From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 6535EC001E0
	for <linux-mm@archiver.kernel.org>; Tue,  1 Aug 2023 15:35:38 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 6519F94001F; Tue,  1 Aug 2023 11:35:37 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 6014E940010; Tue,  1 Aug 2023 11:35:37 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 4C9DC94001F; Tue,  1 Aug 2023 11:35:37 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15])
	by kanga.kvack.org (Postfix) with ESMTP id 3E76A940010
	for <linux-mm@kvack.org>; Tue,  1 Aug 2023 11:35:37 -0400 (EDT)
Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay10.hostedemail.com (Postfix) with ESMTP id E0DC6C1554
	for <linux-mm@kvack.org>; Tue,  1 Aug 2023 15:35:36 +0000 (UTC)
X-FDA: 81075935472.10.C940208
Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217])
	by imf11.hostedemail.com (Postfix) with ESMTP id 0B50B40025
	for <linux-mm@kvack.org>; Tue,  1 Aug 2023 15:35:33 +0000 (UTC)
Authentication-Results: imf11.hostedemail.com;
	dkim=pass header.d=kernel.org header.s=k20201202 header.b=r8zuzbiI;
	dmarc=pass (policy=none) header.from=kernel.org;
	spf=pass (imf11.hostedemail.com: domain of broonie@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=broonie@kernel.org
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1690904134;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=6y9kHOvndQhpAyCDEStD9S1PgdaYKjoRe80k+MEnFXg=;
	b=w1jCc2eQw77PI6j9OgYrS2PTViVS/3SEJxbMPjOdB34g+JRXNUhNI3Mas2BD6C2HGFJKzp
	Bh6lewbO6XBlYSLCCNQavPNb//XVvIVR3mRXLx97h6Ri+LIiC8LzKomC11hzPQpW/R1jo3
	VSQpFyn96lTFs7D44TflE4E3pWMoUFk=
ARC-Authentication-Results: i=1;
	imf11.hostedemail.com;
	dkim=pass header.d=kernel.org header.s=k20201202 header.b=r8zuzbiI;
	dmarc=pass (policy=none) header.from=kernel.org;
	spf=pass (imf11.hostedemail.com: domain of broonie@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=broonie@kernel.org
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1690904134; a=rsa-sha256;
	cv=none;
	b=sfU9spUMLd39z9rOLDHIC1utXLJQd5R2rQcMYA7upuUKArwR9CAOz3Jqd/DZsTPbCNLZGL
	OqLPITaXZ4swOexd+Dc9iqnHaxm/hQZHKTNy171jvOC947XoByTt/kqZtN+pz/jtD6cuu9
	n9mJoTighntcxj5xNjbzO6ADaqHoZH4=
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits))
	(No client certificate requested)
	by dfw.source.kernel.org (Postfix) with ESMTPS id 7B0D6615E1;
	Tue,  1 Aug 2023 15:10:08 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id C8ABAC433C7;
	Tue,  1 Aug 2023 15:10:01 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1690902607;
	bh=+bBPLGmDmXfC/yfM3zDVF6K5Ga/agNFu5ARhnA02LuA=;
	h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
	b=r8zuzbiIsBm8TplmUwNtJnkj0WqQ7Bj07Nu9yp5ar/EYSV4LQQ3uL73ELCG1L41jq
	 YvuaYQlYhxf9lYlvrNjTqqiK+hh/mmVXlCFhYNKELooEaDF+I16iw9dkxuoVH8Tf4r
	 MMzAnPUycWbbea6niD+2vJ7S6VYgMcnxfQ/W8n2WzYs3ch5uSe4487LN6555t9Fsr1
	 MEStdbDlfoeEftOw+xyV2O2Pyy2neIm2BVU9icTY0M0HKHFlx8zXeaGqKT88HFeDBP
	 24CXRV2GJ39ZT5XdVsrhKrH4rhJNw34F9/DVHpaPG+sd+VlTEmdea7RgrgWKh2lT9O
	 L985DdCd9UJCA==
Date: Tue, 1 Aug 2023 16:09:58 +0100
From: Mark Brown <broonie@kernel.org>
