From: "Edgecombe, Rick P" <rick.p.edgecombe@intel.com>
To: "debug@rivosinc.com" <debug@rivosinc.com>
Cc: "kito.cheng@sifive.com" <kito.cheng@sifive.com>,
"tglx@linutronix.de" <tglx@linutronix.de>,
"lorenzo.stoakes@oracle.com" <lorenzo.stoakes@oracle.com>,
"linux-arch@vger.kernel.org" <linux-arch@vger.kernel.org>,
"charlie@rivosinc.com" <charlie@rivosinc.com>,
"linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>,
"samitolvanen@google.com" <samitolvanen@google.com>,
"devicetree@vger.kernel.org" <devicetree@vger.kernel.org>,
"peterz@infradead.org" <peterz@infradead.org>,
"corbet@lwn.net" <corbet@lwn.net>,
"kees@kernel.org" <kees@kernel.org>,
"alistair.francis@wdc.com" <alistair.francis@wdc.com>,
"broonie@kernel.org" <broonie@kernel.org>,
"andybnac@gmail.com" <andybnac@gmail.com>,
"krzk+dt@kernel.org" <krzk+dt@kernel.org>,
"palmer@dabbelt.com" <palmer@dabbelt.com>,
"x86@kernel.org" <x86@kernel.org>, "bp@alien8.de" <bp@alien8.de>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-riscv@lists.infradead.org"
<linux-riscv@lists.infradead.org>,
"aou@eecs.berkeley.edu" <aou@eecs.berkeley.edu>,
"arnd@arndb.de" <arnd@arndb.de>,
"jim.shu@sifive.com" <jim.shu@sifive.com>,
"vbabka@suse.cz" <vbabka@suse.cz>,
"shuah@kernel.org" <shuah@kernel.org>,
"Liam.Howlett@oracle.com" <Liam.Howlett@oracle.com>,
"oleg@redhat.com" <oleg@redhat.com>,
"alexghiti@rivosinc.com" <alexghiti@rivosinc.com>,
"ebiederm@xmission.com" <ebiederm@xmission.com>,
"atishp@rivosinc.com" <atishp@rivosinc.com>,
"richard.henderson@linaro.org" <richard.henderson@linaro.org>,
"cleger@rivosinc.com" <cleger@rivosinc.com>,
"brauner@kernel.org" <brauner@kernel.org>,
"hpa@zytor.com" <hpa@zytor.com>,
"mingo@redhat.com" <mingo@redhat.com>,
"robh@kernel.org" <robh@kernel.org>,
"linux-kselftest@vger.kernel.org"
<linux-kselftest@vger.kernel.org>,
"paul.walmsley@sifive.com" <paul.walmsley@sifive.com>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
"evan@rivosinc.com" <evan@rivosinc.com>,
"conor@kernel.org" <conor@kernel.org>,
"akpm@linux-foundation.org" <akpm@linux-foundation.org>,
"linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org>,
"dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>
Subject: Re: [PATCH v6 16/33] riscv/shstk: If needed allocate a new shadow stack on clone
Date: Tue, 8 Oct 2024 23:31:16 +0000 [thread overview]
Message-ID: <93a3315b3acd8a0585fe266bdfdbd44e54aabaee.camel@intel.com> (raw)
In-Reply-To: <ZwW9m6pqcTFBovuG@debug.ba.rivosinc.com>
On Tue, 2024-10-08 at 16:17 -0700, Deepak Gupta wrote:
> Yeah you're right. Honestly, I've been shameless in adapting most of the flows
> from x86 `shstk.c` for risc-v. So thank you for that.
All good, glad we ended up with similar behavior.
>
> Now that we've `ARCH_HAS_USER_SHADOW_STACK` part of multiple patch series (riscv
> shadowstack, clone3 and I think arm64 gcs series as well). It's probably the
> appropriate time to find common grounds.
There have been bugs in the similar bits of code. So will be nice to not have to
fix them in each arch too.
>
> This is what I suggest
>
> - move most of the common/arch agnostic shadow stack stuff in kernel/shstk.c
> This gets part of compile if `ARCH_HAS_USER_SHADOW_STACK` is enabled/selected.
