Re: [PATCH RFT v9 4/8] fork: Add shadow stack support to clone3()

From: Edgecombe, Rick P
Date: Wed Oct 02 2024 - 17:25:22 EST

Next message: Jason Andryuk: "Re: [PATCH v2 4/5] x86/xen: Avoid relocatable quantities in Xen ELF notes"
Previous message: Martin KaFai Lau: "Re: [PATCH net v4 2/2] bpf: selftests: send packet to devmap redirect XDP"
In reply to: Mark Brown: "Re: [PATCH RFT v9 4/8] fork: Add shadow stack support to clone3()"
Next in thread: Yury Khrustalev: "Re: [PATCH RFT v9 4/8] fork: Add shadow stack support to clone3()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 2024-10-02 at 22:01 +0100, Mark Brown wrote:
> BTW it's probably also worth noting that at least on arm64 (perhaps x86
> is different here?) the shadow stack of a thread that exited won't have
> a token placed on it so it won't be possible to use it with clone3() at
> all unless another token is written. To get a shadow stack you could
> use with clone3() you'd either need to allocate a new one, pivot away
> from one that's currently in use or enable shadow stack writes and place
> a token.

Hmm, yea. I didn't have a specific idea in mind. But yea, you would have to
switch to something in order to leave a token.

If you enabled WRSS (or similar) you might be able to reuse shadow stacks in
some kind of useful way, but in that case you would probably WRSS the token to
the end of the shadow stack and the start+size would fit better.

Next message: Jason Andryuk: "Re: [PATCH v2 4/5] x86/xen: Avoid relocatable quantities in Xen ELF notes"
Previous message: Martin KaFai Lau: "Re: [PATCH net v4 2/2] bpf: selftests: send packet to devmap redirect XDP"
In reply to: Mark Brown: "Re: [PATCH RFT v9 4/8] fork: Add shadow stack support to clone3()"
Next in thread: Yury Khrustalev: "Re: [PATCH RFT v9 4/8] fork: Add shadow stack support to clone3()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]