On Fri, Apr 6, 2018 at 7:22 AM, Alexander Popov <alex.po...@linux.com> wrote: > This commit introduces the architecture-specific code filling the used > part of the kernel stack with a poison value before returning to the > userspace. Full STACKLEAK feature also contains the gcc plugin which > comes in a separate commit.
Thanks for sending this again! And thanks for the updated reasoning for why this remains a valuable addition: https://lkml.kernel.org/r/1523024546-6150-1-git-send-email-alex.po...@linux.com I, too, remain convinced this is a good protection to have, even as we slowly remove VLAs and try to improve the compiler's initialization of stack variables. Dave, Ingo, Linus: how does this look? With the assembly rewritten into C, the entry changes are very small: > arch/x86/entry/entry_32.S | 7 ++++++ > arch/x86/entry/entry_64.S | 3 +++ > arch/x86/entry/entry_64_compat.S | 5 ++++ > arch/x86/entry/erase.c | 54 > ++++++++++++++++++++++++++++++++++++++++ I'd really like to get people's Ack/Review. :) Laura, can this C version work for arm64 as well? Thanks, -Kees -- Kees Cook Pixel Security
