[PATCH v3 2/3] scs: add support for dynamic shadow call stacks
Sami Tolvanen
samitolvanen at google.com
Wed Jun 15 10:12:23 PDT 2022
On Tue, Jun 14, 2022 at 08:20:13AM +0200, Ard Biesheuvel wrote:
> On Mon, 13 Jun 2022 at 15:40, Ard Biesheuvel <ardb at kernel.org> wrote:
> >
> > In order to allow arches to use code patching to conditionally emit the
> > shadow stack pushes and pops, rather than always taking the performance
> > hit even on CPUs that implement alternatives such as stack pointer
> > authentication on arm64, add a Kconfig symbol that can be set by the
> > arch to omit the SCS codegen itself, without otherwise affecting how
> > support code for SCS and compiler options (for register reservation, for
> > instance) are emitted.
> >
> > Also, add a static key and some plumbing to omit the allocation of
> > shadow call stack for dynamic SCS configurations if SCS is disabled at
> > runtime.
> >
> > Signed-off-by: Ard Biesheuvel <ardb at kernel.org>
> > Reviewed-by: Nick Desaulniers <ndesaulniers at google.com>
> > Reviewed-by: Kees Cook <keescook at chromium.org>
>
> This patch needs the following hunk applied on top to fix a build
> error reported by the bots:
>
> --- a/include/linux/scs.h
> +++ b/include/linux/scs.h
> @@ -57,6 +57,8 @@ DECLARE_STATIC_KEY_TRUE(dynamic_scs_enabled);
>
> static inline bool scs_is_dynamic(void)
> {
> + if (!IS_ENABLED(CONFIG_DYNAMIC_SCS))
> + return false;
> return static_branch_likely(&dynamic_scs_enabled);
> }
With this:
Reviewed-by: Sami Tolvanen <samitolvanen at google.com>
Sami
More information about the linux-arm-kernel
mailing list