Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp3360283pxf; Mon, 22 Mar 2021 04:49:36 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzNVvff1/yrvQqZs1pIijrJADIGkCDNE/HBpmd/UdlMazs6T6yrX5HCNmQPkB2iUq03WIWu X-Received: by 2002:a17:907:778d:: with SMTP id ky13mr19007591ejc.291.1616413775790; Mon, 22 Mar 2021 04:49:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1616413775; cv=none; d=google.com; s=arc-20160816; b=VoBNBFaVYWNmWPuKVu6ZP0BUOlwO2qHa2XzWQzz3FdhvtV0QV7tnPb5dfzNfOgqjwV VVqllGydTSniMpmdwp/l7+SwsKE8iKOJDtoRQbf/3NKjJY/sknZ8VIkjsaZ7fbtMAOof MYnZwrli7e+l2cjx1AYZLly8rbNz2Ubqh0/oFaCEIlTZm3NtfUi3bpbgQ1bhibOMLtPw Jeu1hPwvJAUC/fH5FP2H94o5R/3ODA3DWLVC5az+NKPE8HSMmWInsNa5Rsd5picNIw0y i2CDtaYAMe1F5or7CFwt5Akqx/R9h0SCj1m1tDAiZfgRvcv0VFEybMx8rzpLr3eHWJ5L RS2w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=wRuJKDLONwqvRSEZw7q4XL+dQi5no/glykgD4QfcHoc=; b=01muPkz6n5wz62jCxgoY3hTjqQsbiDLHk+eQbz/tndcas0fSkSkWUeOcUtPppjU5js veO0aNkVmugN0yoSRBFdYw8hrDwk5FmVYppXcWqtkKXR1FglIJQdLshNylnQ3Ic6q5ps poOi9QJGH+KqCTGhBIS/zdgofWIut18Y8zuTdHFD5bFdmk58+hBx3fC38bBA9ghyQuV3 cQJFHJ1gYFD95ieILzsz8Kyy939fSHFeBgWLaPR/gnEZjpxww+/hKxJl7yBIoExREU2k VrlN11WLBylZAMK9VbDp0lGBwoF1t4HuTvruYL48z4ZmYpkG6gdG/yGxRb0x94a34BPY KQjw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=P9wPcvkH; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id 4si11479392edc.316.2021.03.22.04.49.12; Mon, 22 Mar 2021 04:49:35 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=P9wPcvkH; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230200AbhCVLqU (ORCPT + 99 others); Mon, 22 Mar 2021 07:46:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42080 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230230AbhCVLp7 (ORCPT ); Mon, 22 Mar 2021 07:45:59 -0400 Received: from mail-lf1-x129.google.com (mail-lf1-x129.google.com [IPv6:2a00:1450:4864:20::129]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B0AE3C061756 for ; Mon, 22 Mar 2021 04:45:58 -0700 (PDT) Received: by mail-lf1-x129.google.com with SMTP id o10so20748669lfb.9 for ; Mon, 22 Mar 2021 04:45:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=wRuJKDLONwqvRSEZw7q4XL+dQi5no/glykgD4QfcHoc=; b=P9wPcvkHTDs1x5aCD8ZWEAWDiHPlrSVjFG0tZV2TfulePyEkQ6FYDKFVNHR6Ba67JP +H1qdwoME5OWNcW8CR860GNbI4yTWPM4F38y+Qspah6LrVzJbg2URQH7AQkh/n8Nrd+u 75kTundK0bGBQWyzxgfo4/sPM5u8o9bnRP3Mg8pVx7w/PkkwGy9B7uwE75ypeSpiqDc4 vZNiuAxUb38EJR50GOUr5lEySgXSaMMvVRltUk4fJzdmzrMb/RG9VRDkCx7PlzPRBlHf w7Tg0Jv89mm5EnWdjrnl2kNdb2GCGWSV3pR3ULzG+Tk3zRwXI63yTjFI7bOfs5DUTIrR azeg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=wRuJKDLONwqvRSEZw7q4XL+dQi5no/glykgD4QfcHoc=; b=NhCTBdj2NqfpMU5Gr9AjYw//fiHtIt3ke0N4Srkdi7laQDR+0OEHmUo+xIPVxVIPdC dCVBV7qSXROR9TP+cw4T34x1fmdb40milT9lvsYsrMuxyyrbKvJ4rp9hLTuF2JDy2HD2 