From: Mark Rutland <mark.rutland@arm.com>
To: Sami Tolvanen <samitolvanen@google.com>
Cc: Kees Cook <keescook@chromium.org>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Masahiro Yamada <yamada.masahiro@socionext.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Jann Horn <jannh@google.com>,
Nick Desaulniers <ndesaulniers@google.com>,
linux-kernel@vger.kernel.org,
Steven Rostedt <rostedt@goodmis.org>,
Miguel Ojeda <miguel.ojeda.sandonis@gmail.com>,
clang-built-linux@googlegroups.com,
Masami Hiramatsu <mhiramat@kernel.org>,
Marc Zyngier <maz@kernel.org>,
kernel-hardening@lists.openwall.com,
Laura Abbott <labbott@redhat.com>, Will Deacon <will@kernel.org>,
Dave Martin <Dave.Martin@arm.com>,
linux-arm-kernel@lists.infradead.org
Subject: Re: [PATCH v5 05/14] add support for Clang's Shadow Call Stack (SCS)
Date: Fri, 15 Nov 2019 15:37:06 +0000 [thread overview]
Message-ID: <20191115153705.GJ41572@lakrids.cambridge.arm.com> (raw)
In-Reply-To: <20191105235608.107702-6-samitolvanen@google.com>
On Tue, Nov 05, 2019 at 03:55:59PM -0800, Sami Tolvanen wrote:
> This change adds generic support for Clang's Shadow Call Stack,
> which uses a shadow stack to protect return addresses from being
> overwritten by an attacker. Details are available here:
>
> https://clang.llvm.org/docs/ShadowCallStack.html
>
> Note that security guarantees in the kernel differ from the
> ones documented for user space. The kernel must store addresses
> of shadow stacks used by other tasks and interrupt handlers in
> memory, which means an attacker capable reading and writing
> arbitrary memory may be able to locate them and hijack control
> flow by modifying shadow stacks that are not currently in use.
>
> Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
> Reviewed-by: Kees Cook <keescook@chromium.org>
> Reviewed-by: Miguel Ojeda <miguel.ojeda.sandonis@gmail.com>
> ---
> Makefile | 6 ++
> arch/Kconfig | 33 ++++++
> include/linux/compiler-clang.h | 6 ++
> include/linux/compiler_types.h | 4 +
> include/linux/scs.h | 57 ++++++++++
> init/init_task.c | 8 ++
> kernel/Makefile | 1 +
> kernel/fork.c | 9 ++
> kernel/sched/core.c | 2 +
> kernel/scs.c | 187 +++++++++++++++++++++++++++++++++
> 10 files changed, 313 insertions(+)
> create mode 100644 include/linux/scs.h
> create mode 100644 kernel/scs.c
>
> diff --git a/Makefile b/Makefile
> index b37d0e8fc61d..7f3a4c5c7dcc 100644
> --- a/Makefile
> +++ b/Makefile
> @@ -846,6 +846,12 @@ ifdef CONFIG_LIVEPATCH
> KBUILD_CFLAGS += $(call cc-option, -flive-patching=inline-clone)
> endif
>
> +ifdef CONFIG_SHADOW_CALL_STACK
> +CC_FLAGS_SCS := -fsanitize=shadow-call-stack
> +KBUILD_CFLAGS += $(CC_FLAGS_SCS)
> +export CC_FLAGS_SCS
> +endif
> +
> # arch Makefile may override CC so keep this after arch Makefile is included
> NOSTDINC_FLAGS += -nostdinc -isystem $(shell $(CC) -print-file-name=include)
>
> diff --git a/arch/Kconfig b/arch/Kconfig
> index 5f8a5d84dbbe..5e34cbcd8d6a 100644
> --- a/arch/Kconfig
> +++ b/arch/Kconfig
> @@ -521,6 +521,39 @@ config STACKPROTECTOR_STRONG
> about 20% of all kernel functions, which increases the kernel code
> size by about 2%.
>
> +config ARCH_SUPPORTS_SHADOW_CALL_STACK
> + bool
> + help
> + An architecture should select this if it supports Clang's Shadow
> + Call Stack, has asm/scs.h, and implements runtime support for shadow
> + stack switching.
> +
> +config SHADOW_CALL_STACK_VMAP
> + bool
> + depends on SHADOW_CALL_STACK
> + help
> + Use virtually mapped shadow call stacks. Selecting this option
> + provides better stack exhaustion protection, but increases per-thread
> + memory consumption as a full page is allocated for each shadow stack.
The bool needs some display text to make it selectable.
This should probably be below SHADOW_CALL_STACK so that when it shows up
in menuconfig it's where you'd expect it to be.
I locally hacked that in, but when building defconfig +
SHADOW_CALL_STACK + SHADOW_CALL_STACK_VMAP, the build explodes as below:
| [mark@lakrids:~/src/linux]% usellvm 9.0.0 usekorg 8.1.0 make ARCH=arm64 CROSS_COMPILE=aarch64-linux- CC=clang -j56 -s
| arch/arm64/kernel/scs.c:28:7: error: use of undeclared identifier 'VMALLOC_START'
| VMALLOC_START, VMALLOC_END,
| ^
| arch/arm64/kernel/scs.c:28:22: error: use of undeclared identifier 'VMALLOC_END'
| VMALLOC_START, VMALLOC_END,
| ^
| arch/arm64/kernel/scs.c:29:7: error: use of undeclared identifier 'SCS_GFP'
| SCS_GFP, PAGE_KERNEL,
| ^
| arch/arm64/kernel/scs.c:29:16: error: use of undeclared identifier 'PAGE_KERNEL'
| SCS_GFP, PAGE_KERNEL,
| ^
| 4 errors generated.
| scripts/Makefile.build:265: recipe for target 'arch/arm64/kernel/scs.o' failed
| make[2]: *** [arch/arm64/kernel/scs.o] Error 1
| scripts/Makefile.build:509: recipe for target 'arch/arm64/kernel' failed
| make[1]: *** [arch/arm64/kernel] Error 2
| Makefile:1655: recipe for target 'arch/arm64' failed
| make: *** [arch/arm64] Error 2
| make: *** Waiting for unfinished jobs....
