Module Name: src
Committed By: maxv
Date: Sat Feb 8 07:07:07 UTC 2020
Modified Files:
src/share/man/man4: options.4
src/share/mk: bsd.sys.mk
src/sys/arch/amd64/conf: ALL GENERIC
src/sys/arch/amd64/include: param.h
src/sys/conf: files ssp.mk
src/sys/kern: files.kern subr_pool.c sys_syscall.c
src/sys/sys: systm.h
src/sys/uvm: uvm_km.c
Removed Files:
src/sys/arch/amd64/include: kleak.h
src/sys/kern: subr_kleak.c
src/usr.sbin/kleak: Makefile kleak.c
Log Message:
Retire KLEAK.
KLEAK was a nice feature and served its purpose; it allowed us to detect
dozens of info leaks on the kernel->userland boundary, and thanks to it we
tackled a good part of the infoleak problem 1.5 years ago.
Nowadays however, we have kMSan, which can detect uninitialized memory in
the kernel. kMSan supersedes KLEAK: it can detect what KLEAK was able to
detect, but in addition, (1) it operates in all of the kernel and not just
the kernel->userland boundary, (2) it requires no user interaction, and (3)
it is deterministic and not statistical.
That makes kMSan the feature of choice to detect info leaks nowadays;
people interested in detecting info leaks should boot a kMSan kernel and
just wait for the magic to happen.
KLEAK was a good ride, and a fun project, but now is time for it to go.
Discussed with several people, including Thomas Barabosch.
To generate a diff of this commit:
cvs rdiff -u -r1.507 -r1.508 src/share/man/man4/options.4
cvs rdiff -u -r1.298 -r1.299 src/share/mk/bsd.sys.mk
cvs rdiff -u -r1.144 -r1.145 src/sys/arch/amd64/conf/ALL
cvs rdiff -u -r1.560 -r1.561 src/sys/arch/amd64/conf/GENERIC
cvs rdiff -u -r1.1 -r0 src/sys/arch/amd64/include/kleak.h
cvs rdiff -u -r1.35 -r1.36 src/sys/arch/amd64/include/param.h
cvs rdiff -u -r1.1254 -r1.1255 src/sys/conf/files
cvs rdiff -u -r1.4 -r1.5 src/sys/conf/ssp.mk
cvs rdiff -u -r1.42 -r1.43 src/sys/kern/files.kern
cvs rdiff -u -r1.2 -r0 src/sys/kern/subr_kleak.c
cvs rdiff -u -r1.265 -r1.266 src/sys/kern/subr_pool.c
cvs rdiff -u -r1.12 -r1.13 src/sys/kern/sys_syscall.c
cvs rdiff -u -r1.292 -r1.293 src/sys/sys/systm.h
cvs rdiff -u -r1.153 -r1.154 src/sys/uvm/uvm_km.c
cvs rdiff -u -r1.1 -r0 src/usr.sbin/kleak/Makefile src/usr.sbin/kleak/kleak.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/share/man/man4/options.4
diff -u src/share/man/man4/options.4:1.507 src/share/man/man4/options.4:1.508
--- src/share/man/man4/options.4:1.507 Tue Aug 20 14:03:55 2019
+++ src/share/man/man4/options.4 Sat Feb 8 07:07:06 2020
@@ -1,4 +1,4 @@
-.\" $NetBSD: options.4,v 1.507 2019/08/20 14:03:55 gson Exp $
+.\" $NetBSD: options.4,v 1.508 2020/02/08 07:07:06 maxv Exp $
.\"
.\" Copyright (c) 1996
.\" Perry E. Metzger. All rights reserved.
@@ -30,7 +30,7 @@
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\"
-.Dd August 20, 2019
+.Dd February 8, 2020
.Dt OPTIONS 4
.Os
.Sh NAME
@@ -2331,7 +2331,6 @@ The flag can be changed at runtime by
.Xr sysctl 3 .
.It Cd options KASAN
Enables Kernel Address Sanitizer.
-Should not be used in conjunction with KLEAK.
.Em NOTE :
not available on all architectures.
.It Cd options KASLR
@@ -2339,11 +2338,6 @@ Enables Kernel ASLR.
