Re: [musl] Re: [PATCH v8 00/38] arm64/gcs: Provide support for GCS in userspace

From: Mark Brown
Date: Tue Feb 20 2024 - 19:45:03 EST

Next message: Allen: "Re: [PATCH 6.7 000/309] 6.7.6-rc1 review"
Previous message: Jarkko Sakkinen: "Re: [PATCH 1/3] tpm: protect against locality counter underflow"
In reply to: Edgecombe, Rick P: "Re: [musl] Re: [PATCH v8 00/38] arm64/gcs: Provide support for GCS in userspace"
Next in thread: dalias@xxxxxxxx: "Re: [musl] Re: [PATCH v8 00/38] arm64/gcs: Provide support for GCS in userspace"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Feb 21, 2024 at 12:35:48AM +0000, Edgecombe, Rick P wrote:

> doing. But those threads might be using shadow stack instructions
> (INCSSP, RSTORSSP, etc). These are a collection of instructions that
> allow limited control of the SSP. When shadow stack gets disabled,
> these suddenly turn into #UD generating instructions. So any other
> threads executing those instructions when shadow stack got disabled
> would be in for a nasty surprise.

> Glibc's permissive mode (that disables shadow stack when dlopen()ing a
> DSO that doesn't support shadow stack) is quite limited because of
> this. There was a POC for working around it, but I'll stop there for
> now, to not spam you with the details. I'm not sure of arm and risc-v
> details on this specific corner, but for x86.

We have the same issue with disabling GCS causing GCS instructions to
become undefined.

Attachment: signature.asc
Description: PGP signature

Next message: Allen: "Re: [PATCH 6.7 000/309] 6.7.6-rc1 review"
Previous message: Jarkko Sakkinen: "Re: [PATCH 1/3] tpm: protect against locality counter underflow"
In reply to: Edgecombe, Rick P: "Re: [musl] Re: [PATCH v8 00/38] arm64/gcs: Provide support for GCS in userspace"
Next in thread: dalias@xxxxxxxx: "Re: [musl] Re: [PATCH v8 00/38] arm64/gcs: Provide support for GCS in userspace"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]