Other than that, this largely looks good to me!
Thanks,
Mark.
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2019-11-15 15:37 UTC|newest]
Thread overview: 430+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-18 16:10 [PATCH 00/18] add support for Clang's Shadow Call Stack Sami Tolvanen
2019-10-18 16:10 ` [PATCH 01/18] arm64: mm: don't use x18 in idmap_kpti_install_ng_mappings Sami Tolvanen
2019-10-18 16:43 ` Nick Desaulniers
2019-10-18 16:10 ` [PATCH 02/18] arm64/lib: copy_page: avoid x18 register in assembler code Sami Tolvanen
2019-10-18 16:10 ` [PATCH 03/18] arm64: kvm: stop treating register x18 as caller save Sami Tolvanen
2019-10-21 6:19 ` Ard Biesheuvel
2019-10-22 17:22 ` Marc Zyngier
2019-10-22 21:45 ` Sami Tolvanen
2019-10-18 16:10 ` [PATCH 04/18] arm64: kernel: avoid x18 as an arbitrary temp register Sami Tolvanen
2019-10-18 16:10 ` [PATCH 05/18] arm64: kbuild: reserve reg x18 from general allocation by the compiler Sami Tolvanen
2019-10-18 17:32 ` Nick Desaulniers
2019-10-18 19:00 ` Sami Tolvanen
2019-10-21 6:12 ` Ard Biesheuvel
2019-10-21 20:43 ` Sami Tolvanen
2019-10-18 16:10 ` [PATCH 06/18] add support for Clang's Shadow Call Stack (SCS) Sami Tolvanen
2019-10-18 16:58 ` Joe Perches
2019-10-18 17:08 ` Nick Desaulniers
2019-10-18 17:11 ` Sami Tolvanen
2019-10-18 18:32 ` Miguel Ojeda
2019-10-18 20:33 ` Nick Desaulniers
2019-10-19 0:21 ` Miguel Ojeda
2019-10-18 17:42 ` Jann Horn
2019-10-18 17:56 ` Sami Tolvanen
2019-10-22 16:28 ` Mark Rutland
2019-10-22 16:30 ` Kees Cook
2019-10-22 16:49 ` Mark Rutland
2019-10-22 19:26 ` Sami Tolvanen
2019-10-24 13:28 ` Mark Rutland
2019-10-24 14:38 ` Masahiro Yamada
2019-10-23 16:59 ` Sami Tolvanen
2019-10-24 1:47 ` Masahiro Yamada
2019-10-24 12:04 ` Steven Rostedt
2019-10-24 22:17 ` Sami Tolvanen
2019-10-18 16:10 ` [PATCH 07/18] scs: add accounting Sami Tolvanen
2019-10-18 16:10 ` [PATCH 08/18] scs: add support for stack usage debugging Sami Tolvanen
2019-10-18 16:10 ` [PATCH 09/18] trace: disable function graph tracing with SCS Sami Tolvanen
2019-10-18 17:01 ` Steven Rostedt
2019-10-18 17:08 ` Sami Tolvanen
2019-10-21 6:15 ` Ard Biesheuvel
2019-10-18 16:10 ` [PATCH 10/18] kprobes: fix compilation without CONFIG_KRETPROBES Sami Tolvanen
2019-10-18 17:02 ` Steven Rostedt
2019-10-21 9:13 ` Masami Hiramatsu
2019-10-18 16:10 ` [PATCH 11/18] kprobes: disable kretprobes with SCS Sami Tolvanen
2019-10-18 17:04 ` Steven Rostedt
2019-10-21 9:15 ` Masami Hiramatsu
2019-10-18 16:10 ` [PATCH 12/18] arm64: reserve x18 only with Shadow Call Stack Sami Tolvanen
2019-10-18 21:23 ` Nick Desaulniers
2019-10-22 16:00 ` Mark Rutland
2019-10-22 16:27 ` Kees Cook
2019-10-18 16:10 ` [PATCH 13/18] arm64: preserve x18 when CPU is suspended Sami Tolvanen
2019-10-18 16:49 ` Nick Desaulniers
2019-10-18 17:05 ` Sami Tolvanen
2019-10-21 16:56 ` Mark Rutland
2019-10-21 22:43 ` Sami Tolvanen
2019-10-22 15:47 ` Mark Rutland
2019-10-18 16:10 ` [PATCH 14/18] arm64: efi: restore x18 if it was corrupted Sami Tolvanen
2019-10-21 6:20 ` Ard Biesheuvel
2019-10-21 22:39 ` Sami Tolvanen
2019-10-22 5:54 ` Ard Biesheuvel
2019-10-18 16:10 ` [PATCH 15/18] arm64: vdso: disable Shadow Call Stack Sami Tolvanen
2019-10-18 16:10 ` [PATCH 16/18] arm64: kprobes: fix kprobes without CONFIG_KRETPROBES Sami Tolvanen
2019-10-21 6:21 ` Ard Biesheuvel
2019-10-21 16:06 ` Kees Cook
2019-10-18 16:10 ` [PATCH 17/18] arm64: disable SCS for hypervisor code Sami Tolvanen
2019-10-18 16:10 ` [PATCH 18/18] arm64: implement Shadow Call Stack Sami Tolvanen
2019-10-18 17:12 ` Jann Horn
2019-10-18 17:18 ` Sami Tolvanen
2019-10-18 17:23 ` Mark Rutland
2019-10-18 17:35 ` Sami Tolvanen
2019-10-21 16:49 ` Mark Rutland
2019-10-21 9:28 ` [PATCH 00/18] add support for Clang's " Masami Hiramatsu
2019-10-24 22:51 ` [PATCH v2 00/17] " samitolvanen