QOG64UA716seuBQ/KlF2zAmRLhjP1UcrHpFjDEO8yDzGoFSltG+/D1OTI1Owrs3lkzdU XRaZT8XIGNqhlgcGVEEeu+OkMKcOc6qJQY67NfrO8B7N5iaXpVqewFbbw7DW4jBPaUQp +ON9Ut391iUvMfwtFEsfIKkQdm2/akRJpfzMVjRyAWCZ7UeGvc8c2imVbl8F0CTCfH63 cd1w== X-Gm-Message-State: AOAM530x98K7b3ROhSOsIwBYRrNByzmiRewupsnn3xiAWqxWNwmH25gx UqvQXaGUE0PX1b61uvGjtl5fhpzn41kjK46AQYDL6w== X-Received: by 2002:a19:6b13:: with SMTP id d19mr8543421lfa.291.1616413557065; Mon, 22 Mar 2021 04:45:57 -0700 (PDT) MIME-Version: 1.0 References: <20210223023125.2265845-1-jiancai@google.com> <20210223023542.2287529-1-jiancai@google.com> In-Reply-To: From: Linus Walleij Date: Mon, 22 Mar 2021 12:45:45 +0100 Message-ID: Subject: Re: [PATCH v5] ARM: Implement SLS mitigation To: Jian Cai Cc: Nick Desaulniers , Manoj Gupta , Luis Lozano , clang-built-linux , Nathan Chancellor , David Laight , Will Deacon , Russell King , Russell King , Catalin Marinas , James Morris , "Serge E. Hallyn" , Arnd Bergmann , Masahiro Yamada , Krzysztof Kozlowski , Marc Zyngier , Kees Cook , =?UTF-8?Q?Andreas_F=C3=A4rber?= , Ard Biesheuvel , Ingo Molnar , Andrew Morton , Mike Rapoport , Mark Rutland , David Brazdil , James Morse , Linux ARM , "linux-kernel@vger.kernel.org" , linux-security-module@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Mar 10, 2021 at 5:43 AM Jian Cai wrote: > On Sat, Mar 6, 2021 at 4:25 AM Linus Walleij wrote: > > On Fri, Mar 5, 2021 at 12:23 AM Jian Cai wrote: > > > On Wed, Mar 3, 2021 at 7:04 AM Linus Walleij wrote: > > > I think gcc also has these options. > > > https://gcc.gnu.org/onlinedocs/gcc/AArch64-Options.html > > > > And how does that work with this part of your patch: > > > > +#define SLS_TEXT \ > > + ALIGN_FUNCTION(); \ > > + *(.text.__llvm_slsblr_thunk_*) > > > > This does not look compiler agnostic? > > You are right, GCC does generate different oraphan section names. I > will address it in the next version of the patch. Also it seems only > arm64 gcc supports -mharden-sls=* at this moment, arm32 gcc does not > support it yet. I don't know if there is any plan to implement it for > 32-bit gcc, but should we patch arm32 linker script preemptively, > assuming the sections will be named with the same pattern like how > clang does so the kernel would not fail to boot when the flag is > implemented? I think the best thing is to have something like this: Implement a macro such as this in include/linux/compiler-clang.h #define SLS_TEXT_SECTION *(.text.__llvm_slsblr_thunk_*) then the corresponding in include/linux/compiler-gcc.h but here also add a #define SLS_TEXT_SECTION #error "no compiler support" if the compiler version does not have this. I don't know the exact best approach sadly, as the patch looks now it seems a bit fragile, I wonder if you get linker warnings when this section is unused? Yours, Linus Walleij