Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp1445159ybz; Thu, 16 Apr 2020 09:16:30 -0700 (PDT) X-Google-Smtp-Source: APiQypJBUbd+kjyjd580hK/Q6iXpZayRO3j3jotNSL6xwAzAmaHFxOtI7OEmKW+w/XG2azuCsQ0I X-Received: by 2002:aa7:ce8e:: with SMTP id y14mr30220609edv.30.1587053790335; Thu, 16 Apr 2020 09:16:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1587053790; cv=none; d=google.com; s=arc-20160816; b=EMTZTHO5TZenYXkS/BbL3TFyoDGg5kBO9zbRFa0EBogj2Gy2ZQQEfYn1R3IvvbwJUe Ab8ip3KqPmRn/jQpocVLx9pvp4Eqv8HNtj02WwFptjzfSbA6Llg6LndMLG2bP5T5F6n7 y+TSI0neIxipmlHsUY3E2Vm+Yf2TblyuvzjG/Zjl8EiAVm6wuceycUBTLUiFGZZS8e8h Ij+wyf8nzdsHC3tWG/GlKiP2uVmnjg1nsrusxxauCtfbsyB7vRZwNXmELFdkgR0CKTRI MI6JKUgcGekLf7qY5UAeSamQkIHULrcOSCZ3Bl5gWG2f7h2l7dJcgpFr+B/9nj0nKXz+ DLtQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:from:subject:references :mime-version:message-id:in-reply-to:date:dkim-signature; bh=v+FpjDALSMEE3YToTyyoSh5dhgN0urRtPwHsB1+RBqo=; b=cBCUbze0HehmGyf0Y51Tvk9OaPswAbod7/JWFS9jkFRl+z4uplUUtrQXfXnlnUnh+5 sDnLx4GclcBOFhEDI6a55KywOl2A7b1qoMRJ07+fR0ipKGm5s3BD4DwC3OgsZFiYEPs8 L1i2HD3jWv/gi9pIwIajD2blbMTsSBanJ+bEDEE94LCLTmnvRrDeV+X60J+Rz3AJkhgk nXCg+x4NdRQpzIZRnxvV7a676R/A/4G5CvI22Rd3ODxy8P2COkS4VdhSDSawKdHoyKek e/ixl5z4f81LOu2L7FEePRa/Qtm0cW152UJ/pj9H3iLYnPq5IZa81j7JDFGgAawlV/VZ KTFQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=LLB6uGgi; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id z6si11431941ejw.468.2020.04.16.09.16.07; Thu, 16 Apr 2020 09:16:30 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=LLB6uGgi; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2506903AbgDPQOS (ORCPT + 99 others); Thu, 16 Apr 2020 12:14:18 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53310 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-FAIL-OK-FAIL) by vger.kernel.org with ESMTP id S2404738AbgDPQNB (ORCPT ); Thu, 16 Apr 2020 12:13:01 -0400 Received: from mail-pf1-x449.google.com (mail-pf1-x449.google.com [IPv6:2607:f8b0:4864:20::449]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0C7DEC061A0C for ; Thu, 16 Apr 2020 09:13:00 -0700 (PDT) Received: by mail-pf1-x449.google.com with SMTP id 18so3398298pfu.22 for ; Thu, 16 Apr 2020 09:13:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=v+FpjDALSMEE3YToTyyoSh5dhgN0urRtPwHsB1+RBqo=; b=LLB6uGgi081g4dKc+3D/4hphc5jFZuDn5l3K/Cxtfcs3/rhIPXgTzCDJ4HjatU2B34 JY4fNmY4l5JYswvESy2IHRhqnwuSzzW+BBMx2qv9Y+i4mCamy8HON5fMlGYrckrZs0zi zqYykbeZ1nK8/8teogXlHD/G+fEHWxaLjwONYJdsxpHLsGV/uV6CPYJuDeVcg/JjeiqB SSqMbSaUnpkdFmw7gIR6KIznWHRwY5meJ2DEzQesEEI4NungE9nWx22c6EzLC3ly+4jk MftpYNrj0up2ZWOvkRRAr9cuASUwgpZg2ADv9LJBOB+WmvPbpOHT0hNO3fPOr3IaSvnm 7NdA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=v+FpjDALSMEE3YToTyyoSh5dhgN0urRtPwHsB1+RBqo=; b=OERkFddeNNv45qYYW3uau4UfHTAfzUhLoC1y62PIfN0XjcI/w7z0uPvRMc85oXPJRZ 17eRUIQEp1z1d2mATRepihwJV+JEx8OgAe9MOPlOWUdkf1HdvJMj8NXfDq9wUlZBibXD oRnIMUGMrrH8ovaRfOQJs7m+awd8fEr3yuvz5ThtGXw6sAGcvDAR/i/Xp/1njsQ9cXJM Oq6EGVzO97fkHF37FcmVcd8GoYwVlSuyWI/rx530t2sBWJeUikLQZ7+2hTrn9MD8VTgk