Re: [NEEDS-REVIEW] Re: [PATCH v11 25/25] x86/cet/shstk: Add arch_prctl functions for shadow stack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 9/15/2020 12:24 PM, Dave Hansen wrote:
On 9/15/20 12:08 PM, Yu-cheng Yu wrote:
On Mon, 2020-09-14 at 17:12 -0700, Yu, Yu-cheng wrote:
On 9/14/2020 7:50 AM, Dave Hansen wrote:
On 9/11/20 3:59 PM, Yu-cheng Yu wrote:
...
Here are the changes if we take the mprotect(PROT_SHSTK) approach.
Any comments/suggestions?
I still don't like it. :)

I'll also be much happier when there's a proper changelog to accompany
this which also spells out the alternatives any why they suck so much.
[...]

I revised it.  If this turns out needing more work/discussion, we can split it
out from the shadow stack series.

Where does that leave things?  You only get shadow stacks for
single-threaded apps which have the ELF bits set?


As long as the system supports shadow stack, any application can mmap()/mprotect() a shadow stack. A pthread can allocate a shadow stack too. However, only shadow stack-enabled programs can activate/use the shadow stack.



[Index of Archives]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Linux FS]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]     [Linux Resources]

  Powered by Linux