2019-10-24 22:51 ` [PATCH v2 01/17] arm64: mm: don't use x18 in idmap_kpti_install_ng_mappings samitolvanen
2019-10-25 9:24 ` Mark Rutland
2019-10-24 22:51 ` [PATCH v2 02/17] arm64/lib: copy_page: avoid x18 register in assembler code samitolvanen
2019-10-25 9:41 ` Mark Rutland
2019-10-25 21:40 ` Sami Tolvanen
2019-10-24 22:51 ` [PATCH v2 03/17] arm64: kvm: stop treating register x18 as caller save samitolvanen
2019-10-24 22:51 ` [PATCH v2 04/17] arm64: kernel: avoid x18 as an arbitrary temp register samitolvanen
2019-10-25 10:02 ` Mark Rutland
2019-10-24 22:51 ` [PATCH v2 05/17] add support for Clang's Shadow Call Stack (SCS) samitolvanen
2019-10-25 10:56 ` Mark Rutland
2019-10-25 20:49 ` Sami Tolvanen
2019-10-28 16:35 ` Mark Rutland
2019-10-28 19:57 ` Kees Cook
2019-10-29 18:06 ` Sami Tolvanen
2019-10-25 16:22 ` Nick Desaulniers
2019-10-25 20:51 ` Sami Tolvanen
2019-10-26 15:57 ` Joe Perches
2019-10-28 15:19 ` Sami Tolvanen
[not found] ` <CANiq72n4o16TB53s6nLLrLCw6v0Brn8GAhKvdzzN7v1tNontCQ@mail.gmail.com>
2019-10-28 16:15 ` Sami Tolvanen
2019-10-24 22:51 ` [PATCH v2 06/17] scs: add accounting samitolvanen
2019-10-24 22:51 ` [PATCH v2 07/17] scs: add support for stack usage debugging samitolvanen
2019-10-24 22:51 ` [PATCH v2 08/17] kprobes: fix compilation without CONFIG_KRETPROBES samitolvanen
2019-10-24 22:51 ` [PATCH v2 09/17] arm64: disable function graph tracing with SCS samitolvanen
2019-10-25 11:03 ` Mark Rutland
2019-10-29 17:45 ` Sami Tolvanen
2019-10-29 20:35 ` Nick Desaulniers
2019-10-24 22:51 ` [PATCH v2 10/17] arm64: disable kretprobes " samitolvanen
2019-10-24 22:51 ` [PATCH v2 11/17] arm64: reserve x18 from general allocation " samitolvanen
2019-10-24 22:51 ` [PATCH v2 12/17] arm64: preserve x18 when CPU is suspended samitolvanen
2019-10-24 22:51 ` [PATCH v2 13/17] arm64: efi: restore x18 if it was corrupted samitolvanen
2019-10-24 22:51 ` [PATCH v2 14/17] arm64: vdso: disable Shadow Call Stack samitolvanen
2019-10-24 22:51 ` [PATCH v2 15/17] arm64: kprobes: fix kprobes without CONFIG_KRETPROBES samitolvanen
2019-10-24 22:51 ` [PATCH v2 16/17] arm64: disable SCS for hypervisor code samitolvanen
2019-10-25 1:20 ` Steven Rostedt
2019-10-25 1:29 ` Masahiro Yamada
2019-10-25 1:42 ` Steven Rostedt
2019-10-25 19:24 ` Sami Tolvanen
2019-10-24 22:51 ` [PATCH v2 17/17] arm64: implement Shadow Call Stack samitolvanen
2019-10-31 16:46 ` [PATCH v3 00/17] add support for Clang's " samitolvanen
2019-10-31 16:46 ` [PATCH v3 01/17] arm64: mm: avoid x18 in idmap_kpti_install_ng_mappings samitolvanen
2019-10-31 16:46 ` [PATCH v3 02/17] arm64/lib: copy_page: avoid x18 register in assembler code samitolvanen
2019-10-31 16:46 ` [PATCH v3 03/17] arm64: kvm: stop treating register x18 as caller save samitolvanen
2019-11-01 3:48 ` Kees Cook
2019-10-31 16:46 ` [PATCH v3 04/17] arm64: kernel: avoid x18 __cpu_soft_restart samitolvanen
2019-11-01 3:47 ` Kees Cook
2019-10-31 16:46 ` [PATCH v3 05/17] add support for Clang's Shadow Call Stack (SCS) samitolvanen
2019-11-01 3:51 ` Kees Cook
2019-11-01 16:28 ` Sami Tolvanen
2019-10-31 16:46 ` [PATCH v3 06/17] scs: add accounting samitolvanen
2019-11-01 3:52 ` Kees Cook
2019-10-31 16:46 ` [PATCH v3 07/17] scs: add support for stack usage debugging samitolvanen
2019-11-01 3:55 ` Kees Cook
2019-11-01 16:32 ` Sami Tolvanen
2019-11-01 19:02 ` Kees Cook
2019-10-31 16:46 ` [PATCH v3 08/17] kprobes: fix compilation without CONFIG_KRETPROBES samitolvanen
2019-11-01 3:55 ` Kees Cook
2019-10-31 16:46 ` [PATCH v3 09/17] arm64: kprobes: fix kprobes " samitolvanen
2019-11-01 3:56 ` Kees Cook
2019-10-31 16:46 ` [PATCH v3 10/17] arm64: disable kretprobes with SCS samitolvanen
2019-11-01 3:56 ` Kees Cook
2019-10-31 16:46 ` [PATCH v3 11/17] arm64: disable function graph tracing " samitolvanen
