[PATCH v4 09/36] arm64/mm: Allocate PIE slots for EL0 guarded control stack
Mark Brown
broonie at kernel.org
Tue Aug 15 16:21:49 PDT 2023
On Fri, Aug 11, 2023 at 03:23:12PM +0100, Catalin Marinas wrote:
> > #define PIE_E1 ( \
> > + PIRx_ELx_PERM(pte_pi_index(_PAGE_GCS), PIE_RW) | \
> > + PIRx_ELx_PERM(pte_pi_index(_PAGE_GCS_RO), PIE_R) | \
> Had some thoughts on this. Why do we need the EL1 GCS attributes to map
> to RW? The instructions we'd use to write the shadow stack are the GCS
> 'T' variants that run as user already.
> The only instructions we have in the kernel that would run as EL1 on a
> user address are the exclusives (futex code or the old deprecated
> emulation but we don't care about them in this context). So I wonder
> whether the kernel PIE entry could simply be PIE_NONE_O. Would this be
> too restrictive for future uses? Given the coherency between a GCS
> access and a standard data access, we may want to restrict it now until
> we have a use-case.
Good point. I remember I originally wrote that before I checked into
how things like copying pages for ptrace worked but they don't keep
the GCSness of the page so they're fine.
I don't think we need to worry about future uses since these are slots
reserved for GCS use, if we need a different value later
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/linux-riscv/attachments/20230816/77e4f67e/attachment.sig>
More information about the linux-riscv
mailing list