From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-ej1-f50.google.com (mail-ej1-f50.google.com [209.85.218.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8DC9D226D05 for ; Thu, 14 May 2026 16:14:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.218.50 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1778775250; cv=none; b=k7jEG5aAD7zJz3cA3SHWtva8/8I75YfH8Oqy9rndrJ9ZfDb9iOmp15P6vcT9s7ZJ/avXhwihETzUM9lTbnk6REVw9wB2t68sfRJrTrxAIVrOlfXULOIhwsAhjePzsVgxqFZ64YLvp85zwJpoSUJDQsZdQCygrc9wnm9mQtJm1zA= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1778775250; c=relaxed/simple; bh=TrV62pL0prVBLtzUaY+E2+szXT9ZJFvLqIHxArZ//VA=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=aFpS2IazUUlTUgPgjLYc+8wUA4Imw82VPx99EYYuj1VjcpjaBJxzZH90I5l9apx2jchC07tnnACGJxnV0w9xRnf4daqVZF/c6mNvh7D8HFFM+A5E4OoY/Ra0QU6pNIll1rgQqNwePP6yBRQwDWByHSqpcj4+dbaCZh3klB1qtUY= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=grsecurity.net; spf=pass smtp.mailfrom=opensrcsec.com; dkim=pass (2048-bit key) header.d=grsecurity.net header.i=@grsecurity.net header.b=uLXl06sI; arc=none smtp.client-ip=209.85.218.50 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=grsecurity.net Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=opensrcsec.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=grsecurity.net header.i=@grsecurity.net header.b="uLXl06sI" Received: by mail-ej1-f50.google.com with SMTP id a640c23a62f3a-bce57c132b2so1784466b.0 for ; Thu, 14 May 2026 09:14:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=grsecurity.net; s=grsec; t=1778775247; x=1779380047; darn=vger.kernel.org; h=in-reply-to:autocrypt:from:content-language:references:cc:to :subject:user-agent:mime-version:date:message-id:from:to:cc:subject :date:message-id:reply-to; bh=TrV62pL0prVBLtzUaY+E2+szXT9ZJFvLqIHxArZ//VA=; b=uLXl06sIdpuNe/7Oar3uNamr8YZLa/f/J2GGo5ZYZWjQmUiJrFKJ020Pjh4FRmb3jf rLKN4ZAZzLF8YS/ur/3fUDErBIF58/iFRz+tQTpH7wB6xOh58WlbE7ubwIaUecBTPNX8 /r0PtE6H1PPNQhVWjr+g4LiVTCVuds1HKgtN1B9/OWQqPAnzNxw593MNy9ma2V7ARrOb 45MdjQMlJ/GerHIf2BA0gkfwidG1pgusbeSYRfSwI6oA6ATv8t1+96WltfnYB6b5BpjA d/bGOArGlrJpJ7bFzd4rLodajYQzeg3p1f1zhuHiObd/djSUaPxgq8NbaHzBU2b7qSSu G2lw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1778775247; x=1779380047; h=in-reply-to:autocrypt:from:content-language:references:cc:to :subject:user-agent:mime-version:date:message-id:x-gm-gg :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=TrV62pL0prVBLtzUaY+E2+szXT9ZJFvLqIHxArZ//VA=; b=QhjFIkncsNZ0jdi+4djR//aWISB/0u+wBns1ktq/6X6CmJVeZNl1/WoBqBUWy3FB5S 4b97HKxWyTeipcB6F93ujN2q2iPeaNEpKDfF3HPRIayqKlnNk32sdS8ynZ+VfT/u6gT9 Wjk7N44kYrgS8kxNiEOwqTUHOOhCRFlaT8NjCeebqsGOGRmP4Z6bnjKU8zHrKsl9DhFg LAfWh5dNxBdhShtSLn8I3E9LUNoXRRMtwDNZT4RhBNErmcMkGfprNHeDFudzACJ+q4jW YWc1xPc1W4qoO0QTov4y1nvtNsuBCCIvMSafrnnre9R0QMF07+LTb/PFCakY01HCnXgr