On Fri, Dec 02, 2022 at 04:35:30PM -0800, Rick Edgecombe wrote: > From: Yu-cheng Yu <yu-cheng.yu@xxxxxxxxx> > > The Control-Flow Enforcement Technology contains two related features, > one of which is Shadow Stacks. Future patches will utilize this feature > for shadow stack support in KVM, so add a CPU feature flags for Shadow > Stacks (CPUID.(EAX=7,ECX=0):ECX[bit 7]). > > To protect shadow stack state from malicious modification, the registers > are only accessible in supervisor mode. This implementation > context-switches the registers with XSAVES. Make X86_FEATURE_SHSTK depend > on XSAVES. > > The shadow stack feature, enumerated by the CPUID bit described above, > encompasses both supervisor and userspace support for shadow stack. In > near future patches, only userspace shadow stack will be enabled. In > expectation of future supervisor shadow stack support, create a software > CPU capability to enumerate kernel utilization of userspace shadow stack > support. This will also allow for userspace shadow stack to be disabled, > while leaving the shadow stack hardware capability exposed in the cpuinfo > proc. This user shadow stack bit should depend on the HW "shstk" > capability and that logic will be implemented in future patches. > > Tested-by: Pengfei Xu <pengfei.xu@xxxxxxxxx> > Tested-by: John Allen <john.allen@xxxxxxx> > Signed-off-by: Yu-cheng Yu <yu-cheng.yu@xxxxxxxxx> Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx> -- Kees Cook