Re: [PATCH v6 00/41] Shadow stacks for userspace

[Edgecombe, Rick P]

On Sun, 2023-02-19 at 19:42 -0800, Kees Cook wrote:
> On Sat, Feb 18, 2023 at 01:13:52PM -0800, Rick Edgecombe wrote:
> > This series implements Shadow Stacks for userspace using x86's
> > Control-flow 
> > Enforcement Technology (CET). CET consists of two related security
> > features: 
> > shadow stacks and indirect branch tracking. This series implements
> > just the 
> > shadow stack part of this feature, and just for userspace.
> 
> Okay, I've done some bare metal testing, and it all looks happy. The
> selftest passes, and I can can see the stack address mismatch get
> detected if I explicitly rewrite the saved function pointer on the
> stack:
> 
> [INFO] Want normal flow
> [INFO] Found 0x401890 @ 0x7fff47cf2ef8
> [INFO] Normal execution flow
> [INFO] Want to redirect
> [INFO] Found 0x401890 @ 0x7fff47cf2ef8
> [INFO] Hijacked execution flow
> [INFO] Enabling shadow stack
> [INFO] Want to redirect
> [INFO] Found 0x401890 @ 0x7fff47cf2ef8
> Segmentation fault (core dumped)
> 
> Tested-by: Kees Cook <keescook@xxxxxxxxxxxx>

Thanks and for the other tags!