From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 58F8BC7EE2D for ; Fri, 3 Mar 2023 17:50:59 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D6BA06B0071; Fri, 3 Mar 2023 12:50:58 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id D1B8F6B0072; Fri, 3 Mar 2023 12:50:58 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C0B7C6B0073; Fri, 3 Mar 2023 12:50:58 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id B190C6B0071 for ; Fri, 3 Mar 2023 12:50:58 -0500 (EST) Received: from smtpin12.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 670711A1218 for ; Fri, 3 Mar 2023 17:50:58 +0000 (UTC) X-FDA: 80528327796.12.3F1B038 Received: from mail-yb1-f173.google.com (mail-yb1-f173.google.com [209.85.219.173]) by imf26.hostedemail.com (Postfix) with ESMTP id A8C21140015 for ; Fri, 3 Mar 2023 17:50:56 +0000 (UTC) Authentication-Results: imf26.hostedemail.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=fLGfl9d8; spf=pass (imf26.hostedemail.com: domain of hjl.tools@gmail.com designates 209.85.219.173 as permitted sender) smtp.mailfrom=hjl.tools@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1677865856; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=SCxddsYYw42LPM43/gkvlie96kmGO3FZ4G2subvXzzU=; b=fgEMRVufaLKEfelNpM+DWMz6A8yugyKlT74E/KQf7ZkgY6nUibow8D23sLXndGIbL2Gv4n ue6tzdXwChJH0/8tGNwQ1glmSTV72K2VQRAgdgudfwQRij+uDUksrkR1yYucIK7WPmitRW lTWZhSA3Jc4nfxwjsNt3KavZGYjaMpE= ARC-Authentication-Results: i=1; imf26.hostedemail.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=fLGfl9d8; spf=pass (imf26.hostedemail.com: domain of hjl.tools@gmail.com designates 209.85.219.173 as permitted sender) smtp.mailfrom=hjl.tools@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1677865856; a=rsa-sha256; cv=none; b=7spOe2yaIxpwhdQjsNcxiyo41Fo9i2XGMwDMEv8v/BKwemHHF/S0IDkY5zRTYZc/gj3RGq 5XugVW8cY8fAYqiiwfx/8NRSYK3eXuNxAWxN3trn/nd2iJJeOVsSo1X1ZjUQ9HlVzwdfEs AOc8EoYyvucWTO9+dc9tTbWTFzSZajk= Received: by mail-yb1-f173.google.com with SMTP id k23so2679356ybk.13 for ; Fri, 03 Mar 2023 09:50:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1677865856; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=SCxddsYYw42LPM43/gkvlie96kmGO3FZ4G2subvXzzU=; b=fLGfl9d8hRxr0PWmqstZFZdpj03Y2a8vI1Icd/J+Yunnnd+mcFIXz4wtbdN2hYiGDW Rk9i60Tw2atvr6IPg1o9J5DPzTbj9nTvca4ZdGzL1gYVxPInrg8c4jDE9op7uuGh+IlO jeVW1ToKEMQcEYzghwsERQBGIXU6nh967eMtdK2JLknjEUztLiCki8FL+nAKYB2xSfBQ ArmboZy9wzMMEtZZnmAFVGm4dRwkqAYcGr6cjy970dTApX6TUtnZ0crw1Ir2Mkls9MTj bdGkPQEaM/mTDmV8YuPKvm3rxa+szH6OSsJoJIuWXepkkb1OwmTQ33pJPk3QDexijb8t 1zSA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1677865856; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=SCxddsYYw42LPM43/gkvlie96kmGO3FZ4G2subvXzzU=; b=IylftSygwcJA6qKE4PJcfEdxPAko2jkFSD/gzJNi+rE+3mg3JSVAUccsZkpl8wfVgI