[PATCH] arm64/gcs: Fix error handling in arch_set_shadow_stack_status()
Will Deacon
will at kernel.org
Mon Feb 2 06:44:43 PST 2026
On Fri, Jan 30, 2026 at 01:43:09AM -0800, Breno Leitao wrote:
> alloc_gcs() returns an error-encoded pointer on failure, which comes
> from do_mmap(), not NULL.
>
> The current NULL check fails to detect errors, which could lead to using
> an invalid GCS address.
>
> Use IS_ERR_VALUE() to properly detect errors, consistent with the
> check in gcs_alloc_thread_stack().
>
> Fixes: b57180c75c7eb ("arm64/gcs: Implement shadow stack prctl() interface")
> Signed-off-by: Breno Leitao <leitao at debian.org>
> ---
> PS: This was compiled-tested only, given I unfortunately don't have
> a hardware to test on _yet_.
> ---
> arch/arm64/mm/gcs.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/arch/arm64/mm/gcs.c b/arch/arm64/mm/gcs.c
> index 6e93f78de79b1..efce7642b1d7b 100644
> --- a/arch/arm64/mm/gcs.c
> +++ b/arch/arm64/mm/gcs.c
> @@ -199,8 +199,8 @@ int arch_set_shadow_stack_status(struct task_struct *task, unsigned long arg)
>
> size = gcs_size(0);
> gcs = alloc_gcs(0, size);
> - if (!gcs)
> - return -ENOMEM;
> + if (IS_ERR_VALUE(gcs))
> + return PTR_ERR((void *)gcs);
Why do you need to go via PTR_ERR() here? 'gcs' is an 'unsigned long' so
can't we just return that directly?
Will
More information about the linux-arm-kernel
mailing list