-
Notifications
You must be signed in to change notification settings - Fork 40
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
implement shadow stacks #455
base: main
Are you sure you want to change the base?
Commits on Sep 18, 2024
-
mm: implement VMKernelShadowStack
The initialization and pt_flags are a bit special for shadow stack pages, so this warrants a new `VirtualMapping` implementations. Signed-off-by: Tom Dohrmann <erbse.13@gmx.de>
Configuration menu - View commit details
-
Copy full SHA for a29d1c9 - Browse repository at this point
Copy the full SHA a29d1c9View commit details -
percpu: allocate an initial shadow stack
This shadow stack is used when not using a task's shadow stack. Signed-off-by: Tom Dohrmann <erbse.13@gmx.de>
Configuration menu - View commit details
-
Copy full SHA for 56b214e - Browse repository at this point
Copy the full SHA 56b214eView commit details -
The interrupt shadow stack table (ISST) is very similar to the interrupt stack table (IST) except that it contains shadow stack addresses instead of normal stack addresses. Signed-off-by: Tom Dohrmann <erbse.13@gmx.de>
Configuration menu - View commit details
-
Copy full SHA for 0fbbd41 - Browse repository at this point
Copy the full SHA 0fbbd41View commit details -
task: allocate shadow stacks for each task
Each task needs to a normal shadow stack and shadow stack used for exception handling. Signed-off-by: Tom Dohrmann <erbse.13@gmx.de>
Configuration menu - View commit details
-
Copy full SHA for 1bc3c0c - Browse repository at this point
Copy the full SHA 1bc3c0cView commit details -
idt: add shadow stack pointer to exception context
Some exception handlers will need to update the shadow stack, so they need to know the shadow stack pointer at the time of the exception. Signed-off-by: Tom Dohrmann <erbse.13@gmx.de>
Configuration menu - View commit details
-
Copy full SHA for 8d2db3f - Browse repository at this point
Copy the full SHA 8d2db3fView commit details -
idt: update return address on shadow stack
Whenever we update the return address on the shadow stack, we'll also need to update the return address on the shadow stack. Signed-off-by: Tom Dohrmann <erbse.13@gmx.de>
Configuration menu - View commit details
-
Copy full SHA for 5a3d5fe - Browse repository at this point
Copy the full SHA 5a3d5feView commit details -
schedule: switch to special stack during context switches
We need to guard against IRQs coming in after switching to the new page tables and before switching to the new stack. Signed-off-by: Tom Dohrmann <erbse.13@gmx.de>
Configuration menu - View commit details
-
Copy full SHA for ab39c92 - Browse repository at this point
Copy the full SHA ab39c92View commit details -
schedule: switch shadow stacks in context switch
Each task has separate shadow stacks, so we need to switch them when switching tasks. Signed-off-by: Tom Dohrmann <erbse.13@gmx.de>
Configuration menu - View commit details
-
Copy full SHA for 640249f - Browse repository at this point
Copy the full SHA 640249fView commit details -
This enables shadow stacks for the BSP. Signed-off-by: Tom Dohrmann <erbse.13@gmx.de>
Configuration menu - View commit details
-
Copy full SHA for d4e4487 - Browse repository at this point
Copy the full SHA d4e4487View commit details -
This enables shadow stacks on the secondary APs. Signed-off-by: Tom Dohrmann <erbse.13@gmx.de>
Configuration menu - View commit details
-
Copy full SHA for f189193 - Browse repository at this point
Copy the full SHA f189193View commit details -
This exception handler will be executed when the CPU detects a mismatch between the return address on the stack and the return address on the shadow stack. Signed-off-by: Tom Dohrmann <erbse.13@gmx.de>
Configuration menu - View commit details
-
Copy full SHA for 207847f - Browse repository at this point
Copy the full SHA 207847fView commit details -
shadow_stack: determine support at runtime
Trusted CPUID values are hard to come by, so let's just try to enable CET in CR4 and handle failure gracefully. Signed-off-by: Tom Dohrmann <erbse.13@gmx.de>
Configuration menu - View commit details
-
Copy full SHA for cc5c763 - Browse repository at this point
Copy the full SHA cc5c763View commit details