Re: [PATCH RFC/RFT v2 2/2] kernel: converge common shadow stack flow agnostic to arch

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2024-11-14 at 15:30 -0800, Deepak Gupta wrote:
> On Fri, Nov 01, 2024 at 10:39:15PM +0000, Mark Brown wrote:
> > On Fri, Nov 01, 2024 at 09:50:27PM +0000, Edgecombe, Rick P wrote:
> > > On Wed, 2024-10-16 at 14:57 -0700, Deepak Gupta wrote:
> > 
> > > > - * The maximum distance INCSSP can move the SSP is 2040 bytes, before
> > > > - * it would read the memory. Therefore a single page gap will be enough
> > > > - * to prevent any operation from shifting the SSP to an adjacent stack,
> > > > - * since it would have to land in the gap at least once, causing a
> > > > - * fault.
> > 
> > > I want to take a deeper look at this series once I can apply and test it, but
> > > can we maybe make this comment more generic and keep it? I think it is similar
> > > reasoning for arm (?), is there anything situation like this for risc-v? Or
> > > rather, why does risc-v have the guard gaps?
> > 
> > Yes, for arm64 you can only move the pointer in single frames so a
> > single page is enough.
> 
> Yeah on risc-v as well guard gap is expected and single page is enough.
> 
> I removed this comment from here because of x86 specifics. I can make it
> generic, do you think it belongs here or the place where we define
> VM_SHADOW_STACK?

I think near VM_SHADOW_STACK actually, good idea. IIRC it got moved from
VM_SHADOW_STACK because it was too x86 specific. So if it's generic I think that
would fit.




[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [NTFS 3]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [NTFS 3]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux