Re: [PATCH v28 26/32] x86/cet/shstk: Introduce shadow stack token setup/verify routines

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 7/22/2021 2:15 PM, Dave Hansen wrote:
On 7/22/21 1:52 PM, Yu-cheng Yu wrote:
+	if (fpregs_state_valid(fpu, smp_processor_id())) {
+		rdmsrl(MSR_IA32_PL3_SSP, ssp);
+	} else {
+		struct cet_user_state *p;
+
+		/*
+		 * When !fpregs_state_valid() and get_xsave_addr() returns
+		 * null, XFEAUTRE_CET_USER is in init state.  Shadow stack
+		 * pointer is null in this case, so return zero.
+		 */
+		p = get_xsave_addr(&fpu->state.xsave, XFEATURE_CET_USER);
+		if (p)
+			ssp = p->user_ssp;
+	}
+
+	fpregs_unlock();

Why are we even calling into this code if shadow stacks might be
disabled?  Seems like we should have just errored out long before
getting here.


That is true. When this function is called, shadow stack is enabled. If get_xsave_addr() returns null, it is possible xstates is messed up. Maybe I can update the comments to explain it?

Thanks,
Yu-cheng



[Index of Archives]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Linux FS]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]     [Linux Resources]

  Powered by Linux