On Tue, 2022-12-27 at 12:42 +0100, Borislav Petkov wrote:
> On Fri, Dec 02, 2022 at 04:35:38PM -0800, Rick Edgecombe wrote:
> > static inline pte_t pte_modify(pte_t pte, pgprot_t newprot)
> > {
> > + pteval_t _page_chg_mask_no_dirty = _PAGE_CHG_MASK &
> > ~_PAGE_DIRTY;
> > pteval_t val = pte_val(pte), oldval = val;
> > + pte_t pte_result;
> >
> > /*
> > * Chop off the NX bit (if present), and add the NX portion
> > of
> > * the newprot (if present):
> > */
> > - val &= _PAGE_CHG_MASK;
> > - val |= check_pgprot(newprot) & ~_PAGE_CHG_MASK;
> > + val &= _page_chg_mask_no_dirty;
> > + val |= check_pgprot(newprot) & ~_page_chg_mask_no_dirty;
> > val = flip_protnone_guard(oldval, val, PTE_PFN_MASK);
> > - return __pte(val);
> > +
> > + pte_result = __pte(val);
> > +
> > + /*
> > + * Dirty bit is not preserved above so it can be done
>
> Just for my own understanding: are you saying here that
> flip_protnone_guard() might end up setting _PAGE_DIRTY in val...
>
> > + * in a special way for the shadow stack case, where it
> > + * needs to set _PAGE_COW. pte_mkcow() will do this in
> > + * the case of shadow stack.
> > + */
> > + if (pte_dirty(pte_result))
> > + pte_result = pte_mkcow(pte_result);
>
> ... and in that case we need to turn it into a _PAGE_COW setting?
>
The comment is referring to the dirty bits possibly coming from
newprot, but looking at it now I think the code was broken trying to
fix the recent soft dirty test breakage. Now it might lose pre-existing
dirty bits in the pte unessarily... I think. I'm temporarily without
access to my test equipment so will have to get back to you on this.
Thanks for flagging that something looks off.
