From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id E1028C46467
	for <linux-mm@archiver.kernel.org>; Fri, 20 Jan 2023 00:40:44 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 755AA6B0074; Thu, 19 Jan 2023 19:40:44 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 706046B0075; Thu, 19 Jan 2023 19:40:44 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 5CD496B0078; Thu, 19 Jan 2023 19:40:44 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14])
	by kanga.kvack.org (Postfix) with ESMTP id 4E3916B0074
	for <linux-mm@kvack.org>; Thu, 19 Jan 2023 19:40:44 -0500 (EST)
Received: from smtpin27.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay02.hostedemail.com (Postfix) with ESMTP id 17FCA12019F
	for <linux-mm@kvack.org>; Fri, 20 Jan 2023 00:40:44 +0000 (UTC)
X-FDA: 80373322008.27.D9B86BA
Received: from mail-pl1-f176.google.com (mail-pl1-f176.google.com [209.85.214.176])
	by imf05.hostedemail.com (Postfix) with ESMTP id 4873B100005
	for <linux-mm@kvack.org>; Fri, 20 Jan 2023 00:40:42 +0000 (UTC)
Authentication-Results: imf05.hostedemail.com;
	dkim=pass header.d=chromium.org header.s=google header.b=b7i2+RwK;
	spf=pass (imf05.hostedemail.com: domain of keescook@chromium.org designates 209.85.214.176 as permitted sender) smtp.mailfrom=keescook@chromium.org;
	dmarc=pass (policy=none) header.from=chromium.org
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1674175242;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=sFVdIvvzo/ETapZbTHnKoiKfHn/j96E5/5giRSCHT/Q=;
	b=WMbHWN6Q+Zr2ZPSiDJsnzyI5ycOGGqb8B2smR2YjsEeHy7u95/1A1g/5GH0IF/qGHaQaxm
	IxtL8o1rQS6rqbp2cEHEusJap1LFFOyLhHcSvYiLotjbI6jmwfMxuns70CQXCR0UgS4hrI
	b5cQPjOd1GqV9/NHzUoRB8v2RpW4mi4=
ARC-Authentication-Results: i=1;
	imf05.hostedemail.com;
	dkim=pass header.d=chromium.org header.s=google header.b=b7i2+RwK;
	spf=pass (imf05.hostedemail.com: domain of keescook@chromium.org designates 209.85.214.176 as permitted sender) smtp.mailfrom=keescook@chromium.org;
	dmarc=pass (policy=none) header.from=chromium.org
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1674175242; a=rsa-sha256;
	cv=none;
	b=R8ULZ0+Y00z+Zh46lIXo/sYCIf3qRDuLo3qbJoIGmQqKnik3xfJnGfQSY8zf220sO1PjKr
	bqDzqIOn7pmdSO4sHzsdlBweBkYvm1tGCoa05n9PjhixLKCeJQDVANsEIG6OvNESVkobAC
	TQJyDyjDTxt/Yj66u9/ob/OAuQu2kFM=
Received: by mail-pl1-f176.google.com with SMTP id p24so3923915plw.11
        for <linux-mm@kvack.org>; Thu, 19 Jan 2023 16:40:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=chromium.org; s=google;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to;
        bh=sFVdIvvzo/ETapZbTHnKoiKfHn/j96E5/5giRSCHT/Q=;
        b=b7i2+RwK9hPdPhRuhNwQDc5ekeYQ8BuSoHBwLqngASebWmuy1HGgZjKn8Azys5ZfMV
         VfY+8xr7v9QZDNwxb3DJ+OX78vZBg5b/ispDLD6iHYuVIg+vZmOqUM+Uu+YQENkVD3K8
         GbDXNoen7J2f2I7aybB8nIa6N522nKxhQkenk=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date
         :message-id:reply-to;
        bh=sFVdIvvzo/ETapZbTHnKoiKfHn/j96E5/5giRSCHT/Q=;
        b=bsU/YAm2udFACipvJz3LNkNTuU76HOTGXsP9/Q957k03ovvZZkrTjxifmkosTT1paq
         VWiYAOh/JwEzwXytzmZLH8+viwxMwauYhgYr4jM8h+nPPH2hhdVrRnwa1/diY1/nqGde
         yZLK3af482eZxBkNKOp3SLg/bKtOAiMDwwk4xrcHUk+8WnFpZIuV2qDPp0PKjdkX91+n
         a6t4b83rn/n6oEqEMRtE77iyXtvKFREcqb0G/GmXiRiq54oERnbsTF2HjdWAzFf1w4zj
         gVbATeQKkG4bMkkBDPz6HDcQbf5lkPFwt1IUGxdHm03mauLtP7wl5ueO3JN6sYZPFgxe
         /k9g==
X-Gm-Message-State: AFqh2krCaClJgy9PugM5DqcxD+ilvo1eUhHQ9WNRIZtaY4gkD9WHHWLl
	IqNdipMU7cyW2zdl/Z63DHPfpg==
X-Google-Smtp-Source: AMrXdXv7pylFHOs3hcd85th2qDd1Mgc6nRCCmWLDNzyscDG+u+mxW82jHU3aLqsYpfnAU/bDqdra8g==
X-Received: by 2002:a05:6a21:99a7:b0:b2:5cf9:817b with SMTP id ve39-20020a056a2199a700b000b25cf9817bmr18329080pzb.5.1674175241235;
        Thu, 19 Jan 2023 16:40:41 -0800 (PST)
Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163])
        by smtp.gmail.com with ESMTPSA id t25-20020a62d159000000b0056bd1bf4243sm9814718pfl.53.2023.01.19.16.40.40
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 19 Jan 2023 16:40:40 -0800 (PST)
Date: Thu, 19 Jan 2023 16:40:40 -0800
From: Kees Cook <keescook@chromium.org>
To: Rick Edgecombe <rick.p.edgecombe@intel.com>
Cc: x86@kernel.org, "H . Peter Anvin" <hpa@zytor.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@redhat.com>, linux-kernel@vger.kernel.org,
	linux-doc@vger.kernel.org, linux-mm@kvack.org,
	linux-arch@vger.kernel.org, linux-api@vger.kernel.org,
	Arnd Bergmann <arnd@arndb.de>, Andy Lutomirski <luto@kernel.org>,
	Balbir Singh <bsingharora@gmail.com>,
	Borislav Petkov <bp@alien8.de>,
	Cyrill Gorcunov <gorcunov@gmail.com>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	Eugene Syromiatnikov <esyr@redhat.com>,
	Florian Weimer <fweimer@redhat.com>,
	"H . J . Lu" <hjl.tools@gmail.com>, Jann Horn <jannh@google.com>,
	Jonathan Corbet <corbet@lwn.net>,
	Mike Kravetz <mike.kravetz@oracle.com>,
	Nadav Amit <nadav.amit@gmail.com>, Oleg Nesterov <oleg@redhat.com>,
	Pavel Machek <pavel@ucw.cz>, Peter Zijlstra <peterz@infradead.org>,
	Randy Dunlap <rdunlap@infradead.org>,
	Weijiang Yang <weijiang.yang@intel.com>,
	"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
	John Allen <john.allen@amd.com>, kcc@google.com, eranian@google.com,
	rppt@kernel.org, jamorris@linux.microsoft.com,
	dethoma@microsoft.com, akpm@linux-foundation.org,
	Andrew.Cooper3@citrix.com, christina.schimpe@intel.com,
	Yu-cheng Yu <yu-cheng.yu@intel.com>
Subject: Re: [PATCH v5 02/39] x86/shstk: Add Kconfig option for shadow stack
Message-ID: <202301191640.DE1E4D3@keescook>
References: <20230119212317.8324-1-rick.p.edgecombe@intel.com>
