subject:"\[PATCH v2 14\/14\] x86\/shstk\: Activate Supervisor Shadow Stacks"

Re: [PATCH v2 14/14] x86/shstk: Activate Supervisor Shadow Stacks

2020-05-29 Thread Andrew Cooper

On 29/05/2020 14:09, Jan Beulich wrote: > On 27.05.2020 21:18, Andrew Cooper wrote: >> With all other plumbing in place, activate shadow stacks when possible. Note >> that this requires prohibiting the use of PV32. Compatibility can be >> maintained if necessary via PV-Shim. > In the revision log

Re: [PATCH v2 14/14] x86/shstk: Activate Supervisor Shadow Stacks

2020-05-29 Thread Jan Beulich

On 27.05.2020 21:18, Andrew Cooper wrote: > With all other plumbing in place, activate shadow stacks when possible. Note > that this requires prohibiting the use of PV32. Compatibility can be > maintained if necessary via PV-Shim. In the revision log you say "Discuss CET-SS disabling PV32", and

[PATCH v2 14/14] x86/shstk: Activate Supervisor Shadow Stacks

2020-05-27 Thread Andrew Cooper

With all other plumbing in place, activate shadow stacks when possible. Note that this requires prohibiting the use of PV32. Compatibility can be maintained if necessary via PV-Shim. The BSP needs to wait until alternatives have run (to avoid interaction with CR0.WP), and after the first reset_s