lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <172804948348.2705006.18010706949544079891.b4-ty@arm.com>
Date: Fri,  4 Oct 2024 14:52:20 +0100
From: Catalin Marinas <catalin.marinas@....com>
To: Will Deacon <will@...nel.org>,
	Jonathan Corbet <corbet@....net>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Marc Zyngier <maz@...nel.org>,
	Oliver Upton <oliver.upton@...ux.dev>,
	James Morse <james.morse@....com>,
	Suzuki K Poulose <suzuki.poulose@....com>,
	Arnd Bergmann <arnd@...db.de>,
	Oleg Nesterov <oleg@...hat.com>,
	Eric Biederman <ebiederm@...ssion.com>,
	Shuah Khan <shuah@...nel.org>,
	"Rick P. Edgecombe" <rick.p.edgecombe@...el.com>,
	Deepak Gupta <debug@...osinc.com>,
	Ard Biesheuvel <ardb@...nel.org>,
	Szabolcs Nagy <Szabolcs.Nagy@....com>,
	Kees Cook <kees@...nel.org>,
	Mark Brown <broonie@...nel.org>
Cc: "H.J. Lu" <hjl.tools@...il.com>,
	Paul Walmsley <paul.walmsley@...ive.com>,
	Palmer Dabbelt <palmer@...belt.com>,
	Albert Ou <aou@...s.berkeley.edu>,
	Florian Weimer <fweimer@...hat.com>,
	Christian Brauner <brauner@...nel.org>,
	Thiago Jung Bauermann <thiago.bauermann@...aro.org>,
	Ross Burton <ross.burton@....com>,
	David Spickett <david.spickett@....com>,
	Yury Khrustalev <yury.khrustalev@....com>,
	Wilco Dijkstra <wilco.dijkstra@....com>,
	linux-arm-kernel@...ts.infradead.org,
	linux-doc@...r.kernel.org,
	kvmarm@...ts.linux.dev,
	linux-fsdevel@...r.kernel.org,
	linux-arch@...r.kernel.org,
	linux-mm@...ck.org,
	linux-kselftest@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	linux-riscv@...ts.infradead.org,
	David Hildenbrand <david@...hat.com>,
	"Mike Rapoport (IBM)" <rppt@...nel.org>,
	Shuah Khan <skhan@...uxfoundation.org>
Subject: Re: (subset) [PATCH v13 00/40] arm64/gcs: Provide support for GCS in userspace

On Tue, 01 Oct 2024 23:58:39 +0100, Mark Brown wrote:
> The arm64 Guarded Control Stack (GCS) feature provides support for
> hardware protected stacks of return addresses, intended to provide
> hardening against return oriented programming (ROP) attacks and to make
> it easier to gather call stacks for applications such as profiling.
> 
> When GCS is active a secondary stack called the Guarded Control Stack is
> maintained, protected with a memory attribute which means that it can
> only be written with specific GCS operations.  The current GCS pointer
> can not be directly written to by userspace.  When a BL is executed the
> value stored in LR is also pushed onto the GCS, and when a RET is
> executed the top of the GCS is popped and compared to LR with a fault
> being raised if the values do not match.  GCS operations may only be
> performed on GCS pages, a data abort is generated if they are not.
> 
> [...]

I applied most of the series to arm64 (for-next/gcs), apart from two KVM
patches - 16 and 40 (the latter is the kselftest). I usually start
picking patches at -rc3 but the glibc folk are waiting for these patches
to at least end up in a maintainer's branch. Of course, these patches
are subject to change until the final 6.13 release.

The KVM patches can go on top once agreed (or they can go in via the KVM
tree, I don't mind either way).

Thanks!

