Merge branch 'for-next/scs' into for-next/core (082af5ec) · Commits · 戴 / test

Makefile

+6 −0

Original line number	Diff line number	Diff line
		@@ -866,6 +866,12 @@ ifdef CONFIG_LIVEPATCH
		KBUILD_CFLAGS += $(call cc-option, -flive-patching=inline-clone)
		endif

		ifdef CONFIG_SHADOW_CALL_STACK
		CC_FLAGS_SCS := -fsanitize=shadow-call-stack
		KBUILD_CFLAGS += $(CC_FLAGS_SCS)
		export CC_FLAGS_SCS
		endif

		# arch Makefile may override CC so keep this after arch Makefile is included
		NOSTDINC_FLAGS += -nostdinc -isystem $(shell $(CC) -print-file-name=include)

+25 −0

Original line number	Diff line number	Diff line
		@@ -533,6 +533,31 @@ config STACKPROTECTOR_STRONG
		about 20% of all kernel functions, which increases the kernel code
		size by about 2%.

		config ARCH_SUPPORTS_SHADOW_CALL_STACK
		bool
		help
		An architecture should select this if it supports Clang's Shadow
		Call Stack and implements runtime support for shadow stack
		switching.

		config SHADOW_CALL_STACK
		bool "Clang Shadow Call Stack"
		depends on CC_IS_CLANG && ARCH_SUPPORTS_SHADOW_CALL_STACK
		depends on DYNAMIC_FTRACE_WITH_REGS \|\| !FUNCTION_GRAPH_TRACER
		help
		This option enables Clang's Shadow Call Stack, which uses a
		shadow stack to protect function return addresses from being
		overwritten by an attacker. More information can be found in
		Clang's documentation:

		https://clang.llvm.org/docs/ShadowCallStack.html

		Note that security guarantees in the kernel differ from the
		ones documented for user space. The kernel must store addresses
		of shadow stacks in memory, which means an attacker capable of
		reading and writing arbitrary memory may be able to locate them
		and hijack control flow by modifying the stacks.

		config HAVE_ARCH_WITHIN_STACK_FRAMES
		bool
		help

+5 −0

Original line number	Diff line number	Diff line
		@@ -68,6 +68,7 @@ config ARM64
		select ARCH_USE_QUEUED_SPINLOCKS
		select ARCH_USE_SYM_ANNOTATIONS
		select ARCH_SUPPORTS_MEMORY_FAILURE
		select ARCH_SUPPORTS_SHADOW_CALL_STACK if CC_HAVE_SHADOW_CALL_STACK
		select ARCH_SUPPORTS_ATOMIC_RMW
		select ARCH_SUPPORTS_INT128 if CC_HAS_INT128 && (GCC_VERSION >= 50000 \|\| CC_IS_CLANG)
		select ARCH_SUPPORTS_NUMA_BALANCING
		@@ -1026,6 +1027,10 @@ config ARCH_HAS_CACHE_LINE_SIZE
		config ARCH_ENABLE_SPLIT_PMD_PTLOCK
		def_bool y if PGTABLE_LEVELS > 2

		# Supported by clang >= 7.0
		config CC_HAVE_SHADOW_CALL_STACK
		def_bool $(cc-option, -fsanitize=shadow-call-stack -ffixed-x18)

		config SECCOMP
		bool "Enable seccomp to safely compute untrusted bytecode"
		---help---

+4 −0

Original line number	Diff line number	Diff line
		@@ -87,6 +87,10 @@ endif

		KBUILD_CFLAGS += $(branch-prot-flags-y)

		ifeq ($(CONFIG_SHADOW_CALL_STACK), y)
		KBUILD_CFLAGS += -ffixed-x18
		endif

		ifeq ($(CONFIG_CPU_BIG_ENDIAN), y)
		KBUILD_CPPFLAGS += -mbig-endian
		CHECKFLAGS += -D__AARCH64EB__

+1 −1

Original line number	Diff line number	Diff line
		@@ -12,7 +12,7 @@
		#include <asm/alternative.h>
		#include <asm/sysreg.h>

		#define __hyp_text __section(.hyp.text) notrace
		#define __hyp_text __section(.hyp.text) notrace __noscs

		#define read_sysreg_elx(r,nvh,vh) \
		({ \