This randomizes the location of the kernel image in memory.
.Em NOTE :
not available on all architectures.
-.It Cd options KLEAK
-Enables the KLEAK feature, that allows to detect kernel information leaks.
-Should not be used in conjunction with KASAN.
-.Em NOTE :
-not available on all architectures.
.It Cd options SVS
Enables Separate Virtual Space.
On architectures that are designed to function with a shared address
Index: src/share/mk/bsd.sys.mk
diff -u src/share/mk/bsd.sys.mk:1.298 src/share/mk/bsd.sys.mk:1.299
--- src/share/mk/bsd.sys.mk:1.298 Fri Dec 20 04:04:25 2019
+++ src/share/mk/bsd.sys.mk Sat Feb 8 07:07:06 2020
@@ -1,4 +1,4 @@
-# $NetBSD: bsd.sys.mk,v 1.298 2019/12/20 04:04:25 christos Exp $
+# $NetBSD: bsd.sys.mk,v 1.299 2020/02/08 07:07:06 maxv Exp $
#
# Build definitions used for NetBSD source tree builds.
@@ -236,14 +236,6 @@ CPUFLAGS+= -Wa,--fatal-warnings
CFLAGS+= ${CPUFLAGS}
AFLAGS+= ${CPUFLAGS}
-.if ${KLEAK:U0} > 0
-KLEAKFLAGS= -fsanitize-coverage=trace-pc
-.for f in subr_kleak.c
-KLEAKFLAGS.${f}= # empty
-.endfor
-CFLAGS+= ${KLEAKFLAGS.${.IMPSRC:T}:U${KLEAKFLAGS}}
-.endif
-
.if ${KCOV:U0} > 0
KCOVFLAGS= -fsanitize-coverage=trace-pc
.for f in subr_kcov.c subr_lwp_specificdata.c subr_specificdata.c subr_asan.c \
Index: src/sys/arch/amd64/conf/ALL
diff -u src/sys/arch/amd64/conf/ALL:1.144 src/sys/arch/amd64/conf/ALL:1.145
--- src/sys/arch/amd64/conf/ALL:1.144 Mon Feb 3 19:37:42 2020
+++ src/sys/arch/amd64/conf/ALL Sat Feb 8 07:07:06 2020
@@ -1,4 +1,4 @@
-# $NetBSD: ALL,v 1.144 2020/02/03 19:37:42 maya Exp $
+# $NetBSD: ALL,v 1.145 2020/02/08 07:07:06 maxv Exp $
# From NetBSD: GENERIC,v 1.787 2006/10/01 18:37:54 bouyer Exp
#
# ALL machine description file
@@ -17,7 +17,7 @@ include "arch/amd64/conf/std.amd64"
options INCLUDE_CONFIG_FILE # embed config file in kernel binary
-#ident "ALL-$Revision: 1.144 $"
+#ident "ALL-$Revision: 1.145 $"
maxusers 64 # estimated number of users
@@ -133,10 +133,6 @@ makeoptions KASAN=1 # Kernel Address Sa
options KASAN
#no options SVS
-# Kernel Info Leak Detector.
-#makeoptions KLEAK=1
-#options KLEAK
-
# Kernel Code Coverage Driver.
makeoptions KCOV=1
options KCOV
Index: src/sys/arch/amd64/conf/GENERIC
diff -u src/sys/arch/amd64/conf/GENERIC:1.560 src/sys/arch/amd64/conf/GENERIC:1.561
--- src/sys/arch/amd64/conf/GENERIC:1.560 Sat Jan 25 18:38:34 2020
+++ src/sys/arch/amd64/conf/GENERIC Sat Feb 8 07:07:06 2020
@@ -1,4 +1,4 @@
-# $NetBSD: GENERIC,v 1.560 2020/01/25 18:38:34 thorpej Exp $
+# $NetBSD: GENERIC,v 1.561 2020/02/08 07:07:06 maxv Exp $
#
# GENERIC machine description file
#
@@ -22,7 +22,7 @@ include "arch/amd64/conf/std.amd64"
options INCLUDE_CONFIG_FILE # embed config file in kernel binary
-#ident "GENERIC-$Revision: 1.560 $"
+#ident "GENERIC-$Revision: 1.561 $"
maxusers 64 # estimated number of users
@@ -147,10 +147,6 @@ options KDTRACE_HOOKS # kernel DTrace h
#options POOL_QUARANTINE # optional
#options KMSAN_PANIC # optional
-# Kernel Info Leak Detector.