Yea, I guess we have commonality for (in x86 naming):
- map_shadow_stack()
- shstk_free()
- shstk_alloc_thread_stack()
- shstk_setup()
The signal part starts to diverge. Then I guess x86 has a different prctl
interface.
>
> - allow arch specific branch out guard checks for "if cpu supports", "is shadow stack
> enabled on the task_struct" (I expect each arch layout of task_struct will be
> different, no point finding common ground there), etc.
Sure.
>
> I think it's worth a try.
> If you already don't have patches, I'll spend some time to see what it takes to
> converge in my next version. If I end up into some roadblock, will use this thread
> for further discussion.
Sounds good. I have not looked at it too much.
WARNING: multiple messages have this Message-ID (diff)
From: "Edgecombe, Rick P" <rick.p.edgecombe@intel.com>
To: "debug@rivosinc.com" <debug@rivosinc.com>
Cc: "kito.cheng@sifive.com" <kito.cheng@sifive.com>,
"tglx@linutronix.de" <tglx@linutronix.de>,
"lorenzo.stoakes@oracle.com" <lorenzo.stoakes@oracle.com>,
"linux-arch@vger.kernel.org" <linux-arch@vger.kernel.org>,
"charlie@rivosinc.com" <charlie@rivosinc.com>,
"linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>,
"samitolvanen@google.com" <samitolvanen@google.com>,
"devicetree@vger.kernel.org" <devicetree@vger.kernel.org>,
"peterz@infradead.org" <peterz@infradead.org>,
"corbet@lwn.net" <corbet@lwn.net>,
"kees@kernel.org" <kees@kernel.org>,
"alistair.francis@wdc.com" <alistair.francis@wdc.com>,
"broonie@kernel.org" <broonie@kernel.org>,
"andybnac@gmail.com" <andybnac@gmail.com>,
"krzk+dt@kernel.org" <krzk+dt@kernel.org>,
"palmer@dabbelt.com" <palmer@dabbelt.com>,
"x86@kernel.org" <x86@kernel.org>, "bp@alien8.de" <bp@alien8.de>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-riscv@lists.infradead.org"
<linux-riscv@lists.infradead.org>,
"aou@eecs.berkeley.edu" <aou@eecs.berkeley.edu>,
"arnd@arndb.de" <arnd@arndb.de>,
"jim.shu@sifive.com" <jim.shu@sifive.com>,
"vbabka@suse.cz" <vbabka@suse.cz>,
"shuah@kernel.org" <shuah@kernel.org>,
"Liam.Howlett@oracle.com" <Liam.Howlett@oracle.com>,
"oleg@redhat.com" <oleg@redhat.com>,
"alexghiti@rivosinc.com" <alexghiti@rivosinc.com>,
"ebiederm@xmission.com" <ebiederm@xmission.com>,
"atishp@rivosinc.com" <atishp@rivosinc.com>,
"richard.henderson@linaro.org" <richard.henderson@linaro.org>,
"cleger@rivosinc.com" <cleger@rivosinc.com>,
"brauner@kernel.org" <brauner@kernel.org>,
"hpa@zytor.com" <hpa@zytor.com>,
"mingo@redhat.com" <mingo@redhat.com>,
"robh@kernel.org" <robh@kernel.org>,
"linux-kselftest@vger.kernel.org"
<linux-kselftest@vger.kernel.org>,
"paul.walmsley@sifive.com" <paul.walmsley@sifive.com>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
"evan@rivosinc.com" <evan@rivosinc.com>,
"conor@kernel.org" <conor@kernel.org>,
"akpm@linux-foundation.org" <akpm@linux-foundation.org>,
"linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org>,
"dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>
Subject: Re: [PATCH v6 16/33] riscv/shstk: If needed allocate a new shadow stack on clone
Date: Tue, 8 Oct 2024 23:31:16 +0000 [thread overview]
Message-ID: <93a3315b3acd8a0585fe266bdfdbd44e54aabaee.camel@intel.com> (raw)
In-Reply-To: <ZwW9m6pqcTFBovuG@debug.ba.rivosinc.com>
On Tue, 2024-10-08 at 16:17 -0700, Deepak Gupta wrote:
> Yeah you're right. Honestly, I've been shameless in adapting most of the flows
> from x86 `shstk.c` for risc-v. So thank you for that.
