On Tue, 2024-10-08 at 16:17 -0700, Deepak Gupta wrote:
Yeah you're right. Honestly, I've been shameless in adapting most of the flows from x86 `shstk.c` for risc-v. So thank you for that.
All good, glad we ended up with similar behavior.
Now that we've `ARCH_HAS_USER_SHADOW_STACK` part of multiple patch series (riscv shadowstack, clone3 and I think arm64 gcs series as well). It's probably the appropriate time to find common grounds.
There have been bugs in the similar bits of code. So will be nice to not have to fix them in each arch too.
This is what I suggest
- move most of the common/arch agnostic shadow stack stuff in kernel/shstk.c
This gets part of compile if `ARCH_HAS_USER_SHADOW_STACK` is enabled/selected.
Yea, I guess we have commonality for (in x86 naming): - map_shadow_stack() - shstk_free() - shstk_alloc_thread_stack() - shstk_setup()
The signal part starts to diverge. Then I guess x86 has a different prctl interface.
- allow arch specific branch out guard checks for "if cpu supports", "is shadow stack
enabled on the task_struct" (I expect each arch layout of task_struct will be different, no point finding common ground there), etc.
Sure.
I think it's worth a try. If you already don't have patches, I'll spend some time to see what it takes to converge in my next version. If I end up into some roadblock, will use this thread for further discussion.
Sounds good. I have not looked at it too much.