On 1/22/21 3:43 PM, Ard Biesheuvel wrote:

On Fri, 22 Jan 2021 at 22:15, Madhavan T. Venkataraman
[off-list ref] wrote:

quoted

On 1/22/21 11:43 AM, Mark Brown wrote:

quoted

On Thu, Jan 21, 2021 at 12:54:52PM -0600, Josh Poimboeuf wrote:

quoted

2) The shadow stack idea sounds promising -- how hard would it be to
   make a prototype reliable unwinder?

In theory it doesn't look too hard and I can't see a particular reason
not to try doing this - there's going to be edge cases but hopefully for
reliable stack trace they're all in areas where we would be happy to
just decide the stack isn't reliable anyway, things like nesting which
allocates separate shadow stacks for each nested level for example.
I'll take a look.

I am a new comer to this discussion and I am learning. Just have some
questions. Pardon me if they are obvious or if they have already been
asked and answered.

Doesn't Clang already have support for a shadow stack implementation for ARM64?
We could take a look at how Clang does it.

Will there not be a significant performance hit? May be, some of it can be
mitigated by using a parallel shadow stack rather than a compact one.

Are there any longjmp style situations in the kernel where the stack is
unwound by several frames? In these cases, the shadow stack must be unwound
accordingly.

Hello Madhavan,

Let's discuss the details of shadow call stacks on a separate thread,
instead of further hijacking Julien's series.

OK. Sounds good.