From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 29A10EB64DA
	for <linux-mm@archiver.kernel.org>; Wed, 19 Jul 2023 14:06:39 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 5154E280061; Wed, 19 Jul 2023 10:06:38 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 4C5B928004C; Wed, 19 Jul 2023 10:06:38 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 3668B280061; Wed, 19 Jul 2023 10:06:38 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11])
	by kanga.kvack.org (Postfix) with ESMTP id 2756628004C
	for <linux-mm@kvack.org>; Wed, 19 Jul 2023 10:06:38 -0400 (EDT)
Received: from smtpin12.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay03.hostedemail.com (Postfix) with ESMTP id E4694A035B
	for <linux-mm@kvack.org>; Wed, 19 Jul 2023 14:06:37 +0000 (UTC)
X-FDA: 81028536834.12.F680DC8
Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217])
	by imf13.hostedemail.com (Postfix) with ESMTP id 73DA520122
	for <linux-mm@kvack.org>; Wed, 19 Jul 2023 14:04:50 +0000 (UTC)
Authentication-Results: imf13.hostedemail.com;
	dkim=pass header.d=kernel.org header.s=k20201202 header.b=TtDEmqka;
	dmarc=pass (policy=none) header.from=kernel.org;
	spf=pass (imf13.hostedemail.com: domain of rppt@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=rppt@kernel.org
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1689775490;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=skUIbwIlGtshqPhNOGcPXcVsMgslT3zTe7PGNPXEQ44=;
	b=DCb1cVPspNaauemPXJ4sxLxsk7qW5/nDM4x7jJ4+rSmZpNhE9fnCWDNOWpRsMsHushavKG
	fxI2sy7GmE7hHB6xBI7ANlF8Y+hUqAEhnXOi6Of1ZaH9mTvp6SDJ7ED3POlTaShjUvfAyq
	1eq5AC1aEPTq8IBVLkd2LO3887cd2mg=
ARC-Authentication-Results: i=1;
	imf13.hostedemail.com;
	dkim=pass header.d=kernel.org header.s=k20201202 header.b=TtDEmqka;
	dmarc=pass (policy=none) header.from=kernel.org;
	spf=pass (imf13.hostedemail.com: domain of rppt@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=rppt@kernel.org
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1689775490; a=rsa-sha256;
	cv=none;
	b=i21lYqBMobY7TR/3JY7kInKV4Ch9j45UJH/G16WmPWqxOrTvSRKFbHedTLU44drO3aYyqs
	hQOo+fLy8KqfA32NhJk6l8Gxo2529ybF/2l8OPuO8EHWxvjJGEiwopglB7hNfj4Tj2qmz3
	neJVbfTuH8808kmzbXtZOkGs0XPLTG8=
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits))
	(No client certificate requested)
	by dfw.source.kernel.org (Postfix) with ESMTPS id 6220161703;
	Wed, 19 Jul 2023 14:04:49 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 86A33C433C7;
	Wed, 19 Jul 2023 14:04:39 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1689775488;
	bh=DsojJ8c08YhYOhIvhoV59R7SwUBwaWbGSlmHEcsKZIQ=;
	h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
	b=TtDEmqkabHBem9yJ7UzUmARHyvi7MfK3yPcEyBtqqc7iZpVi7XQ8rE/0nEed/u3fv
	 4jebzSAa69JN1WtB38UjvB8xD06fuG2SQQtcGs8jKC6rGw448mbgLhZMths0nC0WNk
	 vSk76ltaFEH6wgCafpCjBas90/imoqlU4CuITdsDb72bjCO7WlVe71Cfrb+pCSO8yZ
	 NDQtZKHAvd1GCWZqcLWxVgwspGle7NGLv6vFH2Okt1VtqRbTTatFLMZSjaQb2z/hQL
	 a29Uwycd9cZsDnrGsxpeQF6Z4gXKMbCbFgBumx/gikMzJL8w9GfYE5x+oKv/FxQgS8
	 26Rb5GPG8hhOw==
Date: Wed, 19 Jul 2023 17:04:19 +0300
From: Mike Rapoport <rppt@kernel.org>
To: Mark Brown <broonie@kernel.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>,
	Will Deacon <will@kernel.org>, Jonathan Corbet <corbet@lwn.net>,
	Andrew Morton <akpm@linux-foundation.org>,
	Marc Zyngier <maz@kernel.org>,
	Oliver Upton <oliver.upton@linux.dev>,
	James Morse <james.morse@arm.com>,
	Suzuki K Poulose <suzuki.poulose@arm.com>,
	Arnd Bergmann <arnd@arndb.de>, Oleg Nesterov <oleg@redhat.com>,
	Eric Biederman <ebiederm@xmission.com>,
	Kees Cook <keescook@chromium.org>, Shuah Khan <shuah@kernel.org>,
	"Rick P. Edgecombe" <rick.p.edgecombe@intel.com>,
	Deepak Gupta <debug@rivosinc.com>, Ard Biesheuvel <ardb@kernel.org>,
	Szabolcs Nagy <Szabolcs.Nagy@arm.com>,
	"H.J. Lu" <hjl.tools@gmail.com>,
	Paul Walmsley <paul.walmsley@sifive.com>,
	Palmer Dabbelt <palmer@dabbelt.com>,
	Albert Ou <aou@eecs.berkeley.edu>,
	linux-arm-kernel@lists.infradead.org, linux-doc@vger.kernel.org,
	kvmarm@lists.linux.dev, linux-fsdevel@vger.kernel.org,
	linux-arch@vger.kernel.org, linux-mm@kvack.org,
	linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org,
	linux-riscv@lists.infradead.org
Subject: Re: [PATCH 04/35] arm64/gcs: Document the ABI for Guarded Control
 Stacks
Message-ID: <20230719140419.GK1901145@kernel.org>
References: <20230716-arm64-gcs-v1-0-bf567f93bba6@kernel.org>
 <20230716-arm64-gcs-v1-4-bf567f93bba6@kernel.org>
 <20230719114437.GJ1901145@kernel.org>
 <01dd7853-953d-4715-8cf0-c2f500065b55@sirena.org.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <01dd7853-953d-4715-8cf0-c2f500065b55@sirena.org.uk>
X-Rspamd-Queue-Id: 73DA520122
X-Rspam-User: 
X-Rspamd-Server: rspam04
X-Stat-Signature: duwy8zuf96kxhyus1u8ot4ecb3did5io
X-HE-Tag: 1689775490-136273
X-HE-Meta: U2FsdGVkX19rg7G3akgmnDzIQep8gvmQg3s2oLEAngtytynyUsfqUOenj9LNL56D/XMeErXYXNREo7DF21sL69Dzy7w/PpLzN2a+l3VfETnuHPAKTcdRxzmNQnhwfdnU6ozXKzdC/vvui/5SrTCBi3OXzPGLEzOsqt4Uqhjp4II88sn62Zq5oc8fUWQV+QbPpSepmQJc0pZrpbMf4MegyynjfsBTFZoDAOyQ69qA/WOMcogsD57WGnwO0y3ILVJwc5/1oM2cVkPXLpBUe5qs5tftzjxEjqfZgGGrQRAqVHxcmVOLipjo9+A17EkeelXF8Uu56C4OWw1zIKUiShv2NnYP5OOW2mrq+GLNRpNH+20R0VFXYcSR6NcapAzS68oIt/OGW/VKXaFmgO0Nk6GYN15o0IHESjIct9G/lANT2hggWuOplTyVUKbxGYEKQw/OKy0v6cs0gJpl3qG2sWVM8H/eFPOquZCWWBCjhjvnGJLQ/8LI9regrab8bAwMb5SU1RwMNkRg/JObAGIVy1kKKjD61qgurBKttSKsfUoqszm5ShB2NyBSI4NccY5XdRyD9Gjo8AlKbnUOyvS3cticnqpmNFsANE2JfCbyxfsmhKODe5cxL3MaRTCaNKqhZzwCyk52Bb1jvoVEm48EtWbS2S6rj7hZlGHp5kSt6b4bV/NCaYKPsSxOENH7nJMMDYmAkI2a2XM+zju9sN8D/8ILUPiKrqbZ9yqIcNVx3o/H8J4d6hRlQ4eGQmfIalzXElN9rPof0bD+01UpPiw8SgOjn1M1M+x+0sZj1OZDMlOA5aFQ8IeJAlWe0xj8pOokRFxLEfRchQ48G1xIKqlN1HsOIcfjo5Ja1QI/uGjnrY5zzf6z5LaNytllVAoRBnZ9dycTimgoWKMobCfPdb7CjCIuKH5tZjlJ0cxIdRpBZzuRWfXGJ+pfkZLSspcaRZZ6pgTN7/EmhP9vrIbfsVQ6wOp
 Ysolu1v/
 hESOkOztfjQH6uDZ33yV6g+w0PelzYPoRT1dDNyWypKIvSiM0NLFOFmE9wlCjyVw5Ho+sVRRpI4yYeCuoJaKKfX+zxjFW06CyhiBTdL8XnzQFwERsTo2Y/+6lJ83RU5iVxcl7+DXKuj2lQ09Ia7kbuVOrk7Z3Og8HbUAIFQ6QmVONuZZYj8VuSkh310FRlDl/98LS4X/EUqeZTtlhyYX/0bL9BI/T4+k6dxpO3jWssr1RB+lJ4hAsxuI5QmXQc7QTpsQZc925clJxxIzQGZfvyNmfxVw+lRzwnavFHVWs8r01zs4DWPAvaw1bkPolx0jzJEINgOJkm7EOqdxqU1BtFHh/mB7PNwj8LKzA4e88Mzz0f20=
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Wed, Jul 19, 2023 at 02:25:38PM +0100, Mark Brown wrote:
> On Wed, Jul 19, 2023 at 02:44:37PM +0300, Mike Rapoport wrote:
> > On Sun, Jul 16, 2023 at 10:51:00PM +0100, Mark Brown wrote:
> 
> > > +7.  ptrace extensions
> > > +---------------------
> > > +
> > > +* A new regset NT_ARM_GCS is defined for use with PTRACE_GETREGSET and
> > > +  PTRACE_SETREGSET.
> > > +
> > > +* Due to the complexity surrounding allocation and deallocation of stakcs and
> > > +  lack of practical application changes to the GCS configuration via ptrace
> > > +  are not supported.
> 
> > On x86 CRIU needed to be able to temporarily unlock shadow stack features
> > to recreate the shadow stack of the thread being restored. I presume CRIU
> > will need something like that on arm64 as well.
> 
> It would be good to understand why and what exactly is needed here.
> I'm guessing the main thing would be stores? 

Yes, CRIU has to modify the shadow stack.

CRIU uses sigreturn directly, so we had to update the shadow stack before
calling sigreturn.
On x86 ptrace(POKEDATA) and update of the shadow stack pointer were enough,
but it looks like ptrace(POKEDATA) won't work on arm64.

Another place that requires shadow stack modifications is the restore of
the shadow stack from the checkpoint. On x86 we had to enable WRSS and that
required to temporarily unlock the features.

> It's relatively easy to add features later, I think I'll just add support
> for everything except enable just now.

Fair enough :)

-- 
Sincerely yours,
Mike.