android_kernel_xiaomi_sm8450

xiaomi-sm8450/android_kernel_xiaomi_sm8450

Fork 0

Commit Graph

Author	SHA1	Message	Date
Sami Tolvanen	e5438c0fea	FROMLIST: scs: add support for stack usage debugging Implements CONFIG_DEBUG_STACK_USAGE for shadow stacks. When enabled, also prints out the highest shadow stack usage per process. Bug: 145210207 Change-Id: I2b2fea68760ca8d94d6f887cfe5828883d233b88 (am from https://lore.kernel.org/patchwork/patch/1149056/) Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: Sami Tolvanen <samitolvanen@google.com>	2019-11-26 13:27:37 -08:00
Sami Tolvanen	d78efa28eb	FROMLIST: scs: add accounting This change adds accounting for the memory allocated for shadow stacks. Bug: 145210207 Change-Id: Iee94c22abefcabb63a3bcd4db8ba952130f30a82 (am from https://lore.kernel.org/patchwork/patch/1149055/) Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: Sami Tolvanen <samitolvanen@google.com>	2019-11-26 13:27:37 -08:00
Sami Tolvanen	44a2290faf	FROMLIST: add support for Clang's Shadow Call Stack (SCS) This change adds generic support for Clang's Shadow Call Stack, which uses a shadow stack to protect return addresses from being overwritten by an attacker. Details are available here: https://clang.llvm.org/docs/ShadowCallStack.html Note that security guarantees in the kernel differ from the ones documented for user space. The kernel must store addresses of shadow stacks used by other tasks and interrupt handlers in memory, which means an attacker capable reading and writing arbitrary memory may be able to locate them and hijack control flow by modifying shadow stacks that are not currently in use. Bug: 145210207 Change-Id: I2a8ba6a3decac50c169731c3121c9dcab96621d2 (am from https://lore.kernel.org/patchwork/patch/1149054/) Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: Miguel Ojeda <miguel.ojeda.sandonis@gmail.com> Signed-off-by: Sami Tolvanen <samitolvanen@google.com>	2019-11-26 13:27:36 -08:00

Author

SHA1

Message

Date

Sami Tolvanen

e5438c0fea

FROMLIST: scs: add support for stack usage debugging

Implements CONFIG_DEBUG_STACK_USAGE for shadow stacks. When enabled,
also prints out the highest shadow stack usage per process.

Bug: 145210207
Change-Id: I2b2fea68760ca8d94d6f887cfe5828883d233b88
(am from https://lore.kernel.org/patchwork/patch/1149056/)
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>

2019-11-26 13:27:37 -08:00

Sami Tolvanen

d78efa28eb

FROMLIST: scs: add accounting

This change adds accounting for the memory allocated for shadow stacks.

Bug: 145210207
Change-Id: Iee94c22abefcabb63a3bcd4db8ba952130f30a82
(am from https://lore.kernel.org/patchwork/patch/1149055/)
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>

2019-11-26 13:27:37 -08:00

Sami Tolvanen

44a2290faf

FROMLIST: add support for Clang's Shadow Call Stack (SCS)

This change adds generic support for Clang's Shadow Call Stack,
which uses a shadow stack to protect return addresses from being
overwritten by an attacker. Details are available here:

  https://clang.llvm.org/docs/ShadowCallStack.html

Note that security guarantees in the kernel differ from the
ones documented for user space. The kernel must store addresses
of shadow stacks used by other tasks and interrupt handlers in
memory, which means an attacker capable reading and writing
arbitrary memory may be able to locate them and hijack control
flow by modifying shadow stacks that are not currently in use.

Bug: 145210207
Change-Id: I2a8ba6a3decac50c169731c3121c9dcab96621d2
(am from https://lore.kernel.org/patchwork/patch/1149054/)
Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Miguel Ojeda <miguel.ojeda.sandonis@gmail.com>
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>

2019-11-26 13:27:36 -08:00

3 Commits