Re: [RFC PATCH v2 15/27] mm/mprotect: Prevent mprotect from changing shadow stack
From: Dave Hansen
Date: Wed Jul 11 2018 - 12:22:32 EST
On 07/11/2018 09:07 AM, Yu-cheng Yu wrote:
>> Why do we need to disallow this? AFAICT the worst that can happen is
>> that a process wrecks itself, so what?
> Agree. ÂI will remove the patch.
No so quick. :)
We still need to find out a way to handle things that ask for an
mprotect() which is incompatible with shadow stacks. PROT_READ without
PROT_WRITE comes to mind. We also need to be careful that we don't
copy-on-write/copy-on-access pages which fault on PROT_NONE. I *think*
it'll get done correctly but we have to be sure.
BTW, where are all the selftests for this code? We're slowly building
up a list of pathological things that need to get tested.
I don't think this can or should get merged before we have selftests.