From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id B62F2C4332F for ; Tue, 15 Nov 2022 20:58:12 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 5C0326B0080; Tue, 15 Nov 2022 15:58:12 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 570476B0081; Tue, 15 Nov 2022 15:58:12 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4388D8E0002; Tue, 15 Nov 2022 15:58:12 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 325066B0080 for ; Tue, 15 Nov 2022 15:58:12 -0500 (EST) Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id D4886120CB4 for ; Tue, 15 Nov 2022 20:58:11 +0000 (UTC) X-FDA: 80136889182.08.DABF169 Received: from casper.infradead.org (casper.infradead.org [90.155.50.34]) by imf19.hostedemail.com (Postfix) with ESMTP id 72B0D1A0004 for ; Tue, 15 Nov 2022 20:58:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=Q5rdxs907sdfOJibt3487eeqjdxeEu/zZtRKkDI9L4Q=; b=vXGdDHWokyjEX2/wFIgOK248eJ 9F8TKrzmqOJJablCe1wdaoWurFEVSAHXDaTt/PyitrBKkzjx7ciZtdFeJfoIBkCW7qpihdIg39D/W wBI2kIlnKcfkWo+OqeH5UKjpDMi1bLNGAcsptk3Xm4wlpS/bdryOmTbEUugKuAtuuRoEbyAd6oAr+ mWEuKaR8N68EoakoxzqfIRi9/EDyaPJQCIS7ukdc6kae7rKsO0yiNbpSNN3DsR5I4UHWqrMYVuoaw DztkeU+44B4rjNMdhPuuqMP9OTkjbSSxhP6ervdk6YNswnxfGkwhfeM8rn11VYDBphrZqvxCGKtPp ppcEzwtg==; Received: from j130084.upc-j.chello.nl ([24.132.130.84] helo=noisy.programming.kicks-ass.net) by casper.infradead.org with esmtpsa (Exim 4.94.2 #2 (Red Hat Linux)) id 1ov30Q-00GdoN-72; Tue, 15 Nov 2022 20:58:06 +0000 Received: from hirez.programming.kicks-ass.net (hirez.programming.kicks-ass.net [192.168.1.225]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by noisy.programming.kicks-ass.net (Postfix) with ESMTPS id A7359300209; Tue, 15 Nov 2022 21:57:59 +0100 (CET) Received: by hirez.programming.kicks-ass.net (Postfix, from userid 1000) id 9ABAB201646D4; Tue, 15 Nov 2022 21:57:59 +0100 (CET) Date: Tue, 15 Nov 2022 21:57:59 +0100 From: Peter Zijlstra To: "Edgecombe, Rick P" Cc: "bsingharora@gmail.com" , "hpa@zytor.com" , "Syromiatnikov, Eugene" , "rdunlap@infradead.org" , "keescook@chromium.org" , "dave.hansen@linux.intel.com" , "kirill.shutemov@linux.intel.com" , "Eranian, Stephane" , "linux-mm@kvack.org" , "fweimer@redhat.com" , "nadav.amit@gmail.com" , "jannh@google.com" , "dethoma@microsoft.com" , "rppt@linux.ibm.com" , "linux-arch@vger.kernel.org" , "kcc@google.com" , "bp@alien8.de" , "oleg@redhat.com" , "hjl.tools@gmail.com" , "Yang, Weijiang" , "Lutomirski, Andy" , "pavel@ucw.cz" , "arnd@arndb.de" , "tglx@linutronix.de" , "mike.kravetz@oracle.com" , "x86@kernel.org" , "linux-doc@vger.kernel.org" , "jamorris@linux.microsoft.com" , "rppt@kernel.org" , "john.allen@amd.com" , "mingo@redhat.com" , "Shankar, Ravi V" , "corbet@lwn.net" , "linux-kernel@vger.kernel.org" , "linux-api@vger.kernel.org" , "gorcunov@gmail.com" , "akpm@linux-foundation.org" Subject: Re: [PATCH v3 36/37] x86/cet/shstk: Add ARCH_CET_UNLOCK Message-ID: References: <20221104223604.29615-1-rick.p.edgecombe@intel.com> <20221104223604.29615-37-rick.p.edgecombe@intel.com> <4273232513cd178be303d817b15e442703bda637.camel@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4273232513cd178be303d817b15e442703bda637.camel@intel.com> ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1668545891; a=rsa-sha256; cv=none; b=thWpl6x0hmVD+Ml9pNaWtvI8qMaIj9ZS+45cUp5Pc6C0Bj46UOfD95XagSl+2Efr8T6kKj x3NOgfYZUW1GZdAAG8JcUN3ql803qtbxd3rbw/zHM5tMyBuBq0cHRYieyCq/PmF/YgL01B eTOkpJ/BIO2c72atv4k96bY1hlpdkFA= ARC-Authentication-Results: i=1; imf19.hostedemail.com; dkim=pass header.d=infradead.org header.s=casper.20170209 header.b=vXGdDHWo; dmarc=none; spf=none (imf19.hostedemail.com: domain of peterz@infradead.org has no SPF policy when checking 90.155.50.34) smtp.mailfrom=peterz@infradead.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1668545891; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Q5rdxs907sdfOJibt3487eeqjdxeEu/zZtRKkDI9L4Q=; b=1OMVbBdXAkHl7NvlqF3r4/U7WyTLgyhGimQqB2bTzGlu37G0EVYJwL9IaaOBlmgLMEXQuL qUBstjBrPabEWLBIixRKCupQaCxewkDsgWyHJBaLKUI43+S4uCEmS0DNJHD55Aw7+4Vvj/ jc4wtMPtDHRuv4/CE0BbEL7LmAfqdKE= X-Rspamd-Queue-Id: 72B0D1A0004 X-Rspam-User: Authentication-Results: imf19.hostedemail.com; dkim=pass header.d=infradead.org header.s=casper.20170209 header.b=vXGdDHWo; dmarc=none; spf=none (imf19.hostedemail.com: domain of peterz@infradead.org has no SPF policy when checking 90.155.50.34) smtp.mailfrom=peterz@infradead.org X-Rspamd-Server: rspam06 X-Stat-Signature: xw1xktayd3en7mzjoin6rgosurjcsjyx X-HE-Tag: 1668545891-542287 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Tue, Nov 15, 2022 at 08:01:12PM +0000, Edgecombe, Rick P wrote: > > > + if (task != current) { > > > + if (option == ARCH_CET_UNLOCK && > > > IS_ENABLED(CONFIG_CHECKPOINT_RESTORE)) { > > > > Why make this conditional on CRIU at all? > > Kees asked for it, I think he was worried about attackers using it to > unlock and disable shadow stack. So wanted to lock it down to the > maximum. Well, distros will all have this stuff enabled no? So not much protection in practise.