Received: by 2002:a25:31c3:0:0:0:0:0 with SMTP id x186csp1019984ybx; Fri, 1 Nov 2019 15:17:00 -0700 (PDT) X-Google-Smtp-Source: APXvYqznK1UDwU0t/SOYMHAC7MxrrQXvKv9B7/5IS+kCXyaI7fVMf2nKzqL/qt0IIkjbfi5Tdmfw X-Received: by 2002:a05:6402:1683:: with SMTP id a3mr15303206edv.269.1572646620269; Fri, 01 Nov 2019 15:17:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1572646620; cv=none; d=google.com; s=arc-20160816; b=RTMeqybx3eaM0q7LQzKVnE+R9Yzd4vieM9ndIAaiCX14w6lbJzRV9sg5xX+OK4BnfY mxKZNGFt6NMIsmpohDzA+PMJ7/EdiCsJs4HcCk+Ap+m/qhiCPpoKtaumI16PWtw7jalc laLJWlYkY4CTsgfMrh8z8c9toypz0A81IIzwRDfzxsebj7VTnR0lXx5f6qoJ89ncPvL5 x2EWIznbZEPCLd/dME8U4fwc/Pz0w77U5Xu5T+lxpgT1q1civ3tNLDb2nVRTU9CeoqEY 4wMfuUU9Xe+c63qvq4Ek4uuM9vaxLxl7tt6ZFkokR8Wi6FBJtn9tJ0SHMR4vY9mjO8JW g8zw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:from:subject:references :mime-version:message-id:in-reply-to:date:dkim-signature; bh=SBPjjox/K0nQBp9p/UReaX06mOCKZA5VG5oKrHSRp3U=; b=yUaYfQNU0W3vgoAMls/plYKddzp2XSTa2kIxPl1oZsStKQqBIIsdCXGwPQO1vDW6Df BzatFrsbdWLgGJgb2k+CK6ZD2iDgaaHKZAOgf7qTaR1mifNRISSrH9sSOWDltTyv3AOD D1i8B51m/gxHWts+jWEvbxO9nXZtZkNiv/zql4xvgWAYzNzTVxgBWWwt4DLTomwc2rrY YY8BdMfF3sGXpg2WPQh7HPWDQ8thWBjrfTPoyXusCP50dNQcijqAC8VclsFEAoNbVMwk nNvVzxHdFU7CqrYMCn+dv/uoTq6Vo9jKMQVAp+Dz/gnaSpmvJHNfxb1b5UaAA25K/NQi UiBA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=jD7UphcO; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w42si1382800edc.440.2019.11.01.15.16.36; Fri, 01 Nov 2019 15:17:00 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=jD7UphcO; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728142AbfKAWMx (ORCPT + 99 others); Fri, 1 Nov 2019 18:12:53 -0400 Received: from mail-pl1-f201.google.com ([209.85.214.201]:34557 "EHLO mail-pl1-f201.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727307AbfKAWMi (ORCPT ); Fri, 1 Nov 2019 18:12:38 -0400 Received: by mail-pl1-f201.google.com with SMTP id u9so1473108plq.1 for ; Fri, 01 Nov 2019 15:12:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=SBPjjox/K0nQBp9p/UReaX06mOCKZA5VG5oKrHSRp3U=; b=jD7UphcOofzvzp+Fej+FGAYX3qlgaInC3q6riheK3W8LCKmKWtfTlTrJ/vzD4a19an +Hcrv+tkq9TdRVKgDOaa6Ic5PZn6XxN9+vLYJmvkleDiug2F9Tcj89ldzM4/Wx0mDp22 mgzUKliuIEQOx7CwzvE6V9myvgkQNgKcVgCutPLeSHS/wibMi+2JvOa+OCv75/Nwje2O 8oWep5ZzzzdxjS5LcG8wINg1XSm4eYtuiQytGXDC4/Up/8zjkIUOQ+XAAMs0f9WdxGw6 GvK3uzJndPpvEwWoClt/0ppEIta5+qJS7qlUvBidggYVVp60p9g8sBe1C+92bc/icYtq Aalg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=SBPjjox/K0nQBp9p/UReaX06mOCKZA5VG5oKrHSRp3U=; b=FVbrZL+C+EyiMBFjGHu1SvkHj1LhQxILQcyLjFVKHXRaVFk6lCVgX0uq+wJOdkeRbh ohQt4Ydtu8lnn3v8hbQQbOnESjN1w5kVcc4bU0nEe+n3/yYeHWRCWsXQcebL1sfoX5IP Ko/n7YcZhtydby9qMp0oMbhpbiqCddFKJu+WciTL+33xrC82IB/OneSHB9PKINIQV4m6 D90rklIAFfNtbe00q+Nq241kUQht/qUakfk13ENaF94zD08iYG/0CKqmoSTXgRAozpVz d+kFsOaO8w9W/X8TVeasPZPhPjojLA0gcwnIGWrHDMFwDs5ycGm3FK35asz0SEOPnydh brKg== X-Gm-Message-State: APjAAAWLi0K9vHeslq31vAR0tD5SqP86uS9oL7umld74EQkVU2BFhG6W E42RnGfcySal7Uxvgy0bY/lEFsIi3/GTsHgammk= X-Received: by 2002:a63:4525:: with SMTP id s37mr16212936pga.148.1572646357518; Fri, 01 Nov 2019 15:12:37 -0700 (PDT) Date: Fri, 1 Nov 2019 15:11:49 -0700 In-Reply-To: <20191101221150.116536-1-samitolvanen@google.com> Message-Id: <20191101221150.116536-17-samitolvanen@google.com> Mime-Version: 1.0 References: <20191018161033.261971-1-samitolvanen@google.com> <20191101221150.116536-1-samitolvanen@google.com> X-Mailer: git-send-email 2.24.0.rc1.363.gb1bccd3e3d-goog Subject: [PATCH v4 16/17] arm64: disable SCS for hypervisor code From: Sami Tolvanen To: Will Deacon , Catalin Marinas , Steven Rostedt , Masami Hiramatsu , Ard Biesheuvel Cc: Dave Martin , Kees Cook , Laura Abbott , Mark Rutland , Marc Zyngier , Nick Desaulniers , Jann Horn , Miguel Ojeda , Masahiro Yamada , clang-built-linux@googlegroups.com, kernel-hardening@lists.openwall.com, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, Sami Tolvanen Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Filter out CC_FLAGS_SCS for code that runs at a different exception level. Suggested-by: Steven Rostedt (VMware) Signed-off-by: Sami Tolvanen Reviewed-by: Kees Cook --- arch/arm64/kvm/hyp/Makefile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/arm64/kvm/hyp/Makefile b/arch/arm64/kvm/hyp/Makefile index ea710f674cb6..17ea3da325e9 100644 --- a/arch/arm64/kvm/hyp/Makefile +++ b/arch/arm64/kvm/hyp/Makefile @@ -28,3 +28,6 @@ GCOV_PROFILE := n KASAN_SANITIZE := n UBSAN_SANITIZE := n KCOV_INSTRUMENT := n + +# remove the SCS flags from all objects in this directory +KBUILD_CFLAGS := $(filter-out $(CC_FLAGS_SCS), $(KBUILD_CFLAGS)) -- 2.24.0.rc1.363.gb1bccd3e3d-goog