On Wed, Aug 02, 2023 at 05:27:54PM +0100, Mark Brown wrote:
On Tue, Aug 01, 2023 at 08:57:59PM +0000, Edgecombe, Rick P wrote:
To make sure we are on the same page: What I'm saying is say we do something like add another flag SHADOW_STACK_SET_MARKER that means add a marker at the end (making the token off by one frame). Then you can just reject any flags != (SHADOW_STACK_SET_MARKER | SHADOW_STACK_SET_TOKEN) value, and leave the rest of the code as is. So not really implementing anything new.
Then x86 could use the same flag meanings if/when it implements end markers. If it doesn't seem worth it, it's not a big deal on my end. Just seemed that they were needlessly diverging.
Yes, my understanding of the flags is the same. I'll definitely implement omitting the cap since there's an actual use case for that (extending an existing stack, it's marginally safer to not have any opportunity to pivot into the newly allocated region).
BTW are you planning to repost the series for this release? We're almost at -rc5 which is pretty late and I didn't see anything yet. It looks like there's a branch in tip that's getting some updates but it's not getting merged for -next.