lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <5669622238aa3092218b82ced6221a244a25dcc3.camel@intel.com>
Date:   Tue, 13 Jun 2023 16:14:29 +0000
From:   "Edgecombe, Rick P" <rick.p.edgecombe@...el.com>
To:     "rppt@...nel.org" <rppt@...nel.org>
CC:     "Schimpe, Christina" <christina.schimpe@...el.com>,
        "Yang, Weijiang" <weijiang.yang@...el.com>,
        "hjl.tools@...il.com" <hjl.tools@...il.com>,
        "x86@...nel.org" <x86@...nel.org>,
        "monstr@...str.eu" <monstr@...str.eu>,
        "dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
        "linux-snps-arc@...ts.infradead.org" 
        <linux-snps-arc@...ts.infradead.org>,
        "Torvalds, Linus" <torvalds@...ux-foundation.org>,
        "kirill.shutemov@...ux.intel.com" <kirill.shutemov@...ux.intel.com>,
        "linux-api@...r.kernel.org" <linux-api@...r.kernel.org>,
        "dinguyen@...nel.org" <dinguyen@...nel.org>,
        "rdunlap@...radead.org" <rdunlap@...radead.org>,
        "tglx@...utronix.de" <tglx@...utronix.de>,
        "sparclinux@...r.kernel.org" <sparclinux@...r.kernel.org>,
        "arnd@...db.de" <arnd@...db.de>,
        "linux-ia64@...r.kernel.org" <linux-ia64@...r.kernel.org>,
        "Lutomirski, Andy" <luto@...nel.org>,
        "szabolcs.nagy@....com" <szabolcs.nagy@....com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "linux-parisc@...r.kernel.org" <linux-parisc@...r.kernel.org>,
        "akpm@...ux-foundation.org" <akpm@...ux-foundation.org>,
        "pavel@....cz" <pavel@....cz>,
        "keescook@...omium.org" <keescook@...omium.org>,
        "linuxppc-dev@...ts.ozlabs.org" <linuxppc-dev@...ts.ozlabs.org>,
        "gorcunov@...il.com" <gorcunov@...il.com>,
        "andrew.cooper3@...rix.com" <andrew.cooper3@...rix.com>,
        "david@...hat.com" <david@...hat.com>,
        "hpa@...or.com" <hpa@...or.com>,
        "loongarch@...ts.linux.dev" <loongarch@...ts.linux.dev>,
        "peterz@...radead.org" <peterz@...radead.org>,
        "linux-sh@...r.kernel.org" <linux-sh@...r.kernel.org>,
        "nadav.amit@...il.com" <nadav.amit@...il.com>,
        "broonie@...nel.org" <broonie@...nel.org>,
        "linux-m68k@...ts.linux-m68k.org" <linux-m68k@...ts.linux-m68k.org>,
        "linux-doc@...r.kernel.org" <linux-doc@...r.kernel.org>,
        "openrisc@...ts.librecores.org" <openrisc@...ts.librecores.org>,
        "jamorris@...ux.microsoft.com" <jamorris@...ux.microsoft.com>,
        "mike.kravetz@...cle.com" <mike.kravetz@...cle.com>,
        "debug@...osinc.com" <debug@...osinc.com>,
        "fweimer@...hat.com" <fweimer@...hat.com>,
        "kcc@...gle.com" <kcc@...gle.com>,
        "linux-arch@...r.kernel.org" <linux-arch@...r.kernel.org>,
        "mingo@...hat.com" <mingo@...hat.com>,
        "linux-csky@...r.kernel.org" <linux-csky@...r.kernel.org>,
        "linux-mips@...r.kernel.org" <linux-mips@...r.kernel.org>,
        "john.allen@....com" <john.allen@....com>,
        "Eranian, Stephane" <eranian@...gle.com>,
        "bsingharora@...il.com" <bsingharora@...il.com>,
        "linux-alpha@...r.kernel.org" <linux-alpha@...r.kernel.org>,
        "linux-s390@...r.kernel.org" <linux-s390@...r.kernel.org>,
        "linux-riscv@...ts.infradead.org" <linux-riscv@...ts.infradead.org>,
        "linux-um@...ts.infradead.org" <linux-um@...ts.infradead.org>,
        "linux-arm-kernel@...ts.infradead.org" 
        <linux-arm-kernel@...ts.infradead.org>,
        "torvalds@...uxfoundation.org" <torvalds@...uxfoundation.org>,
        "bp@...en8.de" <bp@...en8.de>, "corbet@....net" <corbet@....net>,
        "linux-hexagon@...r.kernel.org" <linux-hexagon@...r.kernel.org>,
        "dethoma@...rosoft.com" <dethoma@...rosoft.com>,
        "jannh@...gle.com" <jannh@...gle.com>,
        "Syromiatnikov, Eugene" <esyr@...hat.com>,
        "oleg@...hat.com" <oleg@...hat.com>,
        "linux-mm@...ck.org" <linux-mm@...ck.org>
Subject: Re: [PATCH v9 01/42] mm: Rename arch pte_mkwrite()'s to
 pte_mkwrite_novma()

