From: Oleg Nesterov <oleg@redhat.com>
To: Dave Hansen <dave.hansen@intel.com>
Cc: Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
Deepak Gupta <debug@rivosinc.com>,
"H. Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@kernel.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Mark Brown <broonie@kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Rick Edgecombe <rick.p.edgecombe@intel.com>,
Sohil Mehta <sohil.mehta@intel.com>,
Thomas Gleixner <tglx@linutronix.de>,
linux-kernel@vger.kernel.org, x86@kernel.org
Subject: Re: [PATCH v3 1/1] x86/shstk: don't create the shadow stack for PF_USER_WORKERs
Date: Thu, 4 Sep 2025 11:10:16 +0200 [thread overview]
Message-ID: <20250904091015.GC27255@redhat.com> (raw)
In-Reply-To: <b91c72b6-cbe0-4767-8d65-05f804733a55@intel.com>
On 09/03, Dave Hansen wrote:
>
> On 9/3/25 06:42, Oleg Nesterov wrote:
> > arch/x86/include/asm/shstk.h | 4 ++--
> > arch/x86/kernel/process.c | 2 +-
> > arch/x86/kernel/shstk.c | 9 +++++++--
> > 3 files changed, 10 insertions(+), 5 deletions(-)
>
> That's not a great diffstat for a "cleanup". It's also not fixing any
> end-user-visible issues as far as I can tell.
Well, from the changelog:
Another problem is that the current logic looks simply wrong. In this case
fpu_clone() won't call update_fpu_shstk(), so xstate->user_ssp won't be
initialized.
But since the copy_thread() paths do not clear the ARCH_SHSTK_SHSTK flag
copied by arch_dup_task_struct(), ssp_active(PF_USER_WORKER) will return
true in ssp_get(), so ssp_get() will try to report cetregs->user_ssp which
can't be correct.
this doesn't look right to me.
> > - new_ssp = shstk_alloc_thread_stack(p, clone_flags, args->stack_size);
> > + new_ssp = shstk_alloc_thread_stack(p, clone_flags, args->fn, args->stack_size);
>
> Passing 'args->fn' as a 'bool' argument is a bit cruel, don't you think?
Yes, and
> > unsigned long shstk_alloc_thread_stack(struct task_struct *tsk, unsigned long clone_flags,
> > - unsigned long stack_size)
> > + bool minimal, unsigned long stack_size)
> 'minimal' is an awfully meaningless name for this.
yes.
But please note that fpu_clone() has the same "bool minimal" argument passed
as "args->fn". I even mentioned this in the changelog, this patch tries to
mimic the existing code. But of course I can change it. Can you suggest a
better name?
Oleg.
prev parent reply other threads:[~2025-09-04 9:11 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-03 13:41 [PATCH v3 0/1] x86/shstk: don't create the shadow stack for PF_USER_WORKERs Oleg Nesterov
2025-09-03 13:42 ` [PATCH v3 1/1] " Oleg Nesterov
2025-09-03 16:14 ` Dave Hansen
2025-09-03 16:39 ` Mark Brown
2025-09-04 9:10 ` Oleg Nesterov [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250904091015.GC27255@redhat.com \
--to=oleg@redhat.com \
--cc=bp@alien8.de \
--cc=broonie@kernel.org \
--cc=dave.hansen@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=debug@rivosinc.com \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=peterz@infradead.org \
--cc=rick.p.edgecombe@intel.com \
--cc=sohil.mehta@intel.com \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.