-#makeoptions KLEAK=1
-#options KLEAK
-
# Kernel Code Coverage Driver.
#makeoptions KCOV=1
#options KCOV
Index: src/sys/arch/amd64/include/param.h
diff -u src/sys/arch/amd64/include/param.h:1.35 src/sys/arch/amd64/include/param.h:1.36
--- src/sys/arch/amd64/include/param.h:1.35 Wed Jan 22 16:52:46 2020
+++ src/sys/arch/amd64/include/param.h Sat Feb 8 07:07:07 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: param.h,v 1.35 2020/01/22 16:52:46 ad Exp $ */
+/* $NetBSD: param.h,v 1.36 2020/02/08 07:07:07 maxv Exp $ */
#ifdef __x86_64__
@@ -11,7 +11,6 @@
#include <machine/cpu.h>
#if defined(_KERNEL_OPT)
#include "opt_kasan.h"
-#include "opt_kleak.h"
#include "opt_kmsan.h"
#endif
#endif
@@ -68,7 +67,7 @@
#define SSIZE 1 /* initial stack size/NBPG */
#define SINCR 1 /* increment of stack/NBPG */
-#if defined(KASAN) || defined(KLEAK) || defined(KMSAN)
+#if defined(KASAN) || defined(KMSAN)
#define UPAGES 8
#elif defined(DIAGNOSTIC)
#define UPAGES 5 /* pages of u-area (1 for redzone) */
Index: src/sys/conf/files
diff -u src/sys/conf/files:1.1254 src/sys/conf/files:1.1255
--- src/sys/conf/files:1.1254 Mon Jan 20 22:18:39 2020
+++ src/sys/conf/files Sat Feb 8 07:07:07 2020
@@ -1,4 +1,4 @@
-# $NetBSD: files,v 1.1254 2020/01/20 22:18:39 pgoyette Exp $
+# $NetBSD: files,v 1.1255 2020/02/08 07:07:07 maxv Exp $
# @(#)files.newconf 7.5 (Berkeley) 5/10/93
version 20171118
@@ -35,7 +35,6 @@ defflag KCSAN
defflag opt_kcsan.h KCSAN_PANIC
defflag KMSAN
defflag opt_kmsan.h KMSAN_PANIC
-defflag KLEAK
defflag KCOV
defflag opt_pool.h POOL_QUARANTINE
Index: src/sys/conf/ssp.mk
diff -u src/sys/conf/ssp.mk:1.4 src/sys/conf/ssp.mk:1.5
--- src/sys/conf/ssp.mk:1.4 Sat Feb 23 03:10:06 2019
+++ src/sys/conf/ssp.mk Sat Feb 8 07:07:07 2020
@@ -1,4 +1,4 @@
-# $NetBSD: ssp.mk,v 1.4 2019/02/23 03:10:06 kamil Exp $
+# $NetBSD: ssp.mk,v 1.5 2020/02/08 07:07:07 maxv Exp $
.if ${USE_SSP:Uno} == "yes"
