Re: [RFC PATCH v1 15/28] riscv/mm: Implement map_shadow_stack() syscall

From: Edgecombe, Rick P
Date: Fri Feb 09 2024 - 15:45:34 EST

Next message: Vlastimil Babka: "Re: [PATCH v3 2/3] mm/compaction: add support for >0 order folio memory compaction."
Previous message: Edgecombe, Rick P: "Re: [RFC PATCH v1 11/28] riscv: Implementing "PROT_SHADOWSTACK" on riscv"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 2024-01-24 at 22:21 -0800, debug@xxxxxxxxxxxx wrote:
> From: Deepak Gupta <debug@xxxxxxxxxxxx>
>
> As discussed extensively in the changelog for the addition of this
> syscall on x86 ("x86/shstk: Introduce map_shadow_stack syscall") the
> existing mmap() and madvise() syscalls do not map entirely well onto
> the
> security requirements for guarded control stacks since they lead to
> windows where memory is allocated but not yet protected or stacks
> which
> are not properly and safely initialised. Instead a new syscall
> map_shadow_stack() has been defined which allocates and initialises a
> shadow stack page.
>
> This patch implements this syscall for riscv. riscv doesn't require
> token
> to be setup by kernel because user mode can do that by itself.
> However to
> provide compatiblity and portability with other architectues, user
> mode can
> specify token set flag.

A lot of this code look very familiar. We'll have to think about at
what point we could pull some of it into the code kernel.

I think if we had an arch write_user_shstk(), most of the code could be
shared here.

Next message: Vlastimil Babka: "Re: [PATCH v3 2/3] mm/compaction: add support for >0 order folio memory compaction."
Previous message: Edgecombe, Rick P: "Re: [RFC PATCH v1 11/28] riscv: Implementing "PROT_SHADOWSTACK" on riscv"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]