On Thu, Jan 19, 2023 at 01:22:49PM -0800, Rick Edgecombe wrote: > From: Yu-cheng Yu <yu-cheng.yu@xxxxxxxxx> > > The Write=0,Dirty=1 PTE has been used to indicate copy-on-write pages. > However, newer x86 processors also regard a Write=0,Dirty=1 PTE as a > shadow stack page. In order to separate the two, the software-defined > _PAGE_DIRTY is changed to _PAGE_COW for the copy-on-write case, and > pte_*() are updated to do this. > > pte_modify() takes a "raw" pgprot_t which was not necessarily created > with any of the existing PTE bit helpers. That means that it can return a > pte_t with Write=0,Dirty=1, a shadow stack PTE, when it did not intend to > create one. > > However pte_modify() changes a PTE to 'newprot', but it doesn't use the > pte_*(). Modify it to also move _PAGE_DIRTY to _PAGE_COW. Do this by > using the pte_mkdirty() helper. Since pte_mkdirty() also sets the soft > dirty bit, extract a helper that optionally doesn't set > _PAGE_SOFT_DIRTY. This helper will allow future logic for deciding when to > move _PAGE_DIRTY to _PAGE_COW can live in one place. > > Apply the same changes to pmd_modify(). > > Tested-by: Pengfei Xu <pengfei.xu@xxxxxxxxx> > Tested-by: John Allen <john.allen@xxxxxxx> > Signed-off-by: Yu-cheng Yu <yu-cheng.yu@xxxxxxxxx> Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx> -- Kees Cook
