Re: [OPTIONAL/RFC v2 39/39] x86: Add alt shadow stack support

[PATCH v2 00/39] Shadowstacks for userspace · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
[PATCH v2 01/39] Documentation/x86: Add CET description · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 01/39] Documentation/x86: Add CET description · Bagas Sanjaya <hidden> · 2022-09-30
Re: [PATCH v2 01/39] Documentation/x86: Add CET description · Jonathan Corbet <corbet@lwn.net> · 2022-09-30
Re: [PATCH v2 01/39] Documentation/x86: Add CET description · Bagas Sanjaya <hidden> · 2022-09-30
Re: [PATCH v2 01/39] Documentation/x86: Add CET description · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-03
Re: [PATCH v2 01/39] Documentation/x86: Add CET description · Bagas Sanjaya <hidden> · 2022-10-04
Re: [PATCH v2 01/39] Documentation/x86: Add CET description · Peter Zijlstra <peterz@infradead.org> · 2022-10-05
Re: [PATCH v2 01/39] Documentation/x86: Add CET description · Bagas Sanjaya <hidden> · 2022-10-05
Re: [PATCH v2 01/39] Documentation/x86: Add CET description · Peter Zijlstra <peterz@infradead.org> · 2022-10-05
Re: [PATCH v2 01/39] Documentation/x86: Add CET description · John Hubbard <jhubbard@nvidia.com> · 2022-10-03
Re: [PATCH v2 01/39] Documentation/x86: Add CET description · Dave Hansen <hidden> · 2022-10-03
Re: [PATCH v2 01/39] Documentation/x86: Add CET description · Bagas Sanjaya <hidden> · 2022-10-04
Re: [PATCH v2 01/39] Documentation/x86: Add CET description · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 01/39] Documentation/x86: Add CET description · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-03
Re: [PATCH v2 01/39] Documentation/x86: Add CET description · Andrew Cooper <hidden> · 2022-10-05
[PATCH v2 02/39] x86/cet/shstk: Add Kconfig option for Shadow Stack · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 02/39] x86/cet/shstk: Add Kconfig option for Shadow Stack · Kirill A . Shutemov <hidden> · 2022-10-03
Re: [PATCH v2 02/39] x86/cet/shstk: Add Kconfig option for Shadow Stack · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-03
Re: [PATCH v2 02/39] x86/cet/shstk: Add Kconfig option for Shadow Stack · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 02/39] x86/cet/shstk: Add Kconfig option for Shadow Stack · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-03
Re: [PATCH v2 02/39] x86/cet/shstk: Add Kconfig option for Shadow Stack · Dave Hansen <hidden> · 2022-10-03
Re: [PATCH v2 02/39] x86/cet/shstk: Add Kconfig option for Shadow Stack · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-03
Re: [PATCH v2 02/39] x86/cet/shstk: Add Kconfig option for Shadow Stack · Borislav Petkov <bp@alien8.de> · 2022-10-12
Re: [PATCH v2 02/39] x86/cet/shstk: Add Kconfig option for Shadow Stack · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-13
Re: [PATCH v2 02/39] x86/cet/shstk: Add Kconfig option for Shadow Stack · Borislav Petkov <bp@alien8.de> · 2022-10-13
[PATCH v2 03/39] x86/cpufeatures: Add CPU feature flags for shadow stacks · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 03/39] x86/cpufeatures: Add CPU feature flags for shadow stacks · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 03/39] x86/cpufeatures: Add CPU feature flags for shadow stacks · Borislav Petkov <bp@alien8.de> · 2022-10-14
Re: [PATCH v2 03/39] x86/cpufeatures: Add CPU feature flags for shadow stacks · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-14
[PATCH v2 04/39] x86/cpufeatures: Enable CET CR4 bit for shadow stack · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 04/39] x86/cpufeatures: Enable CET CR4 bit for shadow stack · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 04/39] x86/cpufeatures: Enable CET CR4 bit for shadow stack · Andrew Cooper <hidden> · 2022-10-05
Re: [PATCH v2 04/39] x86/cpufeatures: Enable CET CR4 bit for shadow stack · Borislav Petkov <bp@alien8.de> · 2022-10-14
Re: [PATCH v2 04/39] x86/cpufeatures: Enable CET CR4 bit for shadow stack · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-14
Re: [PATCH v2 04/39] x86/cpufeatures: Enable CET CR4 bit for shadow stack · Borislav Petkov <bp@alien8.de> · 2022-10-14
