Re: [PATCH 00/10] Control Flow Enforcement - Part (3) | linux-doc

[PATCH 00/10] Control Flow Enforcement - Part (3) · Yu-cheng Yu <hidden> · 2018-06-07
[PATCH 08/10] mm: Prevent mremap of shadow stack · Yu-cheng Yu <hidden> · 2018-06-07
Re: [PATCH 08/10] mm: Prevent mremap of shadow stack · Andy Lutomirski <luto@kernel.org> · 2018-06-07
Re: [PATCH 08/10] mm: Prevent mremap of shadow stack · Yu-cheng Yu <hidden> · 2018-06-07
[PATCH 07/10] mm: Prevent mprotect from changing shadow stack · Yu-cheng Yu <hidden> · 2018-06-07
[PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Yu-cheng Yu <hidden> · 2018-06-07
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Andy Lutomirski <luto@kernel.org> · 2018-06-07
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Yu-cheng Yu <hidden> · 2018-06-07
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Andy Lutomirski <luto@kernel.org> · 2018-06-07
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · H.J. Lu <hidden> · 2018-06-07
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Andy Lutomirski <luto@kernel.org> · 2018-06-07
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · H.J. Lu <hidden> · 2018-06-08
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Andy Lutomirski <luto@kernel.org> · 2018-06-08
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · H.J. Lu <hidden> · 2018-06-08
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Andy Lutomirski <luto@kernel.org> · 2018-06-08
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Cyrill Gorcunov <hidden> · 2018-06-08
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · H.J. Lu <hidden> · 2018-06-08
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Andy Lutomirski <luto@kernel.org> · 2018-06-08
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · H.J. Lu <hidden> · 2018-06-08
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Thomas Gleixner <hidden> · 2018-06-12
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · H.J. Lu <hidden> · 2018-06-12
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Andy Lutomirski <luto@kernel.org> · 2018-06-12
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · H.J. Lu <hidden> · 2018-06-12
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Andy Lutomirski <luto@kernel.org> · 2018-06-12
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · H.J. Lu <hidden> · 2018-06-12
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Thomas Gleixner <hidden> · 2018-06-12
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · H.J. Lu <hidden> · 2018-06-12
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Andy Lutomirski <luto@kernel.org> · 2018-06-18
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Kees Cook <hidden> · 2018-06-19
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Florian Weimer <hidden> · 2018-06-19
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Andy Lutomirski <luto@amacapital.net> · 2018-06-19
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Kees Cook <hidden> · 2018-06-19
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Yu-cheng Yu <hidden> · 2018-06-19
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Kees Cook <hidden> · 2018-06-19
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Andy Lutomirski <luto@amacapital.net> · 2018-06-19
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Kees Cook <hidden> · 2018-06-19
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Andy Lutomirski <luto@amacapital.net> · 2018-06-19
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Yu-cheng Yu <hidden> · 2018-06-19
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Andy Lutomirski <luto@amacapital.net> · 2018-06-20
Re: [PATCH 06/10] x86/cet: Add arch_prctl functions for shadow stack · Yu-cheng Yu <hidden> · 2018-06-21
[PATCH 04/10] x86/cet: Handle thread shadow stack · Yu-cheng Yu <hidden> · 2018-06-07
Re: [PATCH 04/10] x86/cet: Handle thread shadow stack · Andy Lutomirski <luto@kernel.org> · 2018-06-07
Re: [PATCH 04/10] x86/cet: Handle thread shadow stack · Florian Weimer <hidden> · 2018-06-07
Re: [PATCH 04/10] x86/cet: Handle thread shadow stack · Andy Lutomirski <luto@kernel.org> · 2018-06-07
Re: [PATCH 04/10] x86/cet: Handle thread shadow stack · Florian Weimer <hidden> · 2018-06-08
Re: [PATCH 04/10] x86/cet: Handle thread shadow stack · Andy Lutomirski <luto@kernel.org> · 2018-06-08
Re: [PATCH 04/10] x86/cet: Handle thread shadow stack · Yu-cheng Yu <hidden> · 2018-06-08
[PATCH 05/10] x86/cet: ELF header parsing of Control Flow Enforcement · Yu-cheng Yu <hidden> · 2018-06-07
Re: [PATCH 05/10] x86/cet: ELF header parsing of Control Flow Enforcement · Andy Lutomirski <luto@kernel.org> · 2018-06-07
Re: [PATCH 05/10] x86/cet: ELF header parsing of Control Flow Enforcement · Yu-cheng Yu <hidden> · 2018-06-07
