From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 824E8C433F5
	for <linux-mm@archiver.kernel.org>; Mon, 10 Oct 2022 16:52:17 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id CDED16B0071; Mon, 10 Oct 2022 12:52:16 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id C666A6B0073; Mon, 10 Oct 2022 12:52:16 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id B07968E0001; Mon, 10 Oct 2022 12:52:16 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14])
	by kanga.kvack.org (Postfix) with ESMTP id 99A396B0071
	for <linux-mm@kvack.org>; Mon, 10 Oct 2022 12:52:16 -0400 (EDT)
Received: from smtpin05.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay06.hostedemail.com (Postfix) with ESMTP id 626E2AABE1
	for <linux-mm@kvack.org>; Mon, 10 Oct 2022 16:52:16 +0000 (UTC)
X-FDA: 80005632672.05.6757934
Received: from mail-qk1-f174.google.com (mail-qk1-f174.google.com [209.85.222.174])
	by imf28.hostedemail.com (Postfix) with ESMTP id 03B1FC0029
	for <linux-mm@kvack.org>; Mon, 10 Oct 2022 16:52:15 +0000 (UTC)
Received: by mail-qk1-f174.google.com with SMTP id x13so4467808qkg.11
        for <linux-mm@kvack.org>; Mon, 10 Oct 2022 09:52:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:from:to:cc:subject:date:message-id:reply-to;
        bh=oOAMrHmRSpkJakBve7WdskWcaTVGvBf9qYMZKSI8SYQ=;
        b=Q8sYVnf00kTWCRr5s2EW8yzbBLdtj9OCViQALucyqGDOJtQP3MHEdqAQReGolr/xzD
         oXsuCmag5lCpq+NCRO/cO6srCK6qFv1sTmdB+kMBkSTN02u5chyUgsAoDAW2knrLNr3b
         cbs4o2MjKbMNiTTkwHvVPc902Ls2ARbirKrjLLQJTjH8zq4pZKKe+blfBZPJ+xiPx7IN
         z4H8esj5bJnmfTax22U98Ph9FdG4zFBlZsAzhGctc6nOePpHfTX+0WF61MQKPws4ABpL
         gQpNfXR+UILoj6Bz/Vrm1Hz+pG0Q2njH/JLdw8oCKQd2tydifWBU3SxuFCFx30Y8vwzT
         CzKA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=oOAMrHmRSpkJakBve7WdskWcaTVGvBf9qYMZKSI8SYQ=;
        b=R9R/HbTyWjDqe2bgijIjKF5I6V+1Tu1k7mzfi2hX5wdSO4n3rnKAKlL7XQu9qjCvC5
         VhmQS6C+v2KUEhAid6JkWjeYNe4siM8JkwcPuLi86JUOFPYMIPjRhBAsL8/UXzai5Zo8
         Z27kMrwW7wDgsC2mL420C5fbWu2PIS+Q0D+Ga/YYSE2RlUVXAZUkp+NF73P8LhgjU8cm
         iVymwbTlq0FI2yS7Y57QHTMd5ST8U415UEVSYDvT63I4AaZgKVXV60OoG2Ts2BkxVrFm
         k2f7dVkjrswlS14elIFfW2u6Ybci0+YR6BvASn/qWeHWoaj8nQd0banHWmvmOcidEXN+
         EBPQ==
X-Gm-Message-State: ACrzQf33Uo7oK+5q7emHwF2KU8zOYwYPAANMyUh7PEnYYCO9mKXejlVi
	fzmIOO7jmd0KXswltKTRX5TnkQxLD73OCo8AAW4=
X-Google-Smtp-Source: AMsMyM49KjxzPTCVcheNbVgLCnfXLZF3yu9XhSaUO9ek7LN8ijdPuj4/dIcJpfv1T0Zo8WgMzTLJSC7vsLiJ1dt15Mw=
X-Received: by 2002:a05:620a:2552:b0:6ca:bf8f:4d27 with SMTP id
 s18-20020a05620a255200b006cabf8f4d27mr13312607qko.383.1665420735085; Mon, 10
 Oct 2022 09:52:15 -0700 (PDT)
MIME-Version: 1.0
References: <20220929222936.14584-1-rick.p.edgecombe@intel.com>
 <20220929222936.14584-2-rick.p.edgecombe@intel.com> <87ilkr27nv.fsf@oldenburg.str.redhat.com>
 <62481017bc02b35587dd520ed446a011641aa390.camel@intel.com>
In-Reply-To: <62481017bc02b35587dd520ed446a011641aa390.camel@intel.com>
From: "H.J. Lu" <hjl.tools@gmail.com>
Date: Mon, 10 Oct 2022 09:51:39 -0700
Message-ID: <CAMe9rOriQJ96VWkfGLnczhV8E0a3J3_N-XzGa7sBRqyoLv0u0Q@mail.gmail.com>
Subject: Re: [PATCH v2 01/39] Documentation/x86: Add CET description
To: "Edgecombe, Rick P" <rick.p.edgecombe@intel.com>
Cc: "fweimer@redhat.com" <fweimer@redhat.com>, "bsingharora@gmail.com" <bsingharora@gmail.com>, 
	"hpa@zytor.com" <hpa@zytor.com>, "Syromiatnikov, Eugene" <esyr@redhat.com>, 
	"peterz@infradead.org" <peterz@infradead.org>, "rdunlap@infradead.org" <rdunlap@infradead.org>, 
	"keescook@chromium.org" <keescook@chromium.org>, "Yu, Yu-cheng" <yu-cheng.yu@intel.com>, 
	"dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>, 
	"kirill.shutemov@linux.intel.com" <kirill.shutemov@linux.intel.com>, "Eranian, Stephane" <eranian@google.com>, 
	"linux-mm@kvack.org" <linux-mm@kvack.org>, "nadav.amit@gmail.com" <nadav.amit@gmail.com>, 
	"jannh@google.com" <jannh@google.com>, "dethoma@microsoft.com" <dethoma@microsoft.com>, 
	"linux-arch@vger.kernel.org" <linux-arch@vger.kernel.org>, "kcc@google.com" <kcc@google.com>, 
	"bp@alien8.de" <bp@alien8.de>, "oleg@redhat.com" <oleg@redhat.com>, 