On Tue, 2023-06-13 at 10:43 +0300, Mike Rapoport wrote:
> On Mon, Jun 12, 2023 at 05:10:27PM -0700, Rick Edgecombe wrote:
> > The x86 Shadow stack feature includes a new type of memory called
> > shadow
> > stack. This shadow stack memory has some unusual properties, which
> > requires
> > some core mm changes to function properly.
> > 
> > One of these unusual properties is that shadow stack memory is
> > writable,
> > but only in limited ways. These limits are applied via a specific
> > PTE
> > bit combination. Nevertheless, the memory is writable, and core mm
> > code
> > will need to apply the writable permissions in the typical paths
> > that
> > call pte_mkwrite(). Future patches will make pte_mkwrite() take a
> > VMA, so
> > that the x86 implementation of it can know whether to create
> > regular
> > writable memory or shadow stack memory.
> 
> Nit:                            ^ mapping?

Hmm, sure.

> 
> > But there are a couple of challenges to this. Modifying the
> > signatures of
> > each arch pte_mkwrite() implementation would be error prone because
> > some
> > are generated with macros and would need to be re-implemented.
> > Also, some
> > pte_mkwrite() callers operate on kernel memory without a VMA.
> > 
> > So this can be done in a three step process. First pte_mkwrite()
> > can be
> > renamed to pte_mkwrite_novma() in each arch, with a generic
> > pte_mkwrite()
> > added that just calls pte_mkwrite_novma(). Next callers without a
> > VMA can
> > be moved to pte_mkwrite_novma(). And lastly, pte_mkwrite() and all
> > callers
> > can be changed to take/pass a VMA.
> > 
> > Start the process by renaming pte_mkwrite() to pte_mkwrite_novma()
> > and
> > adding the pte_mkwrite() wrapper in linux/pgtable.h. Apply the same
> > pattern for pmd_mkwrite(). Since not all archs have a
> > pmd_mkwrite_novma(),
> > create a new arch config HAS_HUGE_PAGE that can be used to tell if
> > pmd_mkwrite() should be defined. Otherwise in the !HAS_HUGE_PAGE
> > cases the
> > compiler would not be able to find pmd_mkwrite_novma().
> > 
> > No functional change.
> > 
> > Cc: linux-doc@...r.kernel.org
> > Cc: linux-kernel@...r.kernel.org
> > Cc: linux-alpha@...r.kernel.org
> > Cc: linux-snps-arc@...ts.infradead.org
> > Cc: linux-arm-kernel@...ts.infradead.org
> > Cc: linux-csky@...r.kernel.org
> > Cc: linux-hexagon@...r.kernel.org
> > Cc: linux-ia64@...r.kernel.org
> > Cc: loongarch@...ts.linux.dev
> > Cc: linux-m68k@...ts.linux-m68k.org
> > Cc: Michal Simek <monstr@...str.eu>
> > Cc: Dinh Nguyen <dinguyen@...nel.org>
> > Cc: linux-mips@...r.kernel.org
> > Cc: openrisc@...ts.librecores.org
> > Cc: linux-parisc@...r.kernel.org
> > Cc: linuxppc-dev@...ts.ozlabs.org
> > Cc: linux-riscv@...ts.infradead.org
> > Cc: linux-s390@...r.kernel.org
> > Cc: linux-sh@...r.kernel.org
> > Cc: sparclinux@...r.kernel.org
> > Cc: linux-um@...ts.infradead.org
> > Cc: linux-arch@...r.kernel.org
> > Cc: linux-mm@...ck.org
> > Suggested-by: Linus Torvalds <torvalds@...uxfoundation.org>
> > Signed-off-by: Rick Edgecombe <rick.p.edgecombe@...el.com>
> > Link:
> > https://lore.kernel.org/lkml/CAHk-=wiZjSu7c9sFYZb3q04108stgHff2wfbokGCCgW7riz+8Q@mail.gmail.com/
> 
> Reviewed-by: Mike Rapoport (IBM) <rppt@...nel.org>

Thanks!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