[GIT PULL] x86/shstk change for v6.10

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* [GIT PULL] x86/shstk change for v6.10
@ 2024-05-13  8:13 Ingo Molnar
  2024-05-14  2:38 ` Linus Torvalds
  2024-05-14  2:51 ` pr-tracker-bot
  0 siblings, 2 replies; 6+ messages in thread
From: Ingo Molnar @ 2024-05-13  8:13 UTC (permalink / raw)
  To: Linus Torvalds
  Cc: linux-kernel, the arch/x86 maintainers, H.J. Lu, H. Peter Anvin

Linus,

Please pull the latest x86/shstk Git tree from:

   git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git x86-shstk-2024-05-13

   # HEAD: 2883f01ec37dd8668e7222dfdb5980c86fdfe277 x86/shstk: Enable shadow stacks for x32

Enable shadow stacks for x32.

While we normally don't do such feature-enabling on 32-bit
kernels anymore, this change is small, straightforward & tested on
upstream glibc.

 Thanks,

	Ingo

------------------>
H.J. Lu (1):
      x86/shstk: Enable shadow stacks for x32


 arch/x86/entry/syscalls/syscall_64.tbl | 2 +-
 arch/x86/kernel/shstk.c                | 4 ++--
 arch/x86/kernel/signal_64.c            | 6 ++++++
 3 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/arch/x86/entry/syscalls/syscall_64.tbl b/arch/x86/entry/syscalls/syscall_64.tbl
index 7e8d46f4147f..cc78226ffc35 100644
--- a/arch/x86/entry/syscalls/syscall_64.tbl
+++ b/arch/x86/entry/syscalls/syscall_64.tbl
@@ -374,7 +374,7 @@
 450	common	set_mempolicy_home_node	sys_set_mempolicy_home_node
 451	common	cachestat		sys_cachestat
 452	common	fchmodat2		sys_fchmodat2
-453	64	map_shadow_stack	sys_map_shadow_stack
+453	common	map_shadow_stack	sys_map_shadow_stack
 454	common	futex_wake		sys_futex_wake
 455	common	futex_wait		sys_futex_wait
 456	common	futex_requeue		sys_futex_requeue
diff --git a/arch/x86/kernel/shstk.c b/arch/x86/kernel/shstk.c
index 59e15dd8d0f8..6f1e9883f074 100644
--- a/arch/x86/kernel/shstk.c
+++ b/arch/x86/kernel/shstk.c
@@ -163,8 +163,8 @@ static int shstk_setup(void)
 	if (features_enabled(ARCH_SHSTK_SHSTK))
 		return 0;
 
-	/* Also not supported for 32 bit and x32 */
-	if (!cpu_feature_enabled(X86_FEATURE_USER_SHSTK) || in_32bit_syscall())
+	/* Also not supported for 32 bit */
+	if (!cpu_feature_enabled(X86_FEATURE_USER_SHSTK) || in_ia32_syscall())
 		return -EOPNOTSUPP;
 
 	size = adjust_shstk_size(0);
diff --git a/arch/x86/kernel/signal_64.c b/arch/x86/kernel/signal_64.c
index 23d8aaf8d9fd..8a94053c5444 100644
--- a/arch/x86/kernel/signal_64.c
+++ b/arch/x86/kernel/signal_64.c
@@ -315,6 +315,9 @@ int x32_setup_rt_frame(struct ksignal *ksig, struct pt_regs *regs)
 
 	uc_flags = frame_uc_flags(regs);
 
+	if (setup_signal_shadow_stack(ksig))
+		return -EFAULT;
+
 	if (!user_access_begin(frame, sizeof(*frame)))
 		return -EFAULT;
 
@@ -377,6 +380,9 @@ COMPAT_SYSCALL_DEFINE0(x32_rt_sigreturn)
 	if (!restore_sigcontext(regs, &frame->uc.uc_mcontext, uc_flags))
 		goto badframe;
 