All good, glad we ended up with similar behavior.
>
> Now that we've `ARCH_HAS_USER_SHADOW_STACK` part of multiple patch series (riscv
> shadowstack, clone3 and I think arm64 gcs series as well). It's probably the
> appropriate time to find common grounds.
There have been bugs in the similar bits of code. So will be nice to not have to
fix them in each arch too.
>
> This is what I suggest
>
> - move most of the common/arch agnostic shadow stack stuff in kernel/shstk.c
> This gets part of compile if `ARCH_HAS_USER_SHADOW_STACK` is enabled/selected.
Yea, I guess we have commonality for (in x86 naming):
- map_shadow_stack()
- shstk_free()
- shstk_alloc_thread_stack()
- shstk_setup()
The signal part starts to diverge. Then I guess x86 has a different prctl
interface.
>
> - allow arch specific branch out guard checks for "if cpu supports", "is shadow stack
> enabled on the task_struct" (I expect each arch layout of task_struct will be
> different, no point finding common ground there), etc.
Sure.
>
> I think it's worth a try.
> If you already don't have patches, I'll spend some time to see what it takes to
> converge in my next version. If I end up into some roadblock, will use this thread
> for further discussion.
Sounds good. I have not looked at it too much.
_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv
next prev parent reply other threads:[~2024-10-08 23:31 UTC|newest]
Thread overview: 104+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-08 22:36 [PATCH v6 00/33] riscv control-flow integrity for usermode Deepak Gupta
2024-10-08 22:36 ` Deepak Gupta
2024-10-08 22:36 ` [PATCH v6 01/33] mm: Introduce ARCH_HAS_USER_SHADOW_STACK Deepak Gupta
2024-10-08 22:36 ` Deepak Gupta
2024-10-08 22:36 ` [PATCH v6 02/33] mm: helper `is_shadow_stack_vma` to check shadow stack vma Deepak Gupta
2024-10-08 22:36 ` Deepak Gupta
2024-10-09 11:11 ` Mark Brown
2024-10-09 11:11 ` Mark Brown
2024-10-08 22:36 ` [PATCH v6 03/33] riscv: Enable cbo.zero only when all harts support Zicboz Deepak Gupta
2024-10-08 22:36 ` Deepak Gupta
2024-10-08 22:36 ` [PATCH v6 04/33] riscv: Add support for per-thread envcfg CSR values Deepak Gupta
2024-10-08 22:36 ` Deepak Gupta
2024-10-08 22:36 ` [PATCH v6 05/33] riscv: Call riscv_user_isa_enable() only on the boot hart Deepak Gupta
2024-10-08 22:36 ` Deepak Gupta
2024-10-08 22:36 ` [PATCH v6 06/33] riscv/Kconfig: enable HAVE_EXIT_THREAD for riscv Deepak Gupta
2024-10-08 22:36 ` Deepak Gupta
2024-10-09 11:28 ` Mark Brown
2024-10-09 11:28 ` Mark Brown
2024-10-29 22:06 ` Deepak Gupta
2024-10-29 22:06 ` Deepak Gupta
2024-10-08 22:36 ` [PATCH v6 07/33] dt-bindings: riscv: zicfilp and zicfiss in dt-bindings (extensions.yaml) Deepak Gupta
2024-10-08 22:36 ` Deepak Gupta
2024-10-25 21:58 ` Rob Herring (Arm)
2024-10-25 21:58 ` Rob Herring (Arm)
2024-10-08 22:36 ` [PATCH v6 08/33] riscv: zicfiss / zicfilp enumeration Deepak Gupta