Z+KitzGDmtEe6rT9Kfebqo74DxTg2Mu7fZ21qx5G3ht2Ei97JXpGN6YXqcZ1W0lDMsHk vTCw== X-Gm-Message-State: AGi0PubL+2aNxTQO4cGk8ajn8C3Yqaaffc76kCctyRSjHpSqBOzIhIw9 Yclox09qKSefVysgMDz2kKph7ZgAMSBo9XRxdGc= X-Received: by 2002:a17:90a:8989:: with SMTP id v9mr6124346pjn.119.1587053579583; Thu, 16 Apr 2020 09:12:59 -0700 (PDT) Date: Thu, 16 Apr 2020 09:12:37 -0700 In-Reply-To: <20200416161245.148813-1-samitolvanen@google.com> Message-Id: <20200416161245.148813-5-samitolvanen@google.com> Mime-Version: 1.0 References: <20191018161033.261971-1-samitolvanen@google.com> <20200416161245.148813-1-samitolvanen@google.com> X-Mailer: git-send-email 2.26.1.301.g55bc3eb7cb9-goog Subject: [PATCH v11 04/12] scs: disable when function graph tracing is enabled From: Sami Tolvanen To: Will Deacon , Catalin Marinas , James Morse , Steven Rostedt , Ard Biesheuvel , Mark Rutland , Masahiro Yamada , Michal Marek , Ingo Molnar , Peter Zijlstra , Juri Lelli , Vincent Guittot Cc: Dave Martin , Kees Cook , Laura Abbott , Marc Zyngier , Masami Hiramatsu , Nick Desaulniers , Jann Horn , Miguel Ojeda , clang-built-linux@googlegroups.com, kernel-hardening@lists.openwall.com, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, Sami Tolvanen Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The graph tracer hooks returns by modifying frame records on the (regular) stack, but with SCS the return address is taken from the shadow stack, and the value in the frame record has no effect. As we don't currently have a mechanism to determine the corresponding slot on the shadow stack (and to pass this through the ftrace infrastructure), for now let's disable SCS when the graph tracer is enabled. With SCS the return address is taken from the shadow stack and the value in the frame record has no effect. The mcount based graph tracer hooks returns by modifying frame records on the (regular) stack, and thus is not compatible. The patchable-function-entry graph tracer used for DYNAMIC_FTRACE_WITH_REGS modifies the LR before it is saved to the shadow stack, and is compatible. Modifying the mcount based graph tracer to work with SCS would require a mechanism to determine the corresponding slot on the shadow stack (and to pass this through the ftrace infrastructure), and we expect that everyone will eventually move to the patchable-function-entry based graph tracer anyway, so for now let's disable SCS when the mcount-based graph tracer is enabled. SCS and patchable-function-entry are both supported from LLVM 10.x. Signed-off-by: Sami Tolvanen Reviewed-by: Kees Cook Reviewed-by: Mark Rutland --- arch/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/Kconfig b/arch/Kconfig index 691a552c2cc3..c53cb9025ad2 100644 --- a/arch/Kconfig +++ b/arch/Kconfig @@ -542,6 +542,7 @@ config ARCH_SUPPORTS_SHADOW_CALL_STACK config SHADOW_CALL_STACK bool "Clang Shadow Call Stack" + depends on DYNAMIC_FTRACE_WITH_REGS || !FUNCTION_GRAPH_TRACER depends on ARCH_SUPPORTS_SHADOW_CALL_STACK help This option enables Clang's Shadow Call Stack, which uses a -- 2.26.1.301.g55bc3eb7cb9-goog