From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 23CE2C433EF
	for <linux-mm@archiver.kernel.org>; Wed,  9 Feb 2022 06:43:48 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 65CA46B0073; Wed,  9 Feb 2022 01:43:47 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 60B226B0074; Wed,  9 Feb 2022 01:43:47 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 4D3126B0075; Wed,  9 Feb 2022 01:43:47 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0002.hostedemail.com [216.40.44.2])
	by kanga.kvack.org (Postfix) with ESMTP id 3E6C26B0073
	for <linux-mm@kvack.org>; Wed,  9 Feb 2022 01:43:47 -0500 (EST)
Received: from smtpin20.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay02.hostedemail.com (Postfix) with ESMTP id F21CD998CA
	for <linux-mm@kvack.org>; Wed,  9 Feb 2022 06:43:46 +0000 (UTC)
X-FDA: 79122300852.20.EFF8F02
Received: from mail-lf1-f51.google.com (mail-lf1-f51.google.com [209.85.167.51])
	by imf02.hostedemail.com (Postfix) with ESMTP id 88CBB80005
	for <linux-mm@kvack.org>; Wed,  9 Feb 2022 06:43:46 +0000 (UTC)
Received: by mail-lf1-f51.google.com with SMTP id x23so2428650lfc.0
        for <linux-mm@kvack.org>; Tue, 08 Feb 2022 22:43:46 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=date:from:to:cc:subject:message-id:references:mime-version
         :content-disposition:in-reply-to:user-agent;
        bh=pAAzM9YEmsN6BS7NBJa5z8OM37Zy1PTMVGmhl1fo81w=;
        b=FlVvYLWZE91QEPrPjnkeKbrPdSH+5IeJN/XcHoBhkj2vD8EH3wR/24NglxFpdb+eTM
         +Odo2S8UX7+C1f+j+JnNN86RN0MrROOerK5spsgTF6441CEsncZo/EiJgLd0UrXyq4ew
         qHQXBblQ10ly18eF9co0j+Qc2WNfBqX5upTijJ/pjxqLnI8t+ay/agCNONO08mJ5AA1F
         0ITPdrQi+oJsoFHrbIY0yP36MjyXKjJalN84O6oJ72h0/6YvgWje0y4XPRZiDWDr5CDT
         n5JCD0U1OKqfyDCf0nIdC1BI7qsCi7MOC0jApbRuMropCtd+nHE/kgkqk9z586rPkztl
         FYLg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:references
         :mime-version:content-disposition:in-reply-to:user-agent;
        bh=pAAzM9YEmsN6BS7NBJa5z8OM37Zy1PTMVGmhl1fo81w=;
        b=KJ5OtIoMlSOFjQEwCUiz4IwS4NzoDu1cjJKsJcInVdinbbuqUvvjfMY2/w0zzCgvvT
         SBLf5goA8jPVAqFe8W5BauyIVVVC2lym2/fK2MQS2Etsu9Xhes4Qit9HqC24HY3uZgMg
         vfgIlNflnjcmjNuL4s3V8n38oa1Xe9fE12s+Eu9bZsSGc8rYDwQJqp0fLRqyRlNBjGpW
         kJkZ1fsPk+noBOYe6a3yzNjo8S4TBDA0/TrZzs20yjaFhDH4iN5LYiUuFcc5bApthK2R
         QWN6q3PqRoatEUd2c6qU5tPYPCl/2IRgDGriJoOWVGWdPJ675wANIK+HEtPNgsuy37A+
         O7Og==
X-Gm-Message-State: AOAM531jXkFskuIkRZfvpGlXPMlILajWDrlaVE/AtZIq6c7pLqG6woZ/
	UeDegMz8hJZnFd/ywCkbTmg=
X-Google-Smtp-Source: ABdhPJypQnDZgbJ8Curzq6PkvfxuGqIegGNX0qm0cm40T1ctE7nHCinC134HL2iJXR+3MIPZGN5BQw==
X-Received: by 2002:a05:6512:b11:: with SMTP id w17mr590074lfu.381.1644389024921;
        Tue, 08 Feb 2022 22:43:44 -0800 (PST)
Received: from grain.localdomain ([5.18.251.97])
        by smtp.gmail.com with ESMTPSA id e13sm2328340ljj.85.2022.02.08.22.43.43
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 08 Feb 2022 22:43:43 -0800 (PST)
Received: by grain.localdomain (Postfix, from userid 1000)
	id 349FD5A0020; Wed,  9 Feb 2022 09:43:43 +0300 (MSK)
Date: Wed, 9 Feb 2022 09:43:43 +0300
From: Cyrill Gorcunov <gorcunov@gmail.com>
To: "Edgecombe, Rick P" <rick.p.edgecombe@intel.com>
Cc: "Lutomirski, Andy" <luto@kernel.org>,
	"bsingharora@gmail.com" <bsingharora@gmail.com>,
	"hpa@zytor.com" <hpa@zytor.com>,
	"Syromiatnikov, Eugene" <esyr@redhat.com>,
	"peterz@infradead.org" <peterz@infradead.org>,
	"rdunlap@infradead.org" <rdunlap@infradead.org>,
	"keescook@chromium.org" <keescook@chromium.org>,
	"0x7f454c46@gmail.com" <0x7f454c46@gmail.com>,
	"dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>,
