Received: by 2002:a05:7412:b10a:b0:f3:1519:9f41 with SMTP id az10csp1042004rdb; Fri, 1 Dec 2023 05:47:50 -0800 (PST) X-Google-Smtp-Source: AGHT+IFqli7rp//rorh4zwISfXXygqrM4vYbUv2xxCwHHpoD7OiddU9X2BCkBujHjk68VBbv0vcp X-Received: by 2002:a05:6a00:3926:b0:690:c75e:25c8 with SMTP id fh38-20020a056a00392600b00690c75e25c8mr28908100pfb.7.1701438469983; Fri, 01 Dec 2023 05:47:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1701438469; cv=none; d=google.com; s=arc-20160816; b=BSAOyETX6H7AqrVpa+dBM0MkbPeZrb0c5tweqGHC7N1UguimS89dlf2WwX7CFJ3NDX 9eGZB1n9HYgUerNCLk6dG+0j3M0nAPdFqMJB7V6klBO8gomQkOvYLW21xspwcgVH5u28 1AZ3NUOc8IccXtgDGJjsz5CM9BcmJu5wgWyRqyW1/j+mD/iwFI66TMzrom9QUvFgxVU3 vmPwR1QXtuMnIE8q9haf8bVR/cyZgA1vbTJiqpDw0Z1u4oDalPfkbxeODKJ9517euszj Qa3RMUpzaUmCbEMqNF9kdv42Yek1bYY3fogJxtZawEdZze1JhWDyrElVgexz5XG0+7yI 9QzQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=I6Y4ulMzVMn5r9rLrv3A2u4obSMBXjvRtgguov5XrdI=; fh=nH4/wB+wKZ0CasyT9lw2oMut376xIPl4w8iJAmwLbgA=; b=PnQH/8zWYGwxOtmlFxnrwHhvO+BPhAaleSvGLW9PBkcOy+A/jJoK6b0KFN7j+C817F 3nLJASP45dqWEdl9yIx+yEQoIpXyhBnJrnjHed22zQnUOtma4nFlj7UdqnJ6cxpoxITz R8MJHfcf4SoiRya7oRY520jg3dkMiLIPpWoC++LnnY7b1gylEXWdeVGWRNmCX33x6foM ncy8OjLeeQ4v8e9knFEvuOlSGkDyRtaFnCPCJV9W6TYKhiXqpCDxebsa0lYkkAVQVd+Q qFLLvb6jQ2uL2AmxFvWf9dsxaZ/K+8jrV91bzYSR4tNnLg6TCeh9s7SLMGEkAfZW9LNS Xrvg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="PUMv/dn5"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from fry.vger.email (fry.vger.email. [2620:137:e000::3:8]) by mx.google.com with ESMTPS id w184-20020a6362c1000000b005be03f0da7esi3528986pgb.174.2023.12.01.05.47.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 01 Dec 2023 05:47:49 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) client-ip=2620:137:e000::3:8; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="PUMv/dn5"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by fry.vger.email (Postfix) with ESMTP id 7D67881C0CB2; Fri, 1 Dec 2023 05:47:47 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at fry.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1379054AbjLANrc (ORCPT + 99 others); Fri, 1 Dec 2023 08:47:32 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36202 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1379035AbjLANrb (ORCPT ); Fri, 1 Dec 2023 08:47:31 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 465F7193 for ; Fri, 1 Dec 2023 05:47:38 -0800 (PST) Received: by smtp.kernel.org (Postfix) with ESMTPSA id F1842C433C7; Fri, 1 Dec 2023 13:47:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1701438457; bh=PWIoD2aMPLEqBngPydmFbFLwoGd432/qc5a759T7Y9Y=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=PUMv/dn5KRZz+MsQw9uEHuyQRrNA3ATgRQhaVWpxh67zkUnneGNW5RTRkxs3sDwhU frHxsYyMVU2Rdj0mBd3YNj+/Dty73P12CSwRM5R/8TbIvmw07WLtEAlGb5WVS15WNu 6758Er36i77gMNbPXV5vPvuq2WOjKonlOGMyUSdQ2DXx+ZWKyQaaHm46KYTDNX3oae zpG97trNA6iSAu4eOc9K9c+iI27ecdzrWHsRLCDr4QnvYfCPFUqKzRbfuYOnIybeD0 0lr7SBYCtxJrv8cvCWaxUFFmCRNco0F8C7VT5s0rt9M+dakJ0gedf23u7jDyW8Sa8V YSbSzTcbAP0NQ== Date: Fri, 1 Dec 2023 13:47:28 +0000 From: Mark Brown To: Szabolcs Nagy Cc: Catalin Marinas , "Rick P. Edgecombe" , Deepak Gupta , "H.J. Lu" , Florian Weimer , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Juri Lelli , Vincent Guittot , Dietmar Eggemann , Steven Rostedt , Ben Segall , Mel Gorman , Daniel Bristot de Oliveira , Valentin Schneider , Christian Brauner , Shuah Khan , linux-kernel@vger.kernel.org, Will Deacon , Kees Cook , jannh@google.com, linux-kselftest@vger.kernel.org, linux-api@vger.kernel.org, David Hildenbrand Subject: Re: [PATCH RFT v4 0/5] fork: Support shadow stacks in clone3() Message-ID: References: <20231128-clone3-shadow-stack-v4-0-8b28ffe4f676@kernel.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="3hTfKmMa/MqvxEjq" Content-Disposition: inline In-Reply-To: X-Cookie: The early worm gets the late bird. X-Spam-Status: No, score=-1.2 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on fry.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (fry.vger.email [0.0.0.0]); Fri, 01 Dec 2023 05:47:47 -0800 (PST) --3hTfKmMa/MqvxEjq Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Fri, Dec 01, 2023 at 11:50:25AM +0000, Szabolcs Nagy wrote: > The 11/30/2023 21:51, Mark Brown wrote: > > The concern Rick raised was that allowing user to pick the exact shadow > > stack pointer would allow userspace to corrupt or reuse the stack of an > > existing thread by starting a new thread with the shadow stack pointing > > into the existing shadow stack of that thread. While in isolation > note that this can be prevented by map_shadow_stack adding > a token that clone3 verifies. That would make it impossible to reuse the shadow stack once the token is overwritten which does move the needle more towards making doing the mapping separately pure overhead. --3hTfKmMa/MqvxEjq Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAmVp4/AACgkQJNaLcl1U h9CCRQf+Pn7Ini93R5gb9MJbe5tEKaLk0xby27AkrWDKCFjXVLRzfGxW/1nqKTKc nrj4iuRnG6BSUm3P4p8glFLgRzYynLPUcsmMG/uTGK+j7oZKKjJYn1KQOCAFNCBR r9dzZmY3RbLVnE1QGnux/7Yjt962zh2Jhp2vGMmXSpF7XyrP/ntaVw5tpI2KlM0y gnpKGkOkyHhyATNM6S01phAa+BBPYr7B+DRLi28Mp6saX9sptZgqKFRBFSwfi+hR CK/Hj0D2DCQZinjuDXttmKghaaVPY8+Rmw+hl9GiR8KJiBFHOLcLPqX0U9FmG7RZ 4YOTrCWL9mGfraFlXT3KXCwa7DaHkA== =skO8 -----END PGP SIGNATURE----- --3hTfKmMa/MqvxEjq--