2019-11-01 3:58 ` Kees Cook
2019-11-01 20:32 ` Sami Tolvanen
2019-10-31 16:46 ` [PATCH v3 12/17] arm64: reserve x18 from general allocation " samitolvanen
2019-10-31 17:11 ` Nick Desaulniers
2019-11-01 3:59 ` Kees Cook
2019-10-31 16:46 ` [PATCH v3 13/17] arm64: preserve x18 when CPU is suspended samitolvanen
2019-10-31 17:18 ` Nick Desaulniers
2019-10-31 17:27 ` Sami Tolvanen
2019-10-31 17:34 ` Nick Desaulniers
2019-10-31 17:42 ` Sami Tolvanen
2019-11-01 3:59 ` Kees Cook
2019-10-31 16:46 ` [PATCH v3 14/17] arm64: efi: restore x18 if it was corrupted samitolvanen
2019-11-01 4:00 ` Kees Cook
2019-10-31 16:46 ` [PATCH v3 15/17] arm64: vdso: disable Shadow Call Stack samitolvanen
2019-10-31 17:28 ` Nick Desaulniers
2019-11-01 4:01 ` Kees Cook
2019-10-31 16:46 ` [PATCH v3 16/17] arm64: disable SCS for hypervisor code samitolvanen
2019-11-01 3:46 ` Kees Cook
2019-11-01 4:02 ` Kees Cook
2019-10-31 16:46 ` [PATCH v3 17/17] arm64: implement Shadow Call Stack samitolvanen
2019-11-01 3:45 ` Kees Cook
2019-11-01 15:44 ` Sami Tolvanen
2019-11-01 22:11 ` [PATCH v4 00/17] add support for Clang's " Sami Tolvanen
2019-11-01 22:11 ` [PATCH v4 01/17] arm64: mm: avoid x18 in idmap_kpti_install_ng_mappings Sami Tolvanen
2019-11-01 22:11 ` [PATCH v4 02/17] arm64/lib: copy_page: avoid x18 register in assembler code Sami Tolvanen
2019-11-01 22:11 ` [PATCH v4 03/17] arm64: kvm: stop treating register x18 as caller save Sami Tolvanen
2019-11-04 11:04 ` Marc Zyngier
2019-11-04 13:30 ` Marc Zyngier
2019-11-04 11:51 ` Mark Rutland
2019-11-04 21:44 ` Sami Tolvanen
2019-11-01 22:11 ` [PATCH v4 04/17] arm64: kernel: avoid x18 __cpu_soft_restart Sami Tolvanen
2019-11-04 11:39 ` Mark Rutland
2019-11-04 16:44 ` Sami Tolvanen
2019-11-01 22:11 ` [PATCH v4 05/17] add support for Clang's Shadow Call Stack (SCS) Sami Tolvanen
2019-11-01 22:36 ` Miguel Ojeda
2019-11-04 12:31 ` Mark Rutland
2019-11-04 18:25 ` Sami Tolvanen
2019-11-01 22:11 ` [PATCH v4 06/17] scs: add accounting Sami Tolvanen
2019-11-04 13:13 ` Marc Zyngier
2019-11-04 16:42 ` Sami Tolvanen
2019-11-04 16:59 ` Marc Zyngier
2019-11-01 22:11 ` [PATCH v4 07/17] scs: add support for stack usage debugging Sami Tolvanen
2019-11-02 17:31 ` Kees Cook
2019-11-04 12:40 ` Mark Rutland
2019-11-04 21:35 ` Sami Tolvanen
2019-11-05 9:17 ` Mark Rutland
2019-11-01 22:11 ` [PATCH v4 08/17] kprobes: fix compilation without CONFIG_KRETPROBES Sami Tolvanen
2019-11-13 20:27 ` Steven Rostedt
2019-11-01 22:11 ` [PATCH v4 09/17] arm64: kprobes: fix kprobes " Sami Tolvanen
2019-11-01 22:11 ` [PATCH v4 10/17] arm64: disable kretprobes with SCS Sami Tolvanen
2019-11-04 17:04 ` Mark Rutland
2019-11-04 23:42 ` Sami Tolvanen
2019-11-05 9:04 ` Mark Rutland
2019-11-01 22:11 ` [PATCH v4 11/17] arm64: disable function graph tracing " Sami Tolvanen
2019-11-04 17:11 ` Mark Rutland
2019-11-04 23:44 ` Sami Tolvanen
2019-11-05 9:15 ` Mark Rutland
2019-11-05 20:00 ` Nick Desaulniers
2019-11-05 22:05 ` Sami Tolvanen
2019-11-01 22:11 ` [PATCH v4 12/17] arm64: reserve x18 from general allocation " Sami Tolvanen
2019-11-01 22:11 ` [PATCH v4 13/17] arm64: preserve x18 when CPU is suspended Sami Tolvanen
2019-11-04 13:20 ` Marc Zyngier
2019-11-04 21:38 ` Sami Tolvanen
2019-11-04 21:59 ` Nick Desaulniers
2019-11-05 0:02 ` Sami Tolvanen
2019-11-05 14:55 ` Marc Zyngier
2019-11-01 22:11 ` [PATCH v4 14/17] arm64: efi: restore x18 if it was corrupted Sami Tolvanen
2019-11-01 22:11 ` [PATCH v4 15/17] arm64: vdso: disable Shadow Call Stack Sami Tolvanen
2019-11-01 22:11 ` [PATCH v4 16/17] arm64: disable SCS for hypervisor code Sami Tolvanen
2019-11-01 22:11 ` [PATCH v4 17/17] arm64: implement Shadow Call Stack Sami Tolvanen
2019-11-05 23:55 ` [PATCH v5 00/14] add support for Clang's " Sami Tolvanen
