Intel Shadow Stack Finally Merged For Linux 6.6

Written by Michael Larabel in Intel on 31 August 2023 at 05:04 PM EDT. 3 Comments
INTEL
The Intel Shadow Stack support that is part of their Control-flow Enforcement Technology (CET) has finally been merged for the Linux 6.6 kernel after it was previously rejected by Linus Torvalds.

For years Intel has been working on CET / Shadow Stack support for Linux for defending against return-oriented programming (ROP) attacks with Tiger Lake processors and newer.

Intel Shadow Stack


Intel engineers had submitted Shadow Stack for Linux 6.4 but then it was ultimately rejected by Linus Torvalds. When reviewing the code, the Linux creator found various issues with it and decided against accepting it for the v6.4 merge window.

Now after the code was cleaned up and further iterated, it was re-submitted for the Linux 6.6 cycle. Intel's Dave Hansen explained in the pull request:
"This is the long awaited x86 shadow stack support. We first sent this your way for 6.4 in a form that was harder to review.

Since then, the main deltas addressed concerns around pte_mkwrite() and the Dirty bit shifting logic. These are mostly unchanged from the v9 version of the patchset in June.

There is one last-minute fix in here to clean up a sparse warnings, but it should not even affect code generation."

Linus Torvalds today decided to merge the Shadow Stack (shstk) code for this merge window. Thus this security feature contributed by Intel for their modern CPUs as well as newer AMD CPUs is ready to go with Linux 6.6+.
3 Comments
Related News
Rework For Intel CPU Model Handling To Land With Linux 6.10
Linux 6.10 Adding Intel Low-Latency Hint To Aggressively Boost GT Frequency For GPU Compute
Intel Releases OpenVINO 2024.1 With More Gen AI & LLM Features
Intel ANV Vulkan Driver Enables VK_KHR_shader_float_controls2
Intel Has Many Improvements For The Xe Graphics Driver In Linux 6.10
Intel Enabling Linux Driver Display Support For Upcoming "Battlemage" GPUs
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Fedora Linux 40 Available For Download As A Wonderful Upgrade
AMD: "Additional Parts Of The Radeon Stack To Be Open Sourced Throughout The Year"
Systemd 256-rc1 Brings A Huge Number Of New Features
NVIDIA Developer Opens Feature Pull Request For Open-Source NVK Driver
GNU Portability Library's Tool Rewritten In Python For 8~100x Better Performance
Microsoft Open-Sources MS-DOS 4.0 Under MIT License
GNOME Working To Make Key Rack A Viable Password Manager, Better Printing For Flatpaks
Ubuntu 24.04 LTS Downloads Now Available