On Fri, Dec 02, 2022 at 04:35:51PM -0800, Rick Edgecombe wrote: > The x86 Control-flow Enforcement Technology (CET) feature includes a new > type of memory called shadow stack. This shadow stack memory has some > unusual properties, which requires some core mm changes to function > properly. > > One sharp edge is that PTEs that are both Write=0 and Dirty=1 are > treated as shadow by the CPU, but this combination used to be created by > the kernel on x86. Previous patches have changed the kernel to now avoid > creating these PTEs unless they are for shadow stack memory. In case any > missed corners of the kernel are still creating PTEs like this for > non-shadow stack memory, and to catch any re-introductions of the logic, > warn if any shadow stack PTEs (Write=0, Dirty=1) are found in non-shadow > stack VMAs when they are being zapped. This won't catch transient cases > but should have decent coverage. It will be compiled out when shadow > stack is not configured. > > In order to check if a pte is shadow stack in core mm code, add default > implmentations for pte_shstk() and pmd_shstk(). > > Tested-by: Pengfei Xu <pengfei.xu@xxxxxxxxx> > Tested-by: John Allen <john.allen@xxxxxxx> > Signed-off-by: Rick Edgecombe <rick.p.edgecombe@xxxxxxxxx> Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx> -- Kees Cook