Re: [PATCH v3 09/29] mm: abstract shadow stack vma behind `vma_is_shadow_stack`

From: Deepak Gupta
Date: Thu Apr 04 2024 - 17:39:37 EST

Next message: Isaku Yamahata: "Re: [PATCH v5 07/17] KVM: x86: add fields to struct kvm_arch for CoCo features"
Previous message: Joseph Huang: "Re: [PATCH RFC net-next 00/10] MC Flood disable and snooping"
In reply to: David Hildenbrand: "Re: [PATCH v3 09/29] mm: abstract shadow stack vma behind `vma_is_shadow_stack`"
Next in thread: Deepak Gupta: "[PATCH v3 10/29] riscv/mm : ensure PROT_WRITE leads to VM_READ | VM_WRITE"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Apr 04, 2024 at 09:02:17PM +0200, David Hildenbrand wrote:

On 04.04.24 01:34, Deepak Gupta wrote:

}
- } else if (!(vm_flags & VM_READ)) {
+ } else if (!(vm_flags & VM_READ) && !vma_is_shadow_stack(vm_flags)) {
+ /* reads allowed if its shadow stack vma */
if (!(gup_flags & FOLL_FORCE))
return -EFAULT;
/*

Unless I am missing something, this is not a simple cleanup. It should go into a separate patch with a clearly documented reason for that change.

I tried that here
https://lore.kernel.org/linux-mm/CAKC1njTPBqtsAOn-CWhB+-8FaZ2KWkkz-vRZr7MZq=0yLUdjcQ@xxxxxxxxxxxxxx/T/
But at that time, VM_SHADOW_STACK for riscv meant only VM_WRITE. So I think
there was obvious uneasiness with that part.

Now we have VM_SHADOW_STACK pretty much same for all arches and only 64bit.
I'll try it again as a separate patch.

--
Cheers,

David / dhildenb

Next message: Isaku Yamahata: "Re: [PATCH v5 07/17] KVM: x86: add fields to struct kvm_arch for CoCo features"
Previous message: Joseph Huang: "Re: [PATCH RFC net-next 00/10] MC Flood disable and snooping"
In reply to: David Hildenbrand: "Re: [PATCH v3 09/29] mm: abstract shadow stack vma behind `vma_is_shadow_stack`"
Next in thread: Deepak Gupta: "[PATCH v3 10/29] riscv/mm : ensure PROT_WRITE leads to VM_READ | VM_WRITE"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]