Received: by 2002:a05:6a10:6744:0:0:0:0 with SMTP id w4csp4069245pxu; Mon, 12 Oct 2020 08:43:09 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwtX+ewJ9HfmzxYu6J1QxfJpx+cvbJ0dbsN6qepkXC3AJkn5KmpKqMQrPm7wZ6gq95lMTlM X-Received: by 2002:aa7:d384:: with SMTP id x4mr15077546edq.105.1602517389128; Mon, 12 Oct 2020 08:43:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1602517389; cv=none; d=google.com; s=arc-20160816; b=xdRR0PA1LH3FrFIK/rmcWhtS6Ai0ceioaeZfacLHTNz49Whgxrpc113lf9AH2mGRJc FltC7ixTsW/GNhsMGoECrCBB+VoZ+6nHOBOG/O5a5pwxeHGPGmTW+4Sr02Y6XFpZhzTE 57qPWzHyWIFLp1LRTu5ZEIXRIdeyvxUEVbp7q6FdgIP+ckb18JP11pPYd6lVLrCylcsN IsLyLLm4Q1s7QIREvBmIfrlxU4A9+rd4KjGRU2Yj7Ek+Wp3proCePCT4Un3t/YGtXj+w 7nrQymPhrob/VvvvtHtS4b1s/yExAUNCIfGLBPLj3p5j3QE39rUJ2n8rLY4R9MNlL/Fx mpRw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :ironport-sdr:ironport-sdr; bh=DD4V5562pTU0t4w1Z1KWVWecWnMviyQ9D4tc68+/EX4=; b=A29e2YK5xQlnFx8wWeeSC5vQsB5J6Uebr5GQJTDYhwijf3k7Mqqkmloyaq7arbIwph omQm0xg4hZMnNVbBDS+H1zAIdRTb8YPkt1JU/ANCK5Sr0UhrK5Lk4Py1T6DSXpZt6zL4 HpinuhGkcV04TxIrpRmCEGHZmvE8E+sMoxz3gxvj9ivtnhX2U4E4LjhHmtwWP5oxjgOp oR09t+YQuxQej/xuxNwbfc0EBPw6aeEgmJjy1D3HP7/srfLOxSd5fh5Rv0IDkTWq4l0x czNf/fV0d9B/dK/YL1bEkcYPUuQmM5cvbQGzMm3Q2HQ5M+HaGr9o1LOrgzLgEGLEMt6G /ZJA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id z23si12477269edx.29.2020.10.12.08.42.46; Mon, 12 Oct 2020 08:43:09 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390591AbgJLPlP (ORCPT + 99 others); Mon, 12 Oct 2020 11:41:15 -0400 Received: from mga05.intel.com ([192.55.52.43]:1378 "EHLO mga05.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390296AbgJLPkH (ORCPT ); Mon, 12 Oct 2020 11:40:07 -0400 IronPort-SDR: 8koNSdEZ5k9Vng1oHlk5CI6+ZUjhHESngJzHFIsTHJD4j0rEeAumFaHmeIcj1DtF3cHBHFVH18 CHXkk5vTJAyw== X-IronPort-AV: E=McAfee;i="6000,8403,9772"; a="250452686" X-IronPort-AV: E=Sophos;i="5.77,367,1596524400"; d="scan'208";a="250452686" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga005.jf.intel.com ([10.7.209.41]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Oct 2020 08:39:53 -0700 IronPort-SDR: wjtrvKbogb9ov3C22unx12prcpqrKjrlTq++kjiHUlzs7pdi1GOxOnN7HVFU/D5KnO3BKYqyM/ 5BogER5dFWIg== X-IronPort-AV: E=Sophos;i="5.77,367,1596524400"; d="scan'208";a="530010871" Received: from yyu32-desk.sc.intel.com ([143.183.136.146]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Oct 2020 08:39:52 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin , Weijiang Yang , Pengfei Xu Cc: Yu-cheng Yu Subject: [PATCH v14 14/26] x86/mm: Update maybe_mkwrite() for shadow stack Date: Mon, 12 Oct 2020 08:38:38 -0700 Message-Id: <20201012153850.26996-15-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20201012153850.26996-1-yu-cheng.yu@intel.com> References: <20201012153850.26996-1-yu-cheng.yu@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Shadow stack memory is writable, but its VMA has VM_SHSTK instead of VM_WRITE. Update maybe_mkwrite() to include the shadow stack. Signed-off-by: Yu-cheng Yu --- arch/x86/Kconfig | 4 ++++ arch/x86/mm/pgtable.c | 18 ++++++++++++++++++ include/linux/mm.h | 2 ++ include/linux/pgtable.h | 24 ++++++++++++++++++++++++ mm/huge_memory.c | 2 ++ 5 files changed, 50 insertions(+) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 415fcc869afc..7578327226e3 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1935,6 +1935,9 @@ config AS_HAS_SHADOW_STACK config X86_CET def_bool n +config ARCH_MAYBE_MKWRITE + def_bool n + config ARCH_HAS_SHADOW_STACK def_bool n @@ -1945,6 +1948,7 @@ config X86_SHADOW_STACK_USER depends on AS_HAS_SHADOW_STACK select ARCH_USES_HIGH_VMA_FLAGS select X86_CET + select ARCH_MAYBE_MKWRITE select ARCH_HAS_SHADOW_STACK help Shadow Stacks provides protection against program stack diff --git a/arch/x86/mm/pgtable.c b/arch/x86/mm/pgtable.c index dfd82f51ba66..a9666b64bc05 100644 --- a/arch/x86/mm/pgtable.c +++ b/arch/x86/mm/pgtable.c @@ -610,6 +610,24 @@ int pmdp_clear_flush_young(struct vm_area_struct *vma, } #endif +#ifdef CONFIG_ARCH_MAYBE_MKWRITE +pte_t arch_maybe_mkwrite(pte_t pte, struct vm_area_struct *vma) +{ + if (likely(vma->vm_flags & VM_SHSTK)) + pte = pte_mkwrite_shstk(pte); + return pte; +} + +#ifdef CONFIG_TRANSPARENT_HUGEPAGE +pmd_t arch_maybe_pmd_mkwrite(pmd_t pmd, struct vm_area_struct *vma) +{ + if (likely(vma->vm_flags & VM_SHSTK)) + pmd = pmd_mkwrite_shstk(pmd); + return pmd; +} +#endif /* CONFIG_TRANSPARENT_HUGEPAGE */ +#endif /* CONFIG_ARCH_MAYBE_MKWRITE */ + /** * reserve_top_address - reserves a hole in the top of kernel address space * @reserve - size of hole to reserve diff --git a/include/linux/mm.h b/include/linux/mm.h index 12be96b061c7..4f6305106feb 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -969,6 +969,8 @@ static inline pte_t maybe_mkwrite(pte_t pte, struct vm_area_struct *vma) { if (likely(vma->vm_flags & VM_WRITE)) pte = pte_mkwrite(pte); + else + pte = arch_maybe_mkwrite(pte, vma); return pte; } diff --git a/include/linux/pgtable.h b/include/linux/pgtable.h index 90654cb63e9e..157f5e726896 100644 --- a/include/linux/pgtable.h +++ b/include/linux/pgtable.h @@ -1356,6 +1356,30 @@ static inline bool arch_has_pfn_modify_check(void) } #endif /* !_HAVE_ARCH_PFN_MODIFY_ALLOWED */ +#ifdef CONFIG_MMU +#ifdef CONFIG_ARCH_MAYBE_MKWRITE +pte_t arch_maybe_mkwrite(pte_t pte, struct vm_area_struct *vma); + +#ifdef CONFIG_TRANSPARENT_HUGEPAGE +pmd_t arch_maybe_pmd_mkwrite(pmd_t pmd, struct vm_area_struct *vma); +#endif /* CONFIG_TRANSPARENT_HUGEPAGE */ + +#else /* !CONFIG_ARCH_MAYBE_MKWRITE */ +static inline pte_t arch_maybe_mkwrite(pte_t pte, struct vm_area_struct *vma) +{ + return pte; +} + +#ifdef CONFIG_TRANSPARENT_HUGEPAGE +static inline pmd_t arch_maybe_pmd_mkwrite(pmd_t pmd, struct vm_area_struct *vma) +{ + return pmd; +} +#endif /* CONFIG_TRANSPARENT_HUGEPAGE */ + +#endif /* CONFIG_ARCH_MAYBE_MKWRITE */ +#endif /* CONFIG_MMU */ + /* * Architecture PAGE_KERNEL_* fallbacks * diff --git a/mm/huge_memory.c b/mm/huge_memory.c index da397779a6d4..01252b00cd06 100644 --- a/mm/huge_memory.c +++ b/mm/huge_memory.c @@ -464,6 +464,8 @@ pmd_t maybe_pmd_mkwrite(pmd_t pmd, struct vm_area_struct *vma) { if (likely(vma->vm_flags & VM_WRITE)) pmd = pmd_mkwrite(pmd); + else + pmd = arch_maybe_pmd_mkwrite(pmd, vma); return pmd; } -- 2.21.0