On Tue, 2023-02-21 at 09:48 +0100, David Hildenbrand wrote:

On 18.02.23 22:14, Rick Edgecombe wrote:

quoted

Add a simple selftest for exercising some shadow stack behavior:
   - map_shadow_stack syscall and pivot
   - Faulting in shadow stack memory
   - Handling shadow stack violations
   - GUP of shadow stack memory
   - mprotect() of shadow stack memory
   - Userfaultfd on shadow stack memory

Since this test exercises a recently added syscall manually, it
needs
to find the automatically created __NR_foo defines. Per the
selftest
documentation, KHDR_INCLUDES can be used to help the selftest
Makefile's
find the headers from the kernel source. This way the new selftest
can
be built inside the kernel source tree without installing the
headers
to the system. So also add KHDR_INCLUDES as described in the
selftest
docs, to facilitate this.

Tested-by: Pengfei Xu <redacted>
Tested-by: John Allen <john.allen@amd.com>
Co-developed-by: Yu-cheng Yu <redacted>
Signed-off-by: Yu-cheng Yu <redacted>
Signed-off-by: Rick Edgecombe <rick.p.edgecombe@intel.com>

---

[...]

quoted

+bool gup_write(void *ptr)
+{
+     unsigned long val;
+
+     lseek(fd, (unsigned long)ptr, SEEK_SET);
+     if (write(fd, &val, sizeof(val)) < 0)
+             return 1;

/proc/self/mem is for debug/ptrace access (FOLL_FORCE). I think you 
might also want to add tests for ordinary GUP, checking that we fail
to 
obtain a write pin -- and call these tests "gup_ptrace_read" / 
"gup_ptrace_write"

Yes, this only tests the FOLL_FORCE case, but it does exercise GUP.

An simple approach would be to trigger a read()/write() on a file
opened 
via O_DIRECT, using the shadow stack as buffer. While the write() 
[reading from the page] is expected to work, a read() [writing to
the 
page] has to fail.

Hmm, good idea. This would be nice to add.