Re: [PATCH 02/35] prctl: Add flag for shadow stack writeability and push/pop

From: Edgecombe, Rick P
Date: Tue Jul 18 2023 - 13:48:22 EST

Next message: Dimitris Siakavaras: "Using userfaultfd with KVM's async page fault handling causes processes to hung waiting for mmap_lock to be released"
Previous message: Jiaqing Zhao: "[PATCH 3/4] serial: 8250_pci: add support for ASIX AX99100"
In reply to: Mark Brown: "[PATCH 02/35] prctl: Add flag for shadow stack writeability and push/pop"
Next in thread: Mark Brown: "Re: [PATCH 02/35] prctl: Add flag for shadow stack writeability and push/pop"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 2023-07-16 at 22:50 +0100, Mark Brown wrote:
> On arm64 and x86 the kernel can control if there is write access to
> the
> shadow stack via specific instructions defined for the purpose,
> useful
> for things like userspace threading at the expense of some security.
> Add a flag to allow this to be selected when changing the shadow
> stack
> status.
>
> On arm64 the kernel can separately control if userspace is able to
> pop
> and push values directly onto the shadow stack via GCS push and pop
> instructions, supporting many scenarios where userspace needs to
> write
> to the stack with less security exposure than full write access. Add
> a
> flag to allow this to be selected when changing the shadow stack
> status.

Is this correct? I thought Szabolcs was saying pop was always
supported, but push was optional.

Next message: Dimitris Siakavaras: "Using userfaultfd with KVM's async page fault handling causes processes to hung waiting for mmap_lock to be released"
Previous message: Jiaqing Zhao: "[PATCH 3/4] serial: 8250_pci: add support for ASIX AX99100"
In reply to: Mark Brown: "[PATCH 02/35] prctl: Add flag for shadow stack writeability and push/pop"
Next in thread: Mark Brown: "Re: [PATCH 02/35] prctl: Add flag for shadow stack writeability and push/pop"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]