From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 007C2C74A5B for ; Sat, 11 Mar 2023 15:11:36 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 703818E0001; Sat, 11 Mar 2023 10:11:36 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 6B4886B0074; Sat, 11 Mar 2023 10:11:36 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 57BA88E0001; Sat, 11 Mar 2023 10:11:36 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 46ACD6B0071 for ; Sat, 11 Mar 2023 10:11:36 -0500 (EST) Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 142111A08E5 for ; Sat, 11 Mar 2023 15:11:36 +0000 (UTC) X-FDA: 80556956592.15.2CAFE6F Received: from mail.skyhub.de (mail.skyhub.de [5.9.137.197]) by imf23.hostedemail.com (Postfix) with ESMTP id CAF1A14000E for ; Sat, 11 Mar 2023 15:11:30 +0000 (UTC) Authentication-Results: imf23.hostedemail.com; dkim=temperror ("DNS error when getting key") header.d=alien8.de header.s=dkim header.b=ZzZRlJGs; spf=pass (imf23.hostedemail.com: domain of bp@alien8.de designates 5.9.137.197 as permitted sender) smtp.mailfrom=bp@alien8.de; dmarc=pass (policy=none) header.from=alien8.de ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1678547494; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=d3tDult2va7U5ecOKiAJ68n8tKbP1WHykv3YoeJx32s=; b=LfGVIEayQkHCGf8uZhDslBEg0g//jhwBP+0RCvFVwDeVvG6V7mAmojnii8rz/tE+d7yfZX CxMtWjGTrD6Gv0TzmTzBPtHG6k3gaLRN1bv5Rq4P3RUL+gpcP+sEar6GFDX5vvgmVVY6SO PSuQs5Iu3J71R44tOjjSDJRJCvT7Lnk= ARC-Authentication-Results: i=1; imf23.hostedemail.com; dkim=temperror ("DNS error when getting key") header.d=alien8.de header.s=dkim header.b=ZzZRlJGs; spf=pass (imf23.hostedemail.com: domain of bp@alien8.de designates 5.9.137.197 as permitted sender) smtp.mailfrom=bp@alien8.de; dmarc=pass (policy=none) header.from=alien8.de ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1678547494; a=rsa-sha256; cv=none; b=WJTc959Y3h7yqEDJTIQNojUOBjBrypCcMao/KIRD1NdtwNQA1SF5kO1kZKJ/X514lEYZMH XSPjej6VfnT3BKO19MgN8Cd8m5nhHThWmII7cJhncyD2g7DcMUOBDm5faq7fY36eEbKUIS T/1pxb/OBPzAmKpUqGxJRUlns+hvntk= Received: from zn.tnic (p5de8e9fe.dip0.t-ipconnect.de [93.232.233.254]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 1E6171EC0501; Sat, 11 Mar 2023 16:11:29 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1678547489; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references; bh=d3tDult2va7U5ecOKiAJ68n8tKbP1WHykv3YoeJx32s=; b=ZzZRlJGsHlAcooltNW/El62mvS4AgXOhPjNfTZqu36mBSxSiHh4K7bHUHfYO0DCm9ivGaH P3p5Ufg507LYYaCDuGX82pP+Zgkuw+QpOAy7uWIOIpVC1A2YvqjVthdo9cpFhh4/AO3qu2 Zf2R0x39eifZqq/wrxVASJXrU69uy5o= Date: Sat, 11 Mar 2023 16:11:28 +0100 From: Borislav Petkov To: Rick Edgecombe Cc: x86@kernel.org, "H . Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H . J . Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , Weijiang Yang , "Kirill A . Shutemov" , John Allen , kcc@google.com, eranian@google.com, rppt@kernel.org, jamorris@linux.microsoft.com, dethoma@microsoft.com, akpm@linux-foundation.org, Andrew.Cooper3@citrix.com, christina.schimpe@intel.com, david@redhat.com, debug@rivosinc.com, Mike Rapoport Subject: Re: [PATCH v7 40/41] x86/shstk: Add ARCH_SHSTK_UNLOCK Message-ID: References: <20230227222957.24501-1-rick.p.edgecombe@intel.com> <20230227222957.24501-41-rick.p.edgecombe@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20230227222957.24501-41-rick.p.edgecombe@intel.com> X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: CAF1A14000E X-Rspam-User: X-Stat-Signature: 1znsxu7te6kbm1wta1p9wnwprza776xn X-HE-Tag: 1678547490-44510 X-HE-Meta: U2FsdGVkX1/qJjK00XhU8PzzFvp4SLgJAjZEIhXF57ZoXjZbxJROL7LrcpuCjt5aowTscjVER7mRELSMQSV1vPgrzu6XvtpnPHwDcXleJ9lvWk5wpjZe1/xmv6nNz3QPSa6v9BM4/tTrA7skilUdu4bRgHj2vK7kU7EymCvy6cXR9JAffqw75zh0XSmSpsBVg0eH9qNVrJlMA6/MlcPgZIlX1W10ji2oX0NGuPce0/2cmgx0CWnFeUzMNyDqLvF8HGwqKvKmEaevdhgRYyoqQIJVguIm91LzhM5UXxYmbrayeLjsoYD2ubGi4lRIToaxdPQZI1HCYp69We3WUchNswRcP449zTfArGubt3w38HejrGJsPmPQdhAXNMoUgB/MpgLjBwrUcSn3AWR0coB+DflR4Z0KTqRcfNyKqT1KyXeMMGkLkNu6lJql+/JMbGNM/ZwRSTb+XcyEPL9XsF6GJexQ8CAEYH+O9NOSo9m1CCVJ5fV4Eo4JpXpHaqTHwAyC6y/N/Md2GvREy3cvSsUQjohVyjK1ocEfYpRdk3ASh4ifG04IbYAyZ0ZZEnf8uerKvnR+NEZ7irGh6Z3LkSSlvp0QFbc+8p1FSmZ7g/5dIemnR9dfvy4ckLu9VKz54F1cSzY0i9KqiglwFQCPdfVLxGtH7Ggr/wuyl/5WgKe6cvfTqO1U6Wg9dLPzmMxhQzxhNaSMAZJWjlSzlm6TEr/CjRuyyAqAU4MeUspmUgiqyhlEXDEL1CxauIMKyx0eu6yJ9M+DIs1q+J6H4RRucFUnbRXw9YbSdB689Yy23l0y1znwPrvUKt2J1OT1T+E+AbAKyflEzGi+9t1pE6TgtGeu2HHMom6p20L6A4mXke5KqroynFb3LM4KDiJulE5Jo/8rjf9mRKYLjrmqvqQuvDkRbKI8SQjPmJWWgRwCBUXMRbM1iLvT5Kvepeddqzvo2pFG3WASbaIvGH6clRgE95W Hjlju71F OkACu0huyqrVDjCoDVJF7gqjUSnv7xDMbeGoTAIteAHmEbERTnIox+5t21/HqxppFzWUYFQ+SRYMXHcT9YjyPq70UcCVtaDPQ0dM4o9A6UP9mraCYaXUDgJPH2DKhJCCJP446f4YYGWeNg9aDcDEAMBJneg37MJkQlYCISkk6yhWyL3Xn1CfcZc/B75bpAy6cepvUGDWov+PkT1LbAvOKLW1Kj4nhMe8AnnrXkY53DMzKeMer0TE02KKXzzW2mzdcBVMNYWqWs70KiS4e1SMZ3BeMJW9ZcKlbJnqaQ9U9avNfEkTy2HnNLoY49gFIlDE60xvZ//BY/nvTN8/wqfJr2QrD4OSK7cPSCWZRdLWDJxD7BySvjWdVkeL9+8Yb/OPnGiAvbWPfq2GiNPo9ZJLMEcK2IkQm4Y9B167Sif0eY1emBxp/dKRYOGpJNV78ajvQyEcPXKxwA0af4+M= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Mon, Feb 27, 2023 at 02:29:56PM -0800, Rick Edgecombe wrote: > From: Mike Rapoport > > Userspace loaders may lock features before a CRIU restore operation has > the chance to set them to whatever state is required by the process > being restored. Allow a way for CRIU to unlock features. Add it as an > arch_prctl() like the other shadow stack operations, but restrict it being > called by the ptrace arch_pctl() interface. > > Tested-by: Pengfei Xu > Tested-by: John Allen > Tested-by: Kees Cook > Acked-by: Mike Rapoport (IBM) That tag is kinda implicit here. Unless he doesn't ACK his own patch. :-P > Reviewed-by: Kees Cook > Signed-off-by: Mike Rapoport > [Merged into recent API changes, added commit log and docs] > Signed-off-by: Rick Edgecombe ... > diff --git a/arch/x86/kernel/shstk.c b/arch/x86/kernel/shstk.c > index 2faf9b45ac72..3197ff824809 100644 > --- a/arch/x86/kernel/shstk.c > +++ b/arch/x86/kernel/shstk.c > @@ -451,9 +451,14 @@ long shstk_prctl(struct task_struct *task, int option, unsigned long features) > return 0; > } > > - /* Don't allow via ptrace */ > - if (task != current) > + /* Only allow via ptrace */ > + if (task != current) { Is that the only case? task != current means ptrace and there's no other way to do this from userspace? Isn't there some flag which says that task is ptraced? I think we should check that one too... -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette