Re: [RFC PATCH v2 12/27] x86/mm: Shadow stack page fault error checking

[Yu-cheng Yu]

On Tue, 2018-07-10 at 15:52 -0700, Dave Hansen wrote:
> On 07/10/2018 03:26 PM, Yu-cheng Yu wrote:
> > 
> > +++ b/arch/x86/include/asm/traps.h
> > @@ -157,6 +157,7 @@ enum {
> > Â *ÂÂÂbit 3 ==				1: use of reserved
> > bit detected
> > Â *ÂÂÂbit 4 ==				1: fault was an
> > instruction fetch
> > Â *ÂÂÂbit 5 ==				1: protection keys
> > block access
> > + *ÂÂÂbit 6 ==				1: shadow stack
> > access fault
> > Â */
> Could we document this bit better?
> 
> Is this a fault where the *processor* thought it should be a shadow
> stack fault?ÂÂOr is it also set on faults to valid shadow stack PTEs
> that just happen to fault for other reasons, say protection keys?

Thanks Vedvyas for explaining this to me.
I will add this to comments:

This flag is 1 if (1) CR4.CET = 1; and (2) the access causing the page-
fault exception was a shadow-stack data access.

So this bit does not report the reason for the fault. It reports the
type of access; i.e. it was a shadow-stack-load or a shadow-stack-store 
that took the page fault. The fault could have been caused by any
variety of reasons including protection keys.