On Tue, Jan 28, 2020 at 10:49:27AM -0800, Sami Tolvanen wrote: > The graph tracer hooks returns by modifying frame records on the > (regular) stack, but with SCS the return address is taken from the > shadow stack, and the value in the frame record has no effect. As we > don't currently have a mechanism to determine the corresponding slot > on the shadow stack (and to pass this through the ftrace > infrastructure), for now let's disable SCS when the graph tracer is > enabled. > > Signed-off-by: Sami Tolvanen <samitolvanen@xxxxxxxxxx> Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx> -Kees > --- > arch/Kconfig | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/arch/Kconfig b/arch/Kconfig > index 1b16aa9a3fe5..0d746373c52e 100644 > --- a/arch/Kconfig > +++ b/arch/Kconfig > @@ -530,6 +530,7 @@ config ARCH_SUPPORTS_SHADOW_CALL_STACK > > config SHADOW_CALL_STACK > bool "Clang Shadow Call Stack" > + depends on !FUNCTION_GRAPH_TRACER > depends on ARCH_SUPPORTS_SHADOW_CALL_STACK > help > This option enables Clang's Shadow Call Stack, which uses a > -- > 2.25.0.341.g760bfbb309-goog > -- Kees Cook
