Re: [PATCH RFT v8 4/9] fork: Add shadow stack support to clone3()

From: Mark Brown
Date: Fri Aug 16 2024 - 13:07:09 EST

Next message: Jeff Xu: "Re: [PATCH v2 0/6] mm: Optimize mseal checks"
Previous message: Jakub Kicinski: "Re: [PATCH net-next v6 13/14] microchip: lan865x: add driver support for Microchip's LAN865X MAC-PHY"
In reply to: Catalin Marinas: "Re: [PATCH RFT v8 4/9] fork: Add shadow stack support to clone3()"
Next in thread: Jann Horn: "Re: [PATCH RFT v8 4/9] fork: Add shadow stack support to clone3()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Aug 16, 2024 at 04:38:48PM +0100, Catalin Marinas wrote:
> On Fri, Aug 16, 2024 at 02:52:28PM +0000, Edgecombe, Rick P wrote:

> > On the x86 side, we don't have a shadow stack access CMPXCHG. We will have to
> > GUP and do a normal CMPXCHG off of the direct map to handle it fully properly in
> > any case (CLONE_VM or not).

> I guess we could do the same here and for the arm64 gcs_consume_token().
> Basically get_user_page_vma_remote() gives us the page together with the
> vma that you mentioned needs checking. We can then do a cmpxchg directly
> on the page_address(). It's probably faster anyway than doing GUP twice.

There was some complication with get_user_page_vma_remote() while I was
working on an earlier version which meant I didn't use it, though with
adding checking of VMAs perhaps whatever it was isn't such an issue any
more.

Attachment: signature.asc
Description: PGP signature

Next message: Jeff Xu: "Re: [PATCH v2 0/6] mm: Optimize mseal checks"
Previous message: Jakub Kicinski: "Re: [PATCH net-next v6 13/14] microchip: lan865x: add driver support for Microchip's LAN865X MAC-PHY"
In reply to: Catalin Marinas: "Re: [PATCH RFT v8 4/9] fork: Add shadow stack support to clone3()"
Next in thread: Jann Horn: "Re: [PATCH RFT v8 4/9] fork: Add shadow stack support to clone3()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]