On Fri, Aug 16, 2024 at 02:52:28PM +0000, Edgecombe, Rick P wrote: > On Fri, 2024-08-16 at 09:44 +0100, Catalin Marinas wrote: > > BTW, since it's the parent setting up the shadow stack in its own > > address space before forking, I think at least the read can avoid > > access_remote_vm() and we could do it earlier, even before the new > > process is created. > Hmm. Makes sense. It's a bit racy since the parent could consume that token from > another thread, but it would be a race in any case. So it sounds like we might be coming round to this? I've got a new version that verifies the VM_SHADOW_STACK good to go but if we're going to switch back to consuming the token in the parent context I may as well do that. Like I said in the other mail I'd rather not flip flop on this.
Attachment:
signature.asc
Description: PGP signature
