On Tue, 2022-11-15 at 13:32 +0100, Peter Zijlstra wrote:
> > + struct thread_shstk *shstk = ¤t->thread.shstk;
> > + unsigned long addr, size;
> > +
> > + /* Already enabled */
> > + if (features_enabled(CET_SHSTK))
> > + return 0;
> > +
> > + /* Also not supported for 32 bit and x32 */
> > + if (!cpu_feature_enabled(X86_FEATURE_USER_SHSTK) ||
> > in_32bit_syscall())
> > + return -EOPNOTSUPP;
> > +
> > + size = adjust_shstk_size(0);
> > + addr = alloc_shstk(size);
> > + if (IS_ERR_VALUE(addr))
> > + return PTR_ERR((void *)addr);
> > +
> > + fpregs_lock_and_load();
> > + wrmsrl(MSR_IA32_PL3_SSP, addr + size);
> > + wrmsrl(MSR_IA32_U_CET, CET_SHSTK_EN);
>
> This..
>
> > + fpregs_unlock();
> > +
> > + shstk->base = addr;
> > + shstk->size = size;
> > + features_set(CET_SHSTK);
> > +
> > + return 0;
> > +}
> > +static int shstk_disable(void)
> > +{
> > + if (!cpu_feature_enabled(X86_FEATURE_USER_SHSTK))
> > + return -EOPNOTSUPP;
> > +
> > + /* Already disabled? */
> > + if (!features_enabled(CET_SHSTK))
> > + return 0;
> > +
> > + fpregs_lock_and_load();
> > + /* Disable WRSS too when disabling shadow stack */
Oops, this comment is in wrong patch.
> > + set_clr_bits_msrl(MSR_IA32_U_CET, 0, CET_SHSTK_EN);
>
> And this... aren't very consistent in approach. Given there is no
> U_IBT
> yet, why complicate matters like this?
Sure, I can change it.
