UPSTREAM: scs: add support for dynamic shadow call stacks
In order to allow arches to use code patching to conditionally emit the shadow stack pushes and pops, rather than always taking the performance hit even on CPUs that implement alternatives such as stack pointer authentication on arm64, add a Kconfig symbol that can be set by the arch to omit the SCS codegen itself, without otherwise affecting how support code for SCS and compiler options (for register reservation, for instance) are emitted. Also, add a static key and some plumbing to omit the allocation of shadow call stack for dynamic SCS configurations if SCS is disabled at runtime. Signed-off-by:Ard Biesheuvel <ardb@kernel.org> Reviewed-by:
Nick Desaulniers <ndesaulniers@google.com> Reviewed-by:
Kees Cook <keescook@chromium.org> Reviewed-by:
Sami Tolvanen <samitolvanen@google.com> Tested-by:
Will Deacon <will@kernel.org> (cherry picked from commit 9beccca0) Bug: 283954062 Change-Id: I71ed23533124b071bd6bf5ab91b2af3bbf03b42b Signed-off-by:
Loading
Please sign in to comment