From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4BC0AC7618A for ; Mon, 20 Mar 2023 10:56:07 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E0C206B007B; Mon, 20 Mar 2023 06:56:06 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id DBBFD6B007D; Mon, 20 Mar 2023 06:56:06 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C5D956B007E; Mon, 20 Mar 2023 06:56:06 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id B86EF6B007B for ; Mon, 20 Mar 2023 06:56:06 -0400 (EDT) Received: from smtpin06.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 7D3DEAAC91 for ; Mon, 20 Mar 2023 10:56:06 +0000 (UTC) X-FDA: 80588971932.06.C483E53 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by imf01.hostedemail.com (Postfix) with ESMTP id 5310E40013 for ; Mon, 20 Mar 2023 10:56:04 +0000 (UTC) Authentication-Results: imf01.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=YqOfT8Qg; spf=pass (imf01.hostedemail.com: domain of david@redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=david@redhat.com; dmarc=pass (policy=none) header.from=redhat.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1679309764; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Uev/6TIR5F3PclO8PFZRAwXYZNKhyqQFBI+8u5UniWw=; b=HcPplPiIGO9od8khsRoE5B27oqiAp+pRCHFzUSAwg8Fxanq8b+0DH4o5oXvyRTL1WY8y6i tWpxEcqs9D1yaAPvnlJyDFds/KqYzdMyOZISZJ+Z/woXQUy+8AMw9cHaUmgkIE5cwZnscM BobRK4LwNkiMGc1w+4xicZbnwGlkBVE= ARC-Authentication-Results: i=1; imf01.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=YqOfT8Qg; spf=pass (imf01.hostedemail.com: domain of david@redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=david@redhat.com; dmarc=pass (policy=none) header.from=redhat.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1679309764; a=rsa-sha256; cv=none; b=oCN7yN3S4oP2vDeJhFLvIZxkMsTSPEnuEY63Z7XlU3L363vM/qRkC3rmO57qTZvFPm0q6y zs7CFkcl229PgE4xhKStjDg1qWtzAPAqsjUlaiJ9vD2ctSzVbWSiLlA9lQbTIrMyyasX4p jZFPBM65ljZjJDJMB4Zx+5PDiVMuXKE= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1679309763; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Uev/6TIR5F3PclO8PFZRAwXYZNKhyqQFBI+8u5UniWw=; b=YqOfT8QgWqlRTD52936zGnWQaEhQ6o4/H/RxLYTvZfR6wmqUHBFW5zxcid+HsJQzEkogJ3 fdSto1nYaYeBPejekD5bJ88FK9+voWRYSgryEupVj2mJ6gGsyC8YI93Vh11UV4GIy/+FqQ /gzmwKk5LoqreEbtNFOXiooHLHkg3fs= Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com [209.85.128.