queue-5.15/gcc-plugins-stackleak-ignore-.noinstr.text-and-.entry.text.patch

   1 From ae978009fc013e3166c9f523f8b17e41a3c0286e Mon Sep 17 00:00:00 2001
   2 From: Kees Cook <keescook@chromium.org>
   3 Date: Sun, 6 Feb 2022 09:12:50 -0800
   4 Subject: gcc-plugins/stackleak: Ignore .noinstr.text and .entry.text
   5
   6 From: Kees Cook <keescook@chromium.org>
   7
   8 commit ae978009fc013e3166c9f523f8b17e41a3c0286e upstream.
   9
  10 The .noinstr.text section functions may not have "current()" sanely
  11 available. Similarly true for .entry.text, though such a check is
  12 currently redundant. Add a check for both. In an x86_64 defconfig build,
  13 the following functions no longer receive stackleak instrumentation:
  14
  15         __do_fast_syscall_32()
  16         do_int80_syscall_32()
  17         do_machine_check()
  18         do_syscall_64()
  19         exc_general_protection()
  20         fixup_bad_iret()
  21
  22 Suggested-by: Peter Zijlstra <peterz@infradead.org>
  23 Cc: Alexander Popov <alex.popov@linux.com>
  24 Signed-off-by: Kees Cook <keescook@chromium.org>
  25 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
  26 ---
  27  scripts/gcc-plugins/stackleak_plugin.c |    4 ++++
  28  1 file changed, 4 insertions(+)
  29
  30 --- a/scripts/gcc-plugins/stackleak_plugin.c
  31 +++ b/scripts/gcc-plugins/stackleak_plugin.c
  32 @@ -463,6 +463,10 @@ static bool stackleak_gate(void)
  33                         return false;
  34                 if (STRING_EQUAL(section, ".meminit.text"))
  35                         return false;
  36 +               if (STRING_EQUAL(section, ".noinstr.text"))
  37 +                       return false;
  38 +               if (STRING_EQUAL(section, ".entry.text"))
  39 +                       return false;
  40         }
  41
  42         return track_frame_size >= 0;