2019-11-05 23:55 ` [PATCH v5 01/14] arm64: mm: avoid x18 in idmap_kpti_install_ng_mappings Sami Tolvanen
2019-11-05 23:55 ` [PATCH v5 02/14] arm64/lib: copy_page: avoid x18 register in assembler code Sami Tolvanen
2019-11-05 23:55 ` [PATCH v5 03/14] arm64: kvm: stop treating register x18 as caller save Sami Tolvanen
2019-11-05 23:55 ` [PATCH v5 04/14] arm64: kernel: avoid x18 in __cpu_soft_restart Sami Tolvanen
2019-11-05 23:55 ` [PATCH v5 05/14] add support for Clang's Shadow Call Stack (SCS) Sami Tolvanen
2019-11-15 15:37 ` Mark Rutland [this message]
2019-11-15 18:34 ` Sami Tolvanen
2019-11-05 23:56 ` [PATCH v5 06/14] scs: add accounting Sami Tolvanen
2019-11-05 23:56 ` [PATCH v5 07/14] scs: add support for stack usage debugging Sami Tolvanen
2019-11-05 23:56 ` [PATCH v5 08/14] arm64: disable function graph tracing with SCS Sami Tolvanen
2019-11-15 14:18 ` Mark Rutland
2019-11-05 23:56 ` [PATCH v5 09/14] arm64: reserve x18 from general allocation " Sami Tolvanen
2019-11-05 23:56 ` [PATCH v5 10/14] arm64: preserve x18 when CPU is suspended Sami Tolvanen
2019-11-06 20:39 ` Nick Desaulniers
2019-11-15 14:27 ` Mark Rutland
2019-11-05 23:56 ` [PATCH v5 11/14] arm64: efi: restore x18 if it was corrupted Sami Tolvanen
2019-11-06 4:45 ` Miguel Ojeda
2019-11-07 10:51 ` Ard Biesheuvel
2019-11-07 16:26 ` Sami Tolvanen
2019-11-05 23:56 ` [PATCH v5 12/14] arm64: vdso: disable Shadow Call Stack Sami Tolvanen
2019-11-15 14:43 ` Mark Rutland
2019-11-05 23:56 ` [PATCH v5 13/14] arm64: disable SCS for hypervisor code Sami Tolvanen
2019-11-15 14:46 ` Mark Rutland
2019-11-05 23:56 ` [PATCH v5 14/14] arm64: implement Shadow Call Stack Sami Tolvanen
2019-11-15 15:20 ` Mark Rutland
2019-11-15 20:19 ` Sami Tolvanen
2019-11-18 23:13 ` Sami Tolvanen
2019-11-12 23:44 ` [PATCH v5 00/14] add support for Clang's " Kees Cook
2019-11-13 12:03 ` Will Deacon
2019-11-13 18:33 ` Kees Cook
2019-11-15 14:16 ` Mark Rutland
2019-12-06 22:13 ` [PATCH v6 00/15] " Sami Tolvanen
2019-12-06 22:13 ` [PATCH v6 01/15] arm64: mm: avoid x18 in idmap_kpti_install_ng_mappings Sami Tolvanen
2019-12-06 22:13 ` [PATCH v6 02/15] arm64/lib: copy_page: avoid x18 register in assembler code Sami Tolvanen
2019-12-06 22:13 ` [PATCH v6 03/15] arm64: kvm: stop treating register x18 as caller save Sami Tolvanen
2019-12-06 22:13 ` [PATCH v6 04/15] arm64: kernel: avoid x18 in __cpu_soft_restart Sami Tolvanen
2019-12-06 22:13 ` [PATCH v6 05/15] add support for Clang's Shadow Call Stack (SCS) Sami Tolvanen
2019-12-06 22:13 ` [PATCH v6 06/15] scs: add accounting Sami Tolvanen
2019-12-06 22:13 ` [PATCH v6 07/15] scs: add support for stack usage debugging Sami Tolvanen
2019-12-06 22:13 ` [PATCH v6 08/15] arm64: disable function graph tracing with SCS Sami Tolvanen
2020-01-16 17:39 ` Will Deacon
2020-01-16 21:45 ` Sami Tolvanen
2019-12-06 22:13 ` [PATCH v6 09/15] arm64: reserve x18 from general allocation " Sami Tolvanen
2020-01-16 17:37 ` Will Deacon
2019-12-06 22:13 ` [PATCH v6 10/15] arm64: preserve x18 when CPU is suspended Sami Tolvanen
2020-01-16 17:42 ` Will Deacon
2019-12-06 22:13 ` [PATCH v6 11/15] arm64: efi: restore x18 if it was corrupted Sami Tolvanen
2020-01-16 17:44 ` Will Deacon
2020-01-16 20:36 ` Sami Tolvanen
2019-12-06 22:13 ` [PATCH v6 12/15] arm64: vdso: disable Shadow Call Stack Sami Tolvanen
2020-01-16 17:46 ` Will Deacon
2020-01-16 18:14 ` Sami Tolvanen
2020-01-16 18:18 ` Will Deacon
2019-12-06 22:13 ` [PATCH v6 13/15] arm64: disable SCS for hypervisor code Sami Tolvanen
2020-01-16 17:47 ` Will Deacon
2020-01-16 20:16 ` Sami Tolvanen
2019-12-06 22:13 ` [PATCH v6 14/15] arm64: implement Shadow Call Stack Sami Tolvanen
2020-01-16 18:24 ` Will Deacon
2020-01-16 21:57 ` Sami Tolvanen
2019-12-06 22:13 ` [PATCH v6 15/15] arm64: scs: add shadow stacks for SDEI Sami Tolvanen
