On Thu, Apr 16, 2020 at 12:24:30PM +0100, Mark Brown wrote:
> Compilers with branch protection support can be configured to enable it by
> default, it is likely that distributions will do this as part of deploying
> branch protection system wide. As well as the slight overhead from having
> some extra NOPs for unused branch protection features this can cause more
> serious problems when the kernel is providing pointer authentication to
> userspace but not built for pointer authentication itself. In that case our
> switching of keys for userspace can affect the kernel unexpectedly, causing
> pointer authentication instructions in the kernel to corrupt addresses.
>
> To ensure that we get consistent and reliable behaviour always explicitly
> initialise the branch protection mode, ensuring that the kernel is built
> the same way regardless of the compiler defaults.
>
> [This is a reworked version of b8fdef311a0bd9223f1075 ("arm64: Always
> force a branch protection mode when the compiler has one") for backport.
> Kernels prior to 74afda4016a7 ("arm64: compile the kernel with ptrauth
> return address signing") don't have any Makefile machinery for forcing
> on pointer auth but still have issues if the compiler defaults it on so
> need this reworked version. -- broonie]
>
> Fixes: 7503197562567 (arm64: add basic pointer authentication support)
> Reported-by: Szabolcs Nagy <szabolcs.nagy@xxxxxxx>
> Signed-off-by: Mark Brown <broonie@xxxxxxxxxx>
> Cc: stable@xxxxxxxxxxxxxxx
> [catalin.marinas@xxxxxxx: remove Kconfig option in favour of Makefile check]
> Signed-off-by: Catalin Marinas <catalin.marinas@xxxxxxx>
> ---
> arch/arm64/Makefile | 4 ++++
> 1 file changed, 4 insertions(+)
Now queued up, thanks!
greg k-h
