On Wed, Oct 30, 2024 at 02:08:59PM +0000, Mark Brown wrote: > On Sat, Oct 05, 2024 at 11:31:27AM +0100, Mark Brown wrote: > > The kernel has recently added support for shadow stacks, currently > > x86 only using their CET feature but both arm64 and RISC-V have > > equivalent features (GCS and Zicfiss respectively), I am actively > > working on GCS[1]. With shadow stacks the hardware maintains an > > additional stack containing only the return addresses for branch > > instructions which is not generally writeable by userspace and ensures > > that any returns are to the recorded addresses. This provides some > > protection against ROP attacks and making it easier to collect call > > stacks. These shadow stacks are allocated in the address space of the > > userspace process. > > Does anyone have any thoughts on this? I reworked things to specify the > address for the shadow stack pointer rather than the extent of the stack > as Rick and Yuri suggested, otherwise the only change from the prior > version was rebasing onto the arm64 GCS support since that's queued in > -next. I think the only substantial question is picking the ABI for > specifying the shadow stack. I will need more time to review this as both my primary and shadow stacks are full with other work. At a glance, I cannot offer any informed opinion for choosing ABI atm. Apologies for the delay. Kind regards, Yury
