From: Mark Brown <broonie@kernel.org>
To: Kees Cook <keescook@chromium.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>,
linux-arm-kernel@lists.infradead.org
Subject: Re: [PATCH 1/5] arm64: bti: Support building kernel C code using BTI
Date: Mon, 30 Mar 2020 12:33:00 +0100 [thread overview]
Message-ID: <20200330113300.GD4792@sirena.org.uk> (raw)
In-Reply-To: <202003281348.B5ECC9DB2@keescook>
[-- Attachment #1.1: Type: text/plain, Size: 1360 bytes --]
On Sat, Mar 28, 2020 at 02:14:09PM -0700, Kees Cook wrote:
> On Fri, Mar 27, 2020 at 07:21:03PM +0000, Mark Brown wrote:
> > When running with BTI enabled we need to ask the compiler to enable
> > generation of BTI landing pads beyond those generated as a result of
> > pointer authentication instructions being landing pads. Since the two
> > features are practically speaking unlikely to be used separately we
> > will make kernel mode BTI depend on pointer authentication in order
> > to simplify the Makefile.
> Some vendors have been making chips with weird combinations of features.
> Is there a better justification to use beyond "unlikely"?
The design intent is that BTI is complementary to PAC so it would be a
peculiar implementation choice to do BTI without also doing PAC but yes,
implementors and system integrators have the freedom to innovate in ways
that we cannot always forsee. The other bit of it is that there's
fairly limited overhead from running PAC enabled code on hardware
without the support.
> The compiler appears to accept a leading +, so how about:
...
> Or, this is all overkill. :)
I feel better about adding the extra dependency than feeding an option
to the compiler that looks wrong like -mbranch-protection=+bti (more
BTI!) but ultimately I don't have strong feelings either way so whatever
Catalin and Will prefer.
[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
[-- Attachment #2: Type: text/plain, Size: 176 bytes --]
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2020-03-30 11:33 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-27 19:21 [PATCH 0/5] arm64: Initial BTI kernel support Mark Brown
2020-03-27 19:21 ` [PATCH 1/5] arm64: bti: Support building kernel C code using BTI Mark Brown
2020-03-28 21:14 ` Kees Cook
2020-03-30 11:33 ` Mark Brown [this message]
2020-03-30 18:06 ` Kees Cook
2020-03-31 15:21 ` Mark Brown
2020-03-27 19:21 ` [PATCH 2/5] arm64: asm: Override SYM_FUNC_START when building the kernel with BTI Mark Brown
2020-03-27 19:21 ` [PATCH 3/5] arm64: Set GP bit in kernel page tables to enable BTI for the kernel Mark Brown
2020-03-27 19:21 ` [PATCH 4/5] arm64: mm: Mark module text as guarded pages Mark Brown
2020-03-27 19:21 ` [PATCH 5/5] arm64: bti: Provide Kconfig for kernel mode BTI Mark Brown
2020-03-28 21:19 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200330113300.GD4792@sirena.org.uk \
--to=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=keescook@chromium.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.