On Tue, Jun 22, 2021 at 07:55:48AM -0700, Dave Hansen wrote: > There should be enough x86 folks around, but I'd love to hear from the > ARM and powerpc people as well. Possibly also s390. eg f28d43636d6f seems very similar to one of the things Intel wants. > Here are a few mostly Intel-specific things I'd like to discuss. > However, all of these either have analogs on other architectures or are > implemented by other x86 vendors. > > * Shadow Stacks - requires new Copy-on-Read memory type. Creates > application mappings which are effectively PROT_NONE, but which are > implicitly accessible by the hardware. > * Linear Address Masking (LAM) - Similar to ARM's Top Byte Ignore > (TBI). Repurpose some virtual address bits to store metadata. Intel > implementation can sacrifice user address space. Offloads some of > the work the compiler does in ASAN implementations. > * Supervisor Protection Keys - Extends Memory Protection Keys (pkeys) > to kernel mappings. > * TDX - VMs that don't trust the hypervisor. Requires unmapping guest > memory from userspace and possibly the host kernel.