[PATCH v2 05/39] x86/fpu/xstate: Introduce CET MSR and XSAVES supervisor states · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 05/39] x86/fpu/xstate: Introduce CET MSR and XSAVES supervisor states · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 05/39] x86/fpu/xstate: Introduce CET MSR and XSAVES supervisor states · Borislav Petkov <bp@alien8.de> · 2022-10-15
Re: [PATCH v2 05/39] x86/fpu/xstate: Introduce CET MSR and XSAVES supervisor states · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-17
Re: [PATCH v2 05/39] x86/fpu/xstate: Introduce CET MSR and XSAVES supervisor states · Borislav Petkov <bp@alien8.de> · 2022-10-17
[PATCH v2 06/39] x86/fpu: Add helper for modifying xstate · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 06/39] x86/fpu: Add helper for modifying xstate · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 06/39] x86/fpu: Add helper for modifying xstate · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-03
Re: [PATCH v2 06/39] x86/fpu: Add helper for modifying xstate · Kees Cook <hidden> · 2022-10-04
Re: [PATCH v2 06/39] x86/fpu: Add helper for modifying xstate · Dave Hansen <hidden> · 2022-10-04
Re: [PATCH v2 06/39] x86/fpu: Add helper for modifying xstate · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-04
[PATCH v2 07/39] x86/cet: Add user control-protection fault handler · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 07/39] x86/cet: Add user control-protection fault handler · Kirill A . Shutemov <hidden> · 2022-10-03
Re: [PATCH v2 07/39] x86/cet: Add user control-protection fault handler · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-03
Re: [PATCH v2 07/39] x86/cet: Add user control-protection fault handler · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 07/39] x86/cet: Add user control-protection fault handler · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-03
Re: [PATCH v2 07/39] x86/cet: Add user control-protection fault handler · Andy Lutomirski <luto@kernel.org> · 2022-10-03
Re: [PATCH v2 07/39] x86/cet: Add user control-protection fault handler · "H. Peter Anvin" <hpa@zytor.com> · 2022-10-03
Re: [PATCH v2 07/39] x86/cet: Add user control-protection fault handler · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-03
Re: [PATCH v2 07/39] x86/cet: Add user control-protection fault handler · Andrew Cooper <hidden> · 2022-10-05
Re: [PATCH v2 07/39] x86/cet: Add user control-protection fault handler · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-05
Re: [PATCH v2 07/39] x86/cet: Add user control-protection fault handler · Peter Zijlstra <peterz@infradead.org> · 2022-10-05
Re: [PATCH v2 07/39] x86/cet: Add user control-protection fault handler · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-05
[PATCH v2 08/39] x86/mm: Remove _PAGE_DIRTY from kernel RO pages · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 08/39] x86/mm: Remove _PAGE_DIRTY from kernel RO pages · Kirill A . Shutemov <hidden> · 2022-10-03
Re: [PATCH v2 08/39] x86/mm: Remove _PAGE_DIRTY from kernel RO pages · Andrew Cooper <hidden> · 2022-10-05
Re: [PATCH v2 08/39] x86/mm: Remove _PAGE_DIRTY from kernel RO pages · Peter Zijlstra <peterz@infradead.org> · 2022-10-05
Re: [PATCH v2 08/39] x86/mm: Remove _PAGE_DIRTY from kernel RO pages · Andrew Cooper <hidden> · 2022-10-05
[PATCH v2 09/39] x86/mm: Move pmd_write(), pud_write() up in the file · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 09/39] x86/mm: Move pmd_write(), pud_write() up in the file · Kees Cook <hidden> · 2022-10-03
[PATCH v2 10/39] x86/mm: Introduce _PAGE_COW · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 10/39] x86/mm: Introduce _PAGE_COW · Jann Horn <jannh@google.com> · 2022-09-30
Re: [PATCH v2 10/39] x86/mm: Introduce _PAGE_COW · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-06
Re: [PATCH v2 10/39] x86/mm: Introduce _PAGE_COW · Kirill A . Shutemov <hidden> · 2022-10-03
Re: [PATCH v2 10/39] x86/mm: Introduce _PAGE_COW · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-03
Re: [PATCH v2 10/39] x86/mm: Introduce _PAGE_COW · Jann Horn <jannh@google.com> · 2022-10-03
Re: [PATCH v2 10/39] x86/mm: Introduce _PAGE_COW · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-03
Re: [PATCH v2 10/39] x86/mm: Introduce _PAGE_COW · Dave Hansen <hidden> · 2022-10-03
Re: [PATCH v2 10/39] x86/mm: Introduce _PAGE_COW · Andrew Cooper <hidden> · 2022-10-05
Re: [PATCH v2 10/39] x86/mm: Introduce _PAGE_COW · Dave Hansen <hidden> · 2022-10-05
Re: [PATCH v2 10/39] x86/mm: Introduce _PAGE_COW · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-05
Re: [PATCH v2 10/39] x86/mm: Introduce _PAGE_COW · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-05
Re: [PATCH v2 10/39] x86/mm: Introduce _PAGE_COW · Peter Zijlstra <peterz@infradead.org> · 2022-10-05
Re: [PATCH v2 10/39] x86/mm: Introduce _PAGE_COW · Peter Zijlstra <peterz@infradead.org> · 2022-10-14
Re: [PATCH v2 10/39] x86/mm: Introduce _PAGE_COW · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-14
Re: [PATCH v2 10/39] x86/mm: Introduce _PAGE_COW · Peter Zijlstra <peterz@infradead.org> · 2022-10-14
Re: [PATCH v2 10/39] x86/mm: Introduce _PAGE_COW · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-14
[PATCH v2 15/39] x86/mm: Check Shadow Stack page fault errors · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 15/39] x86/mm: Check Shadow Stack page fault errors · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 15/39] x86/mm: Check Shadow Stack page fault errors · Peter Zijlstra <peterz@infradead.org> · 2022-10-14
Re: [PATCH v2 15/39] x86/mm: Check Shadow Stack page fault errors · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-14
[PATCH v2 17/39] mm: Fixup places that call pte_mkwrite() directly · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 17/39] mm: Fixup places that call pte_mkwrite() directly · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 17/39] mm: Fixup places that call pte_mkwrite() directly · Kirill A . Shutemov <hidden> · 2022-10-03
Re: [PATCH v2 17/39] mm: Fixup places that call pte_mkwrite() directly · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-04
Re: [PATCH v2 17/39] mm: Fixup places that call pte_mkwrite() directly · Nadav Amit <hidden> · 2022-10-04
Re: [PATCH v2 17/39] mm: Fixup places that call pte_mkwrite() directly · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-04
Re: [PATCH v2 17/39] mm: Fixup places that call pte_mkwrite() directly · Peter Zijlstra <peterz@infradead.org> · 2022-10-14
Re: [PATCH v2 17/39] mm: Fixup places that call pte_mkwrite() directly · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-14
[PATCH v2 16/39] x86/mm: Update maybe_mkwrite() for shadow stack · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 16/39] x86/mm: Update maybe_mkwrite() for shadow stack · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 16/39] x86/mm: Update maybe_mkwrite() for shadow stack · Kirill A . Shutemov <hidden> · 2022-10-03
Re: [PATCH v2 16/39] x86/mm: Update maybe_mkwrite() for shadow stack · Peter Zijlstra <peterz@infradead.org> · 2022-10-14
Re: [PATCH v2 16/39] x86/mm: Update maybe_mkwrite() for shadow stack · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-14
[PATCH v2 18/39] mm: Add guard pages around a shadow stack. · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 18/39] mm: Add guard pages around a shadow stack. · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 18/39] mm: Add guard pages around a shadow stack. · Andrew Cooper <hidden> · 2022-10-05
[PATCH v2 19/39] mm/mmap: Add shadow stack pages to memory accounting · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 19/39] mm/mmap: Add shadow stack pages to memory accounting · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 19/39] mm/mmap: Add shadow stack pages to memory accounting · Kirill A . Shutemov <hidden> · 2022-10-04
Re: [PATCH v2 19/39] mm/mmap: Add shadow stack pages to memory accounting · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-04
[PATCH v2 11/39] x86/mm: Update pte_modify for _PAGE_COW · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
[PATCH v2 12/39] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 12/39] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW · Kirill A . Shutemov <hidden> · 2022-10-03
