[PATCH v9 05/39] arm64/gcs: Document the ABI for Guarded Control Stacks
Edgecombe, Rick P
rick.p.edgecombe at intel.com
Tue Jul 16 11:50:12 PDT 2024
+Stephen, who had been asking about RIP integrity awhile back.
Thread context for Stephen:
https://lore.kernel.org/lkml/Zo7SdDT_cBp6uXgT@finisterre.sirena.org.uk/#t
On Wed, 2024-07-10 at 19:27 +0100, Mark Brown wrote:
> On Wed, Jul 10, 2024 at 12:36:21PM +0200, Florian Weimer wrote:
> > * Mark Brown:
>
> > > +* When GCS is enabled for the interrupted thread a signal handling
> > > specific
> > > + GCS cap token will be written to the GCS, this is an architectural GCS
> > > cap
> > > + token with bit 63 set and the token type (bits 0..11) all clear. The
> > > + GCSPR_EL0 reported in the signal frame will point to this cap token.
>
> > How does this marker interfere with Top Byte Ignore (TBI; I hope I got
> > the name right)? The specification currently does not say that only
> > addresses pushed to the shadow stack with the top byte cleared, which
> > potentially makes the markup ambiguous. On x86-64, the same issue may
>
> Indeed... Given that we use the address on the GCS as part of the token
> on first pass I think we could get away with just using the address and
> not setting the top bit, we'd have an invalid cap pointing into a GCS
> page which shouldn't otherwise be on the GCS. I'll give that some more
> thought.
>
> > exist with LAM. I have not tested yet what happens there. On AArch64
> > and RISC-V, it may be more natural to use the LSB instead of the LSB for
> > the mark bit because of its instruction alignment.
>
> The LSB is already taken by the architecture on aarch64, the bottom bits
> of the value are used for the token type field with no values/bits
> reserved for software use.
>
> > We also have a gap on x86-64 for backtrace generation because the
> > interrupted instruction address does not end up on the shadow stack.
> > This address is potentially quite interesting for backtrace generation.
> > I assume it's currently missing because the kernel does not resume
> > execution using a regular return instruction. It would be really useful
> > if it could be pushed to the shadow stack, or recoverable from the
> > shadow stack in some other way (e.g., the address of the signal context
> > could be pushed instead). That would need some form of marker as well.
>
> Right, we'd have to manually consume any extra address we put on the
> GCS. I'm not seeing any gagetisation issues with writing an extra value
> there that isn't a valid stack cap at the minute but I'll need to think
> it through properly - don't know if anyone else has thoughts here?
Shadow stack has one main usage (security) and another less proven, but
interesting usage for backtracing. I'm wary of adding things to the shadow stack
as they come up in an ad-hoc fashion, especially for the fuzzier usage. Do you
have a handle on everything the tracing usage would need?
But besides that I've wondered if there could be a security benefit to adding
some fields of the sigframe (RIP being the prime one) to the shadow stack, or a
cryptographic hash of the sigframe.
More information about the linux-riscv
mailing list