Hi Sami, a couple of minor tweaks: On 2/18/20 4:08 PM, Sami Tolvanen wrote: > diff --git a/arch/Kconfig b/arch/Kconfig > index 98de654b79b3..66b34fd0df54 100644 > --- a/arch/Kconfig > +++ b/arch/Kconfig > @@ -526,6 +526,40 @@ config STACKPROTECTOR_STRONG > about 20% of all kernel functions, which increases the kernel code > size by about 2%. > > +config ARCH_SUPPORTS_SHADOW_CALL_STACK > + bool > + help > + An architecture should select this if it supports Clang's Shadow > + Call Stack, has asm/scs.h, and implements runtime support for shadow > + stack switching. > + > +config SHADOW_CALL_STACK > + bool "Clang Shadow Call Stack" > + depends on ARCH_SUPPORTS_SHADOW_CALL_STACK > + help > + This option enables Clang's Shadow Call Stack, which uses a > + shadow stack to protect function return addresses from being > + overwritten by an attacker. More information can be found from found in > + Clang's documentation: > + > + https://clang.llvm.org/docs/ShadowCallStack.html > + > + Note that security guarantees in the kernel differ from the ones > + documented for user space. The kernel must store addresses of shadow > + stacks used by other tasks and interrupt handlers in memory, which > + means an attacker capable reading and writing arbitrary memory may capable of > + be able to locate them and hijack control flow by modifying shadow > + stacks that are not currently in use. > + > +config SHADOW_CALL_STACK_VMAP > + bool "Use virtually mapped shadow call stacks" > + depends on SHADOW_CALL_STACK > + help > + Use virtually mapped shadow call stacks. Selecting this option > + provides better stack exhaustion protection, but increases per-thread > + memory consumption as a full page is allocated for each shadow stack. > + > + > config HAVE_ARCH_WITHIN_STACK_FRAMES > bool > help thanks. -- ~Randy
