On Wed, 2024-05-15 at 13:35 +0200, Oleg Nesterov wrote:

Let me repeat I know nothing about shadow stacks, only tried to
read Documentation/arch/x86/shstk.rst few minutes ago ;)

On 05/13, Jiri Olsa wrote:

quoted

1) current uretprobe which are not working at the moment and we change
    the top value of shadow stack with shstk_push_frame
2) optimized uretprobe which needs to push new frame on shadow stack
    with shstk_update_last_frame

I think we should do 1) and have current uretprobe working with shadow
stack, which is broken at the moment

Agreed,

quoted

I'm ok with not using optimized uretprobe when shadow stack is detected
as enabled and we go with current uretprobe in that case

But how can we detect it? Again, suppose userspace does

the rdssp instruction returns the value of the shadow stack pointer. On non-
shadow stack it is a nop. So you could check if the SSP is non-zero to find if
shadow stack is enabled. This would catch most cases, but I guess there is the
possibility of it getting enabled in a signal that hit between checking and the
rest of operation. Is this uretprobe stuff signal safe in general?