On Wed, 2022-10-05 at 02:17 +0000, Andrew Cooper wrote: > (flags & PSE|RW|D) == PSE|D; > > R/O+D can exist higher in the paging structures and does not convey > type=shstk-ness to later stages of the walk. Hmm, yes. I guess it would be more correct to check if it's a leaf as well. > > > However, there is a further complication which is bound rear its head > sooner or later, and warrants discussing. > > type=shstk isn't actually only R/O+D on the leaf PTE; its also R/W on > the accumulated access rights on non-leaf PTEs. > > Specifically, if you clear the RW bit on any higher level in the > pagetable, then everything mapped by that PTE ceases to be of type > shstk, even if the leaf has the R/O+D bit combination. > > This is allegedly a feature for the database folks, where they can > create R/O and R/W aliases of the same memory, sharing intermediate > pagetables, where the R/W alias will set D bits per usual and the R/O > alias needs not to transmogrify itself into a shadow stack. Thanks, I somehow missed this corner of the architecture. It looks like this is not an issue for Linux at the moment because non-leaf PTEs should have Write=1. I guess we need to keep this in mind if we ever have Write=0 upper level PTEs though. Maybe a comment around _PAGE_TABLE would be useful.