2020-01-16 17:48 ` Will Deacon
2020-01-16 18:24 ` [PATCH v6 00/15] add support for Clang's Shadow Call Stack Will Deacon
2020-01-28 18:49 ` [PATCH v7 00/11] " Sami Tolvanen
2020-01-28 18:49 ` [PATCH v7 01/11] add support for Clang's Shadow Call Stack (SCS) Sami Tolvanen
2020-01-28 18:49 ` [PATCH v7 02/11] scs: add accounting Sami Tolvanen
2020-01-28 18:49 ` [PATCH v7 03/11] scs: add support for stack usage debugging Sami Tolvanen
2020-01-28 18:49 ` [PATCH v7 04/11] scs: disable when function graph tracing is enabled Sami Tolvanen
2020-01-28 22:50 ` Kees Cook
2020-01-28 18:49 ` [PATCH v7 05/11] arm64: reserve x18 from general allocation with SCS Sami Tolvanen
2020-01-28 18:49 ` [PATCH v7 06/11] arm64: preserve x18 when CPU is suspended Sami Tolvanen
2020-01-28 18:49 ` [PATCH v7 07/11] arm64: efi: restore x18 if it was corrupted Sami Tolvanen
2020-02-10 16:41 ` Will Deacon
2020-01-28 18:49 ` [PATCH v7 08/11] arm64: vdso: disable Shadow Call Stack Sami Tolvanen
2020-01-28 18:49 ` [PATCH v7 09/11] arm64: disable SCS for hypervisor code Sami Tolvanen
2020-02-10 16:44 ` Will Deacon
2020-02-10 17:18 ` James Morse
2020-02-10 17:52 ` Will Deacon
2020-02-10 18:03 ` Mark Rutland
2020-02-10 18:07 ` Will Deacon
2020-02-10 18:24 ` Mark Rutland
2020-02-11 9:54 ` Will Deacon
2020-02-12 17:30 ` Sami Tolvanen
2020-02-11 9:14 ` Marc Zyngier
2020-02-11 9:55 ` Will Deacon
2020-02-11 10:00 ` Marc Zyngier
2020-01-28 18:49 ` [PATCH v7 10/11] arm64: implement Shadow Call Stack Sami Tolvanen
2020-01-28 18:49 ` [PATCH v7 11/11] arm64: scs: add shadow stacks for SDEI Sami Tolvanen
2020-02-11 13:57 ` James Morse
2020-02-12 20:59 ` Sami Tolvanen
2020-02-14 18:13 ` James Morse
2020-02-11 13:57 ` [PATCH v7 00/11] add support for Clang's Shadow Call Stack James Morse
2020-02-12 17:36 ` Sami Tolvanen
2020-02-19 0:08 ` [PATCH v8 00/12] " Sami Tolvanen
2020-02-19 0:08 ` [PATCH v8 01/12] add support for Clang's Shadow Call Stack (SCS) Sami Tolvanen
2020-02-19 4:19 ` Randy Dunlap
2020-02-19 17:25 ` Sami Tolvanen
2020-02-19 0:08 ` [PATCH v8 02/12] scs: add accounting Sami Tolvanen
2020-02-19 0:08 ` [PATCH v8 03/12] scs: add support for stack usage debugging Sami Tolvanen
2020-02-19 0:08 ` [PATCH v8 04/12] scs: disable when function graph tracing is enabled Sami Tolvanen
2020-02-19 11:33 ` Mark Rutland
2020-02-19 18:01 ` Sami Tolvanen
2020-02-19 0:08 ` [PATCH v8 05/12] arm64: reserve x18 from general allocation with SCS Sami Tolvanen
2020-02-19 0:08 ` [PATCH v8 06/12] arm64: preserve x18 when CPU is suspended Sami Tolvanen
2020-02-19 0:08 ` [PATCH v8 07/12] arm64: efi: restore x18 if it was corrupted Sami Tolvanen
2020-02-19 0:08 ` [PATCH v8 08/12] arm64: vdso: disable Shadow Call Stack Sami Tolvanen
2020-02-19 0:08 ` [PATCH v8 09/12] arm64: disable SCS for hypervisor code Sami Tolvanen
2020-02-19 0:58 ` Kees Cook
2020-02-19 7:50 ` Marc Zyngier
2020-02-19 0:08 ` [PATCH v8 10/12] arm64: implement Shadow Call Stack Sami Tolvanen
2020-02-19 0:08 ` [PATCH v8 11/12] arm64: scs: add shadow stacks for SDEI Sami Tolvanen
2020-02-19 0:08 ` [PATCH v8 12/12] efi/libstub: disable SCS Sami Tolvanen
2020-02-19 0:58 ` Kees Cook
2020-02-19 7:40 ` Ard Biesheuvel
2020-02-19 18:27 ` Sami Tolvanen
2020-02-19 18:38 ` [PATCH v8 00/12] add support for Clang's Shadow Call Stack James Morse
2020-02-19 18:53 ` Ard Biesheuvel
2020-02-20 9:55 ` Marc Zyngier
2020-02-19 20:12 ` Sami Tolvanen
2020-02-25 17:39 ` [PATCH v9 " Sami Tolvanen
2020-02-25 17:39 ` [PATCH v9 01/12] add support for Clang's Shadow Call Stack (SCS) Sami Tolvanen
2020-02-25 17:39 ` [PATCH v9 02/12] scs: add accounting Sami Tolvanen
2020-02-25 17:39 ` [PATCH v9 03/12] scs: add support for stack usage debugging Sami Tolvanen
2020-02-25 17:39 ` [PATCH v9 04/12] scs: disable when function graph tracing is enabled Sami Tolvanen
