Re: [PATCH] fhandler/proc.cc(format_proc_cpuinfo): Add Linux 6.3 cpuinfo

2023-05-12 Thread Jon Turney 

On 08/05/2023 04:12, Brian Inglis wrote:

cpuid0x0007:0 ecx:7 shstk Shadow Stack support & Windows 
[20]20H1/[20]2004+
=> user_shstk User mode program Shadow Stack support
AMD SVM  0x800a:0 edx:25 vnmi virtual Non-Maskable Interrrupts
Sync AMD 0x8008:0 ebx flags across two output locations


Thanks.  I applied this.

Does this need applying to the 3.4 branch as well?


---
  winsup/cygwin/fhandler/proc.cc | 29 ++---


  
+  /* cpuid 0x0007 ecx & Windows [20]20H1/[20]2004+ */

+  if (maxf >= 0x0007 && wincap.osname () >= "10.0"
+&& wincap.build_number () >= 19041)
+{
+ cpuid (&unused, &unused, &features1, &unused, 0x0007, 0);
+ ftcprint (features1,  7, "user_shstk"); /* "user shadow stack" */
+   }
+


This seems a little odd and maybe worthy of a comment, as surely the CPU 
has the capability irrespective of the OS?

Re: [PATCH] fhandler/proc.cc(format_proc_cpuinfo): Add Linux 6.3 cpuinfo

2023-05-12 Thread Brian Inglis 

On 2023-05-12 09:36, Jon Turney wrote:

On 08/05/2023 04:12, Brian Inglis wrote:
cpuid    0x0007:0 ecx:7 shstk Shadow Stack support & Windows 
[20]20H1/[20]2004+

    => user_shstk User mode program Shadow Stack support
AMD SVM  0x800a:0 edx:25 vnmi virtual Non-Maskable Interrrupts
Sync AMD 0x8008:0 ebx flags across two output locations


Thanks.  I applied this.

Does this need applying to the 3.4 branch as well?


How many users with the latest models will worry about this before 3.5 release 
about October, and may Cygwin have support by then?



---
  winsup/cygwin/fhandler/proc.cc | 29 ++---



+  /* cpuid 0x0007 ecx & Windows [20]20H1/[20]2004+ */
+  if (maxf >= 0x0007 && wincap.osname () >= "10.0"
+ && wincap.build_number () >= 19041)
+    {
+  cpuid (&unused, &unused, &features1, &unused, 0x0007, 0);
+  ftcprint (features1,  7, "user_shstk");    /* "user shadow stack" */
+    }
+


This seems a little odd and maybe worthy of a comment, as surely the CPU has the 
capability irrespective of the OS?


Yes, see the log comment documenting the shtsk feature and the Windows release 
supporting the process feature, and the patch comment echoing that.


Intel 11th gen and AMD Zen3+ processor models both support the same Control-flow 
Enforcement Technology CET and shstk cpuid and arch features, save areas, MSRs, 
etc.


That is the (currently commented out in the patch) shstk feature, which is 
detected by the Linux kernel but not reported by Linux cpuinfo, and not yet 
fully supported in the kernel by the Intel CET Linux patches.


Whereas Linux cpuinfo does report "user_shstk", which depends on kernel, 
process, compiler, library, and image support, which requires Windows from 
[20]20H1/[20]2004+ enabling and setting up the supported variants of CET flagged 
in one of the process image debug headers, and saving/restoring the shadow stack 
pointer SSP register.


https://www.intel.com/content/www/us/en/developer/articles/technical/technical-look-control-flow-enforcement-technology.html

The current GCC supports -mshstk, but I don't know if there is yet any back end 
support for variants of CET to be flagged in ELF or PE32+ process image debug 
headers, or plans for newlib x86 or Cygwin startup support, and exception 
handling?


--
Take care. Thanks, Brian Inglis  Calgary, Alberta, Canada

La perfection est atteinte   Perfection is achieved
non pas lorsqu'il n'y a plus rien à ajouter  not when there is no more to add
mais lorsqu'il n'y a plus rien à retirer but when there is no more to cut
-- Antoine de Saint-Exupéry