 <20230119212317.8324-3-rick.p.edgecombe@intel.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20230119212317.8324-3-rick.p.edgecombe@intel.com>
X-Rspam-User: 
X-Rspamd-Server: rspam04
X-Rspamd-Queue-Id: 4873B100005
X-Stat-Signature: bdii8u334tpbzpg5rn4jgokqnddyxhzj
X-HE-Tag: 1674175242-311282
X-HE-Meta: U2FsdGVkX19yvOkmPNo0Q0AUWMj68lOAohBXvmt2M8adIYxEOfGXgTkpU13vK158NdGdFKJeNC14/QtoWeZrjl3a55wDVEjNi0dcO0cWgvgFC6cI2lhfN2DUjEl+CeEzaewYX+cWTOH+bdXTDHU+OjhDhWjsmpZXPXrjyjfzBDUjI7lYuG++Dpye8oG83NbVFx4CFCRoT2aruJrgIr2aIVkJF20mrZtDLFMponIV0E0VLPKEq+fcgQoEjWype1vAtb51yyoRs5xSBj9/AgPnO0KBxHaPQXc/MXP2oiK+g1VGm50RFQfw4mu7yNS7Uo/P/a16AjH+4zq1cWSkoHVfRkBKZnd7B+xA5yVPQGDzx51GqBFr7GE9GKRTXm/Uz4Ui9MLIUMnWB09ABLZbRYTWnWQynEhagvAMdtFbJNXeQhkQpE1DGSY6LUnVqDodHUkOfg2F34E1inDta5vqyz4Ifmg3xPzGSed9gNfOoCTfI4fYTdSCa9Uz8w8xFE0ulVIvxBkXrbCAUOep6IDTNRr7kT5+8olIv0UV9BZFdxHUkt2yb7Q8/6zNwQTk1roNq18EJZ+Aobogwixz7SLliSlxbolVY+sGX0dSNYsFDiaPO4a7F+R12gRU0qC1nvCAdKlv0CTonWOwdKPTjVAFkmMoPRcAnkxe4TSYGjvUlFtbxbTBl1DMDDjaabxrBogLzP6y9cn/vzn7wdr8bL6iikfDIG6e+WMutc1dISKnsYaf/khBXblfr96MUdc1SikGfa8Izp8ES9DKHTnBaydUA6c3SEkJPZfDQx+odSpdxrl073JkeTVhR2QV7SrVhJLKK97RWTf7pphAZz/8kg8D/mlVRoF5kWk08g1Yawg1IYulDJquN9XdInMqJs7QlGweI0znN6/qOZ4gzNGvzUbhyTYkbGyz5zRF0nz7CQWS+70RKCnpPOVf/wv4pmDSqdFOyg0h7uOYHN5+aElf9bP9TVQ
 XfDs5Mro
 AacSEzok0QnzkOUq3jkVfo8pCHIrb8G+67VE0syl6DOCdyEFD8eXL7SzPruAbFf6dh++ti3T6Fq44yGi/VqkpOP5oWpP9fAAZIOSD4EJCA0tVutOP1NgimOTvKJ0Hh4uoBQ5486d7nQQPvEj+mh7ru+ery+WZoO9LGXJrQUj4PwuTLNdYISmybuCCxQtb9BL0Zyx2XvHDeizLUZ6S5IfoMJJNcOzTYEGCvd60h+46lqMHoPBOffWKZ+zOmyxsm1udWnrrw1WrrsUE2sRFMk8CbDWGnuoeHSVqnNMCWfH6O0dKCqXQHWA2qYpRDp3wbXd78E2UYpodYBvBXA7xPY2dr1eYvEPV78RzgEl/s8FG80f+5oDSI1Bawh5WC6tmHPaKvHdIPZzUMoAImROaCL3/E3seY6Rz+AaWcvioYlyPJznmnz1mlHCeaDSW+h0XDNIwVc/oIe4W3hCwVLvPYdcvMbU0+Fx66dZtN+fJohbdlqj2zULmCwSH5nQ0SGHXtfy/6+OzyC2KCLo1npyo+bCnO7ynvVHe6Qhvo4gBgZ5wpOOGZ9g=
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Thu, Jan 19, 2023 at 01:22:40PM -0800, Rick Edgecombe wrote:
> From: Yu-cheng Yu <yu-cheng.yu@intel.com>
> 
> Shadow stack provides protection for applications against function return
> address corruption. It is active when the processor supports it, the
> kernel has CONFIG_X86_SHADOW_STACK enabled, and the application is built
> for the feature. This is only implemented for the 64-bit kernel. When it
> is enabled, legacy non-shadow stack applications continue to work, but
> without protection.
> 
> Since there is another feature that utilizes CET (Kernel IBT) that will
> share implementation with shadow stacks, create CONFIG_CET to signify
> that at least one CET feature is configured.
> 
> Tested-by: Pengfei Xu <pengfei.xu@intel.com>
> Tested-by: John Allen <john.allen@amd.com>
> Signed-off-by: Yu-cheng Yu <yu-cheng.yu@intel.com>

Reviewed-by: Kees Cook <keescook@chromium.org>

-- 
Kees Cook