Re: [PATCH v2 12/39] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW · Nadav Amit <hidden> · 2022-10-03
Re: [PATCH v2 12/39] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW · Dave Hansen <hidden> · 2022-10-03
Re: [PATCH v2 12/39] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-03
Re: [PATCH v2 12/39] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW · Nadav Amit <hidden> · 2022-10-03
Re: [PATCH v2 12/39] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW · Nadav Amit <hidden> · 2022-10-03
Re: [PATCH v2 12/39] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW · Nadav Amit <hidden> · 2022-10-03
Re: [PATCH v2 12/39] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-03
Re: [PATCH v2 12/39] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW · Nadav Amit <hidden> · 2022-10-04
[PATCH v2 20/39] mm/mprotect: Exclude shadow stack from preserve_write · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
[PATCH v2 13/39] mm: Move VM_UFFD_MINOR_BIT from 37 to 38 · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 13/39] mm: Move VM_UFFD_MINOR_BIT from 37 to 38 · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 13/39] mm: Move VM_UFFD_MINOR_BIT from 37 to 38 · Peter Xu <peterx@redhat.com> · 2022-10-03
[PATCH v2 21/39] mm: Re-introduce vm_flags to do_mmap() · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
[PATCH v2 22/39] mm: Don't allow write GUPs to shadow stack memory · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 22/39] mm: Don't allow write GUPs to shadow stack memory · Dave Hansen <hidden> · 2022-09-30
Re: [PATCH v2 22/39] mm: Don't allow write GUPs to shadow stack memory · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-09-30
Re: [PATCH v2 22/39] mm: Don't allow write GUPs to shadow stack memory · Dave Hansen <hidden> · 2022-09-30
Re: [PATCH v2 22/39] mm: Don't allow write GUPs to shadow stack memory · Jann Horn <jannh@google.com> · 2022-09-30
Re: [PATCH v2 22/39] mm: Don't allow write GUPs to shadow stack memory · Jann Horn <jannh@google.com> · 2022-09-30
Re: [PATCH v2 22/39] mm: Don't allow write GUPs to shadow stack memory · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-09-30
Re: [PATCH v2 22/39] mm: Don't allow write GUPs to shadow stack memory · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 22/39] mm: Don't allow write GUPs to shadow stack memory · Andy Lutomirski <luto@kernel.org> · 2022-10-03
Re: [PATCH v2 22/39] mm: Don't allow write GUPs to shadow stack memory · Kees Cook <hidden> · 2022-10-04
[PATCH v2 14/39] mm: Introduce VM_SHADOW_STACK for shadow stack memory · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 14/39] mm: Introduce VM_SHADOW_STACK for shadow stack memory · Kirill A . Shutemov <hidden> · 2022-10-03
Re: [PATCH v2 14/39] mm: Introduce VM_SHADOW_STACK for shadow stack memory · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-04
Re: [PATCH v2 14/39] mm: Introduce VM_SHADOW_STACK for shadow stack memory · Kees Cook <hidden> · 2022-10-03
[PATCH v2 23/39] x86: Introduce userspace API for CET enabling · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 23/39] x86: Introduce userspace API for CET enabling · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 23/39] x86: Introduce userspace API for CET enabling · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-03
Re: [PATCH v2 23/39] x86: Introduce userspace API for CET enabling · Mike Rapoport <rppt@kernel.org> · 2022-10-06
[PATCH v2 25/39] x86/cet/shstk: Handle thread shadow stack · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 25/39] x86/cet/shstk: Handle thread shadow stack · Mike Rapoport <rppt@kernel.org> · 2022-10-03
Re: [PATCH v2 25/39] x86/cet/shstk: Handle thread shadow stack · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-03
Re: [PATCH v2 25/39] x86/cet/shstk: Handle thread shadow stack · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 25/39] x86/cet/shstk: Handle thread shadow stack · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-04
