[PATCH v6 0/3] arm64: dynamic shadow call stack support
Will Deacon
will at kernel.org
Wed Nov 9 11:13:58 PST 2022
On Thu, 27 Oct 2022 17:59:05 +0200, Ard Biesheuvel wrote:
> Generic kernel images such as Android's GKI usually enable all available
> security features, which are typically implemented in such a way that
> they only take effect if the underlying hardware can support it, but
> don't interfere with correct and efficient operation otherwise.
>
> For shadow call stack support, which is always supported by the
> hardware, it means it will be enabled even if pointer authentication is
> also supported, and enabled for signing return addresses stored on the
> stack. The additional security provided by shadow call stack is only
> marginal in this case, whereas the performance overhead is not.
>
> [...]
Applied to arm64 (for-next/dynamic-scs), thanks!
[1/3] arm64: unwind: add asynchronous unwind tables to kernel and modules
https://git.kernel.org/arm64/c/68c76ad4a957
[2/3] scs: add support for dynamic shadow call stacks
https://git.kernel.org/arm64/c/9beccca09840
[3/3] arm64: implement dynamic shadow call stack for Clang
https://git.kernel.org/arm64/c/3b619e22c460
Cheers,
--
Will
https://fixes.arm64.dev
https://next.arm64.dev
https://will.arm64.dev
More information about the linux-arm-kernel
mailing list