[PATCH 1/5] mm: Introduce vm_mmap_shadow_stack() as a helper for VM_SHADOW_STACK mappings
David Hildenbrand (Arm)
david at kernel.org
Wed Feb 25 05:32:37 PST 2026
On 2/24/26 18:57, Catalin Marinas wrote:
> arm64, riscv and x86 use a similar pattern for mapping the user shadow
> stack (cloned from x86). Extract this into a helper to facilitate code
> reuse.
>
> The call to do_mmap() from the new helper uses PROT_READ|PROT_WRITE prot
> bits instead of the PROT_READ with an explicit VM_WRITE vm_flag. The
> x86 intent was to avoid PROT_WRITE implying normal write since the
> shadow stack is not writable by normal stores. However, from a kernel
> perspective, the vma is writeable. Functionally there is no difference.
>
> Signed-off-by: Catalin Marinas <catalin.marinas at arm.com>
> Cc: Andrew Morton <akpm at linux-foundation.org>
> Cc: David Hildenbrand <david at kernel.org>
> ---
> include/linux/mm.h | 4 ++++
> mm/util.c | 25 +++++++++++++++++++++++++
> 2 files changed, 29 insertions(+)
>
> diff --git a/include/linux/mm.h b/include/linux/mm.h
> index 5be3d8a8f806..1f28be975f86 100644
> --- a/include/linux/mm.h
> +++ b/include/linux/mm.h
> @@ -3908,6 +3908,10 @@ extern int vm_munmap(unsigned long, size_t);
> extern unsigned long __must_check vm_mmap(struct file *, unsigned long,
> unsigned long, unsigned long,
> unsigned long, unsigned long);
> +#ifdef CONFIG_ARCH_HAS_USER_SHADOW_STACK
> +extern unsigned long __must_check vm_mmap_shadow_stack(unsigned long addr,
> + unsigned long len, unsigned long flags);
MM nowadays tends to use two tabs here.
> +#endif
>
> struct vm_unmapped_area_info {
> #define VM_UNMAPPED_AREA_TOPDOWN 1
> diff --git a/mm/util.c b/mm/util.c
> index b05ab6f97e11..2592291948f0 100644
> --- a/mm/util.c
> +++ b/mm/util.c
> @@ -618,6 +618,31 @@ unsigned long vm_mmap(struct file *file, unsigned long addr,
> }
> EXPORT_SYMBOL(vm_mmap);
>
> +#ifdef CONFIG_ARCH_HAS_USER_SHADOW_STACK
> +/*
> + * Perform a userland memory mapping for a shadow stack into the current
> + * process address space. This is intended to be used by architectures that
> + * support user shadow stacks.
> + */
> +unsigned long vm_mmap_shadow_stack(unsigned long addr, unsigned long len,
> + unsigned long flags)
And here as well.
Agreed that the ifdef for the function declaration is not required.
Acked-by: David Hildenbrand (Arm) <david at kernel.org>
--
Cheers,
David
More information about the linux-arm-kernel
mailing list