On Tue, 2018-07-10 at 16:37 -0700, Dave Hansen wrote: > On 07/10/2018 03:26 PM, Yu-cheng Yu wrote: > > > > There are three possible shadow stack PTE settings: > > > > Normal SHSTK PTE: (R/O + DIRTY_HW) > > SHSTK PTE COW'ed: (R/O + DIRTY_HW) > > SHSTK PTE shared as R/O data: (R/O + DIRTY_SW) > > > > Update can_follow_write_pte/pmd for the shadow stack. > First of all, thanks for the excellent patch headers. It's nice to > have > that reference every time even though it's repeated. > > > > > -static inline bool can_follow_write_pte(pte_t pte, unsigned int > > flags) > > +static inline bool can_follow_write_pte(pte_t pte, unsigned int > > flags, > > + bool shstk) > > { > > + bool pte_cowed = shstk ? is_shstk_pte(pte):pte_dirty(pte); > > + > > return pte_write(pte) || > > - ((flags & FOLL_FORCE) && (flags & FOLL_COW) && > > pte_dirty(pte)); > > + ((flags & FOLL_FORCE) && (flags & FOLL_COW) && > > pte_cowed); > > } > Can we just pass the VMA in here? This use is OK-ish, but I > generally > detest true/false function arguments because you can't tell what they > are when they show up without a named variable. > > But... Why does this even matter? Your own example showed that all > shadowstack PTEs have either DIRTY_HW or DIRTY_SW set, and > pte_dirty() > checks both. > > That makes this check seem a bit superfluous. My understanding is that we don't want to follow write pte if the page is shared as read-only. For a SHSTK page, that is (R/O + DIRTY_SW), which means the SHSTK page has not been COW'ed. Is that right? Thanks, Yu-cheng -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html