2020-02-25 17:39 ` [PATCH v9 05/12] arm64: reserve x18 from general allocation with SCS Sami Tolvanen
2020-02-25 17:39 ` [PATCH v9 06/12] arm64: preserve x18 when CPU is suspended Sami Tolvanen
2020-02-25 17:39 ` [PATCH v9 07/12] arm64: efi: restore x18 if it was corrupted Sami Tolvanen
2020-02-25 17:39 ` [PATCH v9 08/12] arm64: vdso: disable Shadow Call Stack Sami Tolvanen
2020-02-25 17:39 ` [PATCH v9 09/12] arm64: disable SCS for hypervisor code Sami Tolvanen
2020-02-25 17:39 ` [PATCH v9 10/12] arm64: implement Shadow Call Stack Sami Tolvanen
2020-02-28 16:31 ` James Morse
2020-02-28 20:51 ` Sami Tolvanen
2020-02-25 17:39 ` [PATCH v9 11/12] arm64: scs: add shadow stacks for SDEI Sami Tolvanen
2020-02-25 17:39 ` [PATCH v9 12/12] efi/libstub: disable SCS Sami Tolvanen
2020-04-06 16:41 ` [PATCH v10 00/12] add support for Clang's Shadow Call Stack Sami Tolvanen
2020-04-06 16:41 ` [PATCH v10 01/12] add support for Clang's Shadow Call Stack (SCS) Sami Tolvanen
2020-04-06 16:41 ` [PATCH v10 02/12] scs: add accounting Sami Tolvanen
2020-04-06 16:41 ` [PATCH v10 03/12] scs: add support for stack usage debugging Sami Tolvanen
2020-04-06 16:41 ` [PATCH v10 04/12] scs: disable when function graph tracing is enabled Sami Tolvanen
2020-04-06 16:41 ` [PATCH v10 05/12] arm64: reserve x18 from general allocation with SCS Sami Tolvanen
2020-04-06 16:41 ` [PATCH v10 06/12] arm64: preserve x18 when CPU is suspended Sami Tolvanen
2020-04-06 16:41 ` [PATCH v10 07/12] arm64: efi: restore x18 if it was corrupted Sami Tolvanen
2020-04-06 16:41 ` [PATCH v10 08/12] arm64: vdso: disable Shadow Call Stack Sami Tolvanen
2020-04-06 16:41 ` [PATCH v10 09/12] arm64: disable SCS for hypervisor code Sami Tolvanen
2020-04-06 18:23 ` Kees Cook
2020-04-06 16:41 ` [PATCH v10 10/12] arm64: implement Shadow Call Stack Sami Tolvanen
2020-04-06 16:41 ` [PATCH v10 11/12] arm64: scs: add shadow stacks for SDEI Sami Tolvanen
2020-04-06 16:41 ` [PATCH v10 12/12] efi/libstub: disable SCS Sami Tolvanen
2020-04-06 18:25 ` Kees Cook
2020-04-07 12:00 ` Ard Biesheuvel
2020-04-16 16:12 ` [PATCH v11 00/12] add support for Clang's Shadow Call Stack Sami Tolvanen
2020-04-16 16:12 ` [PATCH v11 01/12] add support for Clang's Shadow Call Stack (SCS) Sami Tolvanen
2020-04-20 17:17 ` Will Deacon
2020-04-20 21:18 ` Sami Tolvanen
2020-04-22 17:39 ` Will Deacon
2020-04-22 17:51 ` Kees Cook
2020-04-22 18:01 ` Will Deacon
2020-04-22 23:51 ` Sami Tolvanen
2020-04-23 18:28 ` Kees Cook
2020-04-24 11:21 ` Will Deacon
2020-04-27 20:45 ` Sami Tolvanen
2020-05-04 16:52 ` Will Deacon
2020-05-04 17:33 ` Sami Tolvanen
2020-05-04 18:03 ` Jann Horn
2020-05-04 18:06 ` Kees Cook
2020-04-21 1:12 ` Steven Rostedt
2020-04-16 16:12 ` [PATCH v11 02/12] scs: add accounting Sami Tolvanen
2020-04-20 17:17 ` Will Deacon
2020-04-20 21:21 ` Sami Tolvanen
2020-04-16 16:12 ` [PATCH v11 03/12] scs: add support for stack usage debugging Sami Tolvanen
2020-04-20 17:17 ` Will Deacon
2020-04-20 22:24 ` Sami Tolvanen
2020-04-16 16:12 ` [PATCH v11 04/12] scs: disable when function graph tracing is enabled Sami Tolvanen
2020-04-17 10:00 ` Peter Zijlstra
2020-04-17 14:46 ` Mark Rutland
2020-04-17 15:26 ` Peter Zijlstra
2020-04-17 15:46 ` Mark Rutland
2020-04-17 23:19 ` Sami Tolvanen
2020-04-20 19:23 ` Steven Rostedt
2020-04-16 16:12 ` [PATCH v11 05/12] arm64: reserve x18 from general allocation with SCS Sami Tolvanen
2020-04-16 16:12 ` [PATCH v11 06/12] arm64: preserve x18 when CPU is suspended Sami Tolvanen
2020-04-16 16:12 ` [PATCH v11 07/12] arm64: efi: restore x18 if it was corrupted Sami Tolvanen
2020-04-16 16:12 ` [PATCH v11 08/12] arm64: vdso: disable Shadow Call Stack Sami Tolvanen
2020-04-16 16:12 ` [PATCH v11 09/12] arm64: disable SCS for hypervisor code Sami Tolvanen
