Linux 6.2 Implementing Dynamic Shadow Call Stack Support For AArch64

Written by Michael Larabel in Arm on 14 November 2022 at 05:20 AM EST. Add A Comment
ARM
The Linux kernel built with Clang has supported Shadow Call Stack "SCS: to prevent return address overwrites. With patches building up for Linux 6.2, Dynamic Shadow Call Stack is being implemented to avoid the overhead of SCS on processors supporting pointer authentication (PAC).

The Shadow Call Stack support is useful for protecting against return address overwrites / stack buffer overflows. But on AArch64 processors with pointer authentication, it's harder to justify the usefulness of the Shadow Call Stack. So for Linux 6.2 the plan is to enable dynamic SCS support to allow it to be enabled/disabled at boot time.This Dynamic Shadow Call Stack support is done at boot/run-time via code patching.

Thereby no alternative kernel build with SCS disabled is needed for those not wanting this security feature for their AArch64 SoC due to other hardware protections already in place.

"Implement dynamic shadow call stack support on Clang, by parsing the unwind tables at init time to locate all occurrences of PACIASP/AUTIASP instructions, and replacing them with the shadow call stack push and pop instructions, respectively.

This is useful because the overhead of the shadow call stack is difficult to justify on hardware that implements pointer authentication (PAC), and given that the PAC instructions are executed as NOPs on hardware that doesn't, we can just replace them without breaking anything. As PACIASP/AUTIASP are guaranteed to be paired with respect to manipulations of the return address, replacing them 1:1 with shadow call stack pushes and pops is guaranteed to result in the desired behavior."

Queued via ARM64's "for-next" core material is dynamic SCS and implementing it for ARM64 with Clang. Barring any issues from coming up, this code in turn will then be submitted for the Linux 6.2 merge window next month.

Those wanting to learn more about Clang's Shadow Call Stack instrumentation pass can do so via the Clang docs.
Add A Comment
Related News
Linux 6.13 For ARM64 Brings GCS Support & Protected VMs With Arm CCA
Nice Performance Gains With SVT-AV1 2.3 Encoding On The System76 Thelio Astra
Snapdragon X1 Elite CPUFreq Support Revised In Latest Linux Patches
Linux Support Continues For The Now-Canceled Snapdragon X Elite Dev Kit For Windows
ARM64 SMT Control Patches Updated For The Linux Kernel
Arm's Guarded Control Stack "GCS" Support Looks Like It Will Be Ready For Linux 6.13
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
Linus Torvalds Comes Out Against "Completely Broken" x86_64 Feature Levels
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
COSMIC Alpha 4 Released For System76's Rust-Based Desktop
Vulkan Video Now Enabled By Default For Radeon VCN2/VCN3 Hardware On Linux
Rustls Multi-Threaded Performance Is Battering OpenSSL
Fedora 42 Aims To Enhance The Windows Subsystem For Linux Experience
KDE Starts December By Landing A Number Of New Features