On Sat, Dec 09, 2023 at 08:49:02PM -0300, Thiago Jung Bauermann wrote:
Mark Brown broonie@kernel.org writes:
Provide a new register type NT_ARM_GCS reporting the current GCS mode and pointer for EL0. Due to the interactions with allocation and deallocation of Guarded Control Stacks we do not permit any changes to the GCS mode via ptrace, only GCSPR_EL0 may be changed.
The code allows disabling GCS. Is that unintended?
No, it's intentional - ptrace has a lot of control over the process, there's not a huge point trying to protect against it doing a disable. The reason we prevent enabling is the allocation of a GCS along with enable, the complexity of doing that on a remote process seemed unjustified. If clone3() ends up allowing manual allocation and placement that'll likely be revised.