| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZcJX2IJb0hOM5RF5@finisterre.sirena.org.uk>
Date: Tue, 6 Feb 2024 16:01:28 +0000
From: Mark Brown <broonie@...nel.org>
To: debug@...osinc.com
Cc: rick.p.edgecombe@...el.com, Szabolcs.Nagy@....com,
kito.cheng@...ive.com, keescook@...omium.org,
ajones@...tanamicro.com, paul.walmsley@...ive.com,
palmer@...belt.com, conor.dooley@...rochip.com, cleger@...osinc.com,
atishp@...shpatra.org, alex@...ti.fr, bjorn@...osinc.com,
alexghiti@...osinc.com, corbet@....net, aou@...s.berkeley.edu,
oleg@...hat.com, akpm@...ux-foundation.org, arnd@...db.de,
ebiederm@...ssion.com, shuah@...nel.org, brauner@...nel.org,
guoren@...nel.org, samitolvanen@...gle.com, evan@...osinc.com,
xiao.w.wang@...el.com, apatel@...tanamicro.com,
mchitale@...tanamicro.com, waylingii@...il.com,
greentime.hu@...ive.com, heiko@...ech.de, jszhang@...nel.org,
shikemeng@...weicloud.com, david@...hat.com, charlie@...osinc.com,
panqinglin2020@...as.ac.cn, willy@...radead.org,
vincent.chen@...ive.com, andy.chiu@...ive.com, gerg@...nel.org,
jeeheng.sia@...rfivetech.com, mason.huo@...rfivetech.com,
ancientmodern4@...il.com, mathis.salmen@...sal.de,
cuiyunhui@...edance.com, bhe@...hat.com, chenjiahao16@...wei.com,
ruscur@...sell.cc, bgray@...ux.ibm.com, alx@...nel.org,
baruch@...s.co.il, zhangqing@...ngson.cn, catalin.marinas@....com,
revest@...omium.org, josh@...htriplett.org, joey.gouly@....com,
shr@...kernel.io, omosnace@...hat.com, ojeda@...nel.org,
jhubbard@...dia.com, linux-doc@...r.kernel.org,
linux-riscv@...ts.infradead.org, linux-kernel@...r.kernel.org,
linux-mm@...ck.org, linux-arch@...r.kernel.org,
linux-kselftest@...r.kernel.org
Subject: Re: [RFC PATCH v1 15/28] riscv/mm: Implement map_shadow_stack()
syscall
On Wed, Jan 24, 2024 at 10:21:40PM -0800, debug@...osinc.com wrote:
> As discussed extensively in the changelog for the addition of this
> syscall on x86 ("x86/shstk: Introduce map_shadow_stack syscall") the
> existing mmap() and madvise() syscalls do not map entirely well onto the
> security requirements for guarded control stacks since they lead to
> windows where memory is allocated but not yet protected or stacks which
> are not properly and safely initialised. Instead a new syscall
> map_shadow_stack() has been defined which allocates and initialises a
> shadow stack page.
While I agree that this is very well written you probably want to update
the references to guarded control stacks to whatever the RISC-V term is :P
> --- a/include/uapi/asm-generic/mman.h
> +++ b/include/uapi/asm-generic/mman.h
> @@ -19,4 +19,5 @@
> #define MCL_FUTURE 2 /* lock all future mappings */
> #define MCL_ONFAULT 4 /* lock all pages that are faulted in */
>
> +#define SHADOW_STACK_SET_TOKEN (1ULL << 0) /* Set up a restore token in the shadow stack */
> #endif /* __ASM_GENERIC_MMAN_H */
For arm64 I also added a SHADOW_STACK_SET_MARKER for adding a top of
stack marker, did you have any thoughts on that for RISC-V? I think x86
were considering adding it too, it'd be good if we could get things
consistent.
Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)
Powered by blists - more mailing lists