| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <f953ee7b-91b3-f6f5-6955-b4a138f16dbc@kernel.org>
Date: Wed, 24 Sep 2025 08:36:11 -0600 (MDT)
From: Paul Walmsley <pjw@...nel.org>
To: Deepak Gupta <debug@...osinc.com>
cc: Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>,
Borislav Petkov <bp@...en8.de>, Dave Hansen <dave.hansen@...ux.intel.com>,
x86@...nel.org, "H. Peter Anvin" <hpa@...or.com>,
Andrew Morton <akpm@...ux-foundation.org>,
"Liam R. Howlett" <Liam.Howlett@...cle.com>,
Vlastimil Babka <vbabka@...e.cz>,
Lorenzo Stoakes <lorenzo.stoakes@...cle.com>,
Paul Walmsley <paul.walmsley@...ive.com>,
Palmer Dabbelt <palmer@...belt.com>, Albert Ou <aou@...s.berkeley.edu>,
Conor Dooley <conor@...nel.org>, Rob Herring <robh@...nel.org>,
Krzysztof Kozlowski <krzk+dt@...nel.org>, Arnd Bergmann <arnd@...db.de>,
Christian Brauner <brauner@...nel.org>,
Peter Zijlstra <peterz@...radead.org>, Oleg Nesterov <oleg@...hat.com>,
Eric Biederman <ebiederm@...ssion.com>, Kees Cook <kees@...nel.org>,
Jonathan Corbet <corbet@....net>, Shuah Khan <shuah@...nel.org>,
Jann Horn <jannh@...gle.com>, Conor Dooley <conor+dt@...nel.org>,
Miguel Ojeda <ojeda@...nel.org>, Alex Gaynor <alex.gaynor@...il.com>,
Boqun Feng <boqun.feng@...il.com>, Gary Guo <gary@...yguo.net>,
Björn Roy Baron <bjorn3_gh@...tonmail.com>,
Andreas Hindborg <a.hindborg@...nel.org>,
Alice Ryhl <aliceryhl@...gle.com>, Trevor Gross <tmgross@...ch.edu>,
Benno Lossin <lossin@...nel.org>, linux-kernel@...r.kernel.org,
linux-fsdevel@...r.kernel.org, linux-mm@...ck.org,
linux-riscv@...ts.infradead.org, devicetree@...r.kernel.org,
linux-arch@...r.kernel.org, linux-doc@...r.kernel.org,
linux-kselftest@...r.kernel.org, alistair.francis@....com,
richard.henderson@...aro.org, jim.shu@...ive.com,
Andy Chiu <andybnac@...il.com>, kito.cheng@...ive.com,
charlie@...osinc.com, atishp@...osinc.com, evan@...osinc.com,
cleger@...osinc.com, alexghiti@...osinc.com, samitolvanen@...gle.com,
broonie@...nel.org, rick.p.edgecombe@...el.com,
rust-for-linux@...r.kernel.org, Zong Li <zong.li@...ive.com>,
David Hildenbrand <david@...hat.com>, Andy Chiu <andybnac@...il.com>
Subject: Re: [PATCH v19 00/27] riscv control-flow integrity for usermode
Hi,
On Thu, 31 Jul 2025, Deepak Gupta wrote:
[ ... ]
> vDSO related Opens (in the flux)
> =================================
>
> I am listing these opens for laying out plan and what to expect in future
> patch sets. And of course for the sake of discussion.
>
[ ... ]
> How many vDSOs
> ---------------
> Shadow stack instructions are carved out of zimop (may be operations) and if CPU
> doesn't implement zimop, they're illegal instructions. Kernel could be running on
> a CPU which may or may not implement zimop. And thus kernel will have to carry 2
> different vDSOs and expose the appropriate one depending on whether CPU implements
> zimop or not.
If we merge this series without this, then when CFI is enabled in the
Kconfig, we'll wind up with a non-portable kernel that won't run on older
hardware. We go to great lengths to enable kernel binary portability
across the presence or absence of other RISC-V extensions, and I think
these CFI extensions should be no different.
So before considering this for merging, I'd like to see at least an
attempt to implement the dual-vDSO approach (or something equivalent)
where the same kernel binary with CFI enabled can run on both pre-Zimop
and post-Zimop hardware, with the existing userspaces that are common
today.
thanks Deepak,
- Paul
Powered by blists - more mailing lists