Re: [PATCH RFT v8 4/9] fork: Add shadow stack support to clone3()
From: Mark Brown
Date: Fri Aug 16 2024 - 11:30:45 EST
On Fri, Aug 16, 2024 at 02:52:28PM +0000, Edgecombe, Rick P wrote:
> On Fri, 2024-08-16 at 09:44 +0100, Catalin Marinas wrote:
> > BTW, since it's the parent setting up the shadow stack in its own
> > address space before forking, I think at least the read can avoid
> > access_remote_vm() and we could do it earlier, even before the new
> > process is created.
> Hmm. Makes sense. It's a bit racy since the parent could consume that token from
> another thread, but it would be a race in any case.
So it sounds like we might be coming round to this? I've got a new
version that verifies the VM_SHADOW_STACK good to go but if we're going
to switch back to consuming the token in the parent context I may as
well do that. Like I said in the other mail I'd rather not flip flop
on this.
Attachment:
signature.asc
Description: PGP signature