Re: [PATCH v26 23/30] x86/cet/shstk: Handle thread shadow stack

From: Yu, Yu-cheng
Date: Tue May 11 2021 - 14:35:14 EST

Next message: Dmitry Osipenko: "Re: [PATCH v1 2/2] memory: tegra: Enable compile testing for all drivers"
Previous message: Brijesh Singh: "Re: [PATCH Part2 RFC v2 36/37] KVM: SVM: Provide support for SNP_GUEST_REQUEST NAE event"
In reply to: David Laight: "RE: [PATCH v26 23/30] x86/cet/shstk: Handle thread shadow stack"
Next in thread: Borislav Petkov: "Re: [PATCH v26 23/30] x86/cet/shstk: Handle thread shadow stack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 5/10/2021 7:15 AM, Borislav Petkov wrote:

On Tue, Apr 27, 2021 at 01:43:08PM -0700, Yu-cheng Yu wrote:

@@ -181,6 +184,12 @@ int copy_thread(unsigned long clone_flags, unsigned long sp, unsigned long arg,
if (clone_flags & CLONE_SETTLS)
ret = set_new_tls(p, tls);
+#ifdef CONFIG_X86_64

IS_ENABLED

+ /* Allocate a new shadow stack for pthread */
+ if (!ret)
+ ret = shstk_setup_thread(p, clone_flags, stack_size);
+#endif
+

And why is this addition here...

if (!ret && unlikely(test_tsk_thread_flag(current, TIF_IO_BITMAP)))
io_bitmap_share(p);

... instead of here?

<---

io_bitmap_share() does refcount_inc(&current->thread.io_bitmap->refcnt), and the function won't fail. However, shadow stack allocation can fail. So, maybe leave io_bitmap_share() at the end?

Thanks,
Yu-cheng

Next message: Dmitry Osipenko: "Re: [PATCH v1 2/2] memory: tegra: Enable compile testing for all drivers"
Previous message: Brijesh Singh: "Re: [PATCH Part2 RFC v2 36/37] KVM: SVM: Provide support for SNP_GUEST_REQUEST NAE event"
In reply to: David Laight: "RE: [PATCH v26 23/30] x86/cet/shstk: Handle thread shadow stack"
Next in thread: Borislav Petkov: "Re: [PATCH v26 23/30] x86/cet/shstk: Handle thread shadow stack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]