[PATCH v2 0/4] mm: Avoid sharing high VMA flag bits
Florent Revest
revest at chromium.org
Wed May 7 06:09:56 PDT 2025
While staring at include/linux/mm.h, I was wondering why VM_UFFD_MINOR and
VM_SHADOW_STACK share the same bit on arm64. I think I gained enough confidence
now to call it a bug.
The first patch of this series is a straightforward attempt at fixing this
specific bug by changing the bit used by VM_UFFD_MINOR. I cc-ed stable on that
one and I expect it to not be all too controversial.
The rest of the series however is a more zealous refactoring and likely to be
more contentious... :) Since this bug looks like a near miss which could have
been quite severe in terms of security, I think it's worth trying to simplify
the high VMA flag bits code. I tried to consolidate around the current usage of
VM_HIGH_ARCH_* macros but I'm not sure if this is the preferred approach here. I
really don't feel strongly about those refactorings so this is more of a
platform for discussion for people with more mm background, I'll be more than
happy to respin a v2!
This series applies on v6.15-rc5.
v1 -> v2:
- Fixed a couple of typos in patch 4
- Added Mark Brown's Reviewed-by tag
Florent Revest (4):
mm: fix VM_UFFD_MINOR == VM_SHADOW_STACK on USERFAULTFD=y &&
ARM64_GCS=y
mm: remove CONFIG_ARCH_USES_HIGH_VMA_FLAGS
mm: use VM_HIGH_ARCH_* macros consistently
mm: consolidate VM_HIGH_ARCH_* macros into parametric macros
arch/arm64/Kconfig | 3 ---
arch/powerpc/Kconfig | 1 -
arch/x86/Kconfig | 2 --
include/linux/mm.h | 51 ++++++++++++++++----------------------------
mm/Kconfig | 2 --
5 files changed, 18 insertions(+), 41 deletions(-)
--
2.49.0.987.g0cc8ee98dc-goog
More information about the linux-arm-kernel
mailing list