Re: [RFC PATCH v9 14/27] mm: Handle Shadow Stack page fault

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2020-02-25 at 12:20 -0800, Kees Cook wrote:
> On Wed, Feb 05, 2020 at 10:19:22AM -0800, Yu-cheng Yu wrote:
> > When a task does fork(), its Shadow Stack (SHSTK) must be duplicated for
> > the child.  This patch implements a flow similar to copy-on-write of an
> > anonymous page, but for SHSTK.
> > 
> > A SHSTK PTE must be RO and Dirty.  This Dirty bit requirement is used to
> > effect the copying.  In copy_one_pte(), clear the Dirty bit from a SHSTK
> > PTE to cause a page fault upon the next SHSTK access.  At that time, fix
> > the PTE and copy/re-use the page.
> 
> Just to confirm, during the fork, it's really not a SHSTK for a moment
> (it's still RO, but not dirty). Can other racing threads muck this up,
> or is this bit removed only on the copied side?

In [RFC PATCH v9 12/27] x86/mm: Modify ptep_set_wrprotect and
pmdp_set_wrprotect for _PAGE_DIRTY_SW, _PAGE_DIRTY_HW is changed to
_PAGE_DIRTY_SW with cmpxchg.  That prevents racing.

The hw dirty bit is removed from the original copy first.  The next shadow
stack access to the page causes copying.  The copied page gets the hw dirty
bit again.

Yu-cheng




[Index of Archives]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Linux FS]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]     [Linux Resources]

  Powered by Linux