[PATCH v6 0/3] arm64: dynamic shadow call stack support
Kees Cook
keescook at chromium.org
Tue Nov 8 09:21:32 PST 2022
On Thu, Oct 27, 2022 at 05:59:05PM +0200, Ard Biesheuvel wrote:
> In order to allow runtimes to unwind call stacks that involve return
> address signing, we track whether or not the return address is currently
> signed by means of DWARF CFI directives in the unwinding metadata. This
> means we can use this information to locate all PACIASP/AUTIASP
> instructions in the binary, instead of having to use brute force and go
> over all instructions in the entire program.
>
> This series implements this approach for Clang, which has been vetted
> (and fixed in release 15) to ensure that the unwind metadata is 100%
> accurate when it comes to PACIASP/AUTIASP occurrences. Sadly, GCC does
> not always get that quite right, so this series is Clang-only for the
> moment.
Hi Will,
Can you please pick this up for v6.2? This has been needed for a while
now. :)
Thanks!
-Kees
--
Kees Cook
More information about the linux-arm-kernel
mailing list