From: Raphael Gault <[email protected]> Add build option to run stack validation at compile time.
When requiring stack validation, jump tables are disabled as it simplifies objtool analysis (without having to introduce unreliable artifacs). In local testing, this does not appear to significaly affect final binary size nor system performance. Signed-off-by: Raphael Gault <[email protected]> Signed-off-by: Julien Thierry <[email protected]> --- arch/arm64/Kconfig | 1 + arch/arm64/Makefile | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index 1f212b47a48a..928323c03318 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -187,6 +187,7 @@ config ARM64 select MMU_GATHER_RCU_TABLE_FREE select HAVE_RSEQ select HAVE_STACKPROTECTOR + select HAVE_STACK_VALIDATION select HAVE_SYSCALL_TRACEPOINTS select HAVE_KPROBES select HAVE_KRETPROBES diff --git a/arch/arm64/Makefile b/arch/arm64/Makefile index 5b84aec31ed3..b819fb2e8eda 100644 --- a/arch/arm64/Makefile +++ b/arch/arm64/Makefile @@ -136,6 +136,10 @@ ifeq ($(CONFIG_DYNAMIC_FTRACE_WITH_REGS),y) CC_FLAGS_FTRACE := -fpatchable-function-entry=2 endif +ifeq ($(CONFIG_STACK_VALIDATION),y) +KBUILD_CFLAGS += -fno-jump-tables +endif + # Default value head-y := arch/arm64/kernel/head.o -- 2.25.4
