| Message ID | 20191031164637.48901-13-samitolvanen@google.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | add support for Clang's Shadow Call Stack | expand |
On Thu, Oct 31, 2019 at 9:47 AM <samitolvanen@google.com> wrote: > > Reserve the x18 register from general allocation when SCS is enabled, > because the compiler uses the register to store the current task's > shadow stack pointer. Note that all external kernel modules must also be > compiled with -ffixed-x18 if the kernel has SCS enabled. Inline/out-of-line assembly will also need to be careful not to accidentally overwrite the current task's shadow stack pointer. Without automated checking for that, we'll have to rely on a "gentlemen's promise" for code reviewers, though we'd likely hit such a regression with Android+mainline. Reviewed-by: Nick Desaulniers <ndesaulniers@google.com> > > Signed-off-by: Sami Tolvanen <samitolvanen@google.com> > --- > arch/arm64/Makefile | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/arch/arm64/Makefile b/arch/arm64/Makefile > index 2c0238ce0551..ef76101201b2 100644 > --- a/arch/arm64/Makefile > +++ b/arch/arm64/Makefile > @@ -72,6 +72,10 @@ stack_protector_prepare: prepare0 > include/generated/asm-offsets.h)) > endif > > +ifeq ($(CONFIG_SHADOW_CALL_STACK), y) > +KBUILD_CFLAGS += -ffixed-x18 > +endif > + > ifeq ($(CONFIG_CPU_BIG_ENDIAN), y) > KBUILD_CPPFLAGS += -mbig-endian > CHECKFLAGS += -D__AARCH64EB__ > -- > 2.24.0.rc0.303.g954a862665-goog >
On Thu, Oct 31, 2019 at 09:46:32AM -0700, samitolvanen@google.com wrote: > Reserve the x18 register from general allocation when SCS is enabled, > because the compiler uses the register to store the current task's > shadow stack pointer. Note that all external kernel modules must also be > compiled with -ffixed-x18 if the kernel has SCS enabled. > > Signed-off-by: Sami Tolvanen <samitolvanen@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> -Kees > --- > arch/arm64/Makefile | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/arch/arm64/Makefile b/arch/arm64/Makefile > index 2c0238ce0551..ef76101201b2 100644 > --- a/arch/arm64/Makefile > +++ b/arch/arm64/Makefile > @@ -72,6 +72,10 @@ stack_protector_prepare: prepare0 > include/generated/asm-offsets.h)) > endif > > +ifeq ($(CONFIG_SHADOW_CALL_STACK), y) > +KBUILD_CFLAGS += -ffixed-x18 > +endif > + > ifeq ($(CONFIG_CPU_BIG_ENDIAN), y) > KBUILD_CPPFLAGS += -mbig-endian > CHECKFLAGS += -D__AARCH64EB__ > -- > 2.24.0.rc0.303.g954a862665-goog >
diff --git a/arch/arm64/Makefile b/arch/arm64/Makefile index 2c0238ce0551..ef76101201b2 100644 --- a/arch/arm64/Makefile +++ b/arch/arm64/Makefile @@ -72,6 +72,10 @@ stack_protector_prepare: prepare0 include/generated/asm-offsets.h)) endif +ifeq ($(CONFIG_SHADOW_CALL_STACK), y) +KBUILD_CFLAGS += -ffixed-x18 +endif + ifeq ($(CONFIG_CPU_BIG_ENDIAN), y) KBUILD_CPPFLAGS += -mbig-endian CHECKFLAGS += -D__AARCH64EB__
Reserve the x18 register from general allocation when SCS is enabled, because the compiler uses the register to store the current task's shadow stack pointer. Note that all external kernel modules must also be compiled with -ffixed-x18 if the kernel has SCS enabled. Signed-off-by: Sami Tolvanen <samitolvanen@google.com> --- arch/arm64/Makefile | 4 ++++ 1 file changed, 4 insertions(+)