[RFC PATCH v2 2/3] scs: add support for dynamic shadow call stacks
Kees Cook
keescook at chromium.org
Thu May 5 17:00:36 PDT 2022
On Thu, May 05, 2022 at 06:10:10PM +0200, Ard Biesheuvel wrote:
> In order to allow arches to use code patching to conditionally emit the
> shadow stack pushes and pops, rather than always taking the performance
> hit even on CPUs that implement alternatives such as stack pointer
> authentication on arm64, add a Kconfig symbol that can be set by the
> arch to omit the SCS codegen itself, without otherwise affecting how
> support code for SCS and compiler options (for register reservation, for
> instance) are emitted.
>
> Also, add a static key and some plumbing to omit the allocation of
> shadow call stack for dynamic SCS configurations if SCS is disabled at
> runtime.
>
> Signed-off-by: Ard Biesheuvel <ardb at kernel.org>
Reviewed-by: Kees Cook <keescook at chromium.org>
--
Kees Cook
More information about the linux-arm-kernel
mailing list