Re: [PATCH v3 25/37] x86/shstk: Add user-mode shadow stack support
From: Peter Zijlstra
Date: Tue Nov 15 2022 - 14:39:15 EST
On Fri, Nov 04, 2022 at 03:35:52PM -0700, Rick Edgecombe wrote:
> +static int shstk_setup(void)
> +{
> + struct thread_shstk *shstk = ¤t->thread.shstk;
> + unsigned long addr, size;
> +
> + /* Already enabled */
> + if (features_enabled(CET_SHSTK))
> + return 0;
> +
> + /* Also not supported for 32 bit and x32 */
> + if (!cpu_feature_enabled(X86_FEATURE_USER_SHSTK) || in_32bit_syscall())
> + return -EOPNOTSUPP;
> +
> + size = adjust_shstk_size(0);
> + addr = alloc_shstk(size);
> + if (IS_ERR_VALUE(addr))
> + return PTR_ERR((void *)addr);
> +
> + fpregs_lock_and_load();
> + wrmsrl(MSR_IA32_PL3_SSP, addr + size);
> + wrmsrl(MSR_IA32_U_CET, CET_SHSTK_EN);
This..
> + fpregs_unlock();
> +
> + shstk->base = addr;
> + shstk->size = size;
> + features_set(CET_SHSTK);
> +
> + return 0;
> +}
> +static int shstk_disable(void)
> +{
> + if (!cpu_feature_enabled(X86_FEATURE_USER_SHSTK))
> + return -EOPNOTSUPP;
> +
> + /* Already disabled? */
> + if (!features_enabled(CET_SHSTK))
> + return 0;
> +
> + fpregs_lock_and_load();
> + /* Disable WRSS too when disabling shadow stack */
> + set_clr_bits_msrl(MSR_IA32_U_CET, 0, CET_SHSTK_EN);
And this... aren't very consistent in approach. Given there is no U_IBT
yet, why complicate matters like this?
> + wrmsrl(MSR_IA32_PL3_SSP, 0);
> + fpregs_unlock();
> +
> + shstk_free(current);
> + features_clr(CET_SHSTK);
> +
> + return 0;
> +}