From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 13C28C433F5 for ; Fri, 11 Mar 2022 02:47:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:Content-Type: Content-Transfer-Encoding:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:In-Reply-To:From:References:Cc:To:Subject: MIME-Version:Date:Message-ID:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=+r69A0MndplIl8WWB3vesdYlXqbIvCiOJQl+tYeForc=; b=0w2Bui8i3JKH5Q xQo391eM5070/o5CnmzuiZxThMlSpfum4SUrpgCDHF3xWVVUMlcMvDp1/2HEBx5FMoCndmKO/95Ze /QBxyA84HLTI8Ztq6MOkgeOyc9YxuYTFLAunye/JxAt8Afe3RUCnnowi2G1OsQVFSmCAtOX0pgq6Q CKgrPLcFtdsHna+B8ehyn1R7K0j+ZC4VtiVRlvl4yX9kK1K4RrEdJNe/5JIgLbw0FayEZIQcdFu0R 7C0g03e5OJf2V0P+t3eoRQVoSIEo3MvSCVaGd0R+DT67huLauLnyyZsnkdNTiySWd3ZKSSIXL6x7s 2MBS5FQ73ciDfnfzLB0A==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1nSVIj-00Enes-00; Fri, 11 Mar 2022 02:46:45 +0000 Received: from out30-57.freemail.mail.aliyun.com ([115.124.30.57]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1nSVIe-00End6-AT for linux-arm-kernel@lists.infradead.org; Fri, 11 Mar 2022 02:46:43 +0000 X-Alimail-AntiSpam: AC=PASS; BC=-1|-1; BR=01201311R161e4; CH=green; DM=||false|; DS=||; FP=0|-1|-1|-1|0|-1|-1|-1; HT=e01e04423; MF=ashimida@linux.alibaba.com; NM=1; PH=DS; RN=23; SR=0; TI=SMTPD_---0V6rDYwB_1646966789; Received: from 192.168.193.160(mailfrom:ashimida@linux.alibaba.com fp:SMTPD_---0V6rDYwB_1646966789) by smtp.aliyun-inc.com(127.0.0.1); Fri, 11 Mar 2022 10:46:30 +0800 Message-ID: Date: Thu, 10 Mar 2022 18:46:29 -0800 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.6.1 Subject: Re: [PATCH v3 2/2] lkdtm: Add Shadow Call Stack tests Content-Language: en-US To: Kees Cook Cc: akpm@linux-foundation.org, arnd@arndb.de, catalin.marinas@arm.com, gregkh@linuxfoundation.org, linux@roeck-us.net, luc.vanoostenryck@gmail.com, elver@google.com, mark.rutland@arm.com, masahiroy@kernel.org, ojeda@kernel.org, nathan@kernel.org, npiggin@gmail.com, ndesaulniers@google.com, samitolvanen@google.com, shuah@kernel.org, tglx@linutronix.de, will@kernel.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, llvm@lists.linux.dev, linux-hardening@vger.kernel.org References: <20220303073340.86008-1-ashimida@linux.alibaba.com> <20220303074339.86337-1-ashimida@linux.alibaba.com> <202203031010.0A492D114@keescook> <202203031105.A1B4CAE6@keescook> <92a767c4-09e1-8783-2581-9848bb72890d@linux.alibaba.com> <202203091211.4F00F560@keescook> From: Dan Li In-Reply-To: <202203091211.4F00F560@keescook> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220310_184640_587390_52964FF1 X-CRM114-Status: GOOD ( 14.23 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On 3/9/22 12:16, Kees Cook wrote: > On Mon, Mar 07, 2022 at 07:16:36AM -0800, Dan Li wrote: >> But currently it still crashes when I try to enable >> "-mbranch-protection=pac-ret+leaf+bti". >> >> Because the address of "&&redirected" is not encrypted under pac, >> the autiasp check will fail when set_return_addr returns, and >> eventually cause the function to crash when it returns to "&&redirected" >> ("&&redirected" as a reserved label always seems to start with a bti j >> insn). > > Strictly speaking, this is entirely correct. :) > >> For lkdtm, if we're going to handle both cases in one function, maybe >> it would be better to turn off the -mbranch-protection=pac-ret+leaf+bti >> and maybe also turn off -O2 options for the function :) > > If we can apply a function attribute to turn off pac for the "does this > work without protections", that should be sufficient. > Got it, will do in the next version :) Thanks, Dan. _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel