Re: [PATCH v10 00/26] Control-flow Enforcement: Shadow Stack

[PATCH v10 00/26] Control-flow Enforcement: Shadow Stack · Yu-cheng Yu <hidden> · 2020-04-29
[PATCH v10 02/26] x86/cpufeatures: Add CET CPU feature flags for Control-flow Enforcement Technology (CET) · Yu-cheng Yu <hidden> · 2020-04-29
[PATCH v10 03/26] x86/fpu/xstate: Introduce CET MSR XSAVES supervisor states · Yu-cheng Yu <hidden> · 2020-04-29
Re: [PATCH v10 03/26] x86/fpu/xstate: Introduce CET MSR XSAVES supervisor states · Sean Christopherson <hidden> · 2020-07-23
Re: [PATCH v10 03/26] x86/fpu/xstate: Introduce CET MSR XSAVES supervisor states · Yu-cheng Yu <hidden> · 2020-07-23
[PATCH v10 01/26] Documentation/x86: Add CET description · Yu-cheng Yu <hidden> · 2020-04-29
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · Dave Hansen <hidden> · 2020-04-29
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · Yu-cheng Yu <hidden> · 2020-04-29
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · Yu-cheng Yu <hidden> · 2020-05-12
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · Dave Hansen <hidden> · 2020-05-15
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · Yu-cheng Yu <hidden> · 2020-05-15
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · Dave Hansen <hidden> · 2020-05-15
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · Yu-cheng Yu <hidden> · 2020-05-15
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · Dave Hansen <hidden> · 2020-05-15
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · H.J. Lu <hidden> · 2020-05-16
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · Dave Hansen <hidden> · 2020-05-17
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · Yu-cheng Yu <hidden> · 2020-05-16
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · Dave Hansen <hidden> · 2020-05-18
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · H.J. Lu <hidden> · 2020-05-18
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · Dave Hansen <hidden> · 2020-05-18
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · Yu-cheng Yu <hidden> · 2020-05-18
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · Yu-cheng Yu <hidden> · 2020-05-18
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · Dave Hansen <hidden> · 2020-05-19
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · Andy Lutomirski <luto@amacapital.net> · 2020-05-19
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · Andy Lutomirski <luto@kernel.org> · 2020-05-20
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · Yu-cheng Yu <hidden> · 2020-05-29
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · Andrew Cooper <hidden> · 2020-05-16
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · H.J. Lu <hidden> · 2020-05-16
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · Andrew Cooper <hidden> · 2020-05-16
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · Peter Zijlstra <peterz@infradead.org> · 2020-05-22
Re: [PATCH v10 01/26] Documentation/x86: Add CET description · Andrew Cooper <hidden> · 2020-05-22
[PATCH v10 06/26] x86/mm: Change _PAGE_DIRTY to _PAGE_DIRTY_HW · Yu-cheng Yu <hidden> · 2020-04-29
[PATCH v10 12/26] mm: Introduce VM_SHSTK for shadow stack memory · Yu-cheng Yu <hidden> · 2020-04-29
[PATCH v10 11/26] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY_HW to _PAGE_COW · Yu-cheng Yu <hidden> · 2020-04-29
[PATCH v10 14/26] x86/mm: Update maybe_mkwrite() for shadow stack · Yu-cheng Yu <hidden> · 2020-04-29
[PATCH v10 13/26] x86/mm: Shadow Stack page fault error checking · Yu-cheng Yu <hidden> · 2020-04-29
[PATCH v10 24/26] x86/cet/shstk: ELF header parsing for shadow stack · Yu-cheng Yu <hidden> · 2020-04-29
[PATCH v10 25/26] x86/cet/shstk: Handle thread shadow stack · Yu-cheng Yu <hidden> · 2020-04-29
[PATCH v10 23/26] ELF: Introduce arch_setup_elf_property() · Yu-cheng Yu <hidden> · 2020-04-29
[PATCH v10 26/26] x86/cet/shstk: Add arch_prctl functions for shadow stack · Yu-cheng Yu <hidden> · 2020-04-29
Re: [PATCH v10 26/26] x86/cet/shstk: Add arch_prctl functions for shadow stack · Kees Cook <hidden> · 2020-05-21
Re: [PATCH v10 26/26] x86/cet/shstk: Add arch_prctl functions for shadow stack · Yu-cheng Yu <hidden> · 2020-05-22
Re: [PATCH v10 26/26] x86/cet/shstk: Add arch_prctl functions for shadow stack · Eugene Syromiatnikov <hidden> · 2020-05-22
Re: [PATCH v10 26/26] x86/cet/shstk: Add arch_prctl functions for shadow stack · Yu-cheng Yu <hidden> · 2020-05-22
[PATCH v10 20/26] x86/cet/shstk: Handle signals for shadow stack · Yu-cheng Yu <hidden> · 2020-04-29
[PATCH v10 22/26] ELF: Add ELF program property parsing support · Yu-cheng Yu <hidden> · 2020-04-29
[PATCH v10 19/26] x86/cet/shstk: User-mode shadow stack support · Yu-cheng Yu <hidden> · 2020-04-29
[PATCH v10 21/26] ELF: UAPI and Kconfig additions for ELF program properties · Yu-cheng Yu <hidden> · 2020-04-29
[PATCH v10 18/26] mm: Update can_follow_write_pte() for shadow stack · Yu-cheng Yu <hidden> · 2020-04-29
[PATCH v10 17/26] mm/mmap: Add shadow stack pages to memory accounting · Yu-cheng Yu <hidden> · 2020-04-29
[PATCH v10 16/26] mm: Add guard pages around a shadow stack. · Yu-cheng Yu <hidden> · 2020-04-29
[PATCH v10 15/26] mm: Fixup places that call pte_mkwrite() directly · Yu-cheng Yu <hidden> · 2020-04-29
[PATCH v10 10/26] x86/mm: Update pte_modify for _PAGE_COW · Yu-cheng Yu <hidden> · 2020-04-29
[PATCH v10 09/26] drm/i915/gvt: Change _PAGE_DIRTY to _PAGE_DIRTY_BITS · Yu-cheng Yu <hidden> · 2020-04-29
[PATCH v10 08/26] x86/mm: Introduce _PAGE_COW · Yu-cheng Yu <hidden> · 2020-04-29
[PATCH v10 07/26] x86/mm: Remove _PAGE_DIRTY_HW from kernel RO pages · Yu-cheng Yu <hidden> · 2020-04-29
[PATCH v10 05/26] x86/cet/shstk: Add Kconfig option for user-mode Shadow Stack · Yu-cheng Yu <hidden> · 2020-04-29
Re: [PATCH v10 05/26] x86/cet/shstk: Add Kconfig option for user-mode Shadow Stack · Dave Hansen <hidden> · 2020-05-07
Re: [PATCH v10 05/26] x86/cet/shstk: Add Kconfig option for user-mode Shadow Stack · Yu-cheng Yu <hidden> · 2020-05-07
[PATCH v10 04/26] x86/cet: Add control-protection fault handler · Yu-cheng Yu <hidden> · 2020-04-29
Re: [PATCH v10 00/26] Control-flow Enforcement: Shadow Stack · Josh Poimboeuf <hidden> · 2020-05-21
Re: [PATCH v10 00/26] Control-flow Enforcement: Shadow Stack · Yu-cheng Yu <hidden> · 2020-05-21
Re: [PATCH v10 00/26] Control-flow Enforcement: Shadow Stack · Josh Poimboeuf <hidden> · 2020-05-21
Re: [PATCH v10 00/26] Control-flow Enforcement: Shadow Stack · Yu-cheng Yu <hidden> · 2020-05-21
Re: [PATCH v10 00/26] Control-flow Enforcement: Shadow Stack · Sean Christopherson <hidden> · 2020-07-23
Re: [PATCH v10 00/26] Control-flow Enforcement: Shadow Stack · Dave Hansen <hidden> · 2020-07-23
Re: [PATCH v10 00/26] Control-flow Enforcement: Shadow Stack · Sean Christopherson <hidden> · 2020-07-23
Re: [PATCH v10 00/26] Control-flow Enforcement: Shadow Stack · Dave Hansen <hidden> · 2020-07-23
Re: [PATCH v10 00/26] Control-flow Enforcement: Shadow Stack · Yu-cheng Yu <hidden> · 2020-07-24
Re: [PATCH v10 00/26] Control-flow Enforcement: Shadow Stack · Sean Christopherson <hidden> · 2020-07-24
Re: [PATCH v10 00/26] Control-flow Enforcement: Shadow Stack · Sean Christopherson <hidden> · 2020-07-24

From: Josh Poimboeuf <hidden>
Date: 2020-05-21 15:16:30
Also in: linux-arch, linux-doc, linux-mm, lkml

On Wed, Apr 29, 2020 at 03:07:06PM -0700, Yu-cheng Yu wrote:

Control-flow Enforcement (CET) is a new Intel processor feature that blocks
return/jump-oriented programming attacks.  Details can be found in "Intel
64 and IA-32 Architectures Software Developer's Manual" [1].

This series depends on the XSAVES supervisor state series that was split
out and submitted earlier [2].

I have gone through previous comments, and hope all concerns have been
resolved now.  Please inform me if anything is overlooked.

Changes in v10:

Hi Yu-cheng,

Do you have a git branch with the latest Shadow Stack and IBT branches
applied?  I tried to apply IBT v9 on top of this, but I guess the SS
code has changed since then and it didn't apply cleanly.

-- 
Josh

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help