On 8/10/24 04:55, Deepak Gupta wrote:
On Wed, Aug 07, 2024 at 01:19:55PM +1000, Richard Henderson wrote:
On 8/7/24 10:06, Deepak Gupta wrote:
int prot = 0;
- if (pte & PTE_R) {
+ /*
+ * If PTE has read bit in it or it's shadow stack page,
+ * then reads allowed
+ */
+
On Wed, Aug 07, 2024 at 01:19:55PM +1000, Richard Henderson wrote:
On 8/7/24 10:06, Deepak Gupta wrote:
int prot = 0;
-if (pte & PTE_R) {
+/*
+ * If PTE has read bit in it or it's shadow stack page,
+ * then reads allowed
+ */
+if ((pte & PTE_R) || sstack_page) {
On 8/7/24 10:06, Deepak Gupta wrote:
@@ -1105,15 +1119,45 @@ restart:
return TRANSLATE_FAIL;
}
+/*
+ * When backward CFI is enabled, the R=0, W=1, X=0 reserved encoding
+ * is used to mark Shadow Stack (SS) pages. If back CFI enabled, allow
+ * normal loads on
zicfiss protects shadow stack using new page table encodings PTE.W=0,
PTE.R=0 and PTE.X=0. This encoding is reserved if zicfiss is not
implemented or if shadow stack are not enabled.
Loads on shadow stack memory are allowed while stores to shadow stack
memory leads to access faults. Shadow stack ac
