On Wed, Feb 03, 2021 at 02:55:36PM -0800, Yu-cheng Yu wrote: > When serving a page fault, maybe_mkwrite() makes a PTE writable if its vma > has VM_WRITE. > > A shadow stack vma has VM_SHSTK. Its PTEs have _PAGE_DIRTY, but not > _PAGE_WRITE. In fork(), _PAGE_DIRTY is cleared to effect copy-on-write, > and in page fault, _PAGE_DIRTY is restored and the shadow stack page is > writable again. > > Update maybe_mkwrite() by introducing arch_maybe_mkwrite(), which sets > _PAGE_DIRTY for a shadow stack PTE. > > Apply the same changes to maybe_pmd_mkwrite(). > > Signed-off-by: Yu-cheng Yu <yu-cheng.yu@xxxxxxxxx> Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx> -- Kees Cook