[PATCH v2 24/39] x86/cet/shstk: Add user-mode shadow stack support · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 24/39] x86/cet/shstk: Add user-mode shadow stack support · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 24/39] x86/cet/shstk: Add user-mode shadow stack support · Dave Hansen <hidden> · 2022-10-03
Re: [PATCH v2 24/39] x86/cet/shstk: Add user-mode shadow stack support · Kees Cook <hidden> · 2022-10-04
Re: [PATCH v2 24/39] x86/cet/shstk: Add user-mode shadow stack support · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-04
RE: [PATCH v2 24/39] x86/cet/shstk: Add user-mode shadow stack support · David Laight <hidden> · 2022-10-04
Re: [PATCH v2 24/39] x86/cet/shstk: Add user-mode shadow stack support · Kees Cook <hidden> · 2022-10-04
RE: [PATCH v2 24/39] x86/cet/shstk: Add user-mode shadow stack support · David Laight <hidden> · 2022-10-05
Re: [PATCH v2 24/39] x86/cet/shstk: Add user-mode shadow stack support · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-20
Re: [PATCH v2 24/39] x86/cet/shstk: Add user-mode shadow stack support · Kees Cook <hidden> · 2022-10-20
[PATCH v2 26/39] x86/cet/shstk: Introduce routines modifying shstk · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 26/39] x86/cet/shstk: Introduce routines modifying shstk · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 26/39] x86/cet/shstk: Introduce routines modifying shstk · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-04
Re: [PATCH v2 26/39] x86/cet/shstk: Introduce routines modifying shstk · Andrew Cooper <hidden> · 2022-10-05
Re: [PATCH v2 26/39] x86/cet/shstk: Introduce routines modifying shstk · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-05
Re: [PATCH v2 26/39] x86/cet/shstk: Introduce routines modifying shstk · Andrew Cooper <hidden> · 2022-10-05
Re: [PATCH v2 26/39] x86/cet/shstk: Introduce routines modifying shstk · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-20
[PATCH v2 28/39] x86/cet/shstk: Introduce map_shadow_stack syscall · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 28/39] x86/cet/shstk: Introduce map_shadow_stack syscall · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 28/39] x86/cet/shstk: Introduce map_shadow_stack syscall · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-04
Re: [PATCH v2 28/39] x86/cet/shstk: Introduce map_shadow_stack syscall · H.J. Lu <hidden> · 2022-10-04
[PATCH v2 27/39] x86/cet/shstk: Handle signals for shadow stack · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 27/39] x86/cet/shstk: Handle signals for shadow stack · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 27/39] x86/cet/shstk: Handle signals for shadow stack · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-20
Re: [PATCH v2 27/39] x86/cet/shstk: Handle signals for shadow stack · Kees Cook <hidden> · 2022-10-20
[PATCH v2 29/39] x86/cet/shstk: Support wrss for userspace · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 29/39] x86/cet/shstk: Support wrss for userspace · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 29/39] x86/cet/shstk: Support wrss for userspace · Andy Lutomirski <luto@kernel.org> · 2022-10-03
Re: [PATCH v2 29/39] x86/cet/shstk: Support wrss for userspace · Kees Cook <hidden> · 2022-10-04
Re: [PATCH v2 29/39] x86/cet/shstk: Support wrss for userspace · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-06
Re: [PATCH v2 29/39] x86/cet/shstk: Support wrss for userspace · Kees Cook <hidden> · 2022-10-06
Re: [PATCH v2 29/39] x86/cet/shstk: Support wrss for userspace · Mike Rapoport <rppt@kernel.org> · 2022-10-04
[PATCH v2 31/39] x86/cet/shstk: Wire in CET interface · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 31/39] x86/cet/shstk: Wire in CET interface · Kees Cook <hidden> · 2022-10-03
[PATCH v2 30/39] x86: Expose thread features status in /proc/$PID/arch_status · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 30/39] x86: Expose thread features status in /proc/$PID/arch_status · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 30/39] x86: Expose thread features status in /proc/$PID/arch_status · "Andy Lutomirski" <luto@kernel.org> · 2022-10-03
Re: [PATCH v2 30/39] x86: Expose thread features status in /proc/$PID/arch_status · Kees Cook <hidden> · 2022-10-04
