From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id ED9F8C001E0 for ; Tue, 18 Jul 2023 19:10:50 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 2C2E2280008; Tue, 18 Jul 2023 15:10:50 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 272248D0012; Tue, 18 Jul 2023 15:10:50 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 112AC280008; Tue, 18 Jul 2023 15:10:50 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 00FCD8D0012 for ; Tue, 18 Jul 2023 15:10:49 -0400 (EDT) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id C018B1A0429 for ; Tue, 18 Jul 2023 19:10:49 +0000 (UTC) X-FDA: 81025674618.24.F99CFC9 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by imf27.hostedemail.com (Postfix) with ESMTP id BFFB040012 for ; Tue, 18 Jul 2023 19:10:46 +0000 (UTC) Authentication-Results: imf27.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=CPOMIHmH; dmarc=pass (policy=none) header.from=kernel.org; spf=pass (imf27.hostedemail.com: domain of broonie@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=broonie@kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1689707446; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=YYl/EUj6DCRSCQey6kEPZ2T5dVhRW3N46kZgt3rw2LU=; b=ukN6Hy3cvrP+TMXeXeuc/s54sK4SQ8OfJIVFEcVFfAzxwg8xX3dLPIVWsbd1VMyYPQrfSS 1HYz85x+Y9LVjtnZ81+iX2mbF+LnrLWQUHqCU2HCCG8QmvAU8IZLUBSL6+G2dW9GawDPVX Xt2rmJr2GincAV/pFLTvG25zifKbIZQ= ARC-Authentication-Results: i=1; imf27.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=CPOMIHmH; dmarc=pass (policy=none) header.from=kernel.org; spf=pass (imf27.hostedemail.com: domain of broonie@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=broonie@kernel.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1689707446; a=rsa-sha256; cv=none; b=U5ZHUq04w0YBmk5z0fs7bt9qhtSC3J/JzL7/wFO4BoBgT89e8etAVKJws/pi/Sw74SffXI OdqpOuUYjGR441c6xK+VB1EDMi8cNAJwZwgYoyCD5i7SDsxqXK4qcfyaPgon3D3GkMjfjD s5VTuYc1ZJ6sm+JYR0AJzOqyG6CuEEo= Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 99047616A1; Tue, 18 Jul 2023 19:10:45 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 2AE09C433C8; Tue, 18 Jul 2023 19:10:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1689707445; bh=YYl/EUj6DCRSCQey6kEPZ2T5dVhRW3N46kZgt3rw2LU=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=CPOMIHmHcysn6e7Ezp7G9Lvt5eZGNIxiZV8UrLxoyk03fhbOjyFIFDPEDxQVjGxYr 0IJDGgSBCcj1y3UJKnXlohYlZo2TZR55ziCWM+86tX1h476ymSNvomBxYATFGDiKD3 kM4DP+Uy+Rbt/rr9VbChoK4eYmVmmf/OH1LeGVL0gPDFxxcExeeUqUIKfTbdHwmWwj 66xboAw32/YLlqeRbYTLZJqR8hZxQYweZH3uYGuQVY/W6gV1++qmVkfgSNyFT5rPDJ e0ivgfAmet3+KXZ29mn3Tuj5p6aWr2wpx7JISQCOXZJ4RmRChoWXmtAXKlBm/sdulP kTlli0NniP8Eg== Date: Tue, 18 Jul 2023 20:10:35 +0100 From: Mark Brown To: "Edgecombe, Rick P" Cc: "corbet@lwn.net" , "ardb@kernel.org" , "maz@kernel.org" , "shuah@kernel.org" , "Szabolcs.Nagy@arm.com" , "keescook@chromium.org" , "james.morse@arm.com" , "debug@rivosinc.com" , "akpm@linux-foundation.org" , "catalin.marinas@arm.com" , "oleg@redhat.com" , "arnd@arndb.de" , "ebiederm@xmission.com" , "will@kernel.org" , "suzuki.poulose@arm.com" , "oliver.upton@linux.dev" , "hjl.tools@gmail.com" , "linux-kernel@vger.kernel.org" , "linux-riscv@lists.infradead.org" , "linux-kselftest@vger.kernel.org" , "linux-fsdevel@vger.kernel.org" , "linux-mm@kvack.org" , "paul.walmsley@sifive.com" , "aou@eecs.berkeley.edu" , "palmer@dabbelt.com" , "linux-doc@vger.kernel.org" , "kvmarm@lists.linux.dev" , "linux-arm-kernel@lists.infradead.org" , "linux-arch@vger.kernel.org" Subject: Re: [PATCH 02/35] prctl: Add flag for shadow stack writeability and push/pop Message-ID: <19911588-f74d-4a7a-858c-2994c8614463@sirena.org.uk> References: <20230716-arm64-gcs-v1-0-bf567f93bba6@kernel.org> <20230716-arm64-gcs-v1-2-bf567f93bba6@kernel.