Re: [PATCH v8 12/12] efi/libstub: disable SCS

From: Kees Cook
Date: Tue Feb 18 2020 - 19:59:02 EST

Next message: Dave Chinner: "Re: [PATCH v6 07/19] mm: Put readahead pages in cache earlier"
Previous message: Kees Cook: "Re: [PATCH v8 09/12] arm64: disable SCS for hypervisor code"
In reply to: Sami Tolvanen: "[PATCH v8 12/12] efi/libstub: disable SCS"
Next in thread: Ard Biesheuvel: "Re: [PATCH v8 12/12] efi/libstub: disable SCS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Feb 18, 2020 at 04:08:17PM -0800, Sami Tolvanen wrote:
> Disable SCS for the EFI stub and allow x18 to be used.
>
> Suggested-by: James Morse <james.morse@xxxxxxx>
> Signed-off-by: Sami Tolvanen <samitolvanen@xxxxxxxxxx>

Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>

-Kees

> ---
> drivers/firmware/efi/libstub/Makefile | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile
> index 98a81576213d..dff9fa5a3f1c 100644
> --- a/drivers/firmware/efi/libstub/Makefile
> +++ b/drivers/firmware/efi/libstub/Makefile
> @@ -30,6 +30,9 @@ KBUILD_CFLAGS := $(cflags-y) -DDISABLE_BRANCH_PROFILING \
> $(call cc-option,-fno-stack-protector) \
> -D__DISABLE_EXPORTS
>
> +# remove SCS flags from all objects in this directory
> +KBUILD_CFLAGS := $(filter-out -ffixed-x18 $(CC_FLAGS_SCS), $(KBUILD_CFLAGS))
> +
> GCOV_PROFILE := n
> KASAN_SANITIZE := n
> UBSAN_SANITIZE := n
> --
> 2.25.0.265.gbab2e86ba0-goog
>

--
Kees Cook

Next message: Dave Chinner: "Re: [PATCH v6 07/19] mm: Put readahead pages in cache earlier"
Previous message: Kees Cook: "Re: [PATCH v8 09/12] arm64: disable SCS for hypervisor code"
In reply to: Sami Tolvanen: "[PATCH v8 12/12] efi/libstub: disable SCS"
Next in thread: Ard Biesheuvel: "Re: [PATCH v8 12/12] efi/libstub: disable SCS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]