COPTS.kern_ssp.c+= -fno-stack-protector -D__SSP__
@@ -10,7 +10,6 @@ COPTS.kern_ssp.c+= -fno-stack-protector
COPTS.cpu.c+= -fno-stack-protector
.endif
-COPTS.subr_kleak.c+= -fno-stack-protector
COPTS.subr_kcov.c+= -fno-stack-protector
# The following files use alloca(3) or variable array allocations.
Index: src/sys/kern/files.kern
diff -u src/sys/kern/files.kern:1.42 src/sys/kern/files.kern:1.43
--- src/sys/kern/files.kern:1.42 Sat Jan 4 03:46:19 2020
+++ src/sys/kern/files.kern Sat Feb 8 07:07:07 2020
@@ -1,4 +1,4 @@
-# $NetBSD: files.kern,v 1.42 2020/01/04 03:46:19 kamil Exp $
+# $NetBSD: files.kern,v 1.43 2020/02/08 07:07:07 maxv Exp $
#
# kernel sources
@@ -124,7 +124,6 @@ file kern/subr_interrupt.c kern
file kern/subr_iostat.c kern
file kern/subr_ipi.c kern
file kern/subr_kcpuset.c kern
-file kern/subr_kleak.c kleak
file kern/subr_kcov.c kcov
defflag opt_kmem.h KMEM_SIZE
file kern/subr_kmem.c kern
Index: src/sys/kern/subr_pool.c
diff -u src/sys/kern/subr_pool.c:1.265 src/sys/kern/subr_pool.c:1.266
--- src/sys/kern/subr_pool.c:1.265 Sun Jan 19 23:49:32 2020
+++ src/sys/kern/subr_pool.c Sat Feb 8 07:07:07 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: subr_pool.c,v 1.265 2020/01/19 23:49:32 chs Exp $ */
+/* $NetBSD: subr_pool.c,v 1.266 2020/02/08 07:07:07 maxv Exp $ */
/*
* Copyright (c) 1997, 1999, 2000, 2002, 2007, 2008, 2010, 2014, 2015, 2018
@@ -33,13 +33,12 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: subr_pool.c,v 1.265 2020/01/19 23:49:32 chs Exp $");
+__KERNEL_RCSID(0, "$NetBSD: subr_pool.c,v 1.266 2020/02/08 07:07:07 maxv Exp $");
#ifdef _KERNEL_OPT
#include "opt_ddb.h"
#include "opt_lockdebug.h"
#include "opt_pool.h"
-#include "opt_kleak.h"
#endif
#include <sys/param.h>
@@ -117,14 +116,6 @@ static inline void pool_cache_put_kmsan(
#define pool_cache_put_kmsan(pc, ptr) __nothing
#endif
-#ifdef KLEAK
-static void pool_kleak_fill(struct pool *, void *);
-static void pool_cache_kleak_fill(pool_cache_t, void *);
-#else
-#define pool_kleak_fill(pp, ptr) __nothing
-#define pool_cache_kleak_fill(pc, ptr) __nothing
-#endif
-
#ifdef POOL_QUARANTINE
static void pool_quarantine_init(struct pool *);
static void pool_quarantine_flush(struct pool *);
@@ -1208,8 +1199,6 @@ pool_get(struct pool *pp, int flags)
pool_get_kmsan(pp, v);
if (flags & PR_ZERO)
memset(v, 0, pp->pr_reqsize);
- else
- pool_kleak_fill(pp, v);
return v;
}
@@ -2530,7 +2519,6 @@ pool_cache_get_slow(pool_cache_cpu_t *cc
}
FREECHECK_OUT(&pc->pc_freecheck, object);
- pool_cache_kleak_fill(pc, object);
return false;
}
@@ -2579,7 +2567,6 @@ pool_cache_get_paddr(pool_cache_t pc, in
FREECHECK_OUT(&pc->pc_freecheck, object);
pool_redzone_fill(&pc->pc_pool, object);
pool_cache_get_kmsan(pc, object);
- pool_cache_kleak_fill(pc, object);
return object;
}
@@ -2946,26 +2933,6 @@ pool_cache_put_kmsan(pool_cache_t pc, vo
}
#endif
-#ifdef KLEAK
-static void
-pool_kleak_fill(struct pool *pp, void *p)
-{
- if (__predict_false(pp->pr_roflags & PR_NOTOUCH)) {
- return;
- }
- kleak_fill_area(p, pp->pr_size);
-}
-
-static void
-pool_cache_kleak_fill(pool_cache_t pc, void *p)
-{
- if (__predict_false(pc_has_ctor(pc) || pc_has_dtor(pc))) {
- return;
- }
