Thread (123 messages) 123 messages, 12 authors, 2018-08-14

Re: [RFC PATCH v2 15/27] mm/mprotect: Prevent mprotect from changing shadow stack

From: Dave Hansen <dave.hansen@linux.intel.com>
Date: 2018-07-10 23:10:12
Also in: linux-arch, linux-doc, linux-mm, lkml 

On 07/10/2018 03:26 PM, Yu-cheng Yu wrote:
Signed-off-by: Yu-cheng Yu <redacted>
This still needs a changelog, even if you think it's simple.
quoted hunk ↗ jump to hunk
--- a/mm/mprotect.c
+++ b/mm/mprotect.c
@@ -446,6 +446,15 @@ static int do_mprotect_pkey(unsigned long start, size_t len,
 	error = -ENOMEM;
 	if (!vma)
 		goto out;
+
+	/*
+	 * Do not allow changing shadow stack memory.
+	 */
+	if (vma->vm_flags & VM_SHSTK) {
+		error = -EINVAL;
+		goto out;
+	}
+
I think this is a _bit_ draconian.  Why shouldn't we be able to use
protection keys with a shadow stack?  Or, set it to PROT_NONE?
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help