Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp1223563rwd; Thu, 25 May 2023 09:32:16 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ6x9v4ieHNbr73tlAech1K6qAa0yem09KIbWQjRX5MG2NTQoyEHr6sG8rVvOPNLbnIYXzOS X-Received: by 2002:a17:902:bc82:b0:1aa:fd48:f5e2 with SMTP id bb2-20020a170902bc8200b001aafd48f5e2mr2109681plb.32.1685032335620; Thu, 25 May 2023 09:32:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685032335; cv=none; d=google.com; s=arc-20160816; b=DKYYHsnoEwa7oBRZp4L+trvbx4yrxqddMmdfhMjk79FQVPZZ+O0YSlEYMug65JnwOd iE+OdvdK4rE3bUy2nXqRHFZ2NDLiNjGSbKvZ4LHnrQhLauWbk0L9EvpagWcfJWl76qJX HGc3a8CVjhSuy/oeJ05mX8c+pRipbngFF+MtU2xB/jW5KfGooNiLCrCLp6J7wjbEiOmh Hm74FiZVOOvBBu8WK3nfY84YE/9ubzSEAhwBC5pHQvDwdIFrrmRiWnrVHbsn9l5OzNVQ R8/sqp4BmIPskJxz9zp2Bb7KY/s/jkiq7hFcCFu9togbUArbqcffK/hjAEpkKCdnHiGp 4BZg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=2w4rrL1C0Qs+cOYNmYdTfanv48y+sYseid/+Gt86h+Y=; b=EqRGBAixUxkM5wvK9lL8TIYmy2isrXIfLeNfFNWKPXa7OPADR5Zffb5mdDBWrQ3wgp fvgj/lwFAZ44bA/JcWn6yGY6r0FjuU52qEfAng9oiyFHnHXdSABs/w5Lp52ZmsgNruEl Xj25opiBePVbhGPSvIf+P7gNL6ZWKdW2cdf1u3ggVIMMiWGnGCUioX9PR8Yj43i+sm4T VEIi+078aaoo5DBrJSszjp/bL9ZY0izRxyckWNjMuhyU3V3RTNwwH+DLnMlVnMk+IeBC PY2K9qnOyVdffBmnm5YX9fD5YtHzUPTbTbqEoD8fJ6nHu2g4/djh2DbCkhSMsQAY7D/s VPng== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=ENpQJdkh; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b12-20020a170903228c00b001a1bfe84f8dsi1916908plh.611.2023.05.25.09.32.02; Thu, 25 May 2023 09:32:15 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=ENpQJdkh; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239296AbjEYQUi (ORCPT + 99 others); Thu, 25 May 2023 12:20:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34762 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232938AbjEYQUh (ORCPT ); Thu, 25 May 2023 12:20:37 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6F5B3139 for ; Thu, 25 May 2023 09:20:36 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 035006197F for ; Thu, 25 May 2023 16:20:36 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 79546C433D2; Thu, 25 May 2023 16:20:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1685031635; bh=2w4rrL1C0Qs+cOYNmYdTfanv48y+sYseid/+Gt86h+Y=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=ENpQJdkhDadGeh44/mMedQmcN0d2v/1DuMF6FEWsgIbsf/1n1/rL8xcmayICi+mJM 3ShJR9wCpUSb+F+ws7FExcr/9SZzUoTjy67ILLTuN3MxNJDyV4dk9v+BDptw6F1zaB siSMjnNL/gmfXf0+H5jB23OAIwEG60NyYJUK5NNll3faSNq6H7V9NzZixX6fVvMKMD y5XXjg01HU9fCubc6J9irBFlUHHLZsasCpyIbiDkpA/PuJz1HgxNJcZ2CykTLM9N96 xJ7SdBnYpRZ3svKWz2iZ16tE+Ws8rV3Zvsr5mQlpfeKp47QAtgOgf1j2f8XFxS1gZR VGEO2Zo5EqVHg== Date: Thu, 25 May 2023 17:20:30 +0100 From: Mark Brown To: Deepak Gupta Cc: "Edgecombe, Rick P" , "Torvalds, Linus" , "keescook@chromium.org" , "x86@kernel.org" , "Hansen, Dave" , "linux-kernel@vger.kernel.org" , "akpm@linux-foundation.org" , "dave.hansen@linux.intel.com" Subject: Re: [GIT PULL] x86/shstk for 6.4 Message-ID: References: <20230424212130.590684-1-dave.hansen@linux.intel.com> <4433c3595db23f7c779b69b222958151b69ddd70.camel@intel.com> <148b3edb-b056-11a0-1684-6273a4a2d39a@intel.com> <20230515212255.GA562920@debug.ba.rivosinc.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="4xDnJ/JT4ZY6//sb" Content-Disposition: inline In-Reply-To: <20230515212255.GA562920@debug.ba.rivosinc.com> X-Cookie: volcano, n.: X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --4xDnJ/JT4ZY6//sb Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Mon, May 15, 2023 at 02:22:55PM -0700, Deepak Gupta wrote: > On Sun, May 07, 2023 at 04:24:24PM +0000, Edgecombe, Rick P wrote: > > BTW, I forgot to mention that there is another architecture (maybe 2) > > that is expected to use this refactor for implementing their shadow > > stacks. So FWIW, this churn is not just for x86. > That's right, one of them is RISC-V. Also arm64. > RISC-V control-flow integrity: https://github.com/riscv/riscv-cfi > Since RISC-V PTE have 3 separate bits for read, write and execute. Write > only (R=0, W=1, X=0) encodings had been reserved and thus cpu supporting > this extension will treat this reserved encoding as shadow stack. > It doesn't get messy as in case of x86 (due to overloading of dirty bit), > but it still will need pte helper which marks a page "shadow stack > writeable" or "regular writeable" depending on vma. For arm64 GCS (our shadow stack equivalent) is built on top of another extension that allows us to assign arbitrary meanings to four of the bits (they become an index into an array of actual permissions) so we might be able to avoid having to look at the VMA, though we might want to in future in order to make better use of the other features of the indirection extension. --4xDnJ/JT4ZY6//sb Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAmRvis0ACgkQJNaLcl1U h9BKswf/WpINbiUBFLGfCXGwM0YsASUPoJoK1V7g+saDH9q66NEq4yB1t/UFPSPY bylxlSVk97TTHlTDR5Z6twr/YdVX5hqcszBMOhUBqgImKGBHvc10+mBj3dIUeUCR /zexGgbk/vZw9zmzBdRwK4bZESO44DZC+lYpKjxoXct2wYrZuzLz+dlE/fvYTa93 1mq6fU6tel2Rnxk5EUoE1PC4wYIGsMEzDcHccfl2O/xwcvwDgIR6xQ7hHSRqyzDC JoH0C4PklIJFs1151uCvO8m2qIM3gJqJGGXHrYi3qs1gAdebWbQywdx59hFHNAnG +JONah/5gMlQ6ER7q29Cd0o21gzNag== =46DT -----END PGP SIGNATURE----- --4xDnJ/JT4ZY6//sb--