Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 18 Oct 2019 09:10:26 -0700
From: Sami Tolvanen <samitolvanen@...gle.com>
To: Will Deacon <will@...nel.org>, Catalin Marinas <catalin.marinas@....com>, 
	Steven Rostedt <rostedt@...dmis.org>, Ard Biesheuvel <ard.biesheuvel@...aro.org>
Cc: Dave Martin <Dave.Martin@....com>, Kees Cook <keescook@...omium.org>, 
	Laura Abbott <labbott@...hat.com>, Mark Rutland <mark.rutland@....com>, 
	Nick Desaulniers <ndesaulniers@...gle.com>, clang-built-linux@...glegroups.com, 
	kernel-hardening@...ts.openwall.com, linux-arm-kernel@...ts.infradead.org, 
	linux-kernel@...r.kernel.org, Sami Tolvanen <samitolvanen@...gle.com>
Subject: [PATCH 11/18] kprobes: disable kretprobes with SCS

With CONFIG_KRETPROBES, function return addresses are modified to
redirect control flow to kretprobe_trampoline. This is incompatible with
return address protection.

Signed-off-by: Sami Tolvanen <samitolvanen@...gle.com>
---
 arch/Kconfig | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/Kconfig b/arch/Kconfig
index a222adda8130..4646e3b34925 100644
--- a/arch/Kconfig
+++ b/arch/Kconfig
@@ -171,7 +171,7 @@ config ARCH_USE_BUILTIN_BSWAP
 
 config KRETPROBES
 	def_bool y
-	depends on KPROBES && HAVE_KRETPROBES
+	depends on KPROBES && HAVE_KRETPROBES && ROP_PROTECTION_NONE
 
 config USER_RETURN_NOTIFIER
 	bool
-- 
2.23.0.866.gb869b98d4c-goog

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.