Re: [NEEDS-REVIEW] Re: [PATCH v11 25/25] x86/cet/shstk: Add arch_prctl functions for shadow stack

From: Yu, Yu-cheng
Date: Tue Sep 15 2020 - 18:09:48 EST

Next message: Ian Rogers: "Re: [PATCH 16/26] perf tools: Synthesize modules with mmap3"
Previous message: Sean Young: "Re: [PATCH] media: rc: gpio-ir-recv: add QoS support for cpuidle system"
In reply to: Dave Hansen: "Re: [NEEDS-REVIEW] Re: [PATCH v11 25/25] x86/cet/shstk: Add arch_prctl functions for shadow stack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 9/15/2020 12:24 PM, Dave Hansen wrote:

On 9/15/20 12:08 PM, Yu-cheng Yu wrote:

On Mon, 2020-09-14 at 17:12 -0700, Yu, Yu-cheng wrote:

On 9/14/2020 7:50 AM, Dave Hansen wrote:

On 9/11/20 3:59 PM, Yu-cheng Yu wrote:
...

Here are the changes if we take the mprotect(PROT_SHSTK) approach.
Any comments/suggestions?

I still don't like it. :)

I'll also be much happier when there's a proper changelog to accompany
this which also spells out the alternatives any why they suck so much.

[...]

I revised it. If this turns out needing more work/discussion, we can split it
out from the shadow stack series.

Where does that leave things? You only get shadow stacks for
single-threaded apps which have the ELF bits set?

As long as the system supports shadow stack, any application can mmap()/mprotect() a shadow stack. A pthread can allocate a shadow stack too. However, only shadow stack-enabled programs can activate/use the shadow stack.

Next message: Ian Rogers: "Re: [PATCH 16/26] perf tools: Synthesize modules with mmap3"
Previous message: Sean Young: "Re: [PATCH] media: rc: gpio-ir-recv: add QoS support for cpuidle system"
In reply to: Dave Hansen: "Re: [NEEDS-REVIEW] Re: [PATCH v11 25/25] x86/cet/shstk: Add arch_prctl functions for shadow stack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]