scs: Add support for Clang's Shadow Call Stack (SCS)
authorSami Tolvanen <samitolvanen@google.com>
Mon, 27 Apr 2020 16:00:07 +0000 (09:00 -0700)
committerWill Deacon <will@kernel.org>
Fri, 15 May 2020 15:35:45 +0000 (16:35 +0100)
commitd08b9f0ca6605e13dcb48f04e55a30545b3c71eb
tree177893706ae16d9302dda4ee5f4894ac02e9b24e
parent6a8b55ed4056ea5559ebe4f6a4b247f627870d4c
scs: Add support for Clang's Shadow Call Stack (SCS)

This change adds generic support for Clang's Shadow Call Stack,
which uses a shadow stack to protect return addresses from being
overwritten by an attacker. Details are available here:

  https://clang.llvm.org/docs/ShadowCallStack.html

Note that security guarantees in the kernel differ from the ones
documented for user space. The kernel must store addresses of
shadow stacks in memory, which means an attacker capable reading
and writing arbitrary memory may be able to locate them and hijack
control flow by modifying the stacks.

Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Miguel Ojeda <miguel.ojeda.sandonis@gmail.com>
[will: Numerous cosmetic changes]
Signed-off-by: Will Deacon <will@kernel.org>
Makefile
arch/Kconfig
include/linux/compiler-clang.h
include/linux/compiler_types.h
include/linux/scs.h [new file with mode: 0644]
init/init_task.c
kernel/Makefile
kernel/fork.c
kernel/sched/core.c
kernel/scs.c [new file with mode: 0644]