Re: [PATCH RFC RFT v2 2/5] fork: Add shadow stack support to clone3()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2023-11-16 at 18:41 +0000, Mark Brown wrote:
> > What about a CLONE_NEW_SHSTK for clone3 that forces a new shadow
> > stack?
> > So keep the existing logic, but the new flag can override the logic
> > for
> > !CLONE_VM and CLONE_VFORK if the caller wants. The behavior of
> > shadow_stack_size is then simple. 0 means use default size, !0
> > means
> > use the passed size. No need to overload and tie up args->stack.
> 
> That does seem like it cuts through the ambiguous cases.  If we go
> for
> that it feels like we should require the flag when specifying a size,
> just to be sure that everything is clear.  Though having said that we
> could just always allocate a shadow stack if a size is specified
> regardless of the flags, requiring people who want non-default
> behaviour
> to have some idea what stack size they want.  I don't think I have
> strong opinons between having the new flag or always allocating a
> stack
> if a size is specified.

Either of those seem fine to me, but it would be nice to get it vetted
by the libc folks before committing. I'd maybe lean towards the one you
suggested without the new flag.




[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux