On Sat, Dec 09, 2023 at 08:49:02PM -0300, Thiago Jung Bauermann wrote: > Mark Brown <broonie@xxxxxxxxxx> writes: > > Provide a new register type NT_ARM_GCS reporting the current GCS mode > > and pointer for EL0. Due to the interactions with allocation and > > deallocation of Guarded Control Stacks we do not permit any changes to > > the GCS mode via ptrace, only GCSPR_EL0 may be changed. > The code allows disabling GCS. Is that unintended? No, it's intentional - ptrace has a lot of control over the process, there's not a huge point trying to protect against it doing a disable. The reason we prevent enabling is the allocation of a GCS along with enable, the complexity of doing that on a remote process seemed unjustified. If clone3() ends up allowing manual allocation and placement that'll likely be revised.
Attachment:
signature.asc
Description: PGP signature
