lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <fb3b7de8-7494-3190-1684-34fcbe9e1aa5@linux.alibaba.com>
Date:   Wed, 3 Nov 2021 00:24:12 +0800
From:   Dan Li <ashimida@...ux.alibaba.com>
To:     Szabolcs Nagy <szabolcs.nagy@....com>
Cc:     gcc-patches@....gnu.org, linux-hardening@...r.kernel.org
Subject: Re: [PATCH] [RFC][PR102768] aarch64: Add compiler support for Shadow
 Call Stack



On 11/2/21 9:04 PM, Szabolcs Nagy wrote:
> The 11/02/2021 00:06, Dan Li via Gcc-patches wrote:
>> Shadow Call Stack can be used to protect the return address of a
>> function at runtime, and clang already supports this feature[1].
>>
>> To enable SCS in user mode, in addition to compiler, other support
>> is also required (as described in [2]). This patch only adds basic
>> support for SCS from the compiler side, and provides convenience
>> for users to enable SCS.
>>
>> For linux kernel, only the support of the compiler is required.
>>
>> [1] https://clang.llvm.org/docs/ShadowCallStack.html
>> [2] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102768
> 
> i'm not a gcc maintainer, but i prefer such feature
> to be in upstream gcc instead of in a plugin.
> 
> it will require update to the documentation:
> 
> which should mention that it depends on -ffixed-x18
> (probably that should be enforced too) which is an
> important abi issue: functions following the normal
> pcs can clobber x18 and break scs.
> 
Thanks Szabolcs, I will update the documentation in next version.

It sounds reasonable to enforced -ffixed-x18 with scs, but I see
that clang doesn’t do that. Maybe it is better to be consistent
with clang here?

> and that there is no unwinder support.
> 
Ok, let me try to add a support for this.

> the abi issue means it is unlikely to be useful in
> linux user space (even if libc and unwinder support
> is implemented), but it can be still useful in
> freestanding code such as the linux kernel.
> 
> thanks.
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