- pool_kleak_fill(&pc->pc_pool, p);
-}
-#endif
-
#ifdef POOL_QUARANTINE
static void
pool_quarantine_init(struct pool *pp)
Index: src/sys/kern/sys_syscall.c
diff -u src/sys/kern/sys_syscall.c:1.12 src/sys/kern/sys_syscall.c:1.13
--- src/sys/kern/sys_syscall.c:1.12 Sun Dec 2 21:00:13 2018
+++ src/sys/kern/sys_syscall.c Sat Feb 8 07:07:07 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: sys_syscall.c,v 1.12 2018/12/02 21:00:13 maxv Exp $ */
+/* $NetBSD: sys_syscall.c,v 1.13 2020/02/08 07:07:07 maxv Exp $ */
/*-
* Copyright (c) 2006 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: sys_syscall.c,v 1.12 2018/12/02 21:00:13 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sys_syscall.c,v 1.13 2020/02/08 07:07:07 maxv Exp $");
#include <sys/syscall_stats.h>
#include <sys/syscallvar.h>
@@ -85,7 +85,6 @@ SYS_SYSCALL(struct lwp *l, const struct
error = trace_enter(code, callp, TRACE_ARGS);
if (__predict_false(error != 0))
return error;
- kleak_fill_stack();
error = sy_call(callp, l, &uap->args, rval);
trace_exit(code, callp, &uap->args, rval, error);
return error;
Index: src/sys/sys/systm.h
diff -u src/sys/sys/systm.h:1.292 src/sys/sys/systm.h:1.293
--- src/sys/sys/systm.h:1.292 Wed Jan 1 09:33:19 2020
+++ src/sys/sys/systm.h Sat Feb 8 07:07:07 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: systm.h,v 1.292 2020/01/01 09:33:19 skrll Exp $ */
+/* $NetBSD: systm.h,v 1.293 2020/02/08 07:07:07 maxv Exp $ */
/*-
* Copyright (c) 1982, 1988, 1991, 1993
@@ -45,7 +45,6 @@
#include "opt_gprof.h"
#include "opt_kasan.h"
#include "opt_kcsan.h"
-#include "opt_kleak.h"
#include "opt_kmsan.h"
#include "opt_wsdisplay_compat.h"
#endif
@@ -325,18 +324,6 @@ int copyin(const void *, void *, size_t)
int copyout(const void *, void *, size_t);
#endif
-#ifdef KLEAK
-#define copyout kleak_copyout
-#define copyoutstr kleak_copyoutstr
-int kleak_copyout(const void *, void *, size_t);
-int kleak_copyoutstr(const void *, void *, size_t, size_t *);
-void kleak_fill_area(void *, size_t);
-void kleak_fill_stack(void);
-#else
-#define kleak_fill_area(a, b) __nothing
-#define kleak_fill_stack() __nothing
-#endif
-
#ifdef _KERNEL
typedef int (*copyin_t)(const void *, void *, size_t);
typedef int (*copyout_t)(const void *, void *, size_t);
Index: src/sys/uvm/uvm_km.c
diff -u src/sys/uvm/uvm_km.c:1.153 src/sys/uvm/uvm_km.c:1.154
--- src/sys/uvm/uvm_km.c:1.153 Mon Jan 20 10:43:48 2020
+++ src/sys/uvm/uvm_km.c Sat Feb 8 07:07:07 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: uvm_km.c,v 1.153 2020/01/20 10:43:48 skrll Exp $ */
+/* $NetBSD: uvm_km.c,v 1.154 2020/02/08 07:07:07 maxv Exp $ */
/*
* Copyright (c) 1997 Charles D. Cranor and Washington University.
@@ -152,7 +152,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: uvm_km.c,v 1.153 2020/01/20 10:43:48 skrll Exp $");
+__KERNEL_RCSID(0, "$NetBSD: uvm_km.c,v 1.154 2020/02/08 07:07:07 maxv Exp $");
#include "opt_uvmhist.h"
@@ -715,7 +715,6 @@ uvm_km_alloc(struct vm_map *map, vsize_t
pmap_update(pmap_kernel());
if ((flags & UVM_KMF_ZERO) == 0) {
- kleak_fill_area((void *)kva, size);
kmsan_orig((void *)kva, size, KMSAN_TYPE_UVM, __RET_ADDR);
kmsan_mark((void *)kva, size, KMSAN_STATE_UNINIT);
}