To: Will Deacon <will@kernel.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>,
	Jonathan Corbet <corbet@lwn.net>,
	Andrew Morton <akpm@linux-foundation.org>,
	Marc Zyngier <maz@kernel.org>,
	Oliver Upton <oliver.upton@linux.dev>,
	James Morse <james.morse@arm.com>,
	Suzuki K Poulose <suzuki.poulose@arm.com>,
	Arnd Bergmann <arnd@arndb.de>, Oleg Nesterov <oleg@redhat.com>,
	Eric Biederman <ebiederm@xmission.com>,
	Kees Cook <keescook@chromium.org>, Shuah Khan <shuah@kernel.org>,
	"Rick P. Edgecombe" <rick.p.edgecombe@intel.com>,
	Deepak Gupta <debug@rivosinc.com>, Ard Biesheuvel <ardb@kernel.org>,
	Szabolcs Nagy <Szabolcs.Nagy@arm.com>,
	"H.J. Lu" <hjl.tools@gmail.com>,
	Paul Walmsley <paul.walmsley@sifive.com>,
	Palmer Dabbelt <palmer@dabbelt.com>,
	Albert Ou <aou@eecs.berkeley.edu>,
	linux-arm-kernel@lists.infradead.org, linux-doc@vger.kernel.org,
	kvmarm@lists.linux.dev, linux-fsdevel@vger.kernel.org,
	linux-arch@vger.kernel.org, linux-mm@kvack.org,
	linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org,
	linux-riscv@lists.infradead.org
Subject: Re: [PATCH v3 00/36] arm64/gcs: Provide support for GCS in userspace
Message-ID: <09b7a94d-cc88-4372-85de-52db26bc2daf@sirena.org.uk>
References: <20230731-arm64-gcs-v3-0-cddf9f980d98@kernel.org>
 <20230801141319.GC26253@willie-the-truck>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="eVo2yRFuK2CxHWEO"
Content-Disposition: inline
In-Reply-To: <20230801141319.GC26253@willie-the-truck>
X-Cookie: I thought YOU silenced the guard!
X-Rspam-User: 
X-Rspamd-Server: rspam12
X-Rspamd-Queue-Id: 0B50B40025
X-Stat-Signature: 94t4gxw3asz8e84bbknktfo3j6gbnns8
X-HE-Tag: 1690904133-967569
X-HE-Meta: U2FsdGVkX19F+1luZOle/XQmKcpou2ft/Vui3Mds0JmFePLwxzBP7DqRYl3BxU9OD2qXGG3c9nPOwRiAeq6MVCP5Odk7xv9XstDpEBRhayJp4r7Y7uibz5ff5BdyL5bCHtzmTN4beTqwN2upoNua92mBRqYRuyGQZuRUBTXgFv2sP35B5EaLNKr4QUF3XY7USkztM++Q6LBP9/ANdxiGCD7Bwr0eQMTzvtS3m/xABce4JsESegW4h8U5/0n3OwQ861kcWzg3ZXb8qkJmWYaa0CDShB08eIvlA/RwIMQBaA6ur2UksOWqmGufJIsEVRvufZgTTQKoWyR/goozQIZspnuuJS91I96e63crQ95eNPLiXi+MHAFyeZBFq4LZgqNwR2ubYLUImLyiDyCRUO/j9NB34/Hdq2fyEWKei4l2I0YFyfsDWSZRyBNKJ00kAEHRRobGo/C25XYpqylozCuEEq98U46WDOAvyiYMNqgxRxGQXRonXO8h8g5Bm8fwzaECwbE3bHzRAJgdjngYFcWCdVJOXBSxv4BOEgrKY8DvTto2CF/4+Pd5CFdKtELnN00AVfBRrrKj6kkWcvvt4nMAbUNZCs0zQ0aRvYWMmjQWo2RnDAmhWWIEVSUv2/sFH0RYsa6UGrtU4KHhMHGCx3mdLPyFTXQp3a8rdzonxOOtGhCM7QpXKWODfLc0f4O0UXn4uJhIDiJZW6+nkuQ/Gy+C3e8ILeIA+geYKFRo11q5w4GYmQmvFpvqDaSM44g9Hit2Sv8JptSqsI+Ga2l3ucBkdTZ01/Evuep2+191fUViWwTTqpI58qlPWhvjS1QEGm4/CfCBsjJg2NQfDlyv4B44E1qFqS+hYa6I+QpjIb0De3AUwMJGtw09P6Zu1ZAndq+x+e26RTS7+vE5kxXKUKPvCMN6gLMBoK1+kUAYH0Yq/syV1JBEEYASrxj3Wt47IAGQS9mNtr2FglDBgXxbDBq
 QitU44aF
 JZxUBR8GqbPxhtS8kOq740vl7gVAiZkyuurGCSAXroRdKmN7IhNXSOCnrQGcrvCbnTBSC+3VTG2jm3KUst+EWuFTSQqeOfsyski9zPjhzbUDn0LzXy9EP7Slv1UQEISxcxWV7p84cpv8oo0QiTW4kN9u7ywBvFyFFhk04QmlfsjR4fLIVXxyHWK480+6AN+bgYKpdRQjEypJuo1l/+5d2h4o4wT5dBsHFkKPgWOs4eFep2WJVlt6Tui+AvvPBASnz2z4oKXm9nB0O7SD0ilGJH3C0E6jo4aJ+y9YH/5zw5A/BpP3QDFpkuMIIcxyurLNQz+N/g1xbRNzxQ33tapi05+zZj0nZr5qVcRPxZyLDU0gTop+IfhlrSlYj/eAIe7Gcf++1Z+Kz65Gy0nFyHLBXyNCoUvn3J+DmUUv1Atdhlg6GpTU=
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>


