All of lore.kernel.org
 help / color / mirror / Atom feed
From: Nick Desaulniers <ndesaulniers@google.com>
To: Miguel Ojeda <miguel.ojeda.sandonis@gmail.com>
Cc: Dan Li <ashimida@linux.alibaba.com>,
	Catalin Marinas <catalin.marinas@arm.com>,
	Will Deacon <will@kernel.org>,
	Nathan Chancellor <nathan@kernel.org>,
	Kees Cook <keescook@chromium.org>,
	Thomas Gleixner <tglx@linutronix.de>,
	Andrew Morton <akpm@linux-foundation.org>,
	Peter Zijlstra <peterz@infradead.org>,
	Sami Tolvanen <samitolvanen@google.com>,
	Masahiro Yamada <masahiroy@kernel.org>,
	Mike Rapoport <rppt@kernel.org>,
	Mark Rutland <mark.rutland@arm.com>,
	frederic@kernel.org, yifeifz2@illinois.edu,
	Steven Rostedt <rostedt@goodmis.org>,
	Viresh Kumar <viresh.kumar@linaro.org>,
	andreyknvl@gmail.com, Colin King <colin.king@canonical.com>,
	Miguel Ojeda <ojeda@kernel.org>, Arnd Bergmann <arnd@arndb.de>,
	Luc Van Oostenryck <luc.vanoostenryck@gmail.com>,
	Arvind Sankar <nivedita@alum.mit.edu>,
	Marco Elver <elver@google.com>,
	linux-hardening@vger.kernel.org
Subject: Re: [PATCH] [RFC/RFT] AARCH64: Add gcc Shadow Call Stack support
Date: Tue, 2 Nov 2021 11:41:58 -0700	[thread overview]
Message-ID: <CAKwvOd=0GpX59U1ndzahJ8mh26C-Gb54pjwUk4eYigb0ZoCiwg@mail.gmail.com> (raw)
In-Reply-To: <CANiq72meBX1g6z2-vfNpMw2C8S-BavuA4CTyPLpD4zUcX193Sw@mail.gmail.com>

On Tue, Nov 2, 2021 at 2:52 AM Miguel Ojeda
<miguel.ojeda.sandonis@gmail.com> wrote:
>
> On Tue, Nov 2, 2021 at 8:58 AM Dan Li <ashimida@linux.alibaba.com> wrote:
> >
> > I tried to submit a patch[1] to add compiler's SCS support on gcc-11.1.0.
>
> This would go into GCC 12, right?
>
> > [1] https://gcc.gnu.org/pipermail/gcc-patches/2021-November/583062.html
>
> Nit: you can use the `Link: ` tag for this.
>
> >  # Supported by clang >= 7.0
>
> We should add a comment here saying the minimum version too, e.g. GCC
> >= 12 (assuming it will be merged)
>
> >  config CC_HAVE_SHADOW_CALL_STACK
> > -       def_bool $(cc-option, -fsanitize=shadow-call-stack -ffixed-x18)
> > +       def_bool CC_IS_CLANG || $(cc-option, -fsanitize=shadow-call-stack -ffixed-x18)
>
> This is changing the default for Clang (which looks fine due to our
> minimum Clang version), but if the test for GCC works the same way,
> why not just keep the line as it was since it covers both?

Yeah, let's just have the cc-option check used for both toolchains.

> > +#if __has_attribute(__no_sanitize_shadow_call_stack__)
> > +#define __noscs __attribute__((no_sanitize_shadow_call_stack))
> > +#else
> > +#define __noscs
> > +#endif
>
> No need for the `else` branch here, it is done in `compiler_types.h`
> (to be consistent with Clang).

Do we want to move this to include/linux/compiler_attributes.h?
Respecifying these repeatedly in each include/linux/compiler-*.h feels
excessively redundant.

> Also, I hope one day GCC and Clang doing the same for these
> sanitize-related bits...

...
-- 
Thanks,
~Nick Desaulniers

  parent reply	other threads:[~2021-11-02 18:42 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-11-02  7:58 [PATCH] [RFC/RFT] AARCH64: Add gcc Shadow Call Stack support Dan Li
2021-11-02  9:51 ` Miguel Ojeda
2021-11-02 16:03   ` Dan Li
2021-11-02 16:16     ` Miguel Ojeda
2021-11-02 18:41   ` Nick Desaulniers [this message]
2021-11-02 18:51     ` Miguel Ojeda
2021-11-02 18:59       ` Nick Desaulniers

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAKwvOd=0GpX59U1ndzahJ8mh26C-Gb54pjwUk4eYigb0ZoCiwg@mail.gmail.com' \
    --to=ndesaulniers@google.com \
    --cc=akpm@linux-foundation.org \
    --cc=andreyknvl@gmail.com \
    --cc=arnd@arndb.de \
    --cc=ashimida@linux.alibaba.com \
    --cc=catalin.marinas@arm.com \
    --cc=colin.king@canonical.com \
    --cc=elver@google.com \
    --cc=frederic@kernel.org \
    --cc=keescook@chromium.org \
    --cc=linux-hardening@vger.kernel.org \
    --cc=luc.vanoostenryck@gmail.com \
    --cc=mark.rutland@arm.com \
    --cc=masahiroy@kernel.org \
    --cc=miguel.ojeda.sandonis@gmail.com \
    --cc=nathan@kernel.org \
    --cc=nivedita@alum.mit.edu \
    --cc=ojeda@kernel.org \
    --cc=peterz@infradead.org \
    --cc=rostedt@goodmis.org \
    --cc=rppt@kernel.org \
    --cc=samitolvanen@google.com \
    --cc=tglx@linutronix.de \
    --cc=viresh.kumar@linaro.org \
    --cc=will@kernel.org \
    --cc=yifeifz2@illinois.edu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.