On 06/07/2018 09:26 AM, Andy Lutomirski wrote:
>>
>> + /*
>> + * Verify X86_PF_SHSTK is within a shadow stack VMA.
>> + * It is always an error if there is a shadow stack
>> + * fault outside a shadow stack VMA.
>> + */
>> + if (error_code & X86_PF_SHSTK) {
>> + if (!(vma->vm_flags & VM_SHSTK))
>> + return 1;
>> + return 0;
>> + }
>> +
> What, if anything, would go wrong without this change? It seems like
> it might be purely an optimization. If so, can you mention that in
> the comment?
This is a fine exercise. I'm curious what it does, too.
But, I really like it being explicit in the end. If we depend on
implicit behavior, I really worry that someone breaks it accidentally.