--eVo2yRFuK2CxHWEO
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Tue, Aug 01, 2023 at 03:13:20PM +0100, Will Deacon wrote:
> On Mon, Jul 31, 2023 at 02:43:09PM +0100, Mark Brown wrote:

> > The arm64 Guarded Control Stack (GCS) feature provides support for
> > hardware protected stacks of return addresses, intended to provide
> > hardening against return oriented programming (ROP) attacks and to make
> > it easier to gather call stacks for applications such as profiling.

> Why is this better than Clang's software shadow stack implementation? It
> would be nice to see some justification behind adding all this, rather
> than it being an architectural tick-box exercise.

Mainly that it's hardware enforced (as the quoted paragraph says).  This
makes it harder to attack, and hopefully it's also a bit faster (how
measurable that might be will be an open question, but even NOPs in
function entry/exit tend to get noticed).

--eVo2yRFuK2CxHWEO
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQEzBAABCgAdFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAmTJIEYACgkQJNaLcl1U
h9BQawf/f0SGHhLVQUgdnRJbAN6lBuDUQfirqOPQbGb1BDJkA5bBH3gggqgDiUP9
iuDR87qdT9VDbUW0rgSKaYDAizuTvWthjfPv3Y0JOAgM9fmGmDmyldhVOSrmbRQF
hW3jgZbWRG0UK44PpWKLX2z13fGx9xVitteScPpIhF9r2o8kmq3SoYO7a681hQLI
usvrKaEpMYgeGeSm+2qlQj5sQnVNNrRD3u1BLbOuu6uRfWWtoUS+cFxUUUMNcmbi
1ZrrHuAy4ZanoowjW4HLjzhtQDVSPleqsZGfnChKMuZhXPqpBl74qWAMs8x9bq/F
iC0yz6XbrIQqfBkmNljqf0Kj03fpLw==
=2KV+
-----END PGP SIGNATURE-----

--eVo2yRFuK2CxHWEO--