The kernel now has the main CET functionality to support applications.
Wire in the WRSS and shadow stack enable/disable functions into the
existing CET API skeleton.
Tested-by: Pengfei Xu <pengfei.xu@xxxxxxxxx>
Tested-by: John Allen <john.allen@xxxxxxx>
Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>
Signed-off-by: Rick Edgecombe <rick.p.edgecombe@xxxxxxxxx>
---
v2:
- Split from other patches
arch/x86/kernel/shstk.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/arch/x86/kernel/shstk.c b/arch/x86/kernel/shstk.c
index cbd0970b26d7..71620b77a654 100644
--- a/arch/x86/kernel/shstk.c
+++ b/arch/x86/kernel/shstk.c
@@ -463,9 +463,17 @@ long cet_prctl(struct task_struct *task, int option, unsigned long features)
return -EINVAL;
if (option == ARCH_CET_DISABLE) {
+ if (features & CET_WRSS)
+ return wrss_control(false);
+ if (features & CET_SHSTK)
+ return shstk_disable();
return -EINVAL;
}
/* Handle ARCH_CET_ENABLE */
+ if (features & CET_SHSTK)
+ return shstk_setup();
+ if (features & CET_WRSS)
+ return wrss_control(true);
return -EINVAL;
}
--
2.17.1
