On Fri, Nov 01, 2019 at 03:11:44PM -0700, Sami Tolvanen wrote: > With CONFIG_FUNCTION_GRAPH_TRACER, function return addresses are > modified in ftrace_graph_caller and prepare_ftrace_return to redirect > control flow to ftrace_return_to_handler. This is incompatible with > SCS. Can you please elaborate on _how_ this is incompatible in the commit message? For example, it's not clear to me if you mean that's functionally incompatible, or if you're trying to remove return-altering gadgets. If there's a functional incompatibility, please spell that out a bit more clearly. Likewise if this is about minimizing the set of places that can mess with control-flow outside of usual function conventions. Thanks, Mark. > > Signed-off-by: Sami Tolvanen <samitolvanen@xxxxxxxxxx> > Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx> > --- > arch/arm64/Kconfig | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig > index e7b57a8a5531..42867174920f 100644 > --- a/arch/arm64/Kconfig > +++ b/arch/arm64/Kconfig > @@ -148,7 +148,7 @@ config ARM64 > select HAVE_FTRACE_MCOUNT_RECORD > select HAVE_FUNCTION_TRACER > select HAVE_FUNCTION_ERROR_INJECTION > - select HAVE_FUNCTION_GRAPH_TRACER > + select HAVE_FUNCTION_GRAPH_TRACER if !SHADOW_CALL_STACK > select HAVE_GCC_PLUGINS > select HAVE_HW_BREAKPOINT if PERF_EVENTS > select HAVE_IRQ_TIME_ACCOUNTING > -- > 2.24.0.rc1.363.gb1bccd3e3d-goog >
