On Wed, 20 Aug 2025 15:14:40 +0100, Mark Brown <broonie@xxxxxxxxxx> wrote: > > The arm64 Guarded Control Stack (GCS) feature provides support for > hardware protected stacks of return addresses, intended to provide > hardening against return oriented programming (ROP) attacks and to make > it easier to gather call stacks for applications such as profiling. > > When GCS is active a secondary stack called the Guarded Control Stack is > maintained, protected with a memory attribute which means that it can > only be written with specific GCS operations. The current GCS pointer > can not be directly written to by userspace. When a BL is executed the > value stored in LR is also pushed onto the GCS, and when a RET is > executed the top of the GCS is popped and compared to LR with a fault > being raised if the values do not match. GCS operations may only be > performed on GCS pages, a data abort is generated if they are not. > > The combination of hardware enforcement and lack of extra instructions > in the function entry and exit paths should result in something which > has less overhead and is more difficult to attack than a purely software > implementation like clang's shadow stacks. > > This series implements support for managing GCS for KVM guests, it also > includes a fix for S1PIE which has also been sent separately as this > feature is a dependency for GCS. It is based on: > > https://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-next/gcs > Is this cover letter accurate? I don't see any PIE-related patch, and you indicate this being rebased on 6.17-rc1... M. -- Jazz isn't dead. It just smells funny.
