Re: [PATCH v2 22/39] mm: Don't allow write GUPs to shadow stack memory
From: Dave Hansen
Date: Fri Sep 30 2022 - 16:38:05 EST
On 9/30/22 13:30, Edgecombe, Rick P wrote:
> On Fri, 2022-09-30 at 12:16 -0700, Dave Hansen wrote:
>> On 9/29/22 15:29, Rick Edgecombe wrote:
>>> @@ -1633,6 +1633,9 @@ static inline bool
>>> __pte_access_permitted(unsigned long pteval, bool write)
>>> {
>>> unsigned long need_pte_bits = _PAGE_PRESENT|_PAGE_USER;
>>>
>>> + if (write && (pteval & (_PAGE_RW | _PAGE_DIRTY)) ==
>>> _PAGE_DIRTY)
>>> + return 0;
>> Do we not have a helper for this? Seems a bit messy to open-code
>> these
>> shadow-stack permissions. Definitely at least needs a comment.
> It's because pteval is an unsigned long. We could create a pte_t, and
> use the helpers, but then we would be using pte_foo() on pmd's, etc. So
> probably comment is the better option?
Yeah, a comment is probably best.
This is one of those "generic" page table functions that doesn't work
well with the p{te,md,ud}_* types. It's either this or cast over to a
pteval_t for pmd/pud and pretend this is a pte-only function.