From: Kees Cook <keescook@chromium.org>
To: Ard Biesheuvel <ardb@kernel.org>
Cc: linux-arm-kernel@lists.infradead.org, will@kernel.org,
mark.rutland@arm.com, samitolvanen@google.com
Subject: Re: [PATCH] arm64: scs: Work around full LTO issue with dynamic SCS
Date: Wed, 10 Jan 2024 11:16:39 -0800 [thread overview]
Message-ID: <202401101114.54B606B95A@keescook> (raw)
In-Reply-To: <20240110132619.258809-2-ardb+git@google.com>
On Wed, Jan 10, 2024 at 02:26:20PM +0100, Ard Biesheuvel wrote:
> From: Ard Biesheuvel <ardb@kernel.org>
>
> Full LTO takes the '-mbranch-protection=none' passed to the compiler
> when generating the dynamic shadow call stack patching code as a hint to
> stop emitting PAC instructions altogether. (Thin LTO appears unaffected
> by this)
>
> Work around this by stripping unwind tables from the object in question,
> which should be sufficient to prevent the patching code from attempting
> to patch itself.
>
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Thanks for finding a work-around for this! Do you want to include
the Reported-by: or Cc: stable@... tags for this?
Reviewed-by: Kees Cook <keescook@chromium.org>
-Kees
> ---
> arch/arm64/kernel/Makefile | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/arch/arm64/kernel/Makefile b/arch/arm64/kernel/Makefile
> index d95b3d6b471a..e5d03a7039b4 100644
> --- a/arch/arm64/kernel/Makefile
> +++ b/arch/arm64/kernel/Makefile
> @@ -73,7 +73,13 @@ obj-$(CONFIG_ARM64_MTE) += mte.o
> obj-y += vdso-wrap.o
> obj-$(CONFIG_COMPAT_VDSO) += vdso32-wrap.o
> obj-$(CONFIG_UNWIND_PATCH_PAC_INTO_SCS) += patch-scs.o
> -CFLAGS_patch-scs.o += -mbranch-protection=none
> +
> +# We need to prevent the SCS patching code from patching itself. Using
> +# -mbranch-protection=none here to avoid the patchable PAC opcodes from being
> +# generated triggers an issue with full LTO on Clang, which stops emitting PAC
> +# instructions altogether. So instead, omit the unwind tables used by the
> +# patching code, so it will not be able to locate its own PAC instructions.
> +CFLAGS_patch-scs.o += -fno-asynchronous-unwind-tables -fno-unwind-tables
>
> # Force dependency (vdso*-wrap.S includes vdso.so through incbin)
> $(obj)/vdso-wrap.o: $(obj)/vdso/vdso.so
> --
> 2.43.0.472.g3155946c3a-goog
>
--
Kees Cook
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2024-01-10 19:17 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-10 13:26 [PATCH] arm64: scs: Work around full LTO issue with dynamic SCS Ard Biesheuvel
2024-01-10 19:16 ` Kees Cook [this message]
2024-01-10 19:57 ` Sami Tolvanen
2024-01-10 20:21 ` Ard Biesheuvel
2024-01-10 20:33 ` Sami Tolvanen
2024-01-12 13:42 ` Will Deacon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202401101114.54B606B95A@keescook \
--to=keescook@chromium.org \
--cc=ardb@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=mark.rutland@arm.com \
--cc=samitolvanen@google.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).