EQidy3B0PftzoT6v44hJ3M+MiXFE1F0itU4jlju7Wx0RbGosPn/ZagCSuCTNjLYbK9gp HelsoFFKvrYCh9NzuVatwCX7jgeTXXxn9RzCF/8IHlsiFS1Jndl0ukgBYjNbjJ9mGIH7 rmeo6k/Nw3r5+dUKcjl/CojZ+obb3OJAO1+/VPCXiJS2JY66l4sZjN8RkSVjtCkV8TJn iEImA+sp/HmkGEGamuiJr/nJq1LQ5iuvFuFSB8yxS2zk0Zopw3hua6B3oy7zkiMvqiBs Sf5w== X-Gm-Message-State: AO0yUKXu2MdlF0GxxZtWhJFTuIVRsqcIXUdaiaNZkKKigQrMn4R4iMQY wjKLIUUoc4tm2KRoUHsn5XbxiC11BDGs/ZrqyNs= X-Google-Smtp-Source: AK7set+guTb0nl3oPFuy1k9LGVkybiSalecoyAl7DJSMWvDgkBFGD40v5vxH/Y40U99lEPgcKmDYhBduebnPL+CBxBw= X-Received: by 2002:a5b:38a:0:b0:ac9:cb97:bd0e with SMTP id k10-20020a5b038a000000b00ac9cb97bd0emr1212723ybp.5.1677865855710; Fri, 03 Mar 2023 09:50:55 -0800 (PST) MIME-Version: 1.0 References: <636de4a28a42a082f182e940fbd8e63ea23895cc.camel@intel.com> <8153f5d15ec6aa4a221fb945e16d315068bd06e4.camel@intel.com> In-Reply-To: From: "H.J. Lu" Date: Fri, 3 Mar 2023 09:50:19 -0800 Message-ID: Subject: Re: [PATCH v7 01/41] Documentation/x86: Add CET shadow stack description To: "szabolcs.nagy@arm.com" Cc: "Edgecombe, Rick P" , "david@redhat.com" , "bsingharora@gmail.com" , "hpa@zytor.com" , "Syromiatnikov, Eugene" , "peterz@infradead.org" , "rdunlap@infradead.org" , "keescook@chromium.org" , "Eranian, Stephane" , "kirill.shutemov@linux.intel.com" , "dave.hansen@linux.intel.com" , "linux-mm@kvack.org" , "fweimer@redhat.com" , "nadav.amit@gmail.com" , "jannh@google.com" , "dethoma@microsoft.com" , "broonie@kernel.org" , "kcc@google.com" , "linux-arch@vger.kernel.org" , "bp@alien8.de" , "oleg@redhat.com" , "Yang, Weijiang" , "Lutomirski, Andy" , "pavel@ucw.cz" , "arnd@arndb.de" , "tglx@linutronix.de" , "Schimpe, Christina" , "mike.kravetz@oracle.com" , "x86@kernel.org" , "linux-doc@vger.kernel.org" , "debug@rivosinc.com" , "jamorris@linux.microsoft.com" , "john.allen@amd.com" , "rppt@kernel.org" , "andrew.cooper3@citrix.com" , "mingo@redhat.com" , "corbet@lwn.net" , "linux-kernel@vger.kernel.org" , "linux-api@vger.kernel.org" , "gorcunov@gmail.com" , "akpm@linux-foundation.org" , "Yu, Yu-cheng" , "nd@arm.com" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Queue-Id: A8C21140015 X-Stat-Signature: hf5jb9x3dn9z8si3kha7q9oyukqgpz58 X-Rspam-User: X-Rspamd-Server: rspam08 X-HE-Tag: 1677865856-804666 X-HE-Meta: