[RFC PATCH v1 15/28] riscv/mm: Implement map_shadow_stack() syscall
Edgecombe, Rick P
rick.p.edgecombe at intel.com
Fri Feb 9 12:44:53 PST 2024
On Wed, 2024-01-24 at 22:21 -0800, debug at rivosinc.com wrote:
> From: Deepak Gupta <debug at rivosinc.com>
>
> As discussed extensively in the changelog for the addition of this
> syscall on x86 ("x86/shstk: Introduce map_shadow_stack syscall") the
> existing mmap() and madvise() syscalls do not map entirely well onto
> the
> security requirements for guarded control stacks since they lead to
> windows where memory is allocated but not yet protected or stacks
> which
> are not properly and safely initialised. Instead a new syscall
> map_shadow_stack() has been defined which allocates and initialises a
> shadow stack page.
>
> This patch implements this syscall for riscv. riscv doesn't require
> token
> to be setup by kernel because user mode can do that by itself.
> However to
> provide compatiblity and portability with other architectues, user
> mode can
> specify token set flag.
A lot of this code look very familiar. We'll have to think about at
what point we could pull some of it into the code kernel.
I think if we had an arch write_user_shstk(), most of the code could be
shared here.
More information about the linux-riscv
mailing list