On Mon, Nov 21, 2022 at 03:52:57PM +0000, Edgecombe, Rick P wrote: > On Mon, 2022-11-21 at 09:40 +0200, Mike Rapoport wrote: > > On Thu, Nov 17, 2022 at 07:57:59PM +0000, Edgecombe, Rick P wrote: > > > On Thu, 2022-11-17 at 12:25 +0000, Schimpe, Christina wrote: > > > > > Hmm, we definitely need to be able to set the SSP. Christina, > > > > > does > > > > > GDB need > > > > > anything else? I thought maybe toggling SHSTK_EN? > > > > > > > > In addition to the SSP, we want to write the CET state. For > > > > instance > > > > for inferior calls, > > > > we want to reset the IBT bits. > > > > However, we won't write states that are disallowed by HW. > > > > > > Sorry, I should have given more background. Peter is saying we > > > should > > > split the ptrace interface so that shadow stack and IBT are > > > separate. > > > They would also no longer necessarily mirror the CET_U MSR format. > > > Instead the kernel would expose a kernel specific format that has > > > the > > > needed bits of shadow stack support. And a separate one later for > > > IBT. > > > > > > So the question is what does shadow stack need to support for > > > ptrace > > > besides SSP? Is it only SSP? The other features are SHSTK_EN and > > > WRSS_EN. It might actually be nice to keep how these bits get > > > flipped > > > more controlled (remove them from ptrace). It looks like CRIU > > > didn't > > > need them. > > > > > > CRIU reads CET_U with ptrace(PTRACE_GETREGSET, NT_X86_CET). It's done > > before the injection of the parasite. The value of SHSTK_EN is used > > then to > > detect if shadow stack is enabled and to setup victim's shadow stack > > for > > sigreturn. > > Hmm, can it read /proc/pid/status? It has some lines like this: > x86_Thread_features: shstk wrss > x86_Thread_features_locked: shstk wrss It could, but that would be much more intrusive than GETREGSET because currently /proc parsing and parasite injection don't really interact. If anything, arch_prctl(ARCH_CET_GET) via ptrace would be much nicer than /proc. -- Sincerely yours, Mike.
