public inbox for gdb@sourceware.org
 help / color / mirror / Atom feed
From: "Schimpe, Christina" <christina.schimpe@intel.com>
To: Luis Machado <luis.machado@arm.com>,
	"gdb@sourceware.org" <gdb@sourceware.org>
Subject: RE: Shadow stack backtrace command name
Date: Wed, 20 Dec 2023 15:35:06 +0000	[thread overview]
Message-ID: <SN7PR11MB7638C8495F97D77793A57EC3F996A@SN7PR11MB7638.namprd11.prod.outlook.com> (raw)
In-Reply-To: <0dc1193d-83dc-4433-9f2b-25f3d1bb42fd@arm.com>

Hi, 

Thanks a lot for your feedback. Please find my answers to your comments below.

> > Having in mind that that the shadow stack is not only a x86-specific
> > feature but can be seen as a generic concept we also considered that
> > it could be part of the existing backtrace command, e.g.:
> > - "bt -shadow"
> > (+) Short syntax
> > (+/-) Most of the settings of the bt command don't apply to the shadow
> > stack (frame arguments and info). This might cause confusion.
> >
> > For this option, it might make sense to introduce a new setting for
> > the bt command which is for shadow stack only, e.g. "-symbol-filename
> [on|off]".
> >
> > What are your thoughts on this topic? Any feedback and new ideas are
> welcome.
> 
> I like the option of reusing whatever is possible to reuse from the current
> backtrace command, so "bt -shadow" seems like a sensible option.
> 
> It doesn't seem to me like this command will be used a lot. I expect it will be
> useful only when we catch a fault due to a corrupt stack trace, so putting it within
> the more general "backtrace" option would accomplish that.
> 
> With that said, depending on how shadow stack support is implemented in gdb, I
> expect gdb will automatically validate the stack trace against the shadow stack
> (maybe on a fault), and complain if they go out of sync. Does that sound
> reasonable? Maybe even display where the flow veered off course.

No, we don't plan to validate the stack trace in GDB, as we don't see much
additional value for the user.
In case of a CET violation the user will see a SEGV with CP specific 
si_code = 10 (SEGV_CPERR). Printing siginfo will help to find out the reason for SEGV.
Inspecting the shadow stack and normal bt will show where the traces got out of sync.

> AArch64 will have a counterpart of this, with the Guarded Control Stack (GCS)
> feature, so the more generic we make this, the better.

Would the option's name "-shadow" be suitable for the GCS? I find it difficult to come
up with a more generic name that would cover both.

BR,
Christina
Intel Deutschland GmbH
Registered Address: Am Campeon 10, 85579 Neubiberg, Germany
Tel: +49 89 99 8853-0, www.intel.de <http://www.intel.de>
Managing Directors: Christin Eisenschmid, Sharon Heck, Tiffany Doon Silva  
Chairperson of the Supervisory Board: Nicole Lau
Registered Office: Munich
Commercial Register: Amtsgericht Muenchen HRB 186928

  reply	other threads:[~2023-12-20 15:35 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-12-20  9:42 Schimpe, Christina
2023-12-20 10:59 ` Guinevere Larsen
2023-12-20 15:11   ` Schimpe, Christina
2023-12-20 11:38 ` Luis Machado
2023-12-20 15:35   ` Schimpe, Christina [this message]
2023-12-20 15:57     ` Luis Machado
2023-12-21  4:35       ` Thiago Jung Bauermann
2023-12-21 22:26 ` Shadow stack command to host related subcommands (was Re: Shadow stack backtrace command name) Thiago Jung Bauermann
2024-01-09  8:34   ` Schimpe, Christina
2023-12-23 18:22 ` Shadow stack backtrace command name Tom Tromey
2023-12-28 22:34   ` Thiago Jung Bauermann
2024-01-09 10:21     ` Schimpe, Christina

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=SN7PR11MB7638C8495F97D77793A57EC3F996A@SN7PR11MB7638.namprd11.prod.outlook.com \
    --to=christina.schimpe@intel.com \
    --cc=gdb@sourceware.org \
    --cc=luis.machado@arm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).