Patch "gcc-plugins/stackleak: Ignore .noinstr.text and .entry.text" has been added to the 5.15-stable tree

<gregkh@xxxxxxxxxxxxxxxxxxx> · Thu, 11 Apr 2024 08:53:07 +0200

This is a note to let you know that I've just added the patch titled

    gcc-plugins/stackleak: Ignore .noinstr.text and .entry.text

to the 5.15-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     gcc-plugins-stackleak-ignore-.noinstr.text-and-.entry.text.patch
and it can be found in the queue-5.15 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From ae978009fc013e3166c9f523f8b17e41a3c0286e Mon Sep 17 00:00:00 2001
From: Kees Cook <keescook@xxxxxxxxxxxx>
Date: Sun, 6 Feb 2022 09:12:50 -0800
Subject: gcc-plugins/stackleak: Ignore .noinstr.text and .entry.text

From: Kees Cook <keescook@xxxxxxxxxxxx>

commit ae978009fc013e3166c9f523f8b17e41a3c0286e upstream.

The .noinstr.text section functions may not have "current()" sanely
available. Similarly true for .entry.text, though such a check is
currently redundant. Add a check for both. In an x86_64 defconfig build,
the following functions no longer receive stackleak instrumentation:

	__do_fast_syscall_32()
	do_int80_syscall_32()
	do_machine_check()
	do_syscall_64()
	exc_general_protection()
	fixup_bad_iret()

Suggested-by: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
Cc: Alexander Popov <alex.popov@xxxxxxxxx>
Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 scripts/gcc-plugins/stackleak_plugin.c |    4 ++++
 1 file changed, 4 insertions(+)

--- a/scripts/gcc-plugins/stackleak_plugin.c
+++ b/scripts/gcc-plugins/stackleak_plugin.c
@@ -463,6 +463,10 @@ static bool stackleak_gate(void)
 			return false;
 		if (STRING_EQUAL(section, ".meminit.text"))
 			return false;
+		if (STRING_EQUAL(section, ".noinstr.text"))
+			return false;
+		if (STRING_EQUAL(section, ".entry.text"))
+			return false;
 	}
 
 	return track_frame_size >= 0;


Patches currently in stable-queue which might be from keescook@xxxxxxxxxxxx are

queue-5.15/vmci-fix-memcpy-run-time-warning-in-dg_dispatch_as_h.patch
queue-5.15/gcc-plugins-stackleak-ignore-.noinstr.text-and-.entry.text.patch
queue-5.15/pstore-zone-add-a-null-pointer-check-to-the-psz_kmsg.patch
queue-5.15/gcc-plugins-stackleak-avoid-.head.text-section.patch