	"Yang, Weijiang" <weijiang.yang@intel.com>, "Lutomirski, Andy" <luto@kernel.org>, "pavel@ucw.cz" <pavel@ucw.cz>, 
	"arnd@arndb.de" <arnd@arndb.de>, "Moreira, Joao" <joao.moreira@intel.com>, 
	"tglx@linutronix.de" <tglx@linutronix.de>, "mike.kravetz@oracle.com" <mike.kravetz@oracle.com>, 
	"x86@kernel.org" <x86@kernel.org>, "linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org>, 
	"jamorris@linux.microsoft.com" <jamorris@linux.microsoft.com>, "john.allen@amd.com" <john.allen@amd.com>, 
	"rppt@kernel.org" <rppt@kernel.org>, "mingo@redhat.com" <mingo@redhat.com>, 
	"Shankar, Ravi V" <ravi.v.shankar@intel.com>, "corbet@lwn.net" <corbet@lwn.net>, 
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>, 
	"linux-api@vger.kernel.org" <linux-api@vger.kernel.org>, "gorcunov@gmail.com" <gorcunov@gmail.com>
Content-Type: text/plain; charset="UTF-8"
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1665420736;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=oOAMrHmRSpkJakBve7WdskWcaTVGvBf9qYMZKSI8SYQ=;
	b=0G3WQ9RMJboBwTh1I9oB+IamdzEbgCGHI/Lv5hnfz049QK8/r2a+d5S4aRK1eDks1F+EfU
	uhLmn9KL+QwCWg6bzDTkqZDlngbKYiMNozvIq4B1VMBGMuyLzrLIgCpx/KYDQ6zjSTpvnA
	9cWlNTFmQSDL8eNx+Iq1sqMg5JwD80U=
ARC-Authentication-Results: i=1;
	imf28.hostedemail.com;
	dkim=pass header.d=gmail.com header.s=20210112 header.b=Q8sYVnf0;
	spf=pass (imf28.hostedemail.com: domain of hjl.tools@gmail.com designates 209.85.222.174 as permitted sender) smtp.mailfrom=hjl.tools@gmail.com;
	dmarc=pass (policy=none) header.from=gmail.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1665420736; a=rsa-sha256;
	cv=none;
	b=hFQ9pX0nJZgu39AAguwds/w+QCiDBp4mZs+8Z5lh0nklLnbSM2m4pzPNoN1B9TJRJMmxKr
	Rru/3CFkN8zHMYeGsfe1k/LQVBlagdz/8ipqzNJCX5nMhkqW3OxsGwSi1aT0YErx21U8Mh
	azpP9a3AO6KpwpSvMD8R3LWNd2pUdu4=
Authentication-Results: imf28.hostedemail.com;
	dkim=pass header.d=gmail.com header.s=20210112 header.b=Q8sYVnf0;
	spf=pass (imf28.hostedemail.com: domain of hjl.tools@gmail.com designates 209.85.222.174 as permitted sender) smtp.mailfrom=hjl.tools@gmail.com;
	dmarc=pass (policy=none) header.from=gmail.com
X-Rspam-User: 
X-Stat-Signature: 41s7g6cup58ftujidxrqt3kmufmitiyu
X-Rspamd-Queue-Id: 03B1FC0029
X-Rspamd-Server: rspam01
X-HE-Tag: 1665420735-139766
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Mon, Oct 10, 2022 at 9:44 AM Edgecombe, Rick P
<rick.p.edgecombe@intel.com> wrote:
>
> On Mon, 2022-10-10 at 14:19 +0200, Florian Weimer wrote:
> > Uhm, I think we are using binutils 2.30 with extra fixes.  I hope
> > that
> > these binaries are still valid.
>
> Yea, you're right. Andrew Cooper pointed out it has been supported
> since 2.29, so 2.30 should be fine.
>
> >
> > More importantly, glibc needs to be configured with --enable-cet
> > explicitly (unless the compiler defaults to CET).  The default glibc
> > build with a default GCC will produce dynamically-linked executables
> > that disable CET (when running on later/differently configured glibc
> > builds).  The statically linked object files are not marked up for
> > CET
> > in that case.
>
> Thanks, that's a good point. I'll add a blurb about glibc needs to be
> compiled with CET support.
>
> >
> > I think the goal is to support the new kernel interface for actually
> > switching on SHSTK in glibc 2.37.  But at that point, hopefully all
> > those existing binaries can start enjoying the STSTK benefits.
>
> Can you share more about this plan? HJ was previously planning to wait
> until the kernel support was upstream before making any more glibc
> changes. Hopefully this will be in time for that, but I'd really rather
> not repeat what happened last time where we had to design the kernel
> interface around not breaking old glibc's with mismatched CET
> enablement.
>
> What did you think of the proposal to disable existing binaries and
> start from scratch? Elaborated in the coverletter in the section
> "Compatibility of Existing Binaries/Enabling Interface".

My current glibc plan is that kernel won't enable CET automatically
and glibc will issue syscall to enable CET at early startup time.   All
existing CET enabled dynamic executables will have CET enabled
under the CET kernel and the updated CET glibc.

-- 
H.J.