From: Kees Cook <keescook@chromium.org>
To: Ard Biesheuvel <ardb@kernel.org>
Cc: linux-arm-kernel@lists.infradead.org, catalin.marinas@arm.com,
will@kernel.org, mark.rutland@arm.com, maz@kernel.org,
Sami Tolvanen <samitolvanen@google.com>,
Fangrui Song <maskray@google.com>,
Nick Desaulniers <ndesaulniers@google.com>,
Dan Li <ashimida@linux.alibaba.com>
Subject: Re: [PATCH v3 3/3] arm64: implement dynamic shadow call stack for Clang
Date: Mon, 13 Jun 2022 09:30:51 -0700 [thread overview]
Message-ID: <202206130927.C1BF21FB83@keescook> (raw)
In-Reply-To: <20220613134008.3760481-4-ardb@kernel.org>
On Mon, Jun 13, 2022 at 03:40:08PM +0200, Ard Biesheuvel wrote:
> Implement dynamic shadow call stack support on Clang, by parsing the
> unwind tables at init time to locate all occurrences of PACIASP/AUTIASP
> instructions, and replacing them with the shadow call stack push and pop
> instructions, respectively.
>
> This is useful because the overhead of the shadow call stack is
> difficult to justify on hardware that implements pointer authentication
> (PAC), and given that the PAC instructions are executed as NOPs on
> hardware that doesn't, we can just replace them without breaking
> anything. As PACIASP/AUTIASP are guaranteed to be paired with respect to
> manipulations of the return address, replacing them 1:1 with shadow call
> stack pushes and pops is guaranteed to result in the desired behavior.
Specifically, the "PAC available" benefit is the per-thread memory
savings (no shadow stack needs to be allocated). Thanks for getting this
working!
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Sami, can you test this for the cases you've needed this for?
In the meantime, Will, can you land this for -next so we can get maximal
test time?
--
Kees Cook
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2022-06-13 16:32 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-13 13:40 [PATCH v3 0/3] arm64: dynamic shadow call stack support Ard Biesheuvel
2022-06-13 13:40 ` [PATCH v3 1/3] arm64: unwind: add asynchronous unwind tables to kernel and modules Ard Biesheuvel
2022-06-15 16:50 ` Sami Tolvanen
2022-06-15 16:53 ` Ard Biesheuvel
2022-06-15 21:29 ` Kees Cook
2022-06-15 21:52 ` Fangrui Song
2022-06-16 7:14 ` Ard Biesheuvel
2022-06-16 7:24 ` Fangrui Song
2022-06-13 13:40 ` [PATCH v3 2/3] scs: add support for dynamic shadow call stacks Ard Biesheuvel
2022-06-14 6:20 ` Ard Biesheuvel
2022-06-15 17:12 ` Sami Tolvanen
2022-06-16 7:14 ` Ard Biesheuvel
2022-06-13 13:40 ` [PATCH v3 3/3] arm64: implement dynamic shadow call stack for Clang Ard Biesheuvel
2022-06-13 16:30 ` Kees Cook [this message]
2022-06-13 16:50 ` Ard Biesheuvel
2022-06-15 21:32 ` Sami Tolvanen
2022-06-16 10:51 ` Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202206130927.C1BF21FB83@keescook \
--to=keescook@chromium.org \
--cc=ardb@kernel.org \
--cc=ashimida@linux.alibaba.com \
--cc=catalin.marinas@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=mark.rutland@arm.com \
--cc=maskray@google.com \
--cc=maz@kernel.org \
--cc=ndesaulniers@google.com \
--cc=samitolvanen@google.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.