unimore/kernel-hacking-2024-linux-steffo
unimore/kernel-hacking-2024-linux-steffo
1
Fork 0
Code Pull requests 5 Wiki Activity
kernel-hacking-2024-linux-s.../kernel
History
Elliot Berman 14c4c8e415 cfi: Use rcu_read_{un}lock_sched_notrace 
If rcu_read_lock_sched tracing is enabled, the tracing subsystem can
perform a jump which needs to be checked by CFI. For example, stm_ftrace
source is enabled as a module and hooks into enabled ftrace events. This
can cause an recursive loop where find_shadow_check_fn ->
rcu_read_lock_sched -> (call to stm_ftrace generates cfi slowpath) ->
find_shadow_check_fn -> rcu_read_lock_sched -> ...

To avoid the recursion, either the ftrace codes needs to be marked with
__no_cfi or CFI should not trace. Use the "_notrace" in CFI to avoid
tracing so that CFI can guard ftrace.

Signed-off-by: Elliot Berman <quic_eberman@quicinc.com>
Reviewed-by: Sami Tolvanen <samitolvanen@google.com>
Cc: stable@vger.kernel.org
Fixes: cf68fffb66 ("add support for Clang CFI")
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20210811155914.19550-1-quic_eberman@quicinc.com
2021-08-11 13:11:12 -07:00
..
bpf bpf: Fix leakage due to insufficient speculative store bypass mitigation 2021-07-29 00:27:52 +02:00
cgroup cgroup1: fix leaked context root causing sporadic NULL deref in LTP 2021-07-21 06:39:20 -10:00
configs
debug kernel: debug: Fix unreachable code in gdb_serial_stub() 2021-07-12 11:03:35 -05:00
dma dma-mapping: handle vmalloc addresses in dma_common_{mmap,get_sgtable} 2021-07-16 11:30:26 +02:00
entry tick/nohz: Only check for RCU deferred wakeup on user/guest entry when needed 2021-05-31 10:14:49 +02:00
events perf: Refactor permissions check into perf_check_permission() 2021-07-16 18:46:38 +02:00
gcov Kconfig: Introduce ARCH_WANTS_NO_INSTR and CC_HAS_NO_PROFILE_FN_ATTR 2021-06-22 11:07:18 -07:00
irq irqchip fixes for 5.14, take #1 2021-07-09 15:35:13 +02:00
kcsan Merge branch 'kcsan.2021.05.18a' of git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu 2021-07-04 12:29:16 -07:00
livepatch
locking Locking fixes: 2021-07-11 11:06:09 -07:00
power PM: hibernate: disable when there are active secretmem users 2021-07-08 11:48:21 -07:00
printk printk changes for 5.14 2021-06-29 12:07:18 -07:00
rcu rcu: Fix pr_info() formats and values in show_rcu_gp_kthreads() 2021-07-06 15:53:12 -07:00
sched sched/rt: Fix double enqueue caused by rt_effective_prio 2021-08-04 15:16:31 +02:00
time timers: Move clearing of base::timer_running under base:: Lock 2021-07-27 20:57:44 +02:00
trace tracing: Quiet smp_processor_id() use in preemptable warning in hwlat 2021-08-05 09:27:31 -04:00
.gitignore
acct.c
async.c
audit.c
audit.h audit: remove trailing spaces and tabs 2021-06-10 20:59:05 -04:00
audit_fsnotify.c
audit_tree.c audit: Use list_move instead of list_del/list_add 2021-06-08 22:18:35 -04:00
audit_watch.c
auditfilter.c
auditsc.c audit: remove trailing spaces and tabs 2021-06-10 20:59:05 -04:00
backtracetest.c
bounds.c
capability.c
cfi.c cfi: Use rcu_read_{un}lock_sched_notrace 2021-08-11 13:11:12 -07:00
compat.c
configs.c
context_tracking.c
cpu.c A fix for the CPU hotplug and cpusets interaction: 2021-06-29 12:23:02 -07:00
cpu_pm.c
crash_core.c kdump: use vmlinux_build_id to simplify 2021-07-08 11:48:22 -07:00
crash_dump.c
cred.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2021-06-28 20:39:26 -07:00
delayacct.c delayacct: Add sysctl to enable at runtime 2021-05-12 11:43:25 +02:00
dma.c
exec_domain.c
exit.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2021-06-28 20:39:26 -07:00
extable.c
fail_function.c
fork.c Merge branch 'akpm' (patches from Andrew) 2021-06-29 17:29:11 -07:00
freezer.c sched: Add get_current_state() 2021-06-18 11:43:08 +02:00
futex.c Locking changes for this cycle: 2021-06-28 11:45:29 -07:00
gen_kheaders.sh kbuild: clean up ${quiet} checks in shell scripts 2021-05-27 04:01:50 +09:00
groups.c
hung_task.c Merge branch 'akpm' (patches from Andrew) 2021-07-02 12:08:10 -07:00
iomem.c
irq_work.c irq_work: Make irq_work_queue() NMI-safe again 2021-06-10 10:00:08 +02:00
jump_label.c jump_label: Fix jump_label_text_reserved() vs __init 2021-07-05 10:46:20 +02:00
kallsyms.c module: add printk formats to add module build ID to stacktraces 2021-07-08 11:48:22 -07:00
kcmp.c
Kconfig.freezer
Kconfig.hz
Kconfig.locks
Kconfig.preempt sched/core: Disable CONFIG_SCHED_CORE by default 2021-06-28 22:43:05 +02:00
kcov.c
kexec.c
kexec_core.c kernel.h: split out panic and oops helpers 2021-07-01 11:06:04 -07:00
kexec_elf.c
kexec_file.c
kexec_internal.h
kheaders.c
kmod.c
kprobes.c Locking fixes: 2021-07-11 11:06:09 -07:00
ksysfs.c
kthread.c Merge branch 'akpm' (patches from Andrew) 2021-06-29 17:29:11 -07:00
latencytop.c
Makefile
module-internal.h
module.c module: add printk formats to add module build ID to stacktraces 2021-07-08 11:48:22 -07:00
module_signature.c
module_signing.c
notifier.c
nsproxy.c
padata.c
panic.c kernel.h: split out panic and oops helpers 2021-07-01 11:06:04 -07:00
params.c
pid.c
pid_namespace.c
profile.c
ptrace.c sched: Change task_struct::state 2021-06-18 11:43:09 +02:00
range.c
reboot.c reboot: Add hardware protection power-off 2021-06-21 13:08:36 +01:00
regset.c
relay.c
resource.c kernel/resource: fix return code check in __request_free_mem_region 2021-05-14 19:41:32 -07:00
resource_kunit.c
rseq.c
scftorture.c scftorture: Avoid false-positive warnings in scftorture_invoker() 2021-07-06 12:37:55 -07:00
scs.c
seccomp.c seccomp: Support atomic "addfd + send reply" 2021-06-28 12:49:52 -07:00
signal.c Fix UCOUNT_RLIMIT_SIGPENDING counter leak 2021-07-08 11:43:24 -07:00
smp.c
smpboot.c smpboot: fix duplicate and misplaced inlining directive 2021-07-25 11:06:37 -07:00
smpboot.h
softirq.c sched: Introduce task_is_running() 2021-06-18 11:43:07 +02:00
stackleak.c
stacktrace.c
static_call.c static_call: Fix static_call_text_reserved() vs __init 2021-07-05 10:46:33 +02:00
stop_machine.c
sys.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2021-06-28 20:39:26 -07:00
sys_ni.c mm: introduce memfd_secret system call to create "secret" memory areas 2021-07-08 11:48:21 -07:00
sysctl-test.c kernel/sysctl-test: Remove some casts which are no-longer required 2021-06-23 16:41:24 -06:00
sysctl.c Merge branch 'akpm' (patches from Andrew) 2021-07-02 12:08:10 -07:00
task_work.c
taskstats.c
test_kprobes.c
torture.c
tracepoint.c tracepoint: Use rcu get state and cond sync for static call updates 2021-08-06 10:54:41 -04:00
tsacct.c
ucount.c ucounts: Fix race condition between alloc_ucounts and put_ucounts 2021-07-28 12:31:51 -05:00
uid16.c
uid16.h
umh.c
up.c
user-return-notifier.c
user.c
user_namespace.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2021-06-28 20:39:26 -07:00
usermode_driver.c Merge branch 'work.namei' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2021-07-03 11:41:14 -07:00
utsname.c
utsname_sysctl.c
watch_queue.c
watchdog.c kernel: watchdog: modify the explanation related to watchdog thread 2021-06-29 10:53:46 -07:00
watchdog_hld.c
workqueue.c workqueue: fix UAF in pwq_unbound_release_workfn() 2021-07-21 06:42:31 -10:00
workqueue_internal.h