From patchwork Sun Jul 16 21:51:22 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Brown X-Patchwork-Id: 13314958 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 29A3CC001DE for ; Sun, 16 Jul 2023 21:55:37 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id BAA708D0003; Sun, 16 Jul 2023 17:55:36 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id B33EE8D0001; Sun, 16 Jul 2023 17:55:36 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9D4AD8D0003; Sun, 16 Jul 2023 17:55:36 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 8E9858D0001 for ; Sun, 16 Jul 2023 17:55:36 -0400 (EDT) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 5D7C94029E for ; Sun, 16 Jul 2023 21:55:36 +0000 (UTC) X-FDA: 81018832272.24.6007CCC Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by imf02.hostedemail.com (Postfix) with ESMTP id 9A51480009 for ; Sun, 16 Jul 2023 21:55:34 +0000 (UTC) Authentication-Results: imf02.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=rWGbpHGp; spf=pass (imf02.hostedemail.com: domain of broonie@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=broonie@kernel.org; dmarc=pass (policy=none) header.from=kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1689544534; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=MglPxYtF8VH0OzN6SjKXbUmwgOaK8a7gZBblFNfxeS8=; b=V9RhbFOYHy5yBX+p8SkOBPzmOyBY+otBMy4rLgQ2cHOWtQNm9UCWc9d8GMYPWsOLDx52zE Xqu5u3w9lXMlcXrfJ1BXCqqJKhADZLI0g1UXDqOMnAOu8eoqbLMra+Xr/EdNeXqasQl33w KLC0KpUB+cm9jl/Jtgiqc1EqL3jO4FQ= ARC-Authentication-Results: i=1; imf02.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=rWGbpHGp; spf=pass (imf02.hostedemail.com: domain of broonie@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=broonie@kernel.org; dmarc=pass (policy=none) header.from=kernel.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1689544534; a=rsa-sha256; cv=none; b=MdXWeIQuqNQ9huVFAkUzk38KiP165nHe1Fq1gM0RcvkMd4IUW7mHp/pcBEnOYtdCAh/rm7 hFmA7ga+YUklmM1GiY239MkVmloONUqRXEA4Jx1I9EgGz+cFVJl/Slrhx7W25ej90FUsgn GSMKaZwE9lkmoClx/irhUZlsRbfZL6w= Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id DDAFA60EC9; Sun, 16 Jul 2023 21:55:33 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 94855C433CA; Sun, 16 Jul 2023 21:55:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1689544533; bh=pU/Cpaxis09XYO6pS+Tm9irl4OV1fzcTdHAFs+JXaiE=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=rWGbpHGpAPUGRkeHBlxB3u7YFF02VUBqBH3DDfi/zq+uR3bo5c9/02qDMlbROcq1a TOxZq+swTzl/Cn9rsFrq0fkp5SOMZ9rQdBdNmFqBC1WAmool8nFYx21GlscpJIPaX5 Hj4VHZuaIdAexXk06rf4SIr9g7kTQlHiAqUekjYGnvRjB0F6hrvpboYOjI/7sNGzH6 vO0/Sk0ndEyBZ5Xb7JXIentYaOHaqbRU2SiE/17mQ8tYAWW9MdndQvzgrHI+Gte1+R I25r1VajxxALbkW5eIIXj+twrpfKo9XBumj5mL0llLHJuRgO6RoUYB0fbwIFe2mCnI xdT5wxQd/9Vww== From: Mark Brown Date: Sun, 16 Jul 2023 22:51:22 +0100 Subject: [PATCH 26/35] arm64: Add Kconfig for Guarded Control Stack (GCS) MIME-Version: 1.0 Message-Id: <20230716-arm64-gcs-v1-26-bf567f93bba6@kernel.org> References: <20230716-arm64-gcs-v1-0-bf567f93bba6@kernel.org> In-Reply-To: <20230716-arm64-gcs-v1-0-bf567f93bba6@kernel.org> To: Catalin Marinas , Will Deacon , Jonathan Corbet , Andrew Morton , Marc Zyngier , Oliver Upton , James Morse , Suzuki K Poulose , Arnd Bergmann , Oleg Nesterov , Eric Biederman , Kees Cook , Shuah Khan , "Rick P. Edgecombe" , Deepak Gupta , Ard Biesheuvel , Szabolcs Nagy Cc: "H.J. Lu" , Paul Walmsley , Palmer Dabbelt , Albert Ou , linux-arm-kernel@lists.infradead.org, linux-doc@vger.kernel.org, kvmarm@lists.linux.dev, linux-fsdevel@vger.kernel.org, linux-arch@vger.kernel.org, linux-mm@kvack.