On Thu, Feb 10, 2022 at 2:44 PM Dave Hansen <dave.hansen@xxxxxxxxx> wrote: > > On 1/30/22 13:18, Rick Edgecombe wrote: > > INCSSP(Q/D) increments shadow stack pointer and 'pops and discards' the > > first and the last elements in the range, effectively touches those memory > > areas. > > > > The maximum moving distance by INCSSPQ is 255 * 8 = 2040 bytes and > > 255 * 4 = 1020 bytes by INCSSPD. Both ranges are far from PAGE_SIZE. > > Thus, putting a gap page on both ends of a shadow stack prevents INCSSP, > > CALL, and RET from going beyond. > > What is the downside of not applying this patch? The shadow stack gap > is 1MB instead of 4k? > > That, frankly, doesn't seem too bad. How badly do we *need* this patch? 1MB of oer-thread guard address space in a 32-bit program may be a show stopper. Do we intend to support any of this for 32-bit? --Andy
