[PATCH v2 0/3] arm64: Assorted GCS fixes

[Catalin Marinas]

A couple of GCS fixes and a corresponding kselftest. The first fix
solves a kernel panic when LPA2 is present. The second ensures that the
shadow stack is not accessible after mprotect(PROT_NONE). The test is
fairly close to gcs_write_fault.c but performs a normal read from the
shadow stack before and after mprotect(PROT_NOTE).

v1 here:

https://lore.kernel.org/all/20260220140532.285011-1-catalin.marinas@arm.com/

Changes since v1:

- I dropped the VM_NOHUGEPAGE patch from this series. I'll submit a
  separate one that also changes riscv and x86 for consistency.

- Added a gcs_page_prot variable to store the protection for the gcs
  page, somewhat closer to what we do with protection_map[]. There are
  other ways to implement this, e.g. using PTE_MAYBE_SHARED or starting
  from protection_map[] and replacing the PIE bits with those from
  _PAGE_GCS_RO.

- The PROT_NONE patch was updated to drop the NUMA migration reference
  (this path is not exercised in that case), mention mprotect() instead.
  In addition, it checks VM_ACCESS_FLAGS instead of VM_READ|VM_WRITE.

- Added kselftest for the GCS PROT_NONE case.

Thanks.

Catalin Marinas (3):
  arm64: gcs: Do not set PTE_SHARED on GCS mappings if FEAT_LPA2 is
    enabled
  arm64: gcs: Honour mprotect(PROT_NONE) on shadow stack mappings
  kselftest: arm64: Check access to GCS after mprotect(PROT_NONE)

 arch/arm64/include/asm/pgtable-prot.h         |  3 -
 arch/arm64/mm/mmap.c                          | 12 ++-
 .../signal/testcases/gcs_prot_none_fault.c    | 76 +++++++++++++++++++
 3 files changed, 86 insertions(+), 5 deletions(-)
 create mode 100644 tools/testing/selftests/arm64/signal/testcases/gcs_prot_none_fault.c