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, linux-riscv@lists.infradead.org, Mark Brown X-Mailer: b4 0.13-dev-099c9 X-Developer-Signature: v=1; a=openpgp-sha256; l=1333; i=broonie@kernel.org; h=from:subject:message-id; bh=pU/Cpaxis09XYO6pS+Tm9irl4OV1fzcTdHAFs+JXaiE=; b=owEBbQGS/pANAwAKASTWi3JdVIfQAcsmYgBktGajNEQmje9r0OAkZ6IXOyAN5ruAxFmeetfHxjAC LDyTfAyJATMEAAEKAB0WIQSt5miqZ1cYtZ/in+ok1otyXVSH0AUCZLRmowAKCRAk1otyXVSH0JhGB/ 4uEom4k4x+430HQzhyHP2BDhwiv0Xo2K1mTO20ue7Lk8Wti2gS+bFt3j5ucEpMEwtZzUpbv9aFHg8g yVDFSa62TJm4VnlCyDGJgQ8tJrySIzQDdUWaW4NsZkCYMvzaHn7Io9BSwTN7Zseo4HDAFXeuVN+KcI 6W/YOWtqN+FpSOZSkAOtNDCCtHC+Bnwr5v6a6FDSO91/wXPICZ9z5JG71wr/l8ddWrbzhdD+2lp/5O sqSoPHL3zXgrAcCHuCXDKtfj+XAC/YXjHy8TdZgS0bh4tp9AbE5iob7yXE/SpJfC8W3JOO8pyrZA3r LZHn0cmojWthyoDyKu+QYIQJkyHsLU X-Developer-Key: i=broonie@kernel.org; a=openpgp; fpr=3F2568AAC26998F9E813A1C5C3F436CA30F5D8EB X-Rspamd-Queue-Id: 9A51480009 X-Rspam-User: X-Stat-Signature: cpcng35gn3g31sdbmn4kmepdeqx3bxtr X-Rspamd-Server: rspam01 X-HE-Tag: 1689544534-391672 X-HE-Meta: U2FsdGVkX1+YfNnh0uLJYOzqYTEox73Ix7Safurb0iRDEyrSbZ3LkjREwm3jBIFhHVsMJjoG5ZM++zCPmZBzC2QR2AZF5SYBI5c9KTmf6UHCYeTVK/WGzXayersxyrn8VBhuV1jYu+YKluk8IY5mt55ciMwpeqCJvezq7Ol8/PeoubSfaNjz1T3CVOLbmm74WVVL2sp56vdfTcvJPH6lOMcLxvAt1Ry8ViWqlngbb0qY0/daKntOZB1yquOJ6TLc2Y5JBVnwRTjuVGm+uzr7zYP7YLHRP9BuiRwvfYX1aICfrE8fYUwdNqknVL3bGt26PjKNrS7hk3FPjlRkemVmFWm6zHirJQsKaS3cOEgAsr5FIJf/erVwoNI+o280FOeDNrpwMHzetMNCTHCcb/ByNgG21CkfVgdQVvDVktuzIdtR4ePOLUmfjcWW+VR7bNSutMObMwuOuKwpVnGT9GP0pMsfpnWEO7jcd5F95QEFu0mVPtr9w9awFt8QkdXhRCENCjjOevDsFxOC/kkJHx45Umld5YM+w1DKBxl+uX2kbY3U9wGTSDEEenv/96HepmIYxgLnUmQMrC3Dj3NxJVqPP+gPdjY3AsKTWsWd9gyR39XcRfVihVH0JNWSSbPAO1pGSl25qegLK2PfncJ2B7rLzwd4VWPk4jl0gGlj18vt1uDTKd67lqIBcBnvV6n/i6yY/BUiq3c+JMslGyNQ4dfoLwGBy+8K41+UnzMDNxkvtallTbJ5GiXcC6zUUFu7g2nZ9kFURRA1RECjg7gAEfWbL73nKES089NZ7X4gga3y/LAkeBg0ThTkAkuVKywsHr459jYH0Yh72gsfmV7+jPMLclMuJlHMcItlf41Au2eWSPhO5B4LjGV8n8GAn7UffBDNE4tYHTnCPNbiP63Brqnb8sLIoXBtulWp1oU8bGhwzmExqBUtzrmaYifv6O46bfCcn8QsJaMXrvGvUxwkpYx MoDG/RKF IBO3De5YgT4ayd/Io96IYqDYjKj+xr9ZAq9g9Z+tys/pKxOERifjRB4NMCVw3fSz981DcPmc+sHvpRN4VUe9yhs5Qd3ymGRdBrGQCyH9gu/c9lQOpjG8bDebOUxclaQ3hOikTPVSUzrrj0s/eRCzME6KINFBXSm5CKsOC2HOgjEIAQnf1a0RwKdndgSZHqgbDiItebh5gpgIz2D4IUfRMUlMj/ehohp+DxHG8krEwNMcMNL5f03j5Il0igJcXyI0RoxUh9sHE58Tnh2pBkJYO+RAcBpb3gJgQXwI0NHO/tiH1Bv7VJiEg3xKVYy//2lxKUV/q7uByyMmj6Q3mV7f7rp5IySmzTsMfLKqRLYdFw6yhNl8UATNxr9+BszYFbLYaUmJo8e9kbh8rNlmeuWyPCI/ahVIAyuKymgBGMCoGEJHScQ8= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Provide a Kconfig option allowing the user to select if GCS support is built into the kernel. Signed-off-by: Mark Brown --- arch/arm64/Kconfig | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index 7856c3a3e35a..e1aeeda13c52 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -2091,6 +2091,25 @@ config ARM64_EPAN if the cpu does not implement the feature. endmenu # "ARMv8.7 architectural features" +menu "v9.4 architectural features" + +config ARM64_GCS + bool "Enable support for Guarded Control Stack (GCS)" + default y + select ARCH_USES_HIGH_VMA_FLAGS + help + Guarded Control Stack (GCS) provides support for a separate + stack with restricted access which contains only return + addresses. This can be used to harden against some attacks + by comparing return address used by the program with what is + stored in the GCS, and may also be used to efficiently obtain + the call stack for applications such as profiling. + + The feature is detected at runtime, and will remain disabled + if the system does not implement the feature. + +endmenu # "2022 archiectural features" + config ARM64_SVE bool "ARM Scalable Vector Extension support" default y