Re: [PATCH v20 07/25] x86/mm: Remove _PAGE_DIRTY from kernel RO pages

From: Kees Cook
Date: Wed Feb 10 2021 - 14:37:22 EST

Next message: Kees Cook: "Re: [PATCH v20 06/25] x86/cet: Add control-protection fault handler"
Previous message: Mike Snitzer: "Re: [PATCH v4 0/5] add support for inline encryption to device mapper"
In reply to: Yu-cheng Yu: "[PATCH v20 07/25] x86/mm: Remove _PAGE_DIRTY from kernel RO pages"
Next in thread: Yu-cheng Yu: "[PATCH v20 02/25] x86/cet/shstk: Add Kconfig option for user-mode control-flow protection"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Feb 10, 2021 at 09:56:45AM -0800, Yu-cheng Yu wrote:
> The x86 family of processors do not directly create read-only and Dirty
> PTEs. These PTEs are created by software. One such case is that kernel
> read-only pages are historically setup as Dirty.
>
> New processors that support Shadow Stack regard read-only and Dirty PTEs as
> shadow stack pages. This results in ambiguity between shadow stack and
> kernel read-only pages. To resolve this, removed Dirty from kernel read-
> only pages.
>
> Signed-off-by: Yu-cheng Yu <yu-cheng.yu@xxxxxxxxx>

Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>

--
Kees Cook

Next message: Kees Cook: "Re: [PATCH v20 06/25] x86/cet: Add control-protection fault handler"
Previous message: Mike Snitzer: "Re: [PATCH v4 0/5] add support for inline encryption to device mapper"
In reply to: Yu-cheng Yu: "[PATCH v20 07/25] x86/mm: Remove _PAGE_DIRTY from kernel RO pages"
Next in thread: Yu-cheng Yu: "[PATCH v20 02/25] x86/cet/shstk: Add Kconfig option for user-mode control-flow protection"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]