Re: [RFC 37/37] fs/binfmt_elf: Block old shstk elf bit

[PATCH v3 00/37] Shadow stacks for userspace · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 01/37] Documentation/x86: Add CET description · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 02/37] x86/cet/shstk: Add Kconfig option for Shadow Stack · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 03/37] x86/cpufeatures: Add CPU feature flags for shadow stacks · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
Re: [PATCH v3 03/37] x86/cpufeatures: Add CPU feature flags for shadow stacks · Borislav Petkov <bp@alien8.de> · 2022-11-07
[PATCH v3 04/37] x86/cpufeatures: Enable CET CR4 bit for shadow stack · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
Re: [PATCH v3 04/37] x86/cpufeatures: Enable CET CR4 bit for shadow stack · Borislav Petkov <bp@alien8.de> · 2022-11-07
Re: [PATCH v3 04/37] x86/cpufeatures: Enable CET CR4 bit for shadow stack · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-11-07
Re: [PATCH v3 04/37] x86/cpufeatures: Enable CET CR4 bit for shadow stack · Borislav Petkov <bp@alien8.de> · 2022-11-07
Re: [PATCH v3 04/37] x86/cpufeatures: Enable CET CR4 bit for shadow stack · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-11-07
Re: [PATCH v3 04/37] x86/cpufeatures: Enable CET CR4 bit for shadow stack · Borislav Petkov <bp@alien8.de> · 2022-11-07
Re: [PATCH v3 04/37] x86/cpufeatures: Enable CET CR4 bit for shadow stack · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-11-07
[PATCH v3 05/37] x86/fpu/xstate: Introduce CET MSR and XSAVES supervisor states · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 06/37] x86/fpu: Add helper for modifying xstate · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 09/37] x86/mm: Move pmd_write(), pud_write() up in the file · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 08/37] x86/mm: Remove _PAGE_DIRTY from kernel RO pages · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 07/37] x86/cet: Add user control-protection fault handler · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 10/37] x86/mm: Introduce _PAGE_COW · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 11/37] x86/mm: Update pte_modify for _PAGE_COW · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 12/37] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 13/37] mm: Move VM_UFFD_MINOR_BIT from 37 to 38 · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
Re: [PATCH v3 13/37] mm: Move VM_UFFD_MINOR_BIT from 37 to 38 · Peter Zijlstra <peterz@infradead.org> · 2022-11-15
Re: [PATCH v3 13/37] mm: Move VM_UFFD_MINOR_BIT from 37 to 38 · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-11-15
[PATCH v3 14/37] mm: Introduce VM_SHADOW_STACK for shadow stack memory · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 15/37] x86/mm: Check Shadow Stack page fault errors · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
Re: [PATCH v3 15/37] x86/mm: Check Shadow Stack page fault errors · Peter Zijlstra <peterz@infradead.org> · 2022-11-15
Re: [PATCH v3 15/37] x86/mm: Check Shadow Stack page fault errors · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-11-15
Re: [PATCH v3 15/37] x86/mm: Check Shadow Stack page fault errors · Peter Zijlstra <peterz@infradead.org> · 2022-11-15
Re: [PATCH v3 15/37] x86/mm: Check Shadow Stack page fault errors · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-11-15
Re: [PATCH v3 15/37] x86/mm: Check Shadow Stack page fault errors · Peter Zijlstra <peterz@infradead.org> · 2022-11-16
[PATCH v3 16/37] x86/mm: Update maybe_mkwrite() for shadow stack · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 17/37] mm: Fixup places that call pte_mkwrite() directly · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 18/37] mm: Add guard pages around a shadow stack. · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
Re: [PATCH v3 18/37] mm: Add guard pages around a shadow stack. · Peter Zijlstra <peterz@infradead.org> · 2022-11-15
Re: [PATCH v3 18/37] mm: Add guard pages around a shadow stack. · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-11-15
Re: [PATCH v3 18/37] mm: Add guard pages around a shadow stack. · Peter Zijlstra <peterz@infradead.org> · 2022-11-15
Re: [PATCH v3 18/37] mm: Add guard pages around a shadow stack. · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-11-15
[PATCH v3 19/37] mm/mmap: Add shadow stack pages to memory accounting · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 20/37] mm/mprotect: Exclude shadow stack from preserve_write · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
Re: [PATCH v3 20/37] mm/mprotect: Exclude shadow stack from preserve_write · Peter Zijlstra <peterz@infradead.org> · 2022-11-15
Re: [PATCH v3 20/37] mm/mprotect: Exclude shadow stack from preserve_write · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-11-15
[PATCH v3 21/37] mm: Re-introduce vm_flags to do_mmap() · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 22/37] mm: Don't allow write GUPs to shadow stack memory · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 23/37] mm: Warn on shadow stack memory in wrong vma · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 24/37] x86: Introduce userspace API for CET enabling · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
Re: [PATCH v3 24/37] x86: Introduce userspace API for CET enabling · Peter Zijlstra <peterz@infradead.org> · 2022-11-15
Re: [PATCH v3 24/37] x86: Introduce userspace API for CET enabling · Peter Zijlstra <peterz@infradead.org> · 2022-11-15
Re: [PATCH v3 24/37] x86: Introduce userspace API for CET enabling · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-11-15
Re: [PATCH v3 24/37] x86: Introduce userspace API for CET enabling · Peter Zijlstra <peterz@infradead.org> · 2022-11-15
