From: Deepak Gupta <debug@rivosinc.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: rick.p.edgecombe@intel.com, broonie@kernel.org,
linux-mm@kvack.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v1] mm: abstract shadow stack vma behind arch_is_shadow_stack_vma
Date: Wed, 27 Dec 2023 14:20:36 -0800 [thread overview]
Message-ID: <CAKC1njTry42zAkZWq3pAgoe3YFaHN6UcB4i56BDQRxYbTEigRw@mail.gmail.com> (raw)
In-Reply-To: <20231227134514.13629032c39decdf1dddcc75@linux-foundation.org>
On Wed, Dec 27, 2023 at 1:45 PM Andrew Morton <akpm@linux-foundation.org> wrote:
>
> On Fri, 22 Dec 2023 15:51:04 -0800 Deepak Gupta <debug@rivosinc.com> wrote:
>
> > x86 has used VM_SHADOW_STACK (alias to VM_HIGH_ARCH_5) to encode shadow
> > stack VMA. VM_SHADOW_STACK is thus not possible on 32bit. Some arches may
> > need a way to encode shadow stack on 32bit and 64bit both and they may
> > encode this information differently in VMAs.
>
> Is such a patch in the pipeline? Otherwise we're making a change that
> serves no purpose.
Yes I do have patches in the pipeline for riscv.
On riscv, presence of only `VM_WRITE` (i.e. (flags & (VM_READ |
VM_WRITE | VM_EXEC))
== VM_WRITE) would mean a shadow stack.
And yes there would be relevant patches to ensure that existing consumers using
`PROT_WRITE` gets translated to (VM_WRITE | VM_READ)
>
> > This patch changes checks of VM_SHADOW_STACK flag in generic code to call
> > to a function `arch_is_shadow_stack_vma` which will return true if arch
> > supports shadow stack and vma is shadow stack else stub returns false.
> >
> > ...
> >
> > --- a/include/linux/mm.h
> > +++ b/include/linux/mm.h
> > @@ -352,8 +352,21 @@ extern unsigned int kobjsize(const void *objp);
> > * for more details on the guard size.
> > */
> > # define VM_SHADOW_STACK VM_HIGH_ARCH_5
> > +
> > +static inline bool arch_is_shadow_stack_vma(vm_flags_t vm_flags)
> > +{
> > + return (vm_flags & VM_SHADOW_STACK) ? true : false;
> > +}
>
> The naming seems a little wrong. I'd expect it to take a vma* arg.
> Maybe just drop the "_vma"?
Well I did start with taking vma* argument but then realized that
`is_stack_mapping`
only takes vma flags. And in order to change that I would have to
change `vm_stat_account`
and every place it's called.
In the next version I'll either do that or drop `_vma` from the
proposed function name.
>
next prev parent reply other threads:[~2023-12-27 22:20 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-22 23:51 Deepak Gupta
2023-12-27 21:45 ` Andrew Morton
2023-12-27 22:20 ` Deepak Gupta [this message]
2023-12-27 22:24 ` Andrew Morton
2023-12-30 2:30 ` Deepak Gupta
2024-01-02 13:56 ` Mike Rapoport
2024-01-02 18:45 ` Deepak Gupta
2024-01-02 17:50 ` Edgecombe, Rick P
2024-01-02 18:45 ` Deepak Gupta
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAKC1njTry42zAkZWq3pAgoe3YFaHN6UcB4i56BDQRxYbTEigRw@mail.gmail.com \
--to=debug@rivosinc.com \
--cc=akpm@linux-foundation.org \
--cc=broonie@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=rick.p.edgecombe@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox