diff options
author | Dan Li <ashimida@linux.alibaba.com> | 2022-03-02 23:43:23 -0800 |
---|---|---|
committer | Kees Cook <keescook@chromium.org> | 2022-03-10 09:22:09 -0800 |
commit | afcf5441b9ff22ac57244cd45ff102ebc2e32d1a (patch) | |
tree | 09e566a2d90c1de122dd348ff2e483fd815d725d /include/linux/compiler-gcc.h | |
parent | 575d6b77fa2697afd2b3a443f7f879faa65ae0ca (diff) | |
download | linux-afcf5441b9ff22ac57244cd45ff102ebc2e32d1a.tar.gz linux-afcf5441b9ff22ac57244cd45ff102ebc2e32d1a.tar.bz2 linux-afcf5441b9ff22ac57244cd45ff102ebc2e32d1a.zip |
arm64: Add gcc Shadow Call Stack support
Shadow call stacks will be available in GCC >= 12, this patch makes
the corresponding kernel configuration available when compiling
the kernel with the gcc.
Note that the implementation in GCC is slightly different from Clang.
With SCS enabled, functions will only pop x30 once in the epilogue,
like:
str x30, [x18], #8
stp x29, x30, [sp, #-16]!
......
- ldp x29, x30, [sp], #16 //clang
+ ldr x29, [sp], #16 //GCC
ldr x30, [x18, #-8]!
Link: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=ce09ab17ddd21f73ff2caf6eec3b0ee9b0e1a11e
Reviewed-by: Nathan Chancellor <nathan@kernel.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
Signed-off-by: Dan Li <ashimida@linux.alibaba.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20220303074323.86282-1-ashimida@linux.alibaba.com
Diffstat (limited to 'include/linux/compiler-gcc.h')
-rw-r--r-- | include/linux/compiler-gcc.h | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h index ccbbd31b3aae..deff5b308470 100644 --- a/include/linux/compiler-gcc.h +++ b/include/linux/compiler-gcc.h @@ -97,6 +97,10 @@ #define KASAN_ABI_VERSION 4 #endif +#ifdef CONFIG_SHADOW_CALL_STACK +#define __noscs __attribute__((__no_sanitize__("shadow-call-stack"))) +#endif + #if __has_attribute(__no_sanitize_address__) #define __no_sanitize_address __attribute__((no_sanitize_address)) #else |