Re: [PATCH v7 21/41] mm: Add guard pages around a shadow stack.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2023-03-06 at 09:08 +0100, Borislav Petkov wrote:
> Just typos:

All seem reasonable to me. Thanks. 

For using the log verbiage for the comment, it is quite big. Does
something like this seem reasonable?

/*
 * The shadow stack pointer(SSP) is moved by CALL, RET, and INCSSPQ.
 * The INCSSP instruction can increment the shadow stack pointer. It
 * is the shadow stack analog of an instruction like:
 *
 *   addq $0x80, %rsp
 *
 * However, there is one important difference between an ADD on %rsp 
 * and INCSSP. In addition to modifying SSP, INCSSP also reads from the
 * memory of the first and last elements that were "popped". It can be
 * thought of as acting like this:
 *
 * READ_ONCE(ssp);       // read+discard top element on stack
 * ssp += nr_to_pop * 8; // move the shadow stack
 * READ_ONCE(ssp-8);     // read+discard last popped stack element
 *
 * The maximum distance INCSSP can move the SSP is 2040 bytes, before
 * it would read the memory. Therefore a single page gap will be enough
 * to prevent any operation from shifting the SSP to an adjacent stack,
 * since it would have to land in the gap at least once, causing a
 * fault.
 *
 * Prevent using INCSSP to move the SSP between shadow stacks by
 * having a PAGE_SIZE gaurd gap.
 */




[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux