Re: [PATCH v3 01/13] stackleak: Rename STACKLEAK to KSTACK_ERASE

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, Jul 21, 2025 at 10:02:36PM +0200, Nicolas Schier wrote:
> On Thu, Jul 17, 2025 at 04:25:06PM -0700, Kees Cook wrote:
> > In preparation for adding Clang sanitizer coverage stack depth tracking
> > that can support stack depth callbacks:
> > 
> > - Add the new top-level CONFIG_KSTACK_ERASE option which will be
> >   implemented either with the stackleak GCC plugin, or with the Clang
> >   stack depth callback support.
> > - Rename CONFIG_GCC_PLUGIN_STACKLEAK as needed to CONFIG_KSTACK_ERASE,
> >   but keep it for anything specific to the GCC plugin itself.
> > - Rename all exposed "STACKLEAK" names and files to "KSTACK_ERASE" (named
> >   for what it does rather than what it protects against), but leave as
> >   many of the internals alone as possible to avoid even more churn.
> > 
> > While here, also split "prev_lowest_stack" into CONFIG_KSTACK_ERASE_METRICS,
> > since that's the only place it is referenced from.
> > 
> > Suggested-by: Ingo Molnar <mingo@xxxxxxxxxx>
> > Signed-off-by: Kees Cook <kees@xxxxxxxxxx>
> > ---
> > Cc: Arnd Bergmann <arnd@xxxxxxxx>
> > Cc: <x86@xxxxxxxxxx>
> > Cc: "Gustavo A. R. Silva" <gustavoars@xxxxxxxxxx>
> > Cc: <linux-doc@xxxxxxxxxxxxxxx>
> > Cc: <linux-arm-kernel@xxxxxxxxxxxxxxxxxxx>
> > Cc: <kvmarm@xxxxxxxxxxxxxxx>
> > Cc: <linux-riscv@xxxxxxxxxxxxxxxxxxx>
> > Cc: <linux-s390@xxxxxxxxxxxxxxx>
> > Cc: <linux-efi@xxxxxxxxxxxxxxx>
> > Cc: <linux-hardening@xxxxxxxxxxxxxxx>
> > Cc: <linux-kbuild@xxxxxxxxxxxxxxx>
> > Cc: <linux-security-module@xxxxxxxxxxxxxxx>
> > Cc: <linux-kselftest@xxxxxxxxxxxxxxx>
> > ---
> >  arch/Kconfig                                  |  4 +--
> >  arch/arm/Kconfig                              |  2 +-
> >  arch/arm64/Kconfig                            |  2 +-
> >  arch/riscv/Kconfig                            |  2 +-
> >  arch/s390/Kconfig                             |  2 +-
> >  arch/x86/Kconfig                              |  2 +-
> >  security/Kconfig.hardening                    | 36 ++++++++++---------
> >  arch/arm/boot/compressed/Makefile             |  2 +-
> >  arch/arm64/kernel/pi/Makefile                 |  2 +-
> >  arch/arm64/kvm/hyp/nvhe/Makefile              |  2 +-
> >  arch/riscv/kernel/pi/Makefile                 |  2 +-
> >  arch/riscv/purgatory/Makefile                 |  2 +-
> >  arch/x86/purgatory/Makefile                   |  2 +-
> 
> Did you miss arch/loongarch/Kconfig by accident?
> 
> $ git grep -Hrne ARCH_STACKLEAK
> arch/loongarch/Kconfig:127:     select HAVE_ARCH_STACKLEAK

Oh! Yes, I missed that when I rebased to v6.16 (which added loongarch
support for stackleak). Thanks for catching that!

-- 
Kees Cook
[Index of Archives]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Linux FS]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]     [Linux Resources]
  Powered by Linux