diff options
author | Sami Tolvanen <samitolvanen@google.com> | 2020-04-27 09:00:07 -0700 |
---|---|---|
committer | Will Deacon <will@kernel.org> | 2020-05-15 16:35:45 +0100 |
commit | d08b9f0ca6605e13dcb48f04e55a30545b3c71eb (patch) | |
tree | 177893706ae16d9302dda4ee5f4894ac02e9b24e /Makefile | |
parent | 6a8b55ed4056ea5559ebe4f6a4b247f627870d4c (diff) | |
download | linux-d08b9f0ca6605e13dcb48f04e55a30545b3c71eb.tar.gz linux-d08b9f0ca6605e13dcb48f04e55a30545b3c71eb.tar.bz2 linux-d08b9f0ca6605e13dcb48f04e55a30545b3c71eb.zip |
scs: Add support for Clang's Shadow Call Stack (SCS)
This change adds generic support for Clang's Shadow Call Stack,
which uses a shadow stack to protect return addresses from being
overwritten by an attacker. Details are available here:
https://clang.llvm.org/docs/ShadowCallStack.html
Note that security guarantees in the kernel differ from the ones
documented for user space. The kernel must store addresses of
shadow stacks in memory, which means an attacker capable reading
and writing arbitrary memory may be able to locate them and hijack
control flow by modifying the stacks.
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Miguel Ojeda <miguel.ojeda.sandonis@gmail.com>
[will: Numerous cosmetic changes]
Signed-off-by: Will Deacon <will@kernel.org>
Diffstat (limited to 'Makefile')
-rw-r--r-- | Makefile | 6 |
1 files changed, 6 insertions, 0 deletions
@@ -866,6 +866,12 @@ ifdef CONFIG_LIVEPATCH KBUILD_CFLAGS += $(call cc-option, -flive-patching=inline-clone) endif +ifdef CONFIG_SHADOW_CALL_STACK +CC_FLAGS_SCS := -fsanitize=shadow-call-stack +KBUILD_CFLAGS += $(CC_FLAGS_SCS) +export CC_FLAGS_SCS +endif + # arch Makefile may override CC so keep this after arch Makefile is included NOSTDINC_FLAGS += -nostdinc -isystem $(shell $(CC) -print-file-name=include) |