korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-12-20 09:34:44 +08:00
Code Issues Packages Projects Releases Wiki Activity
bb3aadf7d4
linux/arch/x86
History
Rick Edgecombe bb3aadf7d4 x86/mm: Start actually marking _PAGE_SAVED_DIRTY 
The recently introduced _PAGE_SAVED_DIRTY should be used instead of the
HW Dirty bit whenever a PTE is Write=0, in order to not inadvertently
create shadow stack PTEs. Update pte_mk*() helpers to do this, and apply
the same changes to pmd and pud. Since there is no x86 version of
pte_mkwrite() to hold this arch specific logic, create one. Add it to
x86/mm/pgtable.c instead of x86/asm/include/pgtable.h as future patches
will require it to live in pgtable.c and it will make the diff easier
for reviewers.

Since CPUs without shadow stack support could create Write=0,Dirty=1
PTEs, only return true for pte_shstk() if the CPU also supports shadow
stack. This will prevent these HW creates PTEs as showing as true for
pte_write().

For pte_modify() this is a bit trickier. It takes a "raw" pgprot_t which
was not necessarily created with any of the existing PTE bit helpers.
That means that it can return a pte_t with Write=0,Dirty=1, a shadow
stack PTE, when it did not intend to create one.

Modify it to also move _PAGE_DIRTY to _PAGE_SAVED_DIRTY. To avoid
creating Write=0,Dirty=1 PTEs, pte_modify() needs to avoid:
1. Marking Write=0 PTEs Dirty=1
2. Marking Dirty=1 PTEs Write=0

The first case cannot happen as the existing behavior of pte_modify() is to
filter out any Dirty bit passed in newprot. Handle the second case by
shifting _PAGE_DIRTY=1 to _PAGE_SAVED_DIRTY=1 if the PTE was write
protected by the pte_modify() call. Apply the same changes to pmd_modify().

Co-developed-by: Yu-cheng Yu <yu-cheng.yu@intel.com>
Signed-off-by: Yu-cheng Yu <yu-cheng.yu@intel.com>
Signed-off-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Acked-by: Mike Rapoport (IBM) <rppt@kernel.org>
Tested-by: Pengfei Xu <pengfei.xu@intel.com>
Tested-by: John Allen <john.allen@amd.com>
Tested-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/all/20230613001108.3040476-13-rick.p.edgecombe%40intel.com
2023-07-11 14:12:19 -07:00
..
boot - Fix a race window where load_unaligned_zeropad() could cause 2023-06-26 16:32:47 -07:00
coco - Some SEV and CC platform helpers cleanup and simplifications now that 2023-06-27 13:26:30 -07:00
configs x86/defconfig: Enable CONFIG_DEBUG_WX=y 2022-09-02 10:41:42 +02:00
crypto This push fixes an alignment crash in x86/aria. 2023-05-29 07:05:49 -04:00
entry - Yosry Ahmed brought back some cgroup v1 stats in OOM logs. 2023-06-28 10:28:11 -07:00
events Perf events changes for v6.5: 2023-06-27 14:43:02 -07:00
hyperv - Some SEV and CC platform helpers cleanup and simplifications now that 2023-06-27 13:26:30 -07:00
ia32 x86/signal/32: Merge native and compat 32-bit signal code 2022-10-19 09:58:49 +02:00
include x86/mm: Start actually marking _PAGE_SAVED_DIRTY 2023-07-11 14:12:19 -07:00
kernel x86/cpufeatures: Add CPU feature flags for shadow stacks 2023-07-11 14:12:18 -07:00
kvm ARM64: 2023-07-03 15:32:22 -07:00
lib Locking changes for v6.5: 2023-06-27 14:14:30 -07:00
math-emu x86/fpu: Include asm/fpu/regset.h 2023-05-18 11:56:18 -07:00
mm x86/mm: Start actually marking _PAGE_SAVED_DIRTY 2023-07-11 14:12:19 -07:00
net bpf: Fix a bpf_jit_dump issue for x86_64 with sysctl bpf_jit_enable. 2023-06-12 16:47:18 +02:00
pci - Address -Wmissing-prototype warnings 2023-06-26 16:43:54 -07:00
platform A single regression fix for x86: 2023-07-01 11:40:01 -07:00
power x86/topology: Remove CPU0 hotplug option 2023-05-15 13:44:49 +02:00
purgatory hardening updates for v6.5-rc1 2023-06-27 21:24:18 -07:00
ras
realmode x86/realmode: Make stack lock work in trampoline_compat() 2023-05-30 14:11:47 +02:00
tools ELF: fix all "Elf" typos 2023-04-08 13:45:37 -07:00
um um: make stub data pages size tweakable 2023-04-20 23:08:43 +02:00
video drm changes for 6.5-rc1: 2023-06-29 11:00:17 -07:00
virt/vmx/tdx
xen mm: Move pte/pmd_mkwrite() callers with no VMA to _novma() 2023-07-11 14:10:57 -07:00
.gitignore
Kbuild
Kconfig x86/shstk: Add Kconfig option for shadow stack 2023-07-11 14:12:18 -07:00
Kconfig.assembler x86/shstk: Add Kconfig option for shadow stack 2023-07-11 14:12:18 -07:00
Kconfig.cpu x86/cpu: Remove X86_FEATURE_NAMES 2023-05-15 20:03:08 +02:00
Kconfig.debug docs: move x86 documentation into Documentation/arch/ 2023-03-30 12:58:51 -06:00
Makefile x86/unwind/orc: Add ELF section with ORC version identifier 2023-06-16 17:17:42 +02:00
Makefile_32.cpu
Makefile.postlink x86/build: Avoid relocation information in final vmlinux 2023-06-14 19:54:40 +02:00
Makefile.um um: Only disable SSE on clang to work around old GCC bugs 2023-04-04 09:57:05 +02:00