[PATCH 09/10] mm: Prevent madvise from changing shadow stack · Yu-cheng Yu <hidden> · 2018-06-07
Re: [PATCH 09/10] mm: Prevent madvise from changing shadow stack · Andy Lutomirski <luto@kernel.org> · 2018-06-07
Re: [PATCH 09/10] mm: Prevent madvise from changing shadow stack · Nadav Amit <hidden> · 2018-06-07
Re: [PATCH 09/10] mm: Prevent madvise from changing shadow stack · Yu-cheng Yu <hidden> · 2018-06-07
[PATCH 10/10] mm: Prevent munmap and remap_file_pages of shadow stack · Yu-cheng Yu <hidden> · 2018-06-07
Re: [PATCH 10/10] mm: Prevent munmap and remap_file_pages of shadow stack · Andy Lutomirski <luto@kernel.org> · 2018-06-07
Re: [PATCH 10/10] mm: Prevent munmap and remap_file_pages of shadow stack · Yu-cheng Yu <hidden> · 2018-06-07
[PATCH 02/10] x86/cet: Introduce WRUSS instruction · Yu-cheng Yu <hidden> · 2018-06-07
Re: [PATCH 02/10] x86/cet: Introduce WRUSS instruction · Andy Lutomirski <luto@kernel.org> · 2018-06-07
Re: [PATCH 02/10] x86/cet: Introduce WRUSS instruction · Yu-cheng Yu <hidden> · 2018-06-07
Re: [PATCH 02/10] x86/cet: Introduce WRUSS instruction · Peter Zijlstra <peterz@infradead.org> · 2018-06-07
Re: [PATCH 02/10] x86/cet: Introduce WRUSS instruction · Yu-cheng Yu <hidden> · 2018-06-07
Re: [PATCH 02/10] x86/cet: Introduce WRUSS instruction · Peter Zijlstra <peterz@infradead.org> · 2018-06-11
Re: [PATCH 02/10] x86/cet: Introduce WRUSS instruction · Yu-cheng Yu <hidden> · 2018-06-11
Re: [PATCH 02/10] x86/cet: Introduce WRUSS instruction · Balbir Singh <bsingharora@gmail.com> · 2018-06-14
Re: [PATCH 02/10] x86/cet: Introduce WRUSS instruction · Yu-cheng Yu <hidden> · 2018-06-14
[PATCH 03/10] x86/cet: Signal handling for shadow stack · Yu-cheng Yu <hidden> · 2018-06-07
Re: [PATCH 03/10] x86/cet: Signal handling for shadow stack · Andy Lutomirski <luto@amacapital.net> · 2018-06-07
Re: [PATCH 03/10] x86/cet: Signal handling for shadow stack · Florian Weimer <hidden> · 2018-06-07
Re: [PATCH 03/10] x86/cet: Signal handling for shadow stack · Yu-cheng Yu <hidden> · 2018-06-07
Re: [PATCH 03/10] x86/cet: Signal handling for shadow stack · Cyrill Gorcunov <hidden> · 2018-06-07
Re: [PATCH 03/10] x86/cet: Signal handling for shadow stack · Andy Lutomirski <luto@kernel.org> · 2018-06-07
Re: [PATCH 03/10] x86/cet: Signal handling for shadow stack · Cyrill Gorcunov <hidden> · 2018-06-08
Re: [PATCH 03/10] x86/cet: Signal handling for shadow stack · Yu-cheng Yu <hidden> · 2018-06-07
Re: [PATCH 03/10] x86/cet: Signal handling for shadow stack · Dave Hansen <dave.hansen@linux.intel.com> · 2018-06-07
[PATCH 01/10] x86/cet: User-mode shadow stack support · Yu-cheng Yu <hidden> · 2018-06-07
Re: [PATCH 01/10] x86/cet: User-mode shadow stack support · Andy Lutomirski <luto@kernel.org> · 2018-06-07
Re: [PATCH 01/10] x86/cet: User-mode shadow stack support · Yu-cheng Yu <hidden> · 2018-06-07
Re: [PATCH 01/10] x86/cet: User-mode shadow stack support · Dave Hansen <dave.hansen@linux.intel.com> · 2018-06-07
Re: [PATCH 01/10] x86/cet: User-mode shadow stack support · Andy Lutomirski <luto@kernel.org> · 2018-06-07
Re: [PATCH 01/10] x86/cet: User-mode shadow stack support · Balbir Singh <bsingharora@gmail.com> · 2018-06-12
Re: [PATCH 01/10] x86/cet: User-mode shadow stack support · Yu-cheng Yu <hidden> · 2018-06-12
Re: [PATCH 00/10] Control Flow Enforcement - Part (3) · Balbir Singh <bsingharora@gmail.com> · 2018-06-12
Re: [PATCH 00/10] Control Flow Enforcement - Part (3) · Yu-cheng Yu <hidden> · 2018-06-12
Re: [PATCH 00/10] Control Flow Enforcement - Part (3) · Andy Lutomirski <luto@kernel.org> · 2018-06-12
Re: [PATCH 00/10] Control Flow Enforcement - Part (3) · Yu-cheng Yu <hidden> · 2018-06-12
Re: [PATCH 00/10] Control Flow Enforcement - Part (3) · Andy Lutomirski <luto@kernel.org> · 2018-06-12
Re: [PATCH 00/10] Control Flow Enforcement - Part (3) · Yu-cheng Yu <hidden> · 2018-06-12
Re: [PATCH 00/10] Control Flow Enforcement - Part (3) · Yu-cheng Yu <hidden> · 2018-06-12
Re: [PATCH 00/10] Control Flow Enforcement - Part (3) · Balbir Singh <bsingharora@gmail.com> · 2018-06-14
Re: [PATCH 00/10] Control Flow Enforcement - Part (3) · Yu-cheng Yu <hidden> · 2018-06-14
Re: [PATCH 00/10] Control Flow Enforcement - Part (3) · Balbir Singh <bsingharora@gmail.com> · 2018-06-17
Re: [PATCH 00/10] Control Flow Enforcement - Part (3) · Andy Lutomirski <luto@kernel.org> · 2018-06-18
Re: [PATCH 00/10] Control Flow Enforcement - Part (3) · Balbir Singh <bsingharora@gmail.com> · 2018-06-19
Re: [PATCH 00/10] Control Flow Enforcement - Part (3) · Jann Horn <jannh@google.com> · 2018-06-26
Re: [PATCH 00/10] Control Flow Enforcement - Part (3) · Yu-cheng Yu <hidden> · 2018-06-26
Re: [PATCH 00/10] Control Flow Enforcement - Part (3) · Andy Lutomirski <luto@kernel.org> · 2018-06-26
Re: [PATCH 00/10] Control Flow Enforcement - Part (3) · Yu-cheng Yu <hidden> · 2018-06-26