Re: [PATCH v3 24/37] x86: Introduce userspace API for CET enabling · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-11-15
[PATCH v3 25/37] x86/shstk: Add user-mode shadow stack support · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
Re: [PATCH v3 25/37] x86/shstk: Add user-mode shadow stack support · Peter Zijlstra <peterz@infradead.org> · 2022-11-15
Re: [PATCH v3 25/37] x86/shstk: Add user-mode shadow stack support · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-11-15
[PATCH v3 26/37] x86/shstk: Handle thread shadow stack · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 27/37] x86/shstk: Introduce routines modifying shstk · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
Re: [PATCH v3 27/37] x86/shstk: Introduce routines modifying shstk · Peter Zijlstra <peterz@infradead.org> · 2022-11-15
Re: [PATCH v3 27/37] x86/shstk: Introduce routines modifying shstk · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-11-15
Re: [PATCH v3 27/37] x86/shstk: Introduce routines modifying shstk · Peter Zijlstra <peterz@infradead.org> · 2022-11-16
Re: [PATCH v3 27/37] x86/shstk: Introduce routines modifying shstk · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-11-16
Re: [PATCH v3 27/37] x86/shstk: Introduce routines modifying shstk · Peter Zijlstra <peterz@infradead.org> · 2022-11-17
Re: [PATCH v3 27/37] x86/shstk: Introduce routines modifying shstk · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-11-18
Re: [PATCH v3 27/37] x86/shstk: Introduce routines modifying shstk · Peter Zijlstra <peterz@infradead.org> · 2022-11-15
Re: [PATCH v3 27/37] x86/shstk: Introduce routines modifying shstk · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-11-15
[PATCH v3 28/37] x86/shstk: Handle signals for shadow stack · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 29/37] x86/shstk: Introduce map_shadow_stack syscall · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 30/37] x86/shstk: Support wrss for userspace · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 31/37] x86: Expose thread features in /proc/$PID/status · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 32/37] x86/cet/shstk: Wire in CET interface · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 34/37] x86/fpu: Add helper for initing features · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 33/37] selftests/x86: Add shadow stack test · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
[PATCH v3 35/37] x86/cet: Add PTRACE interface for CET · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
Re: [PATCH v3 35/37] x86/cet: Add PTRACE interface for CET · Peter Zijlstra <peterz@infradead.org> · 2022-11-15
Re: [PATCH v3 35/37] x86/cet: Add PTRACE interface for CET · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-11-15
RE: [PATCH v3 35/37] x86/cet: Add PTRACE interface for CET · Schimpe, Christina <hidden> · 2022-11-17
Re: [PATCH v3 35/37] x86/cet: Add PTRACE interface for CET · Peter Zijlstra <peterz@infradead.org> · 2022-11-17
Re: [PATCH v3 35/37] x86/cet: Add PTRACE interface for CET · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-11-18
RE: [PATCH v3 35/37] x86/cet: Add PTRACE interface for CET · Schimpe, Christina <hidden> · 2022-11-18
Re: [PATCH v3 35/37] x86/cet: Add PTRACE interface for CET · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-11-17
RE: [PATCH v3 35/37] x86/cet: Add PTRACE interface for CET · Schimpe, Christina <hidden> · 2022-11-18
Re: [PATCH v3 35/37] x86/cet: Add PTRACE interface for CET · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-11-18
Re: [PATCH v3 35/37] x86/cet: Add PTRACE interface for CET · Mike Rapoport <rppt@kernel.org> · 2022-11-21
Re: [PATCH v3 35/37] x86/cet: Add PTRACE interface for CET · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-11-21
Re: [PATCH v3 35/37] x86/cet: Add PTRACE interface for CET · Mike Rapoport <rppt@kernel.org> · 2022-11-22
[PATCH v3 36/37] x86/cet/shstk: Add ARCH_CET_UNLOCK · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
Re: [PATCH v3 36/37] x86/cet/shstk: Add ARCH_CET_UNLOCK · Peter Zijlstra <peterz@infradead.org> · 2022-11-15
Re: [PATCH v3 36/37] x86/cet/shstk: Add ARCH_CET_UNLOCK · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-11-15
Re: [PATCH v3 36/37] x86/cet/shstk: Add ARCH_CET_UNLOCK · Peter Zijlstra <peterz@infradead.org> · 2022-11-15
Re: [PATCH v3 36/37] x86/cet/shstk: Add ARCH_CET_UNLOCK · Dave Hansen <hidden> · 2022-11-15
Re: [PATCH v3 36/37] x86/cet/shstk: Add ARCH_CET_UNLOCK · Peter Zijlstra <peterz@infradead.org> · 2022-11-15
[RFC 37/37] fs/binfmt_elf: Block old shstk elf bit · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2022-11-04
Re: [RFC 37/37] fs/binfmt_elf: Block old shstk elf bit · H.J. Lu <hidden> · 2022-11-04
Re: [RFC 37/37] fs/binfmt_elf: Block old shstk elf bit · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2022-11-07

From: "Edgecombe, Rick P" <rick.p.edgecombe@intel.com>
Date: 2022-11-07 16:50:08
Also in: linux-arch, linux-doc, linux-mm, lkml

On Fri, 2022-11-04 at 15:56 -0700, H.J. Lu wrote:

This change doesn't make a binary CET compatible.  It just requires
that the toolchain
must be updated and all binaries have to be recompiled with the new
toolchain to
enable CET.

I guess you mean distros could again blindly mark all binaries as
supporting shadow stack? I think they would see the failures pretty
quickly in this case, unlike the first time where there was little HW
and no kernel support.

  It doesn't solve any issue which can't be solved by not
updating glibc.

If users never updates glibc, there won't be a problem, as I elaborated
on in the coverletter. But how are they supposed to know the
consequences of turning on CET?

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help