| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aIgXeRDXNmOozRWp@debug.ba.rivosinc.com>
Date: Mon, 28 Jul 2025 17:36:09 -0700
From: Deepak Gupta <debug@...osinc.com>
To: Mike Rapoport <rppt@...nel.org>
Cc: Paul Walmsley <paul.walmsley@...ive.com>,
Palmer Dabbelt <palmer@...belt.com>,
Albert Ou <aou@...s.berkeley.edu>, Alexandre Ghiti <alex@...ti.fr>,
Masahiro Yamada <masahiroy@...nel.org>,
Nathan Chancellor <nathan@...nel.org>,
Nicolas Schier <nicolas.schier@...ux.dev>,
Andrew Morton <akpm@...ux-foundation.org>,
David Hildenbrand <david@...hat.com>,
Lorenzo Stoakes <lorenzo.stoakes@...cle.com>,
"Liam R. Howlett" <Liam.Howlett@...cle.com>,
Vlastimil Babka <vbabka@...e.cz>,
Suren Baghdasaryan <surenb@...gle.com>,
Michal Hocko <mhocko@...e.com>,
Nick Desaulniers <nick.desaulniers+lkml@...il.com>,
Bill Wendling <morbo@...gle.com>,
Monk Chiang <monk.chiang@...ive.com>,
Kito Cheng <kito.cheng@...ive.com>,
Justin Stitt <justinstitt@...gle.com>,
linux-riscv@...ts.infradead.org, linux-kernel@...r.kernel.org,
linux-kbuild@...r.kernel.org, linux-mm@...ck.org,
llvm@...ts.linux.dev, rick.p.edgecombe@...el.com,
broonie@...nel.org, cleger@...osinc.com, samitolvanen@...gle.com,
apatel@...tanamicro.com, ajones@...tanamicro.com,
conor.dooley@...rochip.com, charlie@...osinc.com,
samuel.holland@...ive.com, bjorn@...osinc.com, fweimer@...hat.com,
jeffreyalaw@...il.com, heinrich.schuchardt@...onical.com,
andrew@...ive.com, ved@...osinc.com
Subject: Re: [PATCH 06/11] mm: Introduce ARCH_HAS_KERNEL_SHADOW_STACK
On Sat, Jul 26, 2025 at 10:42:02AM +0300, Mike Rapoport wrote:
>On Thu, Jul 24, 2025 at 04:36:59PM -0700, Deepak Gupta wrote:
>> commit bcc9d04e74 ("mm: Introduce ARCH_HAS_USER_SHADOW_STACK") introduced
>> `ARCH_HAS_USER_SHADOW_STACK`. Introducing `ARCH_HAS_KERNEL_SHADOW_STACK`
>> so that arches can enable hardware assistance for kernel shadow stack.
>>
>> If `CONFIG_DYNAMIC_SCS` or `CONFIG_ARCH_HAS_KERNEL_SHADOW_STACK` are
>> selected, skip compiler flag `-fsanitizer=shadow-call-stack`.
>>
>> Signed-off-by: Deepak Gupta <debug@...osinc.com>
>> ---
>> Makefile | 2 +-
>> mm/Kconfig | 6 ++++++
>> 2 files changed, 7 insertions(+), 1 deletion(-)
>>
>> diff --git a/Makefile b/Makefile
>> index 35e6e5240c61..7e3ecca9353d 100644
>> --- a/Makefile
>> +++ b/Makefile
>> @@ -987,7 +987,7 @@ LDFLAGS_vmlinux += --gc-sections
>> endif
>>
>> ifdef CONFIG_SHADOW_CALL_STACK
>> -ifndef CONFIG_DYNAMIC_SCS
>> +ifeq ($(or $(CONFIG_DYNAMIC_SCS),$(CONFIG_ARCH_HAS_KERNEL_SHADOW_STACK)),false)
>> CC_FLAGS_SCS := -fsanitize=shadow-call-stack
>> KBUILD_CFLAGS += $(CC_FLAGS_SCS)
>> KBUILD_RUSTFLAGS += -Zsanitizer=shadow-call-stack
>> diff --git a/mm/Kconfig b/mm/Kconfig
>> index 781be3240e21..f295ea611cdb 100644
>> --- a/mm/Kconfig
>> +++ b/mm/Kconfig
>> @@ -1367,6 +1367,12 @@ config ARCH_HAS_USER_SHADOW_STACK
>> The architecture has hardware support for userspace shadow call
>> stacks (eg, x86 CET, arm64 GCS or RISC-V Zicfiss).
>>
>> +config ARCH_HAS_KERNEL_SHADOW_STACK
>> + bool
>> + help
>> + The architecture has hardware support for kernel shadow call
>> + stacks (eg, x86 CET, arm64 GCS or RISC-V Zicfiss).
>
>nit: tab and two space for indentation of the help text
Will fix it.
>
>> +
>
>I think both ARCH_HAS_USER_SHADOW_STACK and ARCH_HAS_KERNEL_SHADOW_STACK
>belong to arch/Kconfig rather than mm/Kconfig
Do you want me to move it?
This basically means that hardware shadow stack is supported or not.
It needs mm support. I think thats why user one landed here. I followed.
If it impacts mm, it should be here, right?
>
>> config ARCH_SUPPORTS_PT_RECLAIM
>> def_bool n
>>
>>
>> --
>> 2.43.0
>>
>
>--
>Sincerely yours,
>Mike.
Powered by blists - more mailing lists