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="iAfYGwbU4kDAge8S" Content-Disposition: inline In-Reply-To: X-Cookie: Nothing happens. X-Rspamd-Queue-Id: BFFB040012 X-Rspam-User: X-Rspamd-Server: rspam02 X-Stat-Signature: 9ztf98ta51h1y7zwb54og1fncp4jzkqx X-HE-Tag: 1689707446-395494 X-HE-Meta: U2FsdGVkX1/Cd9UqreF1Gg4ptTvzLYiQ0JdCi6BJGpG+PgXHGXgy4KWdwTY344LQAV1vEJ5AWP0+phgi6n/SmYwDOiT/bnWSumuUWXkDwTryfK+09tg327KpMvefSTN8BRdzyskTSPo9F0onYur+YpgBS0cHWnphRyCTzwguBSEkKsp2LQ7kTot7EO+7E3m6E1doWDCHF85WNzT+ajEsZ8o895zl+Vd7aHKtfc0XtQHlHaYxJ+RG6tyaNymPa2l23U8UAmKOFDhbNMoPWV55p6QBxz4ewZ/MyQmi+La2l2fbcai0hCVXHFcNMB1zM8OWnjPtMpmon0lKx0D0UvwoNg2xDq6h1UP+//jgLDqaVC/3IwtkGgTthZi56chndiZkmYYHbyW0PaTU0TFqPI7D0Zu9U1u6jGKUzrgLWXQAaCmEIt4mXXylFeqtHLKDFYa3ZRwot4auJhEHa1M6NQkTFXgv+i6gsjAgxtn/6aWIjE51WZlQ2yghmEJTJoIBAMe97djwuK3//iSyA4phC8XTGp1NhMxQfOJmp3Ym7m1oGfZjbwAnXljVOt9aPz8OvCZTAYRBiaY/Ih+Q6XOzY/BS/wLj3V+vJLSDoVWL59N6pp9VhglF+SQ8gsO5nRLbGIcFrUEXOBI3/xaOhbZnROz+q0NhhoRAnmsqTkvrA8hDp1yh+jxc7efmBk5y34fJYLm0/6mEVxPflrq9iwJ8QkutHasFMS2dl9lae9feNd4Zm+54hv0rDIrV1IMy5VVq+qC7P1phLA64471zoamt2n+FgUWGh3FFRgI8RkkwMeBERDF1xApzoiZouq/u5I7+sV3Ak+1YhXFu6ANitbloFFcRh37F5IYbzISZUZxNCzmRxGkcXp9I0uHCD3O/ujg7FVmKf6Zh6oDrwlFqiiaZRr+QcRL1XyeHcPz3l/hcD2YUhK8kTdwppl8rc7nV3QVDcdFuF6sRi/3m1SOvRhvnQ0z xYqqRCIi 7Zd+wK/5oxQK1eAX9pX++aRJVB+S0X0tKAh8gfxo3xeBUnDPrq+8lkXHkAcgLmruiW36/vKS0L4HfIYvf9yyYyudurEqR6rHq8pZ4rMaAtzNalu9X0w/lT/SsSQlZo6ws/c5+FbX8ty9s+73UrH2Nlf6mb3AnZYj4yh9P9zski0y3BJpT/lXsyAZEn1t/eZL8wltXrc97j4rIAn0nsLGa30E8ckMc/BboXr50/MX/3T76FJ95f6JsUmprZul6+ekgK14SsA27LF/7TXKI3BpHQrEEpv93ElTuD088pRaQwYpDWz7A00334BpBFk6qYBymeNKCP+jmp2lJLEegIK+ZdcSD9/kuAQR1m8JLxs+XzdEOv4EV7jKP0s04WSQFb65CDSoc5uZIMLA02UYLZbZDMsvZCRLgjjSjmk+Ak4e7K816RRzlMJID7Z/+w1uDjxY+CdItJ6NJIjEsPxkVvGFfZUBDvbAA0z1giYaYYxCofaXvvF/fwG4yeeXyKlRLhMJPF8Wg X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: --iAfYGwbU4kDAge8S Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jul 18, 2023 at 05:47:32PM +0000, Edgecombe, Rick P wrote: > On Sun, 2023-07-16 at 22:50 +0100, Mark Brown wrote: > > On arm64 the kernel can separately control if userspace is able to > > pop > > and push values directly onto the shadow stack via GCS push and pop > > instructions, supporting many scenarios where userspace needs to > > write > > to the stack with less security exposure than full write access.=A0 Add > > a > > flag to allow this to be selected when changing the shadow stack > > status. > Is this correct? I thought Szabolcs was saying pop was always > supported, but push was optional. It's not, I wrote this right after looking at hypervisor controls which do control push and pop. --iAfYGwbU4kDAge8S Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAmS246sACgkQJNaLcl1U h9CH3Af9Gc0ROtEwiO2hraLxRf8RP7E57Zl493uWzd9vEx2utPcr5meeChS7qWAk zNoD8IB/4WfafwXv6xjwP5d1PnERWQMij8YDHh3/HPUskRQQJoqb2i0rdSrne/n7 PEhrLVeF69IYVhVhpnSrOQqdGD0P8iSmaC9Z23grrFoUC/l0uRGqX5DaafWRwhMt 2dDXduZC/3AmH6m+s05fouTSJCmAgTgBWrSyKpIvL6/Gle5/GHZMwOBoNEIFwnxD DhOyjAeycXa5+EfcJY4tSlXiZmvs9SEz1NdYRQnBDxs7s1WBf0XMjO+IRJIj2HlC vE24/LaeVmr9BnVOuylmqCUJInN5Jw== =UfKG -----END PGP SIGNATURE----- --iAfYGwbU4kDAge8S--