U2FsdGVkX19+mfsZVQ5Bm07FCbhJn7VBoot9c6lqLTtifw952tSexfWg3MF+My2IRS9DGlRet8oxk8ciKMB5xflC0fQKKVT1h4CQIuXAIbpwGa82uU9/eWVZ8tsho/Ymycv6mKOvW37rY3oW1D+kUhi8DkGMr/CZuMwdW/KQosBvsoXW9n2JWNDeWBCBnzbqoiavQ/IuRzMh3iuket2BfMGhFVWq45pSBspgIXwPiXN7husC56nfNwSNhbw3P74BfLM016Ey6puJhu8E/XSVWHWel7Zz6anCta8X3aOr+fZMUaqoF740Y3tONobbWT0meeMVm6HIYoxkJGne2wi/Th9bhDL6KhWkYHFeTp7KNIIpMjCH2IEAXO3T9B143A65SR9BvLFW9wIqDchZwXX3LazoIpe6qYu7W+1kq+8x/1zmDL5AeH8lXnuC8vn6GaetTh9Chi6iKgvJl9IjZchYrardnlSHfDM1OQozz3jY7clHbCKDV1WolNKtabzgY904dvkqt2Sky8i0oREyqDV30+ce8oZCIEad/Ssvq6UQGLrMoujX4ULwdbiUqn07kjSA8xLkRwzo5uAkSvJMcfu5qWNB76POE7ZnkrLzk8iAabTEmVYQxjlIXaAMIUGiYTu8a6HzlSzb5wjbuh55h3PJX+d8ksSSOxcQp++dYeFZ/NyoNy5oLnj6N/zifrRSnkFShJps31V3tgoNrGUSLE7xkUpifLWNGJFY30TXoW4LPVRoIwFZJmJGr2p07MWEoXsBIIrWxkzPzc6zUOrInwaxpxtgNWTdO8PFiqaiEf2ihQQg5PjZ4KRwVTgw3raf8yuOC3AYifarEy7rMZ4Xm8QEV4t+ogI8HsHLCAAAPMMkAzun3rwNBJDiO9CCQA2NudL4btpxe3XVO5BAQnJ4NmQxPByrM96IP5BHsqAdlW57XE1KjFKK9nYfhIrWxX4FyWmz0GFhkG6SN1WRk+IJgXs xIbYowyP wtXozsKNZsLzDxh6bRGB4IyDPPgrHANNq4qFpwfmSlwULCoKbv0vhXPjFqu/m98ObN4s6vNuoi7OQJawJ2IoN9yRTPfg1+JP4FiY9NyYMAxEb15kUiq/nDca308SW+JwGSjaUu799UtoEVUCCHg+drM3NHNVPZHAu1b9maKYIZrhZ3JKcoOLxo2t2udQccT6QqDO/gCBEvnzgeTaXh2/HeMFca6IqySvFzYvFc8LXyd3fKgdw0BG1jgaeSbq6RHv4StUHfGhcVyXZ1MqnGfZ2OWkEOEJWvq4SQVY2zJP8KbndESeMJ3UoXl7K/T6bE8G7m1wcBcuOnH0Q2tSGg+t49eSDRuGoJWYetri+psfB418XK7D4GonWmQoXUd9j95rq0H62f7sFYY+1TizbaNoNOhVLQIXXSXtCLhvQJtBLvaxg9NLGVIIbBnKaiDRpD46Ga6QSZK1q2pq7x+n/yyUdTzxxIt10TVpfPt54S9F3qUL+XcuH0vy03i7XayRZB90SIEO+3VZbqLX5D+cqB9j746T9AyWqJkhrE4fji6FREhWkMmOIeGrOYy9t4lp15aWplvwZ X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Fri, Mar 3, 2023 at 9:40=E2=80=AFAM szabolcs.nagy@arm.com wrote: > > The 03/03/2023 08:57, H.J. Lu wrote: > > On Fri, Mar 3, 2023 at 8:31=E2=80=AFAM szabolcs.nagy@arm.com > > wrote: > > > longjmp to different stack should work: it can do the same as > > > setcontext/swapcontext: scan for the pivot token. then only > > > longjmp out of alt shadow stack fails. (this is non-conforming > > > longjmp use, but e.g. qemu relies on it.) > > > > Restore token may not be used with longjmp. Unlike setcontext/swapcont= ext, > > longjmp is optional. If longjmp isn't called, there will be an extra > > token on shadow > > stack and RET will fail. > > what do you mean longjmp is optional? In some cases, longjmp is called to handle an error condition and longjmp won't be called if there is no error. > it can scan the target shadow stack and decide if it's the > same as the current one or not and in the latter case there > should be a restore token to switch to. then it can INCSSP > to reach the target SSP state. > > qemu does setjmp, then swapcontext, then longjmp back. > swapcontext can change the stack, but leaves a token behind > so longjmp can switch back. This needs changes to support shadow stack. Replacing setjmp with getcontext and longjmp with setcontext may work for shadow stack. BTW, there is no testcase in glibc for this usage. --=20 H.J.