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-609-sMF47kWvN2K5-kCv8kb6ug-1; Mon, 20 Mar 2023 06:56:02 -0400 X-MC-Unique: sMF47kWvN2K5-kCv8kb6ug-1 Received: by mail-wm1-f72.google.com with SMTP id l18-20020a05600c4f1200b003ed35ab903aso7843515wmq.6 for ; Mon, 20 Mar 2023 03:56:02 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1679309761; h=content-transfer-encoding:in-reply-to:organization:from:references :cc:to:content-language:subject:user-agent:mime-version:date :message-id:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Uev/6TIR5F3PclO8PFZRAwXYZNKhyqQFBI+8u5UniWw=; b=hyWkKPUhVhnb2DPRWeetCyaLstQEd0egdL/2Lbc4k6mmUII4oBR+MECHTc91f0v+pB zQ1EYFf2tTTZ0rZ9J95Ex/ox3dI/dHV2oiSTLeW77hdGdrS8fXJJWUiS7wz1K/CNUZ+K Xd0dGAudoEdSuIsaO6SI1SSlMs5gN1Cp4cx8ptN1hIIfzBV6wRQXz5FxUTouCyqIEtgP /WYo108O0aqL8dBIunoVD1a1y8jxBLGkJMb2SMHntosadpQPGWb7t42vgAo2nW8C70sX YPs6U/FsfPjg/S86ctPT0qdiQOpgFY+ncpOvMgUlA/B5RLLT8IA8hOQZbeQ4ZS5xJnVR DU3g== X-Gm-Message-State: AO0yUKVkRH3xzP+C9WjZjRCyDLdmGFqZIpkx80WTlgUYMVxGmGYlFurY EovelPtmWUHhIzjQVgTB1mTZF92iHVAygs0+b7b0zsWVV/ly/9m9jqCh+cSYcTLKBJ11HrPxR1+ Z7NJcQJpzTSw= X-Received: by 2002:adf:e489:0:b0:2cf:f04b:fb24 with SMTP id i9-20020adfe489000000b002cff04bfb24mr5824069wrm.37.1679309761549; Mon, 20 Mar 2023 03:56:01 -0700 (PDT) X-Google-Smtp-Source: AK7set8WX92KehpQIBsLhcgUmkTOLAy5Ruvm0+sHAsLPZBEH3a+gBm5GFUVie1BNgZZNDNfEQFrU3w== X-Received: by 2002:adf:e489:0:b0:2cf:f04b:fb24 with SMTP id i9-20020adfe489000000b002cff04bfb24mr5824021wrm.37.1679309761182; Mon, 20 Mar 2023 03:56:01 -0700 (PDT) Received: from ?IPV6:2003:cb:c702:4100:a064:1ded:25ec:cf2f? (p200300cbc7024100a0641ded25eccf2f.dip0.t-ipconnect.de. [2003:cb:c702:4100:a064:1ded:25ec:cf2f]) by smtp.gmail.com with ESMTPSA id b9-20020a05600010c900b002c7163660a9sm8595635wrx.105.2023.03.20.03.55.59 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 20 Mar 2023 03:56:00 -0700 (PDT) Message-ID: Date: Mon, 20 Mar 2023 11:55:58 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.8.0 Subject: Re: [PATCH v8 18/40] mm: Introduce VM_SHADOW_STACK for shadow stack memory To: Rick Edgecombe , x86@kernel.org, "H . Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H . J . Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , Weijiang Yang , "Kirill A . Shutemov" , John Allen , kcc@google.com, eranian@google.com, rppt@kernel.org, jamorris@linux.microsoft.com, dethoma@microsoft.com, akpm@linux-foundation.org, Andrew.Cooper3@citrix.com, christina.schimpe@intel.com, debug@rivosinc.com, szabolcs.nagy@arm.com Cc: Yu-cheng Yu References: <20230319001535.23210-1-rick.p.edgecombe@intel.com> <20230319001535.23210-19-rick.p.edgecombe@intel.com> From: David Hildenbrand Organization: Red Hat In-Reply-To: <20230319001535.23210-19-rick.p.edgecombe@intel.com> X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: 5310E40013 X-Stat-Signature: 8bp74ac1dkkttcycy4kxdn7qt6u447e3 X-Rspam-User: X-HE-Tag: 1679309764-938764 X-HE-Meta: U2FsdGVkX18mjsjcJGAE2eZbIEEf3cCFDw4UZteHSRk3n2iNRWI5cBYGDfKPfNP19Ue92HREU45WbKGwx710T6rh4mRDVTy0yz2+7wqJdU8RjIgC8SLBlhc2ndHupRUqKei5W1Q4ULLX8Eck95LRMj+f85edTXIggy6dmmBrwFfmI1NngIKJUeXiW5erRFN80gmrj3FweyRP+osgYTBv0+8g+SDDvjYJmRUIEFKXK9UVm8nu8pogMYcaOnZEGxssI6tBMXXrpxNG4DROSmrKusxpENENsDgnevNqL6hi/rSqUVxAzWMFz5KgtKCv81HKvqAbvSgoLEXGKPF8ZxgwYqdUyhq4hN2uNF1pVAzChvyHQNVGMc+aZiu+NS2MbPoCq8tq88fPS8G0K+jLKATZuW6hZXf2YP2OqawhHJakOAFGJ6ZhLl68S3bqjOIl7ot7wkd2DP5U7jaPKNxpaI5tCPsYV2EyOUnHRdTts258z/iGnv4OtORJ3ivcZKwtkMxwyd098Esz/9xsb6HBBMNoPwT/+PeCXL6TSF2IKNr1NR6KCplKCsS8Fx4NnCJsnjot4PE6qJOz2m5Q2+ryzoWK3OfS0G5CYQ0+epCxy+VdAK7aD4BB1we8agz+AybH1657AJ7nhlcrue1o/9o6U4jhHJGZqLab0R7df2y/0h8nvLV8A9+Vw2wDBc0tMqFWWh4biEymjzzAAyDFMuNisuC470lc3euMynrNh/1fHGka5EPeuhFD1UPhOCospFwDA7NcFhQ+dM5q71ZmaBxxBF8yo8va2Dexfb3KZ7NWsdM7q/129+8XUuJauTW6Z4SdM4QEQkG+Jsb3J17Uj9f1OFUvRDxtGY5dTqueQHFpWX1VnfvjnXj1HXFeLkkEzF6pGM3Pc7N5XO4jCnCBn2+If4jhu7Aek7uAwCe+JllDCL/bEvxt3GVs5RXCVQGPQ5FvJrNbByjTJqyIEBj4ViI61yD QEPYaYvd WiXhXW9IfygtaApwTaIfhTkNDRGn9kbD/0HSrbHIR7aJqBlPuJmKKlVA2EOs5mZznEVXpzGKat2UuMMRIKvXlmsZyC+vbx3hs+mO3Z1CYU07xt8ScHTzft2hfOz9SMyiRIAIB2IXvksn9JYlKXgzQlFsW2W1k3PAoHJqd/ONKhijvHU4OWs8I7I1y0ePFRCZRf00JGyiASDAipPIzC5R98nfImPPBE2qVYzs9PU1x6Dkm+h3oWpylVVMs6U8kHTslB289Vsq/ov7bTN/tdMLOrDSOZFWxvx4ONYxrVgmRLoby+oMRpT+y0xu9S5/bRs1rfKE8SsJdxsHcleOzaGVzi6Wg8JY58lOU/zsNWVL3epWcT3y99WzI9R9A0ETAFLasOGkHNBL9jQZ31A62sNpyf6tqJRmxmMjvgzCYsaic7vLVivOAhzgoP4dvJvK/vKSQkKcU7HMj3Z2fe84i/XoHvlfU38n4fFbXi+dgDYwfiREeduz/BYZNM+SteUcUM8S0wCxe1pzxNHMn2xM21g8Zh4fXnXXV74I5GpYo6GSYDumaWIFKGjZpQJ2t4KiYmhKcS9Ay5GbnobQIT/kU2XFX+HteFsAvEwP/wrVldX/skTjUb3Q= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 19.03.23 01:15, Rick Edgecombe wrote: > From: Yu-cheng Yu > > New hardware extensions implement support for shadow stack memory, such > as x86 Control-flow Enforcement Technology (CET). Add a new VM flag to > identify these areas, for example, to be used to properly indicate shadow > stack PTEs to the hardware. > > Shadow stack VMA creation will be tightly controlled and limited to > anonymous memory to make the implementation simpler and since that is all > that is required. The solution will rely on pte_mkwrite() to create the > shadow stack PTEs, so it will not be required for vm_get_page_prot() to > learn how to create shadow stack memory. For this reason document that > VM_SHADOW_STACK should not be mixed with VM_SHARED. > > Co-developed-by: Rick Edgecombe > Signed-off-by: Yu-cheng Yu > Signed-off-by: Rick Edgecombe > Reviewed-by: Kees Cook > Reviewed-by: Kirill A. Shutemov > Acked-by: Mike Rapoport (IBM) > Tested-by: Pengfei Xu > Tested-by: John Allen > Tested-by: Kees Cook > --- Acked-by: David Hildenbrand -- Thanks, David / dhildenb