[PATCH v2 32/39] selftests/x86: Add shadow stack test · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 32/39] selftests/x86: Add shadow stack test · Kees Cook <hidden> · 2022-10-03
[PATCH v2 33/39] x86/cpufeatures: Limit shadow stack to Intel CPUs · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [PATCH v2 33/39] x86/cpufeatures: Limit shadow stack to Intel CPUs · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 33/39] x86/cpufeatures: Limit shadow stack to Intel CPUs · Dave Hansen <hidden> · 2022-10-04
Re: [PATCH v2 33/39] x86/cpufeatures: Limit shadow stack to Intel CPUs · Kees Cook <hidden> · 2022-10-04
Re: [PATCH v2 33/39] x86/cpufeatures: Limit shadow stack to Intel CPUs · Nathan Chancellor <nathan@kernel.org> · 2022-10-04
Re: [PATCH v2 33/39] x86/cpufeatures: Limit shadow stack to Intel CPUs · John Allen <john.allen@amd.com> · 2022-10-04
Re: [PATCH v2 33/39] x86/cpufeatures: Limit shadow stack to Intel CPUs · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-04
Re: [PATCH v2 33/39] x86/cpufeatures: Limit shadow stack to Intel CPUs · Nathan Chancellor <nathan@kernel.org> · 2022-10-04
Re: [PATCH v2 33/39] x86/cpufeatures: Limit shadow stack to Intel CPUs · "H. Peter Anvin" <hpa@zytor.com> · 2022-10-04
Re: [PATCH v2 33/39] x86/cpufeatures: Limit shadow stack to Intel CPUs · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-04
Re: [PATCH v2 33/39] x86/cpufeatures: Limit shadow stack to Intel CPUs · John Allen <john.allen@amd.com> · 2022-11-03
Re: [PATCH v2 33/39] x86/cpufeatures: Limit shadow stack to Intel CPUs · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-20
Re: [PATCH v2 33/39] x86/cpufeatures: Limit shadow stack to Intel CPUs · Mike Rapoport <rppt@kernel.org> · 2022-10-04
[OPTIONAL/CLEANUP v2 34/39] x86: Separate out x86_regset for 32 and 64 bit · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
[OPTIONAL/CLEANUP v2 35/39] x86: Improve formatting of user_regset arrays · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
[OPTIONAL/RFC v2 36/39] x86/fpu: Add helper for initing features · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [OPTIONAL/RFC v2 36/39] x86/fpu: Add helper for initing features · Chang S. Bae <hidden> · 2022-10-03
Re: [OPTIONAL/RFC v2 36/39] x86/fpu: Add helper for initing features · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-04
[OPTIONAL/RFC v2 37/39] x86/cet: Add PTRACE interface for CET · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [OPTIONAL/RFC v2 37/39] x86/cet: Add PTRACE interface for CET · Kees Cook <hidden> · 2022-10-03
Re: [OPTIONAL/RFC v2 37/39] x86/cet: Add PTRACE interface for CET · Mike Rapoport <rppt@kernel.org> · 2022-10-04
Re: [OPTIONAL/RFC v2 37/39] x86/cet: Add PTRACE interface for CET · Kees Cook <hidden> · 2022-10-04
[OPTIONAL/RFC v2 38/39] x86/cet/shstk: Add ARCH_CET_UNLOCK · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [OPTIONAL/RFC v2 38/39] x86/cet/shstk: Add ARCH_CET_UNLOCK · Kees Cook <hidden> · 2022-10-04
[OPTIONAL/RFC v2 39/39] x86: Add alt shadow stack support · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-09-29
Re: [OPTIONAL/RFC v2 39/39] x86: Add alt shadow stack support · Andy Lutomirski <luto@kernel.org> · 2022-10-03
Re: [OPTIONAL/RFC v2 39/39] x86: Add alt shadow stack support · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-04
Re: [OPTIONAL/RFC v2 39/39] x86: Add alt shadow stack support · "Andy Lutomirski" <luto@kernel.org> · 2022-10-04
Re: [OPTIONAL/RFC v2 39/39] x86: Add alt shadow stack support · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-04
Re: [PATCH v2 00/39] Shadowstacks for userspace · Kees Cook <hidden> · 2022-10-03
Re: [PATCH v2 00/39] Shadowstacks for userspace · Jann Horn <jannh@google.com> · 2022-10-03
Re: [PATCH v2 00/39] Shadowstacks for userspace · Kees Cook <hidden> · 2022-10-04
RE: [PATCH v2 00/39] Shadowstacks for userspace · David Laight <hidden> · 2022-10-04
Re: [PATCH v2 00/39] Shadowstacks for userspace · Kees Cook <hidden> · 2022-10-04
Re: [PATCH v2 00/39] Shadowstacks for userspace · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-10-03
Re: [PATCH v2 00/39] Shadowstacks for userspace · Kees Cook <hidden> · 2022-10-04