2024-10-08 22:36 ` Deepak Gupta
2024-10-08 22:36 ` [PATCH v6 09/33] riscv: zicfiss / zicfilp extension csr and bit definitions Deepak Gupta
2024-10-08 22:36 ` Deepak Gupta
2024-10-08 22:36 ` [PATCH v6 10/33] riscv: usercfi state for task and save/restore of CSR_SSP on trap entry/exit Deepak Gupta
2024-10-08 22:36 ` Deepak Gupta
2024-10-08 22:36 ` [PATCH v6 11/33] riscv/mm : ensure PROT_WRITE leads to VM_READ | VM_WRITE Deepak Gupta
2024-10-08 22:36 ` Deepak Gupta
2024-10-09 13:36 ` Lorenzo Stoakes
2024-10-09 13:36 ` Lorenzo Stoakes
2024-10-10 0:02 ` Deepak Gupta
2024-10-10 0:02 ` Deepak Gupta
2024-10-08 22:36 ` [PATCH v6 12/33] riscv mm: manufacture shadow stack pte Deepak Gupta
2024-10-08 22:36 ` Deepak Gupta
2024-10-08 22:36 ` [PATCH v6 13/33] riscv mmu: teach pte_mkwrite to manufacture shadow stack PTEs Deepak Gupta
2024-10-08 22:36 ` Deepak Gupta
2024-10-08 22:36 ` [PATCH v6 14/33] riscv mmu: write protect and shadow stack Deepak Gupta
2024-10-08 22:36 ` Deepak Gupta
2024-10-08 22:36 ` [PATCH v6 15/33] riscv/mm: Implement map_shadow_stack() syscall Deepak Gupta
2024-10-08 22:36 ` Deepak Gupta
2024-10-08 22:36 ` [PATCH v6 16/33] riscv/shstk: If needed allocate a new shadow stack on clone Deepak Gupta
2024-10-08 22:36 ` Deepak Gupta
2024-10-08 22:55 ` Edgecombe, Rick P
2024-10-08 22:55 ` Edgecombe, Rick P
2024-10-08 23:17 ` Deepak Gupta
2024-10-08 23:17 ` Deepak Gupta
2024-10-08 23:31 ` Edgecombe, Rick P [this message]
2024-10-08 23:31 ` Edgecombe, Rick P
2024-10-09 10:25 ` Mark Brown
2024-10-09 10:25 ` Mark Brown
2024-10-08 22:36 ` [PATCH v6 17/33] prctl: arch-agnostic prctl for shadow stack Deepak Gupta
2024-10-08 22:36 ` Deepak Gupta
2024-10-08 22:37 ` [PATCH v6 18/33] prctl: arch-agnostic prctl for indirect branch tracking Deepak Gupta
2024-10-08 22:37 ` Deepak Gupta
2024-10-09 11:03 ` Mark Brown
2024-10-09 11:03 ` Mark Brown
2024-10-08 22:37 ` [PATCH v6 19/33] riscv: Implements arch agnostic shadow stack prctls Deepak Gupta
2024-10-08 22:37 ` Deepak Gupta
2024-10-09 12:44 ` Mark Brown
2024-10-09 12:44 ` Mark Brown
2024-10-08 22:37 ` [PATCH v6 20/33] riscv: Implements arch agnostic indirect branch tracking prctls Deepak Gupta
2024-10-08 22:37 ` Deepak Gupta
2024-10-08 22:37 ` [PATCH v6 21/33] riscv/traps: Introduce software check exception Deepak Gupta
2024-10-08 22:37 ` Deepak Gupta
2024-10-08 22:37 ` [PATCH v6 22/33] riscv: signal: abstract header saving for setup_sigcontext Deepak Gupta
2024-10-08 22:37 ` Deepak Gupta
2024-10-08 22:37 ` [PATCH v6 23/33] riscv/signal: save and restore of shadow stack for signal Deepak Gupta
2024-10-08 22:37 ` Deepak Gupta
2024-10-08 22:37 ` [PATCH v6 24/33] riscv/kernel: update __show_regs to print shadow stack register Deepak Gupta
2024-10-08 22:37 ` Deepak Gupta
2024-10-08 22:37 ` [PATCH v6 25/33] riscv/ptrace: riscv cfi status and state via ptrace and in core files Deepak Gupta
