| Message ID | 20190606200646.3951-26-yu-cheng.yu@intel.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | Control-flow Enforcement: Shadow Stack | expand |
On 6/6/19 1:06 PM, Yu-cheng Yu wrote: > --- a/mm/mmap.c > +++ b/mm/mmap.c > @@ -1703,6 +1703,9 @@ static inline int accountable_mapping(struct file *file, vm_flags_t vm_flags) > if (file && is_file_hugepages(file)) > return 0; > > + if (arch_copy_pte_mapping(vm_flags)) > + return 1; > + > return (vm_flags & (VM_NORESERVE | VM_SHARED | VM_WRITE)) == VM_WRITE; > } > > @@ -3319,6 +3322,8 @@ void vm_stat_account(struct mm_struct *mm, vm_flags_t flags, long npages) > mm->stack_vm += npages; > else if (is_data_mapping(flags)) > mm->data_vm += npages; > + else if (arch_copy_pte_mapping(flags)) > + mm->data_vm += npages; > } This classifies shadow stack as data instead of stack. That seems a wee bit counterintuitive. Why did you make this choice?
On Tue, 2019-06-11 at 10:55 -0700, Dave Hansen wrote: > On 6/6/19 1:06 PM, Yu-cheng Yu wrote: > > --- a/mm/mmap.c > > +++ b/mm/mmap.c > > @@ -1703,6 +1703,9 @@ static inline int accountable_mapping(struct file > > *file, vm_flags_t vm_flags) > > if (file && is_file_hugepages(file)) > > return 0; > > > > + if (arch_copy_pte_mapping(vm_flags)) > > + return 1; > > + > > return (vm_flags & (VM_NORESERVE | VM_SHARED | VM_WRITE)) == > > VM_WRITE; > > } > > > > @@ -3319,6 +3322,8 @@ void vm_stat_account(struct mm_struct *mm, vm_flags_t > > flags, long npages) > > mm->stack_vm += npages; > > else if (is_data_mapping(flags)) > > mm->data_vm += npages; > > + else if (arch_copy_pte_mapping(flags)) > > + mm->data_vm += npages; > > } > > This classifies shadow stack as data instead of stack. That seems a wee > bit counterintuitive. Why did you make this choice? I don't recall the reason; I will change it to stack and test it out. Yu-cheng
diff --git a/mm/mmap.c b/mm/mmap.c index b1a921c0de63..3b643ace2c49 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -1703,6 +1703,9 @@ static inline int accountable_mapping(struct file *file, vm_flags_t vm_flags) if (file && is_file_hugepages(file)) return 0; + if (arch_copy_pte_mapping(vm_flags)) + return 1; + return (vm_flags & (VM_NORESERVE | VM_SHARED | VM_WRITE)) == VM_WRITE; } @@ -3319,6 +3322,8 @@ void vm_stat_account(struct mm_struct *mm, vm_flags_t flags, long npages) mm->stack_vm += npages; else if (is_data_mapping(flags)) mm->data_vm += npages; + else if (arch_copy_pte_mapping(flags)) + mm->data_vm += npages; } static vm_fault_t special_mapping_fault(struct vm_fault *vmf);
Add shadow stack pages to memory accounting. Signed-off-by: Yu-cheng Yu <yu-cheng.yu@intel.com> --- mm/mmap.c | 5 +++++ 1 file changed, 5 insertions(+)