From patchwork Mon Feb 27 22:29:38 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Edgecombe, Rick P" X-Patchwork-Id: 62170 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp2682737wrd; Mon, 27 Feb 2023 14:34:39 -0800 (PST) X-Google-Smtp-Source: AK7set/9eLRI646WJQ6rI5jF7ooSv4crqITai65hIsmV26B1lN8tE93/LbHr7LI+l5ux168+CHyC X-Received: by 2002:aa7:c715:0:b0:4ac:bdf7:dffd with SMTP id i21-20020aa7c715000000b004acbdf7dffdmr1111244edq.12.1677537279620; Mon, 27 Feb 2023 14:34:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1677537279; cv=none; d=google.com; s=arc-20160816; b=fX2AKw6svnkLv06tybJO8C+6sgQhxBtrp5OqfjSjubaV6bxBPG7IOCFzANTiwpj6xx GRYKfDj1jJFhj9RHlErmEdMIKjo/4fKIC65HxlhUoiUBVkGwGrYsPCwBMsXC/4KKAcVt /HsaLVreMUAf8zfw11gdZUX3lOqzJ6Xmrd81gjZ3/xsJtNg3OVtVuvMvCboqDmt7h0/R 4ZY2R3MLoxnkCR7bx05vYrjyVJWAWcJRlrGKRs1EWER/GUyhOD1YKkIb/nzWMR2Ad2eE l9PmdH26iaG4woI0Q7FHAW4JL90U55y2Z1lD6lGzZm7NVaKAmXHutDD7R1NRJFhb60O9 LJUw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:references:in-reply-to:message-id:date:subject :cc:to:from:dkim-signature; bh=+kqsDAD87DHH8at7rwF6//m6V9jqq8z7byrF3dP8xHg=; b=QaARb7p2aa7F374iyvRFmQFlNqHiJMQh347J76SuGrKTvBJc8DFrpQIqbLGPtFmPjT H9kTKTpzbK76QOZVoqprEVaxjnEJ1EvRb+AzkcWkGNq1fZBkWWFlxMUYOIFIS97a1g8i xOmVWeFjjGSrsqieGOlizQbRaxzlV9XHAYnA6eBJ6D5M19YSocetSlK7UYECX1AwZvEC upDJKEfyfAMrgGTn+LFhcvJtbnaqEc9fcjEAUp790zlJ2TCrirTxAI+WlFU/S0FjjKzV rIRxKTDjFQ0Rpf/V19wXigLppefZ/tJ7jxxME3NnXhzMzRNH19GhsFcZ1f+BOdMYuHZK E0jw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=Mrl5nwOM; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id d11-20020a056402078b00b004af62584abbsi8834158edy.66.2023.02.27.14.34.11; Mon, 27 Feb 2023 14:34:39 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=Mrl5nwOM; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229992AbjB0WdQ (ORCPT + 99 others); Mon, 27 Feb 2023 17:33:16 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37686 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230267AbjB0Wbw (ORCPT ); Mon, 27 Feb 2023 17:31:52 -0500 Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F107F28D2D; Mon, 27 Feb 2023 14:31:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1677537109; x=1709073109; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=ZIfeT04mKir/YNhHsgsFjFvjvr/0UP7Swg3kZIhAJQw=; b=Mrl5nwOMuKKAo9wkPfvKEB+7neim1lcySms1JrkKaU9ySLztoefFugoK /ZelKfl+A8yoaohyfVIC4qqjl6ItI3scq0VopnndwGxUgGSBc6rQ0XLS9 kCrDnCZIOd4EMCz+A/YyNTfzedOU05BkU62MDFg/xqVwsiHLTXksCwTy2 YRSbys5vN2oL4uRl/HhyeRb+qqQPYH2sfgUBdgm0T97H+H6+DxyjvwXNF I/sw3NrHy95O679WaTAm4pmusC2J2WaVWlXZTmW9oW+165/7LkyP4djS8 Yp6lCNTk7xATIw1zLFvlpsnJduH8D3+GPOj1uafbFodrYH/MRnPWpotHp A==; X-IronPort-AV: E=McAfee;i="6500,9779,10634"; a="313657504" X-IronPort-AV: E=Sophos;i="5.98,220,1673942400"; d="scan'208";a="313657504" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Feb 2023 14:31:24 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10634"; a="848024631" X-IronPort-AV: E=Sophos;i="5.98,220,1673942400"; d="scan'208";a="848024631" Received: from leonqu-mobl1.amr.corp.intel.com (HELO rpedgeco-desk.amr.corp.intel.com) ([10.209.72.19]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Feb 2023 14:31:23 -0800 From: Rick Edgecombe To: x86@kernel.org, "H . Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H . J . Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , Weijiang Yang , "Kirill A . Shutemov" , John Allen , kcc@google.com, eranian@google.com, rppt@kernel.org, jamorris@linux.microsoft.com, dethoma@microsoft.com, akpm@linux-foundation.org, Andrew.Cooper3@citrix.com, christina.schimpe@intel.com, david@redhat.com, debug@rivosinc.com Cc: rick.p.edgecombe@intel.com, Yu-cheng Yu Subject: [PATCH v7 22/41] mm/mmap: Add shadow stack pages to memory accounting Date: Mon, 27 Feb 2023 14:29:38 -0800 Message-Id: <20230227222957.24501-23-rick.p.edgecombe@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230227222957.24501-1-rick.p.edgecombe@intel.com> References: <20230227222957.24501-1-rick.p.edgecombe@intel.com> X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_PASS,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1759025330892533806?= X-GMAIL-MSGID: =?utf-8?q?1759025330892533806?= From: Yu-cheng Yu The x86 Control-flow Enforcement Technology (CET) feature includes a new type of memory called shadow stack. This shadow stack memory has some unusual properties, which requires some core mm changes to function properly. Account shadow stack pages to stack memory. Do this by adding a VM_SHADOW_STACK check in is_stack_mapping(). Tested-by: Pengfei Xu Tested-by: John Allen Tested-by: Kees Cook Acked-by: Mike Rapoport (IBM) Reviewed-by: Kees Cook Signed-off-by: Yu-cheng Yu Co-developed-by: Rick Edgecombe Signed-off-by: Rick Edgecombe Cc: Kees Cook Acked-by: David Hildenbrand --- v7: - Change is_stack_mapping() to know about VM_SHADOW_STACK so the additions in vm_stat_account() can be dropped. (David Hildenbrand) v3: - Remove unneeded VM_SHADOW_STACK check in accountable_mapping() (Kirill) v2: - Remove is_shadow_stack_mapping() and just change it to directly bitwise and VM_SHADOW_STACK. Yu-cheng v26: - Remove redundant #ifdef CONFIG_MMU. Yu-cheng v25: - Remove #ifdef CONFIG_ARCH_HAS_SHADOW_STACK for is_shadow_stack_mapping(). --- mm/internal.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/mm/internal.h b/mm/internal.h index 7920a8b7982e..1d13d5580f64 100644 --- a/mm/internal.h +++ b/mm/internal.h @@ -491,14 +491,14 @@ static inline bool is_exec_mapping(vm_flags_t flags) } /* - * Stack area - automatically grows in one direction + * Stack area * - * VM_GROWSUP / VM_GROWSDOWN VMAs are always private anonymous: - * do_mmap() forbids all other combinations. + * VM_GROWSUP, VM_GROWSDOWN VMAs are always private + * anonymous. do_mmap() forbids all other combinations. */ static inline bool is_stack_mapping(vm_flags_t flags) { - return (flags & VM_STACK) == VM_STACK; + return ((flags & VM_STACK) == VM_STACK) || (flags & VM_SHADOW_STACK); } /*