Merge tag 'stackleak-v4.20-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...

Pull stackleak gcc plugin from Kees Cook:
 "Please pull this new GCC plugin, stackleak, for v4.20-rc1. This plugin
  was ported from grsecurity by Alexander Popov. It provides efficient
  stack content poisoning at syscall exit. This creates a defense
  against at least two classes of flaws:

   - Uninitialized stack usage. (We continue to work on improving the
     compiler to do this in other ways: e.g. unconditional zero init was
     proposed to GCC and Clang, and more plugin work has started too).

   - Stack content exposure. By greatly reducing the lifetime of valid
     stack contents, exposures via either direct read bugs or unknown
     cache side-channels become much more difficult to exploit. This
     complements the existing buddy and heap poisoning options, but
     provides the coverage for stacks.

  The x86 hooks are included in this series (which have been reviewed by
  Ingo, Dave Hansen, and Thomas Gleixner). The arm64 hooks have already
  been merged through the arm64 tree (written by Laura Abbott and
  reviewed by Mark Rutland and Will Deacon).

  With VLAs having been removed this release, there is no need for
  alloca() protection, so it has been removed from the plugin"

* tag 'stackleak-v4.20-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
  arm64: Drop unneeded stackleak_check_alloca()
  stackleak: Allow runtime disabling of kernel stack erasing
  doc: self-protection: Add information about STACKLEAK feature
  fs/proc: Show STACKLEAK metrics in the /proc file system
  lkdtm: Add a test for STACKLEAK
  gcc-plugins: Add STACKLEAK plugin for tracking the kernel stack
  x86/entry: Add STACKLEAK erasing the kernel stack at the end of syscalls

diff --cc Documentation/x86/x86_64/mm.txt
index 7028986,600bc2a..73aaaa3
--- 1/Documentation/x86/x86_64/mm.txt
--- 2/Documentation/x86/x86_64/mm.txt
+++ b/Documentation/x86/x86_64/mm.txt
@@@ -146,3 -79,3 +146,6 @@@ Their order is preserved but their bas
  Be very careful vs. KASLR when changing anything here. The KASLR address
  range must not overlap with anything except the KASAN shadow area, which is
  correct as KASAN disables KASLR.
++
++For both 4- and 5-level layouts, the STACKLEAK_POISON value in the last 2MB
++hole: ffffffffffff4111

diff --cc arch/Kconfig
Simple merge

diff --cc arch/arm64/kernel/process.c
Simple merge

diff --cc arch/x86/Kconfig
Simple merge

diff --cc arch/x86/entry/calling.h
Simple merge

diff --cc arch/x86/entry/entry_32.S
Simple merge

diff --cc arch/x86/entry/entry_64.S
Simple merge

diff --cc drivers/misc/lkdtm/core.c
index 5a75559,aca26d8..2837dc7
--- 1/drivers/misc/lkdtm/core.c
--- 2/drivers/misc/lkdtm/core.c
+++ b/drivers/misc/lkdtm/core.c
@@@ -183,7 -183,7 +183,8 @@@ static const struct crashtype crashtype
        CRASHTYPE(USERCOPY_STACK_FRAME_FROM),
        CRASHTYPE(USERCOPY_STACK_BEYOND),
        CRASHTYPE(USERCOPY_KERNEL),
 +      CRASHTYPE(USERCOPY_KERNEL_DS),
+       CRASHTYPE(STACKLEAK_ERASING),
  };
  
  

diff --cc drivers/misc/lkdtm/lkdtm.h
index 07db641,b611b15..3c6fd32
--- 1/drivers/misc/lkdtm/lkdtm.h
--- 2/drivers/misc/lkdtm/lkdtm.h
+++ b/drivers/misc/lkdtm/lkdtm.h
@@@ -82,6 -82,8 +82,9 @@@ void lkdtm_USERCOPY_STACK_FRAME_TO(void
  void lkdtm_USERCOPY_STACK_FRAME_FROM(void);
  void lkdtm_USERCOPY_STACK_BEYOND(void);
  void lkdtm_USERCOPY_KERNEL(void);
 +void lkdtm_USERCOPY_KERNEL_DS(void);
  
+ /* lkdtm_stackleak.c */
+ void lkdtm_STACKLEAK_ERASING(void);
+ 
  #endif

diff --cc fs/proc/base.c
Simple merge

diff --cc include/linux/sched.h
Simple merge

diff --cc kernel/fork.c
Simple merge