yb3Q== X-Forwarded-Encrypted: i=1; AFNElJ8/vBIE0iuBuVL7z5N1nEOYbrELXOTPzhGvr/66RhoI+bJOAQl6dzQmb/JBjXOEniJIo9tU8TQX6InY8E8=@vger.kernel.org X-Gm-Message-State: AOJu0YyqUNFcdepgOiMBadsNK+3keFk6IO6+MPtd3TZKm4xRoh+a//9e FS/CdydE3re+BLIJhK8ISvixq4wOhM3Y6Qwc09FCB1IPW8qFSy9KlDntOjqHqBHDR+w= X-Gm-Gg: Acq92OFmjXCAct08IBnYr71xx9KyEW20YOUlO1Bx9ItD9cU9/ZTN0qBACpy4a72BSOV kiabtyuwGNtFmdp1Y1jYJPjH68tkjIIAQiTBRX8Wmi0DVn6qHX3nr53rHR5qHEpgardVBS4oTDS LUOPpIpLJ5JO+ND1aZRablUQgcGEPqMFkLUvi2ExJRyjP116E7oJmMStL91xyrbdBm0QmIVkie3 sLGd1yykwkeVy2C/Iasi/I7CD6GB6tGuqJtyA2bp/W8soJcq1xzrMD9GhlUptxQmck8u1L4GZLX +1feOX61sRzg4mPG2l8OQYV63wMfUVvj0UaxiaYY1picRYCmEvXxkfIYlxJ/x/xsLJRsZlLDEhj wUP9z6siXKsF1n6BX2XxSykexrKQcp+XtFxrmvmGcgJ7HheloUQzDC9TJzlqx4AV5+VBWRKD1Sr KG42q2/jLBcduRaSmvCOjHHGJ98yUIWSVeqQ== X-Received: by 2002:a17:907:1b81:b0:bd4:f3bc:c4b3 with SMTP id a640c23a62f3a-bd4f3bcd75amr172428466b.18.1778775246456; Thu, 14 May 2026 09:14:06 -0700 (PDT) Received: from [192.168.75.77] ([151.189.190.156]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-bd4f4dee133sm107403566b.35.2026.05.14.09.14.05 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 14 May 2026 09:14:05 -0700 (PDT) Message-ID: <4224602c-4bae-4d4e-9cbd-0b9c8b1d35d0@grsecurity.net> Date: Thu, 14 May 2026 18:14:04 +0200 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v2] x86/shstk: Provide kernel command line knob to disable To: "Edgecombe, Rick P" Cc: "bp@alien8.de" , "peterz@infradead.org" , "dave.hansen@linux.intel.com" , "Hansen, Dave" , "tglx@kernel.org" , "pbonzini@redhat.com" , "linux-kernel@vger.kernel.org" , "Gao, Chao" , "x86@kernel.org" , "mingo@redhat.com" References: <20260402173606.1096172-1-minipli@grsecurity.net> <3d7c8d26-558d-40ef-9ad9-3a5100eed9e5@grsecurity.net> <739e4dd0-84a3-4b37-8cc3-b7ec59737010@intel.com> <4cffee5d2886129e621d3011db1d00a236869d1d.camel@intel.com> <457a77eb-2a77-4873-b2a1-24f5110a0393@grsecurity.net> <5b605463-533f-46ae-833a-b6c8f9bcfae1@grsecurity.net> <15fb40f258adfaf50bdb0e2d3ab91748559268df.camel@intel.com> Content-Language: en-US, de-DE From: Mathias Krause Autocrypt: addr=minipli@grsecurity.net; keydata= xsDNBF4u6F8BDAC1kCIyATzlCiDBMrbHoxLywJSUJT9pTbH9MIQIUW8K1m2Ney7a0MTKWQXp 64/YTQNzekOmta1eZFQ3jqv+iSzfPR/xrDrOKSPrw710nVLC8WL993DrCfG9tm4z3faBPHjp zfXBIOuVxObXqhFGvH12vUAAgbPvCp9wwynS1QD6RNUNjnnAxh3SNMxLJbMofyyq5bWK/FVX 897HLrg9bs12d9b48DkzAQYxcRUNfL9VZlKq1fRbMY9jAhXTV6lcgKxGEJAVqXqOxN8DgZdU aj7sMH8GKf3zqYLDvndTDgqqmQe/RF/hAYO+pg7yY1UXpXRlVWcWP7swp8OnfwcJ+PiuNc7E gyK2QEY3z5luqFfyQ7308bsawvQcFjiwg+0aPgWawJ422WG8bILV5ylC8y6xqYUeSKv/KTM1 4zq2vq3Wow63Cd/qyWo6S4IVaEdfdGKVkUFn6FihJD/GxnDJkYJThwBYJpFAqJLj7FtDEiFz LXAkv0VBedKwHeBaOAVH6QEAEQEAAc0nTWF0aGlhcyBLcmF1c2UgPG1pbmlwbGlAZ3JzZWN1 cml0eS5uZXQ+wsERBBMBCgA7AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAFiEEd7J359B9 wKgGsB94J4hPxYYBGYYFAmBbH/cCGQEACgkQJ4hPxYYBGYaX/gv/WYhaehD88XjpEO+yC6x7 bNWQbk7ea+m82fU2x/x6A9L4DN/BXIxqlONzk3ehvW3wt1hcHeF43q1M/z6IthtxSRi059RO SarzX3xfXC1pc5YMgCozgE0VRkxH4KXcijLyFFjanXe0HzlnmpIJB6zTT2jgI70q0FvbRpgc rs3VKSFb+yud17KSSN/ir1W2LZPK6er6actK03L92A+jaw+F8fJ9kJZfhWDbXNtEE0+94bMa cdDWTaZfy6XJviO3ymVe3vBnSDakVE0HwLyIKvfAEok+YzuSYm1Nbd2T0UxgSUZHYlrUUH0y tVxjEFyA+iJRSdm0rbAvzpwau5FOgxRQDa9GXH6ie6/ke2EuZc3STNS6EBciJm1qJ7xb2DTf SNyOiWdvop+eQZoznJJte931pxkRaGwV+JXDM10jGTfyV7KT9751xdn6b6QjQANTgNnGP3qs TO5oU3KukRHgDcivzp6CWb0X/WtKy0Y/54bTJvI0e5KsAz/0iwH19IB0vpYLzsDNBF4u6F8B DADwcu4TPgD5aRHLuyGtNUdhP9fqhXxUBA7MMeQIY1kLYshkleBpuOpgTO/ikkQiFdg13yIv q69q/feicsjaveIEe7hUI9lbWcB9HKgVXW3SCLXBMjhCGCNLsWQsw26gRxDy62UXRCTCT3iR qHP82dxPdNwXuOFG7IzoGBMm3vZbBeKn0pYYWz2MbTeyRHn+ZubNHqM0cv5gh0FWsQxrg1ss pnhcd+qgoynfuWAhrPD2YtNB7s1Vyfk3OzmL7DkSDI4+SzS56cnl9Q4mmnsVh9eyae74pv5w kJXy3grazD1lLp+Fq60Iilc09FtWKOg/2JlGD6ZreSnECLrawMPTnHQZEIBHx/VLsoyCFMmO 5P6gU0a9sQWG3F2MLwjnQ5yDPS4IRvLB0aCu+zRfx6mz1zYbcVToVxQqWsz2HTqlP2ZE5cdy BGrQZUkKkNH7oQYXAQyZh42WJo6UFesaRAPc3KCOCFAsDXz19cc9l6uvHnSo/OAazf/RKtTE 0xGB6mQN34UAEQEAAcLA9gQYAQoAIAIbDBYhBHeyd+fQfcCoBrAfeCeIT8WGARmGBQJeORkW AAoJECeIT8WGARmGXtgL/jM4NXaPxaIptPG6XnVWxhAocjk4GyoUx14nhqxHmFi84DmHUpMz 8P0AEACQ8eJb3MwfkGIiauoBLGMX2NroXcBQTi8gwT/4u4Gsmtv6P27Isn0hrY7hu7AfgvnK owfBV796EQo4i26ZgfSPng6w7hzCR+6V2ypdzdW8xXZlvA1D+gLHr1VGFA/ZCXvVcN1lQvIo S9yXo17bgy+/Xxi2YZGXf9AZ9C+g/EvPgmKrUPuKi7ATNqloBaN7S2UBJH6nhv618bsPgPqR SV11brVF8s5yMiG67WsogYl/gC2XCj5qDVjQhs1uGgSc9LLVdiKHaTMuft5gSR9hS5sMb/cL zz3lozuC5nsm1nIbY62mR25Kikx7N6uL7TAZQWazURzVRe1xq2MqcF+18JTDdjzn53PEbg7L VeNDGqQ5lJk+rATW2VAy8zasP2/aqCPmSjlCogC6vgCot9mj+lmMkRUxspxCHDEms13K41tH RzDVkdgPJkL/NFTKZHo5foFXNi89kA== In-Reply-To: <15fb40f258adfaf50bdb0e2d3ab91748559268df.camel@intel.com> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------YD4c9cOqlJAsfEbMpQvXJdLk" This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------YD4c9cOqlJAsfEbMpQvXJdLk Content-Type: multipart/mixed; boundary="------------SvvveKIrCKtTOVv18y1tS8sI"; protected-headers="v1" From: Mathias Krause To: "Edgecombe, Rick P" Cc: "bp@alien8.de" , "peterz@infradead.org" , "dave.hansen@linux.intel.com" , "Hansen, Dave" , "tglx@kernel.org" , "pbonzini@redhat.com" , "linux-kernel@vger.kernel.org" , "Gao, Chao" , "x86@kernel.org" , "mingo@redhat.com" Message-ID: <4224602c-4bae-4d4e-9cbd-0b9c8b1d35d0@grsecurity.net> Subject: Re: [PATCH v2] x86/shstk: Provide kernel command line knob to disable References: <20260402173606.1096172-1-minipli@grsecurity.net> <3d7c8d26-558d-40ef-9ad9-3a5100eed9e5@grsecurity.net> <739e4dd0-84a3-4b37-8cc3-b7ec59737010@intel.com> <4cffee5d2886129e621d3011db1d00a236869d1d.camel@intel.com> <457a77eb-2a77-4873-b2a1-24f5110a0393@grsecurity.net> <5b605463-533f-46ae-833a-b6c8f9bcfae1@grsecurity.net> <15fb40f258adfaf50bdb0e2d3ab91748559268df.camel@intel.com> In-Reply-To: <15fb40f258adfaf50bdb0e2d3ab91748559268df.camel@intel.com> --------------SvvveKIrCKtTOVv18y1tS8sI Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 5/14/26 02:31, Edgecombe, Rick P wrote: > On Wed, 2026-05-13 at 22:51 +0200, Mathias Krause wrote: >> On 08.05.26 18:35, Edgecombe, Rick P wrote: >>> On Fri, 2026-05-08 at 09:23 +0200, Mathias Krause wrote: >>>>> Now that KVM uses this this feature independently of X86_FEATURE_US= ER_SHSTK, >>>>> it might be good to have the plain HW shstk feature exposed for jus= t normal >>>>> runtime user use. (+Chao, for KVM CET) >>>> >>>> But that sounds more like having the need for an official chicken bi= t, >>>> like I was proposing, no? Using 'clearcpuid=3Dshstk' as a workaround= for >>>> whatever KVM bugs, similar in spirit to 'nousershstk', but without t= he >>>> kernel taint? >>> >>> For users to turn off shadow stack for guests? You can do this via th= e KVM API >>> in the normal way you customize guests. >> >> https://git.kernel.org/linus/2d5d3fc593c9b7e41bee86175d7b9e11f470072e >> >> Oh, well.... >=20 > Heh, well, the clearcpuid would have helped debugging I guess. And that= module > param turns off shadow stack for KVM, but not for userspace. So doesn't= help > your CR4.CET problems I guess. Yeah, I was more trying to say that if the initial version of my patch would have landed, it could be used to workaround the KVM issue in the meantime as well. Anyhow! >=20 > Are you planning to send another revision of the clearcpuid approach? I= 'm > convinced something like this is a good thing to have, so I'll probably= pick it > up if you don't. Sorry, I was busy with holidays and travel. Here we go: https://lore.kernel.org/lkml/20260514160932.91556-1-minipli@grsecurity.ne= t/ Thanks, Mathias --------------SvvveKIrCKtTOVv18y1tS8sI-- --------------YD4c9cOqlJAsfEbMpQvXJdLk Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature.asc" -----BEGIN PGP SIGNATURE----- wsD5BAABCAAjFiEEd7J359B9wKgGsB94J4hPxYYBGYYFAmoF9MwFAwAAAAAACgkQJ4hPxYYBGYZA MQv/fWRsx33JdFTvXN/uvHKSJ1H4PotXvYFyNt+WsJ6KFmEeXTAkN4jqaC6dQdBHW54H1qVEF3J6 ortBe3OQRzfXSURUG7GLNKIDeVXyd+URF6uyZFyOWHbMsxJ0lJY37WUZf8ORq7xlFrTwL4lJTLhE muOhrsL8G1tICsmL3MziXSzWYQdot0mAN6WSTMC9XTNb+aZZOsrrc+gUKeAoX/jTBW6432yL1l6R 47XBr0zPLn8/y1coXMAH3TqGKKXuPZvNCgZfSMqiUQi38pfrzklyJ5r2177OPt5AkxQnBiQ3RjQI Pu9eBDjcGJ084blgqwwvysoS4rGasFiWofgbyPONXT/5DqH6t6O8EcvgQdb5xSkqfOAiC1MpMucl EUWNJ8Om9ozDYfthrAJMXa1584rkPN3hbOHWL644EaPc1oYZjQjtB8GaAmszlUzrgmr0oVrOs+zL 6DSI7fDNCZu+2mxo7/YbJvlNBMWM6d/5VBOHV4pwq6byoa+PJ0iunKKQBMyM =taDf -----END PGP SIGNATURE----- --------------YD4c9cOqlJAsfEbMpQvXJdLk--