On Tue, 2023-06-13 at 10:43 +0300, Mike Rapoport wrote: > On Mon, Jun 12, 2023 at 05:10:27PM -0700, Rick Edgecombe wrote: > > The x86 Shadow stack feature includes a new type of memory called > > shadow > > stack. This shadow stack memory has some unusual properties, which > > requires > > some core mm changes to function properly. > > > > One of these unusual properties is that shadow stack memory is > > writable, > > but only in limited ways. These limits are applied via a specific > > PTE > > bit combination. Nevertheless, the memory is writable, and core mm > > code > > will need to apply the writable permissions in the typical paths > > that > > call pte_mkwrite(). Future patches will make pte_mkwrite() take a > > VMA, so > > that the x86 implementation of it can know whether to create > > regular > > writable memory or shadow stack memory. > > Nit: ^ mapping? Hmm, sure. > > > But there are a couple of challenges to this. Modifying the > > signatures of > > each arch pte_mkwrite() implementation would be error prone because > > some > > are generated with macros and would need to be re-implemented. > > Also, some > > pte_mkwrite() callers operate on kernel memory without a VMA. > > > > So this can be done in a three step process. First pte_mkwrite() > > can be > > renamed to pte_mkwrite_novma() in each arch, with a generic > > pte_mkwrite() > > added that just calls pte_mkwrite_novma(). Next callers without a > > VMA can > > be moved to pte_mkwrite_novma(). And lastly, pte_mkwrite() and all > > callers > > can be changed to take/pass a VMA. > > > > Start the process by renaming pte_mkwrite() to pte_mkwrite_novma() > > and > > adding the pte_mkwrite() wrapper in linux/pgtable.h. Apply the same > > pattern for pmd_mkwrite(). Since not all archs have a > > pmd_mkwrite_novma(), > > create a new arch config HAS_HUGE_PAGE that can be used to tell if > > pmd_mkwrite() should be defined. Otherwise in the !HAS_HUGE_PAGE > > cases the > > compiler would not be able to find pmd_mkwrite_novma(). > > > > No functional change. > > > > Cc: linux-doc@xxxxxxxxxxxxxxx > > Cc: linux-kernel@xxxxxxxxxxxxxxx > > Cc: linux-alpha@xxxxxxxxxxxxxxx > > Cc: linux-snps-arc@xxxxxxxxxxxxxxxxxxx > > Cc: linux-arm-kernel@xxxxxxxxxxxxxxxxxxx > > Cc: linux-csky@xxxxxxxxxxxxxxx > > Cc: linux-hexagon@xxxxxxxxxxxxxxx > > Cc: linux-ia64@xxxxxxxxxxxxxxx > > Cc: loongarch@xxxxxxxxxxxxxxx > > Cc: linux-m68k@xxxxxxxxxxxxxxxxxxxx > > Cc: Michal Simek <monstr@xxxxxxxxx> > > Cc: Dinh Nguyen <dinguyen@xxxxxxxxxx> > > Cc: linux-mips@xxxxxxxxxxxxxxx > > Cc: openrisc@xxxxxxxxxxxxxxxxxxxx > > Cc: linux-parisc@xxxxxxxxxxxxxxx > > Cc: linuxppc-dev@xxxxxxxxxxxxxxxx > > Cc: linux-riscv@xxxxxxxxxxxxxxxxxxx > > Cc: linux-s390@xxxxxxxxxxxxxxx > > Cc: linux-sh@xxxxxxxxxxxxxxx > > Cc: sparclinux@xxxxxxxxxxxxxxx > > Cc: linux-um@xxxxxxxxxxxxxxxxxxx > > Cc: linux-arch@xxxxxxxxxxxxxxx > > Cc: linux-mm@xxxxxxxxx > > Suggested-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxx> > > Signed-off-by: Rick Edgecombe <rick.p.edgecombe@xxxxxxxxx> > > Link: > > https://lore.kernel.org/lkml/CAHk-=wiZjSu7c9sFYZb3q04108stgHff2wfbokGCCgW7riz+8Q@xxxxxxxxxxxxxx/ > > Reviewed-by: Mike Rapoport (IBM) <rppt@xxxxxxxxxx> Thanks!