+	if (restore_signal_shadow_stack())
+		goto badframe;
+
 	if (compat_restore_altstack(&frame->uc.uc_stack))
 		goto badframe;
 

^ permalink raw reply related	[flat|nested] 6+ messages in thread

* Re: [GIT PULL] x86/shstk change for v6.10
  2024-05-13  8:13 [GIT PULL] x86/shstk change for v6.10 Ingo Molnar
@ 2024-05-14  2:38 ` Linus Torvalds
  2024-05-14  9:27   ` Borislav Petkov
  2024-05-15  8:07   ` Ingo Molnar
  2024-05-14  2:51 ` pr-tracker-bot
  1 sibling, 2 replies; 6+ messages in thread
From: Linus Torvalds @ 2024-05-14  2:38 UTC (permalink / raw)
  To: Ingo Molnar
  Cc: linux-kernel, the arch/x86 maintainers, H.J. Lu, H. Peter Anvin

On Mon, 13 May 2024 at 01:13, Ingo Molnar <mingo@kernel.org> wrote:
>
> Enable shadow stacks for x32.
>
> While we normally don't do such feature-enabling on 32-bit
> kernels anymore, this change is small, straightforward & tested on
> upstream glibc.

Color me confused.

  "feature-enabling on 32-bit kernels"

This is not for 32-bit kernels, as far as I can tell. This is just the
x32 user mode for x86-64 kernels.

Or am I missing something?

I've pulled this, but does anybody actually use x32? I feel like it
was a failed experiment. No?

              Linus

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [GIT PULL] x86/shstk change for v6.10
  2024-05-14  2:38 ` Linus Torvalds
@ 2024-05-14  9:27   ` Borislav Petkov
  2024-05-15  8:07   ` Ingo Molnar
  1 sibling, 0 replies; 6+ messages in thread
From: Borislav Petkov @ 2024-05-14  9:27 UTC (permalink / raw)
  To: Linus Torvalds
  Cc: Ingo Molnar, linux-kernel, the arch/x86 maintainers, H.J. Lu,
	H. Peter Anvin

On Mon, May 13, 2024 at 07:38:13PM -0700, Linus Torvalds wrote:
> I've pulled this, but does anybody actually use x32? I feel like it
> was a failed experiment. No?

Well, I did ask that at the time:

https://lore.kernel.org/r/20240322164912.GAZf22iBdqdkIFcrsl@fat_crate.local

The answer on another subthread was: "Because it just works?"

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [GIT PULL] x86/shstk change for v6.10
  2024-05-14  2:38 ` Linus Torvalds
  2024-05-14  9:27   ` Borislav Petkov
@ 2024-05-15  8:07   ` Ingo Molnar
  2024-05-23 15:14     ` Nathan Chancellor
  1 sibling, 1 reply; 6+ messages in thread
From: Ingo Molnar @ 2024-05-15  8:07 UTC (permalink / raw)
  To: Linus Torvalds
  Cc: linux-kernel, the arch/x86 maintainers, H.J. Lu, H. Peter Anvin

* Linus Torvalds <torvalds@linux-foundation.org> wrote:

> On Mon, 13 May 2024 at 01:13, Ingo Molnar <mingo@kernel.org> wrote:
> >
> > Enable shadow stacks for x32.
> >
> > While we normally don't do such feature-enabling on 32-bit
> > kernels anymore, this change is small, straightforward & tested on
> > upstream glibc.
> 
> Color me confused.
> 
>   "feature-enabling on 32-bit kernels"
> 
> This is not for 32-bit kernels, as far as I can tell. This is just the
> x32 user mode for x86-64 kernels.
> 
> Or am I missing something?

Brainfart: feature-enabling for 32-bit user-space ...

> I've pulled this, but does anybody actually use x32? I feel like it
> was a failed experiment. No?

Yeah, so H.J. Lu suggested that shadow-stacks are a natural extension of 
our security facilities on OSs where x32 is already enabled:

   https://lore.kernel.org/all/CAMe9rOo1ZONFgBkuN_Ni3REBRsedNwj3gNnXj1oxB0bQzuNipA@mail.gmail.com/

H.J: *which* are those OSs? I don't think any major Linux distro enables 
x32 anymore - here's Ubuntu and Fedora for example:

  kepler:~/tip> grep X32 /boot/config-6.5.0-35-generic 
  # CONFIG_X86_X32_ABI is not set

  kepler:~/s/fedora> grep X32 lib/modules/6.9.0-64.fc41.x86_64/config
  # CONFIG_X86_X32_ABI is not set

Another feedback was that the observed lack of x32 kernel regressions 
upstream could be because 'it just works':

   https://lore.kernel.org/all/CAMe9rOoEQ3jUUXy+Kai9Hg83b+79azmGfu8DBR=A3HSL05kj0A@mail.gmail.com/

... so at this point I think we should be permissive towards well-tested 
patches, barring contrary evidence.

'Contrary evidence' would be for example some x32 regression that wasn't 
fixed for a long time while nobody cared, at which point we'd remove x32 
instead of fixing something that wasn't working for a long time. I'm not 
aware of such a regression yet, BYMMV.

Thanks,

	Ingo

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [GIT PULL] x86/shstk change for v6.10
  2024-05-15  8:07   ` Ingo Molnar
@ 2024-05-23 15:14     ` Nathan Chancellor
  0 siblings, 0 replies; 6+ messages in thread
From: Nathan Chancellor @ 2024-05-23 15:14 UTC (permalink / raw)
  To: Ingo Molnar
  Cc: Linus Torvalds, linux-kernel, the arch/x86 maintainers, H.J. Lu,
	H. Peter Anvin

On Wed, May 15, 2024 at 10:07:33AM +0200, Ingo Molnar wrote:
> H.J: *which* are those OSs? I don't think any major Linux distro enables 
> x32 anymore - here's Ubuntu and Fedora for example:
> 
>   kepler:~/tip> grep X32 /boot/config-6.5.0-35-generic 
>   # CONFIG_X86_X32_ABI is not set
> 
> 
>   kepler:~/s/fedora> grep X32 lib/modules/6.9.0-64.fc41.x86_64/config
>   # CONFIG_X86_X32_ABI is not set

For what it's worth, Arch Linux just turned it back on at a user's
request:

https://gitlab.archlinux.org/archlinux/packaging/packages/linux/-/commit/b0c9bf78acbdcdf90405c427cf6b751259baee74

https://gitlab.archlinux.org/archlinux/packaging/packages/linux/-/issues/51

Cheers,
Nathan

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [GIT PULL] x86/shstk change for v6.10
  2024-05-13  8:13 [GIT PULL] x86/shstk change for v6.10 Ingo Molnar
  2024-05-14  2:38 ` Linus Torvalds
@ 2024-05-14  2:51 ` pr-tracker-bot
  1 sibling, 0 replies; 6+ messages in thread
From: pr-tracker-bot @ 2024-05-14  2:51 UTC (permalink / raw)
  To: Ingo Molnar
  Cc: Linus Torvalds, linux-kernel, the arch/x86 maintainers, H.J. Lu,
	H. Peter Anvin

The pull request you sent on Mon, 13 May 2024 10:13:34 +0200:

> git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git x86-shstk-2024-05-13

has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/a5131c3fdf2608f1c15f3809e201cf540eb28489

Thank you!

-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/prtracker.html

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2024-05-23 15:14 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-05-13  8:13 [GIT PULL] x86/shstk change for v6.10 Ingo Molnar
2024-05-14  2:38 ` Linus Torvalds
2024-05-14  9:27   ` Borislav Petkov
2024-05-15  8:07   ` Ingo Molnar
2024-05-23 15:14     ` Nathan Chancellor
2024-05-14  2:51 ` pr-tracker-bot

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox