Thread (53 messages) 53 messages, 10 authors, 2019-11-08

Re: [PATCH v8 15/27] mm: Handle shadow stack page fault

From: Yu-cheng Yu <hidden>
Date: 2019-08-14 16:37:03
Also in: linux-arch, linux-doc, linux-mm, lkml

On Tue, 2019-08-13 at 15:55 -0700, Andy Lutomirski wrote:
On Tue, Aug 13, 2019 at 2:02 PM Yu-cheng Yu [off-list ref] wrote:
quoted
When a task does fork(), its shadow stack (SHSTK) must be duplicated
for the child.  This patch implements a flow similar to copy-on-write
of an anonymous page, but for SHSTK.

A SHSTK PTE must be RO and dirty.  This dirty bit requirement is used
to effect the copying.  In copy_one_pte(), clear the dirty bit from a
SHSTK PTE to cause a page fault upon the next SHSTK access.  At that
time, fix the PTE and copy/re-use the page.
Is using VM_SHSTK and special-casing all of this really better than
using a special mapping or other pseudo-file-backed VMA and putting
all the magic in the vm_operations?
A special mapping is cleaner.  However, we also need to exclude normal [RO +
dirty] pages from shadow stack.

Yu-cheng
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help