* [PATCH] arm64: update compiler option for PAC
@ 2021-11-15 3:18 Kuan-Ying Lee
2021-11-16 10:11 ` Will Deacon
0 siblings, 1 reply; 4+ messages in thread
From: Kuan-Ying Lee @ 2021-11-15 3:18 UTC (permalink / raw)
To: Catalin Marinas, Will Deacon, Jonathan Corbet, Matthias Brugger
Cc: chinwen.chang, nicholas.tang, james.hsu, Kuan-Ying Lee,
linux-arm-kernel, linux-doc, linux-kernel, linux-mediatek
We pass -mbranch-protection=pac-ret+leaf to support PAC
when we use GCC 9 or later.
Before GCC 9, we pass -msign-return-address=all to support
PAC.
Signed-off-by: Kuan-Ying Lee <Kuan-Ying.Lee@mediatek.com>
---
Documentation/arm64/pointer-authentication.rst | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/Documentation/arm64/pointer-authentication.rst b/Documentation/arm64/pointer-authentication.rst
index f127666ea3a8..055d08b0d42d 100644
--- a/Documentation/arm64/pointer-authentication.rst
+++ b/Documentation/arm64/pointer-authentication.rst
@@ -54,8 +54,10 @@ virtual address size configured by the kernel. For example, with a
virtual address size of 48, the PAC is 7 bits wide.
Recent versions of GCC can compile code with APIAKey-based return
-address protection when passed the -msign-return-address option. This
-uses instructions in the HINT space (unless -march=armv8.3-a or higher
+address protection when passed compiler option as following.
+Pass -msign-return-address when we use GCC 7, 8.
+Pass -mbranch-protection when we use GCC 9 or later.
+This uses instructions in the HINT space (unless -march=armv8.3-a or higher
is also passed), and such code can run on systems without the pointer
authentication extension.
--
2.18.0
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] arm64: update compiler option for PAC
2021-11-15 3:18 [PATCH] arm64: update compiler option for PAC Kuan-Ying Lee
@ 2021-11-16 10:11 ` Will Deacon
2021-11-23 12:10 ` Mark Rutland
0 siblings, 1 reply; 4+ messages in thread
From: Will Deacon @ 2021-11-16 10:11 UTC (permalink / raw)
To: Kuan-Ying Lee
Cc: Catalin Marinas, Jonathan Corbet, Matthias Brugger,
chinwen.chang, nicholas.tang, james.hsu, linux-arm-kernel,
linux-doc, linux-kernel, linux-mediatek, mark.rutland
On Mon, Nov 15, 2021 at 11:18:08AM +0800, Kuan-Ying Lee wrote:
> We pass -mbranch-protection=pac-ret+leaf to support PAC
> when we use GCC 9 or later.
>
> Before GCC 9, we pass -msign-return-address=all to support
> PAC.
>
> Signed-off-by: Kuan-Ying Lee <Kuan-Ying.Lee@mediatek.com>
> ---
> Documentation/arm64/pointer-authentication.rst | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/Documentation/arm64/pointer-authentication.rst b/Documentation/arm64/pointer-authentication.rst
> index f127666ea3a8..055d08b0d42d 100644
> --- a/Documentation/arm64/pointer-authentication.rst
> +++ b/Documentation/arm64/pointer-authentication.rst
> @@ -54,8 +54,10 @@ virtual address size configured by the kernel. For example, with a
> virtual address size of 48, the PAC is 7 bits wide.
>
> Recent versions of GCC can compile code with APIAKey-based return
> -address protection when passed the -msign-return-address option. This
> -uses instructions in the HINT space (unless -march=armv8.3-a or higher
> +address protection when passed compiler option as following.
> +Pass -msign-return-address when we use GCC 7, 8.
> +Pass -mbranch-protection when we use GCC 9 or later.
> +This uses instructions in the HINT space (unless -march=armv8.3-a or higher
> is also passed), and such code can run on systems without the pointer
> authentication extension.
I think I'd be more inclined to delete this paragraph altogether. It doesn't
really document anything to do with the kernel, and trying to document the
behaviour of "recent" versions of GCC is futile.
Will
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] arm64: update compiler option for PAC
2021-11-16 10:11 ` Will Deacon
@ 2021-11-23 12:10 ` Mark Rutland
2021-11-24 2:04 ` Kuan-Ying Lee
0 siblings, 1 reply; 4+ messages in thread
From: Mark Rutland @ 2021-11-23 12:10 UTC (permalink / raw)
To: Will Deacon
Cc: Kuan-Ying Lee, Catalin Marinas, Jonathan Corbet,
Matthias Brugger, chinwen.chang, nicholas.tang, james.hsu,
linux-arm-kernel, linux-doc, linux-kernel, linux-mediatek
On Tue, Nov 16, 2021 at 10:11:47AM +0000, Will Deacon wrote:
> On Mon, Nov 15, 2021 at 11:18:08AM +0800, Kuan-Ying Lee wrote:
> > We pass -mbranch-protection=pac-ret+leaf to support PAC
> > when we use GCC 9 or later.
> >
> > Before GCC 9, we pass -msign-return-address=all to support
> > PAC.
