All of lore.kernel.org
 help / color / mirror / Atom feed
From: Kees Cook <keescook@chromium.org>
To: Mark Brown <broonie@kernel.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>,
	Will Deacon <will@kernel.org>,
	linux-arm-kernel@lists.infradead.org
Subject: Re: [PATCH 5/5] arm64: bti: Provide Kconfig for kernel mode BTI
Date: Sat, 28 Mar 2020 14:19:49 -0700	[thread overview]
Message-ID: <202003281419.718CDC24@keescook> (raw)
In-Reply-To: <20200327192107.18394-6-broonie@kernel.org>

On Fri, Mar 27, 2020 at 07:21:07PM +0000, Mark Brown wrote:
> Now that all the code is in place provide a Kconfig option allowing users
> to enable BTI for the kernel if their toolchain supports it, defaulting it
> on since this has security benefits. This is a separate configuration
> option since we currently don't support secondary CPUs that lack BTI if
> the boot CPU supports it.
> 
> Current testing appears to show an issue with GCC which causes it to
> emit unsuitable landing pads for function entries in some cases, until
> this issue is understood and either our usage fixed or a suitable
> version of GCC is identified the feature is marked as incompatible with
> GCC.  No issues have been identified with clang.
> 
> Signed-off-by: Mark Brown <broonie@kernel.org>
> ---
>  arch/arm64/Kconfig | 18 ++++++++++++++++++
>  1 file changed, 18 insertions(+)
> 
> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
> index 00cb4db4beab..25bb0931b2ba 100644
> --- a/arch/arm64/Kconfig
> +++ b/arch/arm64/Kconfig
> @@ -1607,6 +1607,24 @@ config ARM64_BTI
>  	  BTI, such binaries can still run, but you get no additional
>  	  enforcement of branch destinations.
>  
> +config ARM64_BTI_KERNEL
> +	bool "Use Branch Target Identification for kernel"
> +	default y
> +	depends on ARM64_BTI
> +	depends on ARM64_PTR_AUTH
> +	depends on CC_HAS_BRANCH_PROT_PAC_RET_BTI

(this depend can be dropped with my crazy Makefile suggestion)

> +	depends on !CC_IS_GCC
> +	depends on (!FUNCTION_GRAPH_TRACER || DYNAMIC_FTRACE_WITH_REGS)
> +	help
> +	  Build the kernel with Branch Target Identification annotations
> +	  and enable enforcement of this for kernel code. When this option
> +	  is enabled and the system supports BTI all kernel code including
> +	  modular code must have BTI enabled.
> +
> +config CC_HAS_BRANCH_PROT_PAC_RET_BTI
> +	# GCC 9 or later, clang 8 or later
> +	def_bool $(cc-option,-mbranch-protection=pac-ret+leaf+bti)

Exciting! :)

> +
>  config ARM64_E0PD
>  	bool "Enable support for E0PD"
>  	default y
> -- 
> 2.20.1
> 

-- 
Kees Cook

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

      reply	other threads:[~2020-03-28 21:19 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-03-27 19:21 [PATCH 0/5] arm64: Initial BTI kernel support Mark Brown
2020-03-27 19:21 ` [PATCH 1/5] arm64: bti: Support building kernel C code using BTI Mark Brown
2020-03-28 21:14   ` Kees Cook
2020-03-30 11:33     ` Mark Brown
2020-03-30 18:06       ` Kees Cook
2020-03-31 15:21         ` Mark Brown
2020-03-27 19:21 ` [PATCH 2/5] arm64: asm: Override SYM_FUNC_START when building the kernel with BTI Mark Brown
2020-03-27 19:21 ` [PATCH 3/5] arm64: Set GP bit in kernel page tables to enable BTI for the kernel Mark Brown
2020-03-27 19:21 ` [PATCH 4/5] arm64: mm: Mark module text as guarded pages Mark Brown
2020-03-27 19:21 ` [PATCH 5/5] arm64: bti: Provide Kconfig for kernel mode BTI Mark Brown
2020-03-28 21:19   ` Kees Cook [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=202003281419.718CDC24@keescook \
    --to=keescook@chromium.org \
    --cc=broonie@kernel.org \
    --cc=catalin.marinas@arm.com \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=will@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.