Re: [RFC PATCH v9 05/27] x86/cet/shstk: Add Kconfig option for user-mode Shadow Stack protection

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> On 2/5/20 10:19 AM, Yu-cheng Yu wrote:
> > Introduce Kconfig option: X86_INTEL_SHADOW_STACK_USER.
> > 
> > Shadow Stack (SHSTK) provides protection against function return address
> > corruption.  It is active when the kernel has this feature enabled, and
> > both the processor and the application support it.  When this feature is
> > enabled, legacy non-SHSTK applications continue to work, but without SHSTK
> > protection.
> > 
> > The user-mode SHSTK protection is only implemented for the 64-bit kernel.
> > IA32 applications are supported under the compatibility mode.
> 
> I think what you're trying to say here is that the hardware supports
> shadow stacks with 32-bit kernels.  However, this series does not
> include that support and we have no plans to add it.
> 
> Right?
> 
> I'll let others weigh in, but I rather dislike the use of acronyms here.
>  I'd much rather see the english "shadow stack" everywhere than SHSTK.

For the record, I like "shadow stack" better, too.




[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux