Re: [PATCH v3 35/37] x86/cet: Add PTRACE interface for CET

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Nov 17, 2022 at 07:57:59PM +0000, Edgecombe, Rick P wrote:
> On Thu, 2022-11-17 at 12:25 +0000, Schimpe, Christina wrote:
> > > Hmm, we definitely need to be able to set the SSP. Christina, does
> > > GDB need
> > > anything else? I thought maybe toggling SHSTK_EN?
> > 
> > In addition to the SSP, we want to write the CET state. For instance
> > for inferior calls,
> > we want to reset the IBT bits.
> > However, we won't write states that are disallowed by HW.
> 
> Sorry, I should have given more background. Peter is saying we should
> split the ptrace interface so that shadow stack and IBT are separate. 
> They would also no longer necessarily mirror the CET_U MSR format.
> Instead the kernel would expose a kernel specific format that has the
> needed bits of shadow stack support. And a separate one later for IBT.
> 
> So the question is what does shadow stack need to support for ptrace
> besides SSP? Is it only SSP? The other features are SHSTK_EN and
> WRSS_EN. It might actually be nice to keep how these bits get flipped
> more controlled (remove them from ptrace). It looks like CRIU didn't
> need them.
 
CRIU reads CET_U with ptrace(PTRACE_GETREGSET, NT_X86_CET). It's done
before the injection of the parasite. The value of SHSTK_EN is used then to
detect if shadow stack is enabled and to setup victim's shadow stack for
sigreturn.

-- 
Sincerely yours,
Mike.



[Index of Archives]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux