From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id E4A2CC4707B for ; Wed, 10 Jan 2024 19:17:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References: Message-ID:Subject:Cc:To:From:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=NPRUJ5luCKpedaWsFJhxwMkEHSc8vW/UKCM57gBks7U=; b=MuwawvVXmNDuHf tCKIdNRHbmYhS8ndrUzrUqqBLWIUpqQXjk0RJZY+cr2MxiSgLa5/qwD8anK9ysSsKXR8DvOxYwOW1 5NOkN34G6JSX6JcgcCejtGcpGHyXgm3WorWWf1f6q338glFMYZhOlT6TFJ3HcnMJ0W3vy+L6cgi32 A0CU3LD0pqijckCA32+IkTdA8Jn/c8pmgM4AYrfDuGiJuv665iCQjbUtZAch0cgV4dNryV3PXYnZL hUMj7PwmkvrvRflYvPvTN7Kslp5O4+fGIZ+qy3CJmYoXRhB1OraexLgy93p2EIExe0CR35DehKPEf fbKnZWBjI/H8fC6286bg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1rNe4I-00De90-29; Wed, 10 Jan 2024 19:16:50 +0000 Received: from mail-pg1-x52b.google.com ([2607:f8b0:4864:20::52b]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1rNe4B-00De5X-0m for linux-arm-kernel@lists.infradead.org; Wed, 10 Jan 2024 19:16:49 +0000 Received: by mail-pg1-x52b.google.com with SMTP id 41be03b00d2f7-5ce2aada130so2221342a12.1 for ; Wed, 10 Jan 2024 11:16:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1704914200; x=1705519000; darn=lists.infradead.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=6gAG4EojpeXhc/JUk9S7YEy3b/9f0ljvACZmxJlxiXo=; b=Fil+KfXXOiazTKbMqRhM/7qh23VkF/YxkhBaZTUECsb7oRCOBU6X2A4OCBpdwKl2S9 yg86YCTLo/6t0XJOpYavrv3s8xUBgdOcfG/xp7M3Fes5dA7KHZTER844orHHNRbvsx2v 49ZYeJIjGeWhMdAOI75sZcNGZRdJAiRD6O3Os= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1704914200; x=1705519000; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=6gAG4EojpeXhc/JUk9S7YEy3b/9f0ljvACZmxJlxiXo=; b=hVnnJYpDyK3CvvnRYIgA83J8h/Uhrls1SIlCJG3OiAfrjXFv6GX6HhekbJpAZofbNj SZuG+fG0bae9Tt9vnkf1VSq7GSYmK+qjoDBBULVcmBd9LKdxa/tFN5ZWtQUob7by6hsO 7AIPbk4CEt2A5FfrAlzrqryy4LInISy495wv5+F++4LQTJJXSoP8A5iyx7gICzywewfG DHgIBAQ/UDB7uVJPdeu2G0fW+DkNFgEucMDOIhufrezxWYffvgHpBGyuYIAGoQOiJg4K OBD5gA0tsZgPN2Llmvtszs39lFkzzRvQuj/VXdGM+v0jIh0uqXm38bEcV92m4HpgdtNM P14A== X-Gm-Message-State: AOJu0YzwP/2UDCVZ8W0xk+e2tWnvPV4HiX4/SlkBjF1FaBG+wZhRRROh PHrwdPMN8kVxHDXzy1kis5/ZA5JBXtSlJ7C60METQ8KpDA== X-Google-Smtp-Source: AGHT+IFHxTMlt4w9UU7nBm84VtHB5tzpgE+FGrhMQ/rSaxaUGDsmbEiEYiDwBtbLZU+MzjZRllMtFA== X-Received: by 2002:a05:6a20:3a9c:b0:19a:36b9:38dd with SMTP id d28-20020a056a203a9c00b0019a36b938ddmr570245pzh.38.1704914200026; Wed, 10 Jan 2024 11:16:40 -0800 (PST) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id o123-20020a634181000000b005ce6b79ab6asm3840201pga.82.2024.01.10.11.16.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 10 Jan 2024 11:16:39 -0800 (PST) Date: Wed, 10 Jan 2024 11:16:39 -0800 From: Kees Cook To: Ard Biesheuvel Cc: linux-arm-kernel@lists.infradead.org, will@kernel.org, mark.rutland@arm.com, samitolvanen@google.com Subject: Re: [PATCH] arm64: scs: Work around full LTO issue with dynamic SCS Message-ID: <202401101114.54B606B95A@keescook> References: <20240110132619.258809-2-ardb+git@google.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20240110132619.258809-2-ardb+git@google.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240110_111643_307917_D7970F7D X-CRM114-Status: GOOD ( 21.66 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Wed, Jan 10, 2024 at 02:26:20PM +0100, Ard Biesheuvel wrote: > From: Ard Biesheuvel > > Full LTO takes the '-mbranch-protection=none' passed to the compiler > when generating the dynamic shadow call stack patching code as a hint to > stop emitting PAC instructions altogether. (Thin LTO appears unaffected > by this) > > Work around this by stripping unwind tables from the object in question, > which should be sufficient to prevent the patching code from attempting > to patch itself. > > Signed-off-by: Ard Biesheuvel Thanks for finding a work-around for this! Do you want to include the Reported-by: or Cc: stable@... tags for this? Reviewed-by: Kees Cook -Kees > --- > arch/arm64/kernel/Makefile | 8 +++++++- > 1 file changed, 7 insertions(+), 1 deletion(-) > > diff --git a/arch/arm64/kernel/Makefile b/arch/arm64/kernel/Makefile > index d95b3d6b471a..e5d03a7039b4 100644 > --- a/arch/arm64/kernel/Makefile > +++ b/arch/arm64/kernel/Makefile > @@ -73,7 +73,13 @@ obj-$(CONFIG_ARM64_MTE) += mte.o > obj-y += vdso-wrap.o > obj-$(CONFIG_COMPAT_VDSO) += vdso32-wrap.o > obj-$(CONFIG_UNWIND_PATCH_PAC_INTO_SCS) += patch-scs.o > -CFLAGS_patch-scs.o += -mbranch-protection=none > + > +# We need to prevent the SCS patching code from patching itself. Using > +# -mbranch-protection=none here to avoid the patchable PAC opcodes from being > +# generated triggers an issue with full LTO on Clang, which stops emitting PAC > +# instructions altogether. So instead, omit the unwind tables used by the > +# patching code, so it will not be able to locate its own PAC instructions. > +CFLAGS_patch-scs.o += -fno-asynchronous-unwind-tables -fno-unwind-tables > > # Force dependency (vdso*-wrap.S includes vdso.so through incbin) > $(obj)/vdso-wrap.o: $(obj)/vdso/vdso.so > -- > 2.43.0.472.g3155946c3a-goog > -- Kees Cook _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel