From: Dan Li <ashimida@linux.alibaba.com>
To: catalin.marinas@arm.com, will@kernel.org, nathan@kernel.org,
ndesaulniers@google.com, keescook@chromium.org,
tglx@linutronix.de, akpm@linux-foundation.org,
peterz@infradead.org, samitolvanen@google.com,
masahiroy@kernel.org, rppt@kernel.org, mark.rutland@arm.com,
frederic@kernel.org, yifeifz2@illinois.edu, rostedt@goodmis.org,
viresh.kumar@linaro.org, andreyknvl@gmail.com,
colin.king@canonical.com, ojeda@kernel.org, arnd@arndb.de,
luc.vanoostenryck@gmail.com, nivedita@alum.mit.edu,
elver@google.com
Cc: linux-hardening@vger.kernel.org, Dan Li <ashimida@linux.alibaba.com>
Subject: [PATCH] [RFC/RFT] AARCH64: Add gcc Shadow Call Stack support
Date: Tue, 2 Nov 2021 00:58:12 -0700 [thread overview]
Message-ID: <20211102075812.122715-1-ashimida@linux.alibaba.com> (raw)
I tried to submit a patch[1] to add compiler's SCS support on gcc-11.1.0.
Kernel can enable SCS under gcc based on this patch, commands as follows:
make ARCH=arm64 defconfig
./scripts/config -e CONFIG_SHADOW_CALL_STACK
make ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu-
[1] https://gcc.gnu.org/pipermail/gcc-patches/2021-November/583062.html
Signed-off-by: Dan Li <ashimida@linux.alibaba.com>
---
This function can be used to test whether the shadow stack is effective:
//noinline void __noscs scs_test(void)
noinline void scs_test(void)
{
register unsigned long *sp asm("sp");
unsigned long * lr = sp + 1;
asm volatile("":::"x30");
*lr = 0;
}
ffff800010012710 <scs_test>:
ffff800010012710: d503245f bti c
ffff800010012714: d503233f paciasp
ffff800010012718: a9bf7bfd stp x29, x30, [sp, #-16]!
ffff80001001271c: 910003fd mov x29, sp
ffff800010012720: 910003e0 mov x0, sp
ffff800010012724: f900041f str xzr, [x0, #8]
ffff800010012728: a8c17bfd ldp x29, x30, [sp], #16
ffff80001001272c: d50323bf autiasp
ffff800010012730: d65f03c0 ret
arch/Kconfig | 6 +++---
arch/arm64/Kconfig | 2 +-
include/linux/compiler-gcc.h | 6 ++++++
3 files changed, 10 insertions(+), 4 deletions(-)
diff --git a/arch/Kconfig b/arch/Kconfig
index 98db63496bab..35b27be0d7ee 100644
--- a/arch/Kconfig
+++ b/arch/Kconfig
@@ -593,11 +593,11 @@ config ARCH_SUPPORTS_SHADOW_CALL_STACK
switching.
config SHADOW_CALL_STACK
- bool "Clang Shadow Call Stack"
- depends on CC_IS_CLANG && ARCH_SUPPORTS_SHADOW_CALL_STACK
+ bool "Shadow Call Stack"
+ depends on ARCH_SUPPORTS_SHADOW_CALL_STACK
depends on DYNAMIC_FTRACE_WITH_REGS || !FUNCTION_GRAPH_TRACER
help
- This option enables Clang's Shadow Call Stack, which uses a
+ This option enables Clang/GCC's Shadow Call Stack, which uses a
shadow stack to protect function return addresses from being
overwritten by an attacker. More information can be found in
Clang's documentation:
diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index 62c3c1d2190f..5d49c0c89645 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -1062,7 +1062,7 @@ config ARCH_HAS_FILTER_PGPROT
# Supported by clang >= 7.0
config CC_HAVE_SHADOW_CALL_STACK
- def_bool $(cc-option, -fsanitize=shadow-call-stack -ffixed-x18)
+ def_bool CC_IS_CLANG || $(cc-option, -fsanitize=shadow-call-stack -ffixed-x18)
config PARAVIRT
bool "Enable paravirtualization code"
diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h
index cb9217fc60af..917c3bb6aa43 100644
--- a/include/linux/compiler-gcc.h
+++ b/include/linux/compiler-gcc.h
@@ -104,6 +104,12 @@
#define KASAN_ABI_VERSION 3
#endif
+#if __has_attribute(__no_sanitize_shadow_call_stack__)
+#define __noscs __attribute__((no_sanitize_shadow_call_stack))
+#else
+#define __noscs
+#endif
+
#if __has_attribute(__no_sanitize_address__)
#define __no_sanitize_address __attribute__((no_sanitize_address))
#else
--
2.17.1
next reply other threads:[~2021-11-02 7:58 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-02 7:58 Dan Li [this message]
2021-11-02 9:51 ` [PATCH] [RFC/RFT] AARCH64: Add gcc Shadow Call Stack support Miguel Ojeda
2021-11-02 16:03 ` Dan Li
2021-11-02 16:16 ` Miguel Ojeda
2021-11-02 18:41 ` Nick Desaulniers
2021-11-02 18:51 ` Miguel Ojeda
2021-11-02 18:59 ` Nick Desaulniers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211102075812.122715-1-ashimida@linux.alibaba.com \
--to=ashimida@linux.alibaba.com \
--cc=akpm@linux-foundation.org \
--cc=andreyknvl@gmail.com \
--cc=arnd@arndb.de \
--cc=catalin.marinas@arm.com \
--cc=colin.king@canonical.com \
--cc=elver@google.com \
--cc=frederic@kernel.org \
--cc=keescook@chromium.org \
--cc=linux-hardening@vger.kernel.org \
--cc=luc.vanoostenryck@gmail.com \
--cc=mark.rutland@arm.com \
--cc=masahiroy@kernel.org \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=nivedita@alum.mit.edu \
--cc=ojeda@kernel.org \
--cc=peterz@infradead.org \
--cc=rostedt@goodmis.org \
--cc=rppt@kernel.org \
--cc=samitolvanen@google.com \
--cc=tglx@linutronix.de \
--cc=viresh.kumar@linaro.org \
--cc=will@kernel.org \
--cc=yifeifz2@illinois.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.