diff options
| author |   Alexander Popov <alex.popov@linux.com> | 2018-08-17 01:17:03 +0300 |
|---|---|---|
| committer |   Kees Cook <keescook@chromium.org> | 2018-09-04 10:35:48 -0700 |
| commit | 964c9dff0091893a9a74a88edf984c6da0b779f7 (patch) | |
| tree | 162d45af3ac44401db524294e67e396ddee476f4 /include/linux/stackleak.h | |
| parent | doc: self-protection: Add information about STACKLEAK feature (diff) | |
| download | wireguard-linux-964c9dff0091893a9a74a88edf984c6da0b779f7.tar.xz wireguard-linux-964c9dff0091893a9a74a88edf984c6da0b779f7.zip | |
stackleak: Allow runtime disabling of kernel stack erasing
Introduce CONFIG_STACKLEAK_RUNTIME_DISABLE option, which provides
'stack_erasing' sysctl. It can be used in runtime to control kernel
stack erasing for kernels built with CONFIG_GCC_PLUGIN_STACKLEAK.
Suggested-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Alexander Popov <alex.popov@linux.com>
Tested-by: Laura Abbott <labbott@redhat.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'include/linux/stackleak.h')
| -rw-r--r-- | include/linux/stackleak.h | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/include/linux/stackleak.h b/include/linux/stackleak.h index b911b973d328..3d5c3271a9a8 100644 --- a/include/linux/stackleak.h +++ b/include/linux/stackleak.h @@ -22,6 +22,12 @@ static inline void stackleak_task_init(struct task_struct *t) t->prev_lowest_stack = t->lowest_stack; # endif } + +#ifdef CONFIG_STACKLEAK_RUNTIME_DISABLE +int stack_erasing_sysctl(struct ctl_table *table, int write, + void __user *buffer, size_t *lenp, loff_t *ppos); +#endif + #else /* !CONFIG_GCC_PLUGIN_STACKLEAK */ static inline void stackleak_task_init(struct task_struct *t) { } #endif |