[01/40] mm: Introduce ARCH_HAS_USER_SHADOW_STACK
        https://git.kernel.org/arm64/c/bcc9d04e749a
[02/40] mm: Define VM_HIGH_ARCH_6
        https://git.kernel.org/arm64/c/9ab515b18f84
[03/40] arm64/mm: Restructure arch_validate_flags() for extensibility
        https://git.kernel.org/arm64/c/f645e888b1a6
[04/40] prctl: arch-agnostic prctl for shadow stack
        https://git.kernel.org/arm64/c/91e102e79740
[05/40] mman: Add map_shadow_stack() flags
        https://git.kernel.org/arm64/c/3630e82ab6bd
[06/40] arm64: Document boot requirements for Guarded Control Stacks
        https://git.kernel.org/arm64/c/830ae8a39685
[07/40] arm64/gcs: Document the ABI for Guarded Control Stacks
        https://git.kernel.org/arm64/c/7058bf87cd59
[08/40] arm64/sysreg: Add definitions for architected GCS caps
        https://git.kernel.org/arm64/c/ce0641d48ddd
[09/40] arm64/gcs: Add manual encodings of GCS instructions
        https://git.kernel.org/arm64/c/dad947cc22cf
[10/40] arm64/gcs: Provide put_user_gcs()
        https://git.kernel.org/arm64/c/d0aa2b435186
[11/40] arm64/gcs: Provide basic EL2 setup to allow GCS usage at EL0 and EL1
        https://git.kernel.org/arm64/c/ff5181d8a2a8
[12/40] arm64/cpufeature: Runtime detection of Guarded Control Stack (GCS)
        https://git.kernel.org/arm64/c/6487c963083c
[13/40] arm64/mm: Allocate PIE slots for EL0 guarded control stack
        https://git.kernel.org/arm64/c/092055f1508c
[14/40] mm: Define VM_SHADOW_STACK for arm64 when we support GCS
        https://git.kernel.org/arm64/c/ae80e1629aea
[15/40] arm64/mm: Map pages for guarded control stack
        https://git.kernel.org/arm64/c/6497b66ba694
[17/40] arm64/idreg: Add overrride for GCS
        https://git.kernel.org/arm64/c/a94452112ce4
[18/40] arm64/hwcap: Add hwcap for GCS
        https://git.kernel.org/arm64/c/eefc98711f84
[19/40] arm64/traps: Handle GCS exceptions
        https://git.kernel.org/arm64/c/8ce71d270536
[20/40] arm64/mm: Handle GCS data aborts
        https://git.kernel.org/arm64/c/cfad706e8f6d
[21/40] arm64/gcs: Context switch GCS state for EL0
        https://git.kernel.org/arm64/c/fc84bc5378a8
[22/40] arm64/gcs: Ensure that new threads have a GCS
        https://git.kernel.org/arm64/c/506496bcbb42
[23/40] arm64/gcs: Implement shadow stack prctl() interface
        https://git.kernel.org/arm64/c/b57180c75c7e
[24/40] arm64/mm: Implement map_shadow_stack()
        https://git.kernel.org/arm64/c/8f3e750673b2
[25/40] arm64/signal: Set up and restore the GCS context for signal handlers
        https://git.kernel.org/arm64/c/eaf62ce1563b
[26/40] arm64/signal: Expose GCS state in signal frames
        https://git.kernel.org/arm64/c/16f47bb9ac8a
[27/40] arm64/ptrace: Expose GCS via ptrace and core files
        https://git.kernel.org/arm64/c/7ec3b57cb29f
[28/40] arm64: Add Kconfig for Guarded Control Stack (GCS)
        https://git.kernel.org/arm64/c/5d8b172e7005
[29/40] kselftest/arm64: Verify the GCS hwcap
        https://git.kernel.org/arm64/c/7a2f671db61f
[30/40] kselftest/arm64: Add GCS as a detected feature in the signal tests
        https://git.kernel.org/arm64/c/b2d2f11ff5d6
[31/40] kselftest/arm64: Add framework support for GCS to signal handling tests
        https://git.kernel.org/arm64/c/0d426f7dd9a0
[32/40] kselftest/arm64: Allow signals tests to specify an expected si_code
        https://git.kernel.org/arm64/c/956573ac1890
[33/40] kselftest/arm64: Always run signals tests with GCS enabled
        https://git.kernel.org/arm64/c/42155a8eb0f6
[34/40] kselftest/arm64: Add very basic GCS test program
        https://git.kernel.org/arm64/c/3d37d4307e0f
[35/40] kselftest/arm64: Add a GCS test program built with the system libc
        https://git.kernel.org/arm64/c/a505a52b4e29
[36/40] kselftest/arm64: Add test coverage for GCS mode locking
        https://git.kernel.org/arm64/c/58d69a3e3582
[37/40] kselftest/arm64: Add GCS signal tests
        https://git.kernel.org/arm64/c/794b64ca5665
[38/40] kselftest/arm64: Add a GCS stress test
        https://git.kernel.org/arm64/c/05e6cfff58c4
[39/40] kselftest/arm64: Enable GCS for the FP stress tests
        https://git.kernel.org/arm64/c/bb9ae1a66c85

-- 
Catalin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