git.kernel.dk Git - linux-block.git/commit

author	Youling Tang <tangyouling@kylinos.cn>
	Fri, 30 May 2025 13:45:42 +0000 (21:45 +0800)
committer	Huacai Chen <chenhuacai@loongson.cn>
	Fri, 30 May 2025 13:45:42 +0000 (21:45 +0800)
commit	a45728fd4120011c78af1d056e571b84d47dfcc1
tree	c808d05c999797ed461f0fe850333c50db9f418e	tree
parent	b37981ce540dffa64a4664ccf0e20dbef6c2c638	commit \| diff

LoongArch: Enable HAVE_ARCH_STACKLEAK

Add support for the stackleak feature. It initializes the stack with the
poison value before returning from system calls which improves the kernel
security.

At the same time, disables the plugin in EFI stub code because EFI stub
is out of scope for the protection.

Tested on Loongson-3A5000 (enable GCC_PLUGIN_STACKLEAK and LKDTM):
# echo STACKLEAK_ERASING > /sys/kernel/debug/provoke-crash/DIRECT
# dmesg
   lkdtm: Performing direct entry STACKLEAK_ERASING
   lkdtm: stackleak stack usage:
      high offset: 320 bytes
      current:     448 bytes
      lowest:      1264 bytes
      tracked:     1264 bytes
      untracked:   208 bytes
      poisoned:    14528 bytes
      low offset:  64 bytes
   lkdtm: OK: the rest of the thread stack is properly erased

Signed-off-by: Youling Tang <tangyouling@kylinos.cn>
Signed-off-by: Huacai Chen <chenhuacai@loongson.cn>

arch/loongarch/Kconfig		diff \| blob \| blame \| history
arch/loongarch/include/asm/entry-common.h		diff \| blob \| blame \| history
arch/loongarch/include/asm/stackframe.h		diff \| blob \| blame \| history
arch/loongarch/include/asm/stacktrace.h		diff \| blob \| blame \| history
arch/loongarch/kernel/entry.S		diff \| blob \| blame \| history
drivers/firmware/efi/libstub/Makefile		diff \| blob \| blame \| history