On 10/3/22 15:28, Kees Cook wrote:
On Thu, Sep 29, 2022 at 03:29:26PM -0700, Rick Edgecombe wrote:
For the current shadow stack implementation, shadow stacks contents easily
be arbitrarily provisioned with data.
I can't parse this sentence.
This property helps apps protect
themselves better, but also restricts any potential apps that may want to
do exotic things at the expense of a little security.
Is anything using this right now? Wouldn't thing be safer without WRSS?
(Why can't we skip this patch?)
So that people don't write programs that need either (shstk off) or
(shstk on and WRSS on) and crash or otherwise fail on kernels that
support shstk but don't support WRSS, perhaps?