2024-10-08 22:37 ` Deepak Gupta
2024-10-08 22:37 ` [PATCH v6 26/33] riscv/hwprobe: zicfilp / zicfiss enumeration in hwprobe Deepak Gupta
2024-10-08 22:37 ` Deepak Gupta
2024-10-08 22:37 ` [PATCH v6 27/33] riscv: Add Firmware Feature SBI extensions definitions Deepak Gupta
2024-10-08 22:37 ` Deepak Gupta
2024-10-08 22:37 ` [PATCH v6 28/33] riscv: enable kernel access to shadow stack memory via FWFT sbi call Deepak Gupta
2024-10-08 22:37 ` Deepak Gupta
2024-10-08 22:37 ` [PATCH v6 29/33] riscv: kernel command line option to opt out of user cfi Deepak Gupta
2024-10-08 22:37 ` Deepak Gupta
2024-10-08 22:37 ` [PATCH v6 30/33] riscv: create a config for shadow stack and landing pad instr support Deepak Gupta
2024-10-08 22:37 ` Deepak Gupta
2024-10-08 22:37 ` [PATCH v6 31/33] riscv: Documentation for landing pad / indirect branch tracking Deepak Gupta
2024-10-08 22:37 ` Deepak Gupta
2024-10-08 22:37 ` [PATCH v6 32/33] riscv: Documentation for shadow stack on riscv Deepak Gupta
2024-10-08 22:37 ` Deepak Gupta
2024-10-08 22:37 ` [PATCH v6 33/33] kselftest/riscv: kselftest for user mode cfi Deepak Gupta
2024-10-08 22:37 ` Deepak Gupta
2024-10-11 5:44 ` Zong Li
2024-10-11 5:44 ` Zong Li
2024-10-11 10:18 ` Mark Brown
2024-10-11 10:18 ` Mark Brown
2024-10-11 11:43 ` Zong Li
2024-10-11 11:43 ` Zong Li
2024-10-11 19:45 ` Deepak Gupta
2024-10-11 19:45 ` Deepak Gupta
2024-10-14 14:33 ` Zong Li
2024-10-14 14:33 ` Zong Li
2024-10-09 11:05 ` [PATCH v6 00/33] riscv control-flow integrity for usermode Mark Brown
2024-10-09 11:05 ` Mark Brown
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=93a3315b3acd8a0585fe266bdfdbd44e54aabaee.camel@intel.com \
--to=rick.p.edgecombe@intel.com \
--cc=Liam.Howlett@oracle.com \
--cc=akpm@linux-foundation.org \
--cc=alexghiti@rivosinc.com \
--cc=alistair.francis@wdc.com \
--cc=andybnac@gmail.com \
--cc=aou@eecs.berkeley.edu \
--cc=arnd@arndb.de \
--cc=atishp@rivosinc.com \
--cc=bp@alien8.de \
--cc=brauner@kernel.org \
--cc=broonie@kernel.org \
--cc=charlie@rivosinc.com \
--cc=cleger@rivosinc.com \
--cc=conor@kernel.org \
--cc=corbet@lwn.net \
--cc=dave.hansen@linux.intel.com \
--cc=debug@rivosinc.com \
--cc=devicetree@vger.kernel.org \
--cc=ebiederm@xmission.com \
--cc=evan@rivosinc.com \
--cc=hpa@zytor.com \
--cc=jim.shu@sifive.com \
--cc=kees@kernel.org \
--cc=kito.cheng@sifive.com \
--cc=krzk+dt@kernel.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-riscv@lists.infradead.org \
--cc=lorenzo.stoakes@oracle.com \
--cc=mingo@redhat.com \
--cc=oleg@redhat.com \
--cc=palmer@dabbelt.com \
--cc=paul.walmsley@sifive.com \
--cc=peterz@infradead.org \
--cc=richard.henderson@linaro.org \
--cc=robh@kernel.org \
--cc=samitolvanen@google.com \
--cc=shuah@kernel.org \
--cc=tglx@linutronix.de \
--cc=vbabka@suse.cz \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.