 2022 12:18:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=RJ458gvu2KUZx9lG1pwBIKjP4BeRT8/YIZK4NnO4oyY=; b=Do0dXlMZ4W1vfBUdX+92o+0GKgu3uZLI4e2tkj5rlC3VvfGAyHGWK/Pu5A2p7fYCxb oiW4Q4iqZKHFmqTWa048UX7j3XctoQko0msUJJfFVhjAUQHsIW5Xro3txi6Ohw3ll2nI MxcVDocMB8aR2vBZ1Uqw8GU9MJhFbGq1JLSt4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=RJ458gvu2KUZx9lG1pwBIKjP4BeRT8/YIZK4NnO4oyY=; b=JrlOiGs/PrrPNcGuTNWbQRFTxUqY10or+2RFC8a3aPF6mWoOsLqjV0fmsUmFBoTAlk TEA+N2+hTGVunfOgFg72OptZlp5dCq56yWQMx01UbkqSADVhiSkZa8er0FrD8i2IqdHX D6omYt27qUuKosWGKw+WxhEbRR03Y6wolKw54N8N4/Wp2lZBCQd7j/wQFVHoVvh3D6zP skA9/A9mqICx8obmTYGbbMXgd+gEi936LvDURq06uymKgnMcqDJXXtnF9Qhvh1hKjs2L FZBxLCoja0MsOy2FZwRD8kN40XfdjXD8OxU0sohrhb14lR61XwFffwzevvPQZRFTJIet qn+w== X-Gm-Message-State: AOAM533bR++7hDLT18Gv9bSKh/AHgnQWC9PkdwPgyWm0aENlj2BuShFw 11p6/50TcSYipF1KWh5Ya/vocA== X-Received: by 2002:a17:902:e851:b0:15e:d129:fb20 with SMTP id t17-20020a170902e85100b0015ed129fb20mr1993458plg.140.1651691881297; Wed, 04 May 2022 12:18:01 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id f9-20020a170902ce8900b0015e8d4eb1besm6984785plg.8.2022.05.04.12.18.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 04 May 2022 12:18:00 -0700 (PDT) From: Kees Cook To: linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, mark.rutland@arm.com, alex.popov@linux.com Cc: Kees Cook , Andrew Morton , catalin.marinas@arm.com, will@kernel.org, luto@kernel.org Subject: Re: [PATCH v2 00/13] stackleak: fixes and rework Date: Wed, 4 May 2022 12:16:55 -0700 Message-Id: <165169181293.405194.8374667346806721563.b4-ty@chromium.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20220427173128.2603085-1-mark.rutland@arm.com> References: <20220427173128.2603085-1-mark.rutland@arm.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 27 Apr 2022 18:31:15 +0100, Mark Rutland wrote: > This is the vs I promised. Since Alexander wanted to look at this in > more detail (and since this is subtle and needs review), I'm assuming > that Kees will pick this up some time next week after that's happened, > if all goes well. :) > > This series reworks the stackleak code and the associated LKDTM test. > The first patch fixes some latent issues on arm64, and the subsequent > patches improve the code to improve clarity and permit better code > generation. Patches 8-10 address some latent issues in the LKDTM test > and add more diagnostic output. > > [...] I fixed some small commit log typos, but otherwise this looks great. If anything new comes up we can adjust it. Applied to for-next/hardening, thanks! [01/13] arm64: stackleak: fix current_top_of_stack() https://git.kernel.org/kees/c/4c849d27b729 [02/13] stackleak: move skip_erasing() check earlier https://git.kernel.org/kees/c/e98a7c56d73c [03/13] stackleak: remove redundant check https://git.kernel.org/kees/c/e45d9f71deea [04/13] stackleak: rework stack low bound handling https://git.kernel.org/kees/c/cbe7edb47d3c [05/13] stackleak: clarify variable names https://git.kernel.org/kees/c/e9da2241ed85 [06/13] stackleak: rework stack high bound handling https://git.kernel.org/kees/c/cfef4372a4b7 [07/13] stackleak: rework poison scanning https://git.kernel.org/kees/c/ff5f6d37e5bc [08/13] lkdtm/stackleak: avoid spurious failure https://git.kernel.org/kees/c/23fd893fa0d7 [09/13] lkdtm/stackleak: rework boundary management https://git.kernel.org/kees/c/f4cfacd92972 [10/13] lkdtm/stackleak: prevent unexpected stack usage https://git.kernel.org/kees/c/c393c0b98d75 [11/13] lkdtm/stackleak: check stack boundaries https://git.kernel.org/kees/c/b6bf5a354eca [12/13] stackleak: add on/off stack variants https://git.kernel.org/kees/c/96c59349a56c [13/13] arm64: entry: use stackleak_erase_on_task_stack() https://git.kernel.org/kees/c/d46ac904fd35 -- Kees Cook