[PATCH v6 12/33] objtool: arm64: Enable stack validation for arm64

From: Chen Zhongjin
Date: Wed Jun 22 2022 - 21:53:03 EST

Next message: Chen Zhongjin: "[PATCH v6 11/33] objtool: arm64: Ignore replacement section for alternative callback"
Previous message: Chen Zhongjin: "[PATCH v6 09/33] objtool: check: Support data in text section"
In reply to: Chen Zhongjin: "[PATCH v6 09/33] objtool: check: Support data in text section"
Next in thread: Chen Zhongjin: "[PATCH v6 11/33] objtool: arm64: Ignore replacement section for alternative callback"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Add build option to run stack validation at compile time.

When requiring stack validation, jump tables are disabled as it
simplifies objtool analysis (without having to introduce unreliable
artifacs). In local testing, this does not appear to significaly
affect final binary size nor system performance.

Signed-off-by: Raphael Gault <raphael.gault@xxxxxxx>
Signed-off-by: Julien Thierry <jthierry@xxxxxxxxxx>
Signed-off-by: Chen Zhongjin <chenzhongjin@xxxxxxxxxx>
---
arch/arm64/Kconfig | 2 ++
arch/arm64/Kconfig.debug | 21 +++++++++++++++++++++
arch/arm64/Makefile | 4 ++++
3 files changed, 27 insertions(+)

diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index 57c4c995965f..30d3d549160f 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -201,6 +201,8 @@ config ARM64
select MMU_GATHER_RCU_TABLE_FREE
select HAVE_RSEQ
select HAVE_STACKPROTECTOR
+ select HAVE_OBJTOOL
+ select HAVE_STACK_VALIDATION
select HAVE_SYSCALL_TRACEPOINTS
select HAVE_KPROBES
select HAVE_KRETPROBES
diff --git a/arch/arm64/Kconfig.debug b/arch/arm64/Kconfig.debug
index 265c4461031f..c2c68c6f7557 100644
--- a/arch/arm64/Kconfig.debug
+++ b/arch/arm64/Kconfig.debug
@@ -20,4 +20,25 @@ config ARM64_RELOC_TEST
depends on m
tristate "Relocation testing module"

+choice
+ prompt "Choose kernel unwinder"
+ default UNWINDER_FRAME_POINTER
+ help
+ This determines which method will be used for unwinding kernel stack
+ traces for panics, oopses, bugs, warnings, perf, /proc/<pid>/stack,
+ livepatch, lockdep, and more.
+
+config UNWINDER_FRAME_POINTER
+ bool "Frame pointer unwinder"
+ select FRAME_POINTER
+ help
+ This option enables the frame pointer unwinder for unwinding kernel
+ stack traces.
+
+ The unwinder itself is fast and it uses less RAM than the ORC
+ unwinder, but the kernel text size will grow by ~3% and the kernel's
+ overall performance will degrade by roughly 5-10%.
+
+endchoice
+
source "drivers/hwtracing/coresight/Kconfig"
diff --git a/arch/arm64/Makefile b/arch/arm64/Makefile
index 2f1de88651e6..ad2f4a5e8f6c 100644
--- a/arch/arm64/Makefile
+++ b/arch/arm64/Makefile
@@ -133,6 +133,10 @@ ifeq ($(CONFIG_DYNAMIC_FTRACE_WITH_REGS),y)
CC_FLAGS_FTRACE := -fpatchable-function-entry=2
endif

+ifeq ($(CONFIG_STACK_VALIDATION),y)
+KBUILD_CFLAGS += -fno-jump-tables
+endif
+
# Default value
head-y := arch/arm64/kernel/head.o

--
2.17.1

Next message: Chen Zhongjin: "[PATCH v6 11/33] objtool: arm64: Ignore replacement section for alternative callback"
Previous message: Chen Zhongjin: "[PATCH v6 09/33] objtool: check: Support data in text section"
In reply to: Chen Zhongjin: "[PATCH v6 09/33] objtool: check: Support data in text section"
Next in thread: Chen Zhongjin: "[PATCH v6 11/33] objtool: arm64: Ignore replacement section for alternative callback"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]