From: "Andy Lutomirski" <luto@kernel.org>
Date: 2022-10-04 17:46:56
Also in: linux-arch, linux-doc, linux-mm, lkml


On Tue, Oct 4, 2022, at 9:12 AM, Edgecombe, Rick P wrote:

On Mon, 2022-10-03 at 16:21 -0700, Andy Lutomirski wrote:

quoted

On 9/29/22 15:29, Rick Edgecombe wrote:

quoted

To handle stack overflows, applications can register a separate
signal alt
stack to use for the stack to handle signals. To handle shadow
stack
overflows the kernel can similarly provide the ability to have an
alt
shadow stack.


The overall SHSTK mechanism has a concept of a shadow stack that is 
valid and not in use and a shadow stack that is in use.  This is
used, 
for example, by RSTORSSP.  I would like to imagine that this serves
a 
real purpose (presumably preventing two different threads from using
the 
same shadow stack and thus corrupting each others' state).

So maybe altshstk should use exactly the same mechanism.  Either
signal 
delivery should do the atomic very-and-mark-busy routine or
registering 
the stack as an altstack should do it.

I think your patch has this maybe 1/3 implemented

I'm not following how it breaks down into 3 parts, so hopefully I'm not
missing something. We could do a software busy bit for the token at the
end of alt shstk though. It seems like a good idea.

I didn't mean there were three parts.  I just wild @&! guessed the amount of code written versus needed :)

The busy-like bit in the RSTORSSP-type token is not called out as a
busy bit, but instead defined as reserved (must be 0) in some states.
(Note, it is different than the supervisor shadow stack format). Yea,
we could just probably use it like RSTORSSP does for this operation.

Or just invent another new token format and stay away from bits marked
reserved. Then it wouldn't have to be atomic either, since userspace
couldn't use it.

But userspace *can* use it by delivering a signal.  I consider the scenario where two user threads set up the same altshstk and take signals concurrently to be about as dangerous and about as likely (under accidental or malicious conditions) as two user threads doing RSTORSSP at the same time.  Someone at Intel thought the latter was a big deal, so maybe we should match its behavior.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help