2020-04-16 16:12 ` [PATCH v11 10/12] arm64: implement Shadow Call Stack Sami Tolvanen
2020-04-16 16:12 ` [PATCH v11 11/12] arm64: scs: add shadow stacks for SDEI Sami Tolvanen
2020-04-16 16:12 ` [PATCH v11 12/12] efi/libstub: disable SCS Sami Tolvanen
2020-04-21 2:14 ` [PATCH v12 00/12] add support for Clang's Shadow Call Stack Sami Tolvanen
2020-04-21 2:14 ` [PATCH v12 01/12] add support for Clang's Shadow Call Stack (SCS) Sami Tolvanen
2020-04-22 17:54 ` Kees Cook
2020-04-22 18:00 ` Will Deacon
2020-04-23 18:09 ` Kees Cook
2020-04-24 10:12 ` Will Deacon
2020-04-21 2:14 ` [PATCH v12 02/12] scs: add accounting Sami Tolvanen
2020-04-22 17:43 ` Will Deacon
2020-04-21 2:14 ` [PATCH v12 03/12] scs: add support for stack usage debugging Sami Tolvanen
2020-04-22 17:46 ` Will Deacon
2020-04-22 23:53 ` Sami Tolvanen
2020-04-21 2:14 ` [PATCH v12 04/12] scs: disable when function graph tracing is enabled Sami Tolvanen
2020-04-21 2:14 ` [PATCH v12 05/12] arm64: reserve x18 from general allocation with SCS Sami Tolvanen
2020-04-21 2:14 ` [PATCH v12 06/12] arm64: preserve x18 when CPU is suspended Sami Tolvanen
2020-04-21 2:14 ` [PATCH v12 07/12] arm64: efi: restore x18 if it was corrupted Sami Tolvanen
2020-04-21 2:14 ` [PATCH v12 08/12] arm64: vdso: disable Shadow Call Stack Sami Tolvanen
2020-04-21 2:14 ` [PATCH v12 09/12] arm64: disable SCS for hypervisor code Sami Tolvanen
2020-04-21 2:14 ` [PATCH v12 10/12] arm64: implement Shadow Call Stack Sami Tolvanen
2020-04-21 2:14 ` [PATCH v12 11/12] arm64: scs: add shadow stacks for SDEI Sami Tolvanen
2020-04-21 2:14 ` [PATCH v12 12/12] efi/libstub: disable SCS Sami Tolvanen
2020-04-27 16:00 ` [PATCH v13 00/12] add support for Clang's Shadow Call Stack Sami Tolvanen
2020-04-27 16:00 ` [PATCH v13 01/12] add support for Clang's Shadow Call Stack (SCS) Sami Tolvanen
2020-04-27 16:48 ` Miguel Ojeda
2020-04-27 17:01 ` Sami Tolvanen
2020-04-27 16:00 ` [PATCH v13 02/12] scs: add accounting Sami Tolvanen
2020-04-27 16:00 ` [PATCH v13 03/12] scs: add support for stack usage debugging Sami Tolvanen
2020-04-27 16:00 ` [PATCH v13 04/12] scs: disable when function graph tracing is enabled Sami Tolvanen
2020-04-27 16:00 ` [PATCH v13 05/12] arm64: reserve x18 from general allocation with SCS Sami Tolvanen
2020-04-27 16:00 ` [PATCH v13 06/12] arm64: preserve x18 when CPU is suspended Sami Tolvanen
2020-04-27 16:00 ` [PATCH v13 07/12] arm64: efi: restore x18 if it was corrupted Sami Tolvanen
2020-04-27 16:00 ` [PATCH v13 08/12] arm64: vdso: disable Shadow Call Stack Sami Tolvanen
2020-04-27 16:00 ` [PATCH v13 09/12] arm64: disable SCS for hypervisor code Sami Tolvanen
2020-04-27 16:00 ` [PATCH v13 10/12] arm64: implement Shadow Call Stack Sami Tolvanen
2020-04-27 16:00 ` [PATCH v13 11/12] arm64: scs: add shadow stacks for SDEI Sami Tolvanen
2020-04-27 16:00 ` [PATCH v13 12/12] efi/libstub: disable SCS Sami Tolvanen
2020-04-27 17:39 ` [PATCH v13 00/12] add support for Clang's Shadow Call Stack Ard Biesheuvel
2020-04-27 20:50 ` Ard Biesheuvel
2020-04-27 22:09 ` Sami Tolvanen
2020-04-29 8:39 ` David Laight
2020-05-15 17:23 ` Will Deacon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191115153705.GJ41572@lakrids.cambridge.arm.com \
--to=mark.rutland@arm.com \
--cc=Dave.Martin@arm.com \
--cc=ard.biesheuvel@linaro.org \
--cc=catalin.marinas@arm.com \
--cc=clang-built-linux@googlegroups.com \
--cc=jannh@google.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=labbott@redhat.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=maz@kernel.org \
--cc=mhiramat@kernel.org \
--cc=miguel.ojeda.sandonis@gmail.com \
--cc=ndesaulniers@google.com \
--cc=rostedt@goodmis.org \
--cc=samitolvanen@google.com \
--cc=will@kernel.org \
--cc=yamada.masahiro@socionext.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).