On 5/15/20 7:53 PM, Yu-cheng Yu wrote: > On Fri, 2020-05-15 at 16:56 -0700, Dave Hansen wrote: >> What's my recourse as an end user? I want to run my app and turn off >> CET for that app. How can I do that? > > GLIBC_TUNABLES=glibc.tune.hwcaps=-SHSTK,-IBT Like I mentioned to H.J., this is something that we need to at least acknowledge the existence of in the changelog and probably even the Documentation/. >>>> I think you're saying that the CET-enabled binary would do >>>> arch_setup_elf_property() when it was first exec()'d. Later, it could >>>> use the new prctl(ARCH_X86_CET_DISABLE) to disable its shadow stack, >>>> then fork() and the child would not be using CET. Right? >>>> >>>> What is ARCH_X86_CET_DISABLE used for, anyway? >>> >>> Both the parent and the child can do ARCH_X86_CET_DISABLE, if CET is >>> not locked. >> >> Could you please describe a real-world example of why >> ARCH_X86_CET_DISABLE exists? What kinds of apps will use it, or *are* >> using it? Why was it created in the first place? > > Currently, ld-linux turns off CET if the binary being loaded does not support > CET. Great! Could this please be immortalized in the documentation for the prctl()? >>>>>> Does this *code* work? Could you please indicate which JITs have been >>>>>> enabled to use the code in this series? How much of the new ABI is in use? >>>>> >>>>> JIT does not necessarily use all of the ABI. The JIT changes mainly fix stack >>>>> frames and insert ENDBRs. I do not work on JIT. What I found is LLVM JIT fixes >>>>> are tested and in the master branch. Sljit fixes are in the release. >>>> >>>> Huh, so who is using the new prctl() ABIs? >>> >>> Any code can use the ABI, but JIT code CET-enabling part mostly do not use these >>> new prctl()'s, except, probably to get CET status. >> >> Which applications specifically are going to use the new prctl()s which >> this series adds? How are they going to use them? >> >> "Any code can use them" is not a specific enough answer. > > We have four arch_ptctl() calls. ARCH_X86_CET_DISABLE and ARCH_X86_CET_LOCK are > used by ld-linux. ARCH_X86_CET_STATUS are used in many places to determine if > CET is on. ARCH_X86_CET_ALLOC_SHSTK is used in ucontext related handling, but > it can be use by any application to switch shadow stacks. Could some of this information be added to the documentation, please? It would also be nice to have some more details about how apps end up using ARCH_X86_CET_STATUS. Why would they care that CET is on?