Re: [PATCH 4.14 05/40] efi/libstub: Disable Shadow Call Stack

From: Pavel Machek
Date: Mon Sep 26 2022 - 08:39:00 EST

Next message: Krzysztof Kozlowski: "[PATCH PULL 0/2] Two patches for next cycle, v6.1"
Previous message: Greg Kroah-Hartman: "[PATCH 5.15 143/148] ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0"
In reply to: Greg Kroah-Hartman: "[PATCH 4.14 05/40] efi/libstub: Disable Shadow Call Stack"
Next in thread: Greg Kroah-Hartman: "Re: [PATCH 4.14 05/40] efi/libstub: Disable Shadow Call Stack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

> From: Sami Tolvanen <samitolvanen@xxxxxxxxxx>
>
> [ Upstream commit cc49c71d2abe99c1c2c9bedf0693ad2d3ee4a067 ]
>
> Shadow stacks are not available in the EFI stub, filter out SCS
> flags.

AFAICT, SCS is not available in 4.19, CC_FLAGS_SCS is not defined
there, and we should apply this patch.

Best regards,
Pavel

> +++ b/drivers/firmware/efi/libstub/Makefile
> @@ -23,6 +23,9 @@ KBUILD_CFLAGS := $(cflags-y) -DDISABLE_BRANCH_PROFILING \
> $(call cc-option,-ffreestanding) \
> $(call cc-option,-fno-stack-protector)
>
> +# remove SCS flags from all objects in this directory
> +KBUILD_CFLAGS := $(filter-out $(CC_FLAGS_SCS), $(KBUILD_CFLAGS))
> +
> GCOV_PROFILE := n
> KASAN_SANITIZE := n
> UBSAN_SANITIZE := n

--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany

Attachment: signature.asc
Description: Digital signature

Next message: Krzysztof Kozlowski: "[PATCH PULL 0/2] Two patches for next cycle, v6.1"
Previous message: Greg Kroah-Hartman: "[PATCH 5.15 143/148] ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0"
In reply to: Greg Kroah-Hartman: "[PATCH 4.14 05/40] efi/libstub: Disable Shadow Call Stack"
Next in thread: Greg Kroah-Hartman: "Re: [PATCH 4.14 05/40] efi/libstub: Disable Shadow Call Stack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]