Message ID | 20240329044459.3990638-12-debug@rivosinc.com |
---|---|
State | Superseded |
Headers | show |
Series | riscv control-flow integrity for usermode | expand |
On Thu, Mar 28, 2024 at 9:46 PM Deepak Gupta <debug@rivosinc.com> wrote: > > pte_mkwrite creates PTEs with WRITE encodings for underlying arch. Underlying > arch can have two types of writeable mappings. One that can be written using > regular store instructions. Another one that can only be written using specialized > store instructions (like shadow stack stores). pte_mkwrite can select write PTE > encoding based on VMA range. > > On riscv, presence of only VM_WRITE in vma->vm_flags means it's a shadow stack. > > Signed-off-by: Deepak Gupta <debug@rivosinc.com> > > rebase with a30f0ca0fa31cdb2ac3d24b7b5be9e3ae75f4175 > hmm.. Note to self: Missed removing this lingering commit message. Will remove it in the next version.
diff --git a/arch/riscv/include/asm/pgtable.h b/arch/riscv/include/asm/pgtable.h index 6362407f1e83..9b837239d3e8 100644 --- a/arch/riscv/include/asm/pgtable.h +++ b/arch/riscv/include/asm/pgtable.h @@ -403,6 +403,10 @@ static inline pte_t pte_wrprotect(pte_t pte) /* static inline pte_t pte_mkread(pte_t pte) */ +struct vm_area_struct; +pte_t pte_mkwrite(pte_t pte, struct vm_area_struct *vma); +#define pte_mkwrite pte_mkwrite + static inline pte_t pte_mkwrite_novma(pte_t pte) { return __pte(pte_val(pte) | _PAGE_WRITE); @@ -694,6 +698,9 @@ static inline pmd_t pmd_mkyoung(pmd_t pmd) return pte_pmd(pte_mkyoung(pmd_pte(pmd))); } +pmd_t pmd_mkwrite(pmd_t pmd, struct vm_area_struct *vma); +#define pmd_mkwrite pmd_mkwrite + static inline pmd_t pmd_mkwrite_novma(pmd_t pmd) { return pte_pmd(pte_mkwrite_novma(pmd_pte(pmd))); diff --git a/arch/riscv/mm/pgtable.c b/arch/riscv/mm/pgtable.c index ef887efcb679..933c5f23ef73 100644 --- a/arch/riscv/mm/pgtable.c +++ b/arch/riscv/mm/pgtable.c @@ -142,3 +142,24 @@ pmd_t pmdp_collapse_flush(struct vm_area_struct *vma, return pmd; } #endif /* CONFIG_TRANSPARENT_HUGEPAGE */ + +pte_t pte_mkwrite(pte_t pte, struct vm_area_struct *vma) +{ + if (arch_is_shadow_stack(vma->vm_flags)) + return pte_mkwrite_shstk(pte); + + pte = pte_mkwrite_novma(pte); + + return pte; +} + +pmd_t pmd_mkwrite(pmd_t pmd, struct vm_area_struct *vma) +{ + if (arch_is_shadow_stack(vma->vm_flags)) + return pmd_mkwrite_shstk(pmd); + + pmd = pmd_mkwrite_novma(pmd); + + return pmd; +} +