On Tue, 2022-10-04 at 10:46 -0700, Andy Lutomirski wrote: > > The busy-like bit in the RSTORSSP-type token is not called out as a > > busy bit, but instead defined as reserved (must be 0) in some > > states. > > (Note, it is different than the supervisor shadow stack format). > > Yea, > > we could just probably use it like RSTORSSP does for this > > operation. > > > > Or just invent another new token format and stay away from bits > > marked > > reserved. Then it wouldn't have to be atomic either, since > > userspace > > couldn't use it. > > But userspace *can* use it by delivering a signal. I consider the > scenario where two user threads set up the same altshstk and take > signals concurrently to be about as dangerous and about as likely > (under accidental or malicious conditions) as two user threads doing > RSTORSSP at the same time. Someone at Intel thought the latter was a > big deal, so maybe we should match its behavior. Right, for alt shadow stack there should be some busy like checking or that could happen. For regular on-thread stack signals (earlier in this series) we don't need a busy bit.
