Re: [PATCH v28 26/32] x86/cet/shstk: Introduce shadow stack token setup/verify routines

["Yu, Yu-cheng" <yu-cheng.yu@xxxxxxxxx>]

On 7/22/2021 2:15 PM, Dave Hansen wrote:
> On 7/22/21 1:52 PM, Yu-cheng Yu wrote:
> > +	if (fpregs_state_valid(fpu, smp_processor_id())) {
> > +		rdmsrl(MSR_IA32_PL3_SSP, ssp);
> > +	} else {
> > +		struct cet_user_state *p;
> > +
> > +		/*
> > +		 * When !fpregs_state_valid() and get_xsave_addr() returns
> > +		 * null, XFEAUTRE_CET_USER is in init state.  Shadow stack
> > +		 * pointer is null in this case, so return zero.
> > +		 */
> > +		p = get_xsave_addr(&fpu->state.xsave, XFEATURE_CET_USER);
> > +		if (p)
> > +			ssp = p->user_ssp;
> > +	}
> > +
> > +	fpregs_unlock();
>
> Why are we even calling into this code if shadow stacks might be
> disabled?  Seems like we should have just errored out long before
> getting here.

That is true.  When this function is called, shadow stack is enabled. 
If get_xsave_addr() returns null, it is possible xstates is messed up. 
Maybe I can update the comments to explain it?

Thanks,
Yu-cheng