Announcement

Collapse
No announcement yet.

Intel CET Shadow Stack Support Set To Be Introduced With Linux 6.4

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Intel CET Shadow Stack Support Set To Be Introduced With Linux 6.4

    Phoronix: Intel CET Shadow Stack Support Set To Be Introduced With Linux 6.4

    After being in development for years, Intel's shadow stack support is set to be merged for the upcoming Linux 6.4 cycle. The shadow stack support is part of Intel's Control-flow Enforcement Technology (CET) security functionality...

    Intel CET Shadow Stack Support Set To Be Introduced With Linux 6.4 - Phoronix
    https://www.phoronix.com/news/Linux-6.4-Shadow-Stack-Coming
    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
    Tags: None
  • #2
    Any other OSes pick this up? Sounds like something Theo would want for OpenBSD and sounds like something Microsoft would want for Windows 11!

    Comment

    • #3
      How does that work? The shadow stack is readonly to the application?
      • Likes 1

      Comment

      • #4
        Originally posted by unwind-protect View Post
        How does that work? The shadow stack is readonly to the application?
        As I understand it:
        1. The shadow stack is in memory that isn't mapped into the application's address space at all
        2. The x86 CALL opcode is augmented to push to both the visible stack and the shadow stack
        3. The x86 RET opcode is augmented to pop from both stacks, check for equality, and fault into the handler the kernel set up if they don't match.
        • Likes 5

        Comment

        Previous template Next
        Working...
        X