	"kirill.shutemov@linux.intel.com" <kirill.shutemov@linux.intel.com>,
	"Eranian, Stephane" <eranian@google.com>,
	"linux-mm@kvack.org" <linux-mm@kvack.org>,
	"adrian@lisas.de" <adrian@lisas.de>,
	"fweimer@redhat.com" <fweimer@redhat.com>,
	"nadav.amit@gmail.com" <nadav.amit@gmail.com>,
	"jannh@google.com" <jannh@google.com>,
	"avagin@gmail.com" <avagin@gmail.com>,
	"linux-arch@vger.kernel.org" <linux-arch@vger.kernel.org>,
	"kcc@google.com" <kcc@google.com>, "bp@alien8.de" <bp@alien8.de>,
	"oleg@redhat.com" <oleg@redhat.com>,
	"hjl.tools@gmail.com" <hjl.tools@gmail.com>,
	"pavel@ucw.cz" <pavel@ucw.cz>,
	"linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org>,
	"arnd@arndb.de" <arnd@arndb.de>,
	"Moreira, Joao" <joao.moreira@intel.com>,
	"tglx@linutronix.de" <tglx@linutronix.de>,
	"mike.kravetz@oracle.com" <mike.kravetz@oracle.com>,
	"x86@kernel.org" <x86@kernel.org>,
	"Yang, Weijiang" <weijiang.yang@intel.com>,
	"rppt@kernel.org" <rppt@kernel.org>,
	"Dave.Martin@arm.com" <Dave.Martin@arm.com>,
	"john.allen@amd.com" <john.allen@amd.com>,
	"mingo@redhat.com" <mingo@redhat.com>,
	"Hansen, Dave" <dave.hansen@intel.com>,
	"corbet@lwn.net" <corbet@lwn.net>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	"linux-api@vger.kernel.org" <linux-api@vger.kernel.org>,
	"Shankar, Ravi V" <ravi.v.shankar@intel.com>,
	Pavel Tikhomirov <ptikhomirov@virtuozzo.com>,
	alexander.mikhalitsyn@virtuozzo.com
Subject: Re: [PATCH 00/35] Shadow stacks for userspace
Message-ID: <YgNin5wkSaixCwdx@grain>
References: <20220130211838.8382-1-rick.p.edgecombe@intel.com>
 <YgAWVSGQg8FPCeba@kernel.org>
 <YgDIIpCm3UITk896@lisas.de>
 <8f96c2a6-9c03-f97a-df52-73ffc1d87957@intel.com>
 <YgI1A0CtfmT7GMIp@kernel.org>
 <YgI37n+3JfLSNQCQ@grain>
 <357664de-b089-4617-99d1-de5098953c80@www.fastmail.com>
 <YgKiKEcsNt7mpMHN@grain>
 <8e36f20723ca175db49ed3cc73e42e8aa28d2615.camel@intel.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <8e36f20723ca175db49ed3cc73e42e8aa28d2615.camel@intel.com>
User-Agent: Mutt/2.0.7 (2021-05-04)
X-Rspamd-Server: rspam11
X-Rspam-User: 
X-Stat-Signature: ea9eqqrfeeg39a815hyau4gkh57n3msk
Authentication-Results: imf02.hostedemail.com;
	dkim=pass header.d=gmail.com header.s=20210112 header.b=FlVvYLWZ;
	dmarc=pass (policy=none) header.from=gmail.com;
	spf=pass (imf02.hostedemail.com: domain of gorcunov@gmail.com designates 209.85.167.51 as permitted sender) smtp.mailfrom=gorcunov@gmail.com
X-Rspamd-Queue-Id: 88CBB80005
X-HE-Tag: 1644389026-634165
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Wed, Feb 09, 2022 at 02:18:42AM +0000, Edgecombe, Rick P wrote:
...
> 
> Still wrapping my head around the CRIU save and restore steps, but
> another general approach might be to give ptrace the ability to
> temporarily pause/resume/set CET enablement and SSP for a stopped
> thread. Then injected code doesn't need to jump through any hoops or
> possibly run into road blocks. I'm not sure how much this opens things
> up if the thread has to be stopped...
> 
> Cyrill, could it fit into the CRIU pause and resume flow? What action
> causes the final resuming of execution of the restored process for
> checkpointing and for restore? Wondering if we could somehow make CET
> re-enable exactly then.
> 
> And I guess this also needs a way to create shadow stack allocations at
> a specific address to match where they were in the dumped process. That
> is missing in this series.

Thanks Rick! This sounds like an option. I need a couple of days to refresh
my memory about criu internals. Let me CC a few current active criu developers
(CC list is already big enough though:), maybe this will speedup the procedure.