Re: [PATCH 00/10] Control Flow Enforcement - Part (3)

From: Balbir Singh <bsingharora@gmail.com>
Date: 2018-06-19 08:52:50
Also in: linux-arch, linux-mm, lkml

On Mon, 2018-06-18 at 14:44 -0700, Andy Lutomirski wrote:

On Sat, Jun 16, 2018 at 8:16 PM Balbir Singh [off-list ref] wrote:

quoted

On Thu, 2018-06-14 at 07:56 -0700, Yu-cheng Yu wrote:

quoted

On Thu, 2018-06-14 at 11:07 +1000, Balbir Singh wrote:

quoted

On Tue, 2018-06-12 at 08:03 -0700, Yu-cheng Yu wrote:

quoted

On Tue, 2018-06-12 at 20:56 +1000, Balbir Singh wrote:

quoted

On 08/06/18 00:37, Yu-cheng Yu wrote:

quoted

This series introduces CET - Shadow stack

At the high level, shadow stack is:

      Allocated from a task's address space with vm_flags VM_SHSTK;
      Its PTEs must be read-only and dirty;
      Fixed sized, but the default size can be changed by sys admin.

For a forked child, the shadow stack is duplicated when the next
shadow stack access takes place.

For a pthread child, a new shadow stack is allocated.

The signal handler uses the same shadow stack as the main program.

Even with sigaltstack()?

Yes.

I am not convinced that it would work, as we switch stacks, oveflow might
be an issue. I also forgot to bring up setcontext(2), I presume those
will get new shadow stacks

Do you mean signal stack/sigaltstack overflow or swapcontext in a signal
handler?

I meant any combination of that. If there is a user space threads implementation that uses sigaltstack for switching threads

Anyone who does that is nuts.  The whole point of user space threads
is speed, and signals are very slow.  For userspace threads to work,
we need an API to allocate new shadow stacks, and we need to use the
extremely awkwardly defined RSTORSSP stuff to switch.  (I assume this
is possible on an ISA level.  The docs are bad, and the mnemonics for
the relevant instructions are nonsensical.)

The whole point was to ensure we don't break applications/code that work
today. I think as long as there is a shadow stack allocated corresponding
to the user space stack and we can Restore SSP as we switch things should be
fine.

Balbir Singh.

--
To unsubscribe from this list: send the line "unsubscribe linux-doc" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help