Commit 488af8ea authored Jun 12, 2023 by Rick Edgecombe Committed by Dave Hansen Aug 02, 2023

x86/shstk: Wire in shadow stack interface



The kernel now has the main shadow stack functionality to support
applications. Wire in the WRSS and shadow stack enable/disable functions
into the existing shadow stack API skeleton.

Signed-off-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Borislav Petkov (AMD) <bp@alien8.de>
Reviewed-by: Kees Cook <keescook@chromium.org>
Acked-by: Mike Rapoport (IBM) <rppt@kernel.org>
Tested-by: Pengfei Xu <pengfei.xu@intel.com>
Tested-by: John Allen <john.allen@amd.com>
Tested-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/all/20230613001108.3040476-38-rick.p.edgecombe%40intel.com

parent 0ee44885

arch/x86/kernel/shstk.c

+8 −0

Original line number	Diff line number	Diff line
		@@ -502,9 +502,17 @@ long shstk_prctl(struct task_struct *task, int option, unsigned long features)
		return -EINVAL;

		if (option == ARCH_SHSTK_DISABLE) {
		if (features & ARCH_SHSTK_WRSS)
		return wrss_control(false);
		if (features & ARCH_SHSTK_SHSTK)
		return shstk_disable();
		return -EINVAL;
		}

		/* Handle ARCH_SHSTK_ENABLE */
		if (features & ARCH_SHSTK_SHSTK)
		return shstk_setup();
		if (features & ARCH_SHSTK_WRSS)
		return wrss_control(true);
		return -EINVAL;
		}