> >
> > Signed-off-by: Kuan-Ying Lee <Kuan-Ying.Lee@mediatek.com>
> > ---
> > Documentation/arm64/pointer-authentication.rst | 6 ++++--
> > 1 file changed, 4 insertions(+), 2 deletions(-)
> >
> > diff --git a/Documentation/arm64/pointer-authentication.rst b/Documentation/arm64/pointer-authentication.rst
> > index f127666ea3a8..055d08b0d42d 100644
> > --- a/Documentation/arm64/pointer-authentication.rst
> > +++ b/Documentation/arm64/pointer-authentication.rst
> > @@ -54,8 +54,10 @@ virtual address size configured by the kernel. For example, with a
> > virtual address size of 48, the PAC is 7 bits wide.
> >
> > Recent versions of GCC can compile code with APIAKey-based return
> > -address protection when passed the -msign-return-address option. This
> > -uses instructions in the HINT space (unless -march=armv8.3-a or higher
> > +address protection when passed compiler option as following.
> > +Pass -msign-return-address when we use GCC 7, 8.
> > +Pass -mbranch-protection when we use GCC 9 or later.
> > +This uses instructions in the HINT space (unless -march=armv8.3-a or higher
> > is also passed), and such code can run on systems without the pointer
> > authentication extension.
>
> I think I'd be more inclined to delete this paragraph altogether. It doesn't
> really document anything to do with the kernel, and trying to document the
> behaviour of "recent" versions of GCC is futile.
Agreed. I think the only thing we might want to mention is that we rely
on the compiler to use the HINT space instructions (PACIASP and AUTIASP)
so that a kernel built with pointer authentication support works on HW
without the feature.
So replacing that paragraph with something like:
| When ARM64_PTR_AUTH_KERNEL is selected the kernel will be compiled
| with HINT space pointer authentication instructions protecting
| function returns. Kernels built with this option will work on
| hardware with or without pointer authentication support.
... would make sense to me.
Thanks,
Mark.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] arm64: update compiler option for PAC
2021-11-23 12:10 ` Mark Rutland
@ 2021-11-24 2:04 ` Kuan-Ying Lee
0 siblings, 0 replies; 4+ messages in thread
From: Kuan-Ying Lee @ 2021-11-24 2:04 UTC (permalink / raw)
To: Mark Rutland, Will Deacon
Cc: Catalin Marinas, Jonathan Corbet, Matthias Brugger,
Chinwen Chang (張錦文),
Nicholas Tang (鄭秦輝),
James.Hsu, linux-arm-kernel, linux-doc, linux-kernel,
linux-mediatek, kuan-ying.lee
On Tue, 2021-11-23 at 20:10 +0800, Mark Rutland wrote:
> On Tue, Nov 16, 2021 at 10:11:47AM +0000, Will Deacon wrote:
> > On Mon, Nov 15, 2021 at 11:18:08AM +0800, Kuan-Ying Lee wrote:
> > > We pass -mbranch-protection=pac-ret+leaf to support PAC
> > > when we use GCC 9 or later.
> > >
> > > Before GCC 9, we pass -msign-return-address=all to support
> > > PAC.
> > >
> > > Signed-off-by: Kuan-Ying Lee <Kuan-Ying.Lee@mediatek.com>
> > > ---
> > > Documentation/arm64/pointer-authentication.rst | 6 ++++--
> > > 1 file changed, 4 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/Documentation/arm64/pointer-authentication.rst
> > > b/Documentation/arm64/pointer-authentication.rst
> > > index f127666ea3a8..055d08b0d42d 100644
> > > --- a/Documentation/arm64/pointer-authentication.rst
> > > +++ b/Documentation/arm64/pointer-authentication.rst
> > > @@ -54,8 +54,10 @@ virtual address size configured by the kernel.
> > > For example, with a
> > > virtual address size of 48, the PAC is 7 bits wide.
> > >
> > > Recent versions of GCC can compile code with APIAKey-based
> > > return
> > > -address protection when passed the -msign-return-address option.
> > > This
> > > -uses instructions in the HINT space (unless -march=armv8.3-a or
> > > higher
> > > +address protection when passed compiler option as following.
> > > +Pass -msign-return-address when we use GCC 7, 8.
> > > +Pass -mbranch-protection when we use GCC 9 or later.
> > > +This uses instructions in the HINT space (unless -march=armv8.3-
> > > a or higher
> > > is also passed), and such code can run on systems without the
> > > pointer
> > > authentication extension.
> >
> > I think I'd be more inclined to delete this paragraph altogether.
> > It doesn't
> > really document anything to do with the kernel, and trying to
> > document the
> > behaviour of "recent" versions of GCC is futile.
>
> Agreed. I think the only thing we might want to mention is that we
> rely
> on the compiler to use the HINT space instructions (PACIASP and
> AUTIASP)
> so that a kernel built with pointer authentication support works on
> HW
> without the feature.
>
> So replacing that paragraph with something like:
>
> > When ARM64_PTR_AUTH_KERNEL is selected the kernel will be compiled
> > with HINT space pointer authentication instructions protecting
> > function returns. Kernels built with this option will work on
> > hardware with or without pointer authentication support.
>
> ... would make sense to me.
Hi,
Thanks you both for suggestions.
I will rewrite this paragraph in v2.
Thanks,
Kuan-Ying Lee
>
> Thanks,
> Mark.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-11-24 2:05 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-11-15 3:18 [PATCH] arm64: update compiler option for PAC Kuan-Ying Lee
2021-11-16 10:11 ` Will Deacon
2021-11-23 12:10 ` Mark Rutland
2021-11-24 2:04 ` Kuan-Ying Lee
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).