Re: [PATCH v23 15/28] x86/mm: Update maybe_mkwrite() for shadow stack
From: Borislav Petkov <bp@alien8.de>
Date: 2021-03-17 15:57:16
Also in:
linux-arch, linux-doc, linux-mm, lkml
From: Borislav Petkov <bp@alien8.de>
Date: 2021-03-17 15:57:16
Also in:
linux-arch, linux-doc, linux-mm, lkml
On Tue, Mar 16, 2021 at 08:10:41AM -0700, Yu-cheng Yu wrote:
When serving a page fault, maybe_mkwrite() makes a PTE writable if its vma has VM_WRITE. A shadow stack vma has VM_SHSTK. Its PTEs have _PAGE_DIRTY, but not _PAGE_WRITE. In fork(), _PAGE_DIRTY is cleared to effect copy-on-write,
to cause
and in page fault, _PAGE_DIRTY is restored and the shadow stack page is
in the page fault handler...
writable again. Update maybe_mkwrite() by introducing arch_maybe_mkwrite(), which sets _PAGE_DIRTY for a shadow stack PTE. Apply the same changes to maybe_pmd_mkwrite(). Signed-off-by: Yu-cheng Yu <redacted> Reviewed-by: Kees Cook <redacted> --- arch/x86/Kconfig | 4 ++++ arch/x86/mm/pgtable.c | 18 ++++++++++++++++++ include/linux/mm.h | 2 ++ include/linux/pgtable.h | 24 ++++++++++++++++++++++++ mm/huge_memory.c | 2 ++ 5 files changed, 50 insertions(+)
Looks straightforward to me but I guess it needs a mm person's ack.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette