1
linux/arch/x86/kernel
Rick Edgecombe c44357c2e7 x86/mm: care about shadow stack guard gap during placement
When memory is being placed, mmap() will take care to respect the guard
gaps of certain types of memory (VM_SHADOWSTACK, VM_GROWSUP and
VM_GROWSDOWN).  In order to ensure guard gaps between mappings, mmap()
needs to consider two things:

 1. That the new mapping isn't placed in an any existing mappings guard
    gaps.
 2. That the new mapping isn't placed such that any existing mappings
    are not in *its* guard gaps.

The longstanding behavior of mmap() is to ensure 1, but not take any care
around 2.  So for example, if there is a PAGE_SIZE free area, and a mmap()
with a PAGE_SIZE size, and a type that has a guard gap is being placed,
mmap() may place the shadow stack in the PAGE_SIZE free area.  Then the
mapping that is supposed to have a guard gap will not have a gap to the
adjacent VMA.

Now that the vm_flags is passed into the arch get_unmapped_area()'s, and
vm_unmapped_area() is ready to consider it, have VM_SHADOW_STACK's get
guard gap consideration for scenario 2.

Link: https://lkml.kernel.org/r/20240326021656.202649-14-rick.p.edgecombe@intel.com
Signed-off-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
Cc: Alexei Starovoitov <ast@kernel.org>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Aneesh Kumar K.V <aneesh.kumar@kernel.org>
Cc: Borislav Petkov (AMD) <bp@alien8.de>
Cc: Christophe Leroy <christophe.leroy@csgroup.eu>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Deepak Gupta <debug@rivosinc.com>
Cc: Guo Ren <guoren@kernel.org>
Cc: Helge Deller <deller@gmx.de>
Cc: H. Peter Anvin (Intel) <hpa@zytor.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: "James E.J. Bottomley" <James.Bottomley@HansenPartnership.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Liam R. Howlett <Liam.Howlett@oracle.com>
Cc: Mark Brown <broonie@kernel.org>
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: Naveen N. Rao <naveen.n.rao@linux.ibm.com>
Cc: Nicholas Piggin <npiggin@gmail.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
2024-04-25 20:56:28 -07:00
..
acpi ACPI updates for 6.9-rc1 2024-03-13 11:54:05 -07:00
apic x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' 2024-04-11 10:30:33 +02:00
cpu mm: switch mm->get_unmapped_area() to a flag 2024-04-25 20:56:25 -07:00
fpu x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD 2024-03-24 04:03:54 +01:00
kprobes kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address 2024-03-22 11:40:56 +01:00
.gitignore
alternative.c - Sumanth Korikkar has taught s390 to allocate hotplug-time page frames 2024-03-14 17:43:30 -07:00
amd_gart_64.c change alloc_pages name in dma_map_ops to avoid name conflicts 2024-04-25 20:55:53 -07:00
amd_nb.c x86/cpu/amd: Provide a separate accessor for Node ID 2024-02-15 22:07:37 +01:00
aperture_64.c x86/pci: Use PCI_HEADER_TYPE_* instead of literals 2023-12-01 15:00:43 -06:00
apm_32.c x86/apm_32: Remove dead function apm_get_battery_status() 2024-02-21 19:38:03 +01:00
asm-offsets_32.c
asm-offsets_64.c
asm-offsets.c x86/bugs: Rename CONFIG_CALL_DEPTH_TRACKING => CONFIG_MITIGATION_CALL_DEPTH_TRACKING 2024-01-10 10:52:28 +01:00
audit_64.c x86/audit: Fix -Wmissing-variable-declarations warning for ia32_xyz_class 2023-08-30 10:11:16 +02:00
bootflag.c
callthunks.c x86/bpf: Fix IP for relocating call depth accounting 2024-04-01 20:37:56 -07:00
cet.c x86/ibt: Convert IBT selftest to asm 2023-08-17 17:07:09 +02:00
cfi.c cfi: Flip headers 2023-12-15 16:25:55 -08:00
check.c
cpuid.c
crash_dump_32.c
crash_dump_64.c
crash.c x86/build changes for v6.9: 2024-03-11 19:23:16 -07:00
devicetree.c Devicetree updates for v6.9: 2024-03-15 12:37:59 -07:00
doublefault_32.c
dumpstack_32.c
dumpstack_64.c
dumpstack.c x86/bugs: Rename CONFIG_PAGE_TABLE_ISOLATION => CONFIG_MITIGATION_PAGE_TABLE_ISOLATION 2024-01-10 10:52:28 +01:00
e820.c x86/kexec: Do not update E820 kexec table for setup_data 2024-03-22 10:07:45 +01:00
early_printk.c
early-quirks.c x86/pci: Use PCI_HEADER_TYPE_* instead of literals 2023-12-01 15:00:43 -06:00
ebda.c
eisa.c x86/sev: Skip ROM range scans and validation for SEV-SNP guests 2024-03-26 15:22:35 +01:00
espfix_64.c x86/fred: No ESPFIX needed when FRED is enabled 2024-01-31 22:01:51 +01:00
fred.c x86/fred: Add FRED initialization functions 2024-01-31 22:03:32 +01:00
ftrace_32.S x86/headers: Replace #include <asm/export.h> with #include <linux/export.h> 2023-10-03 10:38:07 +02:00
ftrace_64.S x86/headers: Replace #include <asm/export.h> with #include <linux/export.h> 2023-10-03 10:38:07 +02:00
ftrace.c x86/bugs: Rename CONFIG_SLS => CONFIG_MITIGATION_SLS 2024-01-10 10:52:28 +01:00
head32.c x86/microcode/32: Move early loading after paging enable 2023-10-18 22:15:01 +02:00
head64.c x86/boot/64: Move 5-level paging global variable assignments back 2024-03-24 05:00:36 +01:00
head_32.S x86/bugs: Rename CONFIG_PAGE_TABLE_ISOLATION => CONFIG_MITIGATION_PAGE_TABLE_ISOLATION 2024-01-10 10:52:28 +01:00
head_64.S Merge branch 'linus' into x86/boot, to resolve conflict 2024-03-12 09:55:57 +01:00
hpet.c x86/apic/msi: Use DOMAIN_BUS_GENERIC_MSI for HPET/IO-APIC domain search 2024-02-25 18:53:08 +01:00
hw_breakpoint.c
i8237.c
i8253.c
i8259.c x86/i8259: Skip probing when ACPI/MADT advertises PCAT compatibility 2023-10-27 20:36:49 +02:00
ibt_selftest.S x86/ibt: Convert IBT selftest to asm 2023-08-17 17:07:09 +02:00
idt.c S390: 2024-03-15 13:03:13 -07:00
io_delay.c
ioport.c
irq_32.c
irq_64.c fix missing vmalloc.h includes 2024-04-25 20:55:49 -07:00
irq_work.c x86/apic: Wrap IPI calls into helper functions 2023-08-09 12:00:55 -07:00
irq.c x86: replace CONFIG_HAVE_KVM with IS_ENABLED(CONFIG_KVM) 2024-02-08 08:45:35 -05:00
irqflags.S x86/headers: Replace #include <asm/export.h> with #include <linux/export.h> 2023-10-03 10:38:07 +02:00
irqinit.c x86/fred: Invoke FRED initialization code to enable FRED 2024-01-31 22:03:36 +01:00
itmt.c arch/x86: Remove now superfluous sentinel elem from ctl_table arrays 2023-10-10 15:22:02 -07:00
jailhouse.c x86/jailhouse: Use new APIC registration function 2024-02-15 22:07:42 +01:00
jump_label.c
kdebugfs.c
kexec-bzimage64.c - Sumanth Korikkar has taught s390 to allocate hotplug-time page frames 2024-03-14 17:43:30 -07:00
kgdb.c x86/kgdb: Fix a kerneldoc warning when build with W=1 2023-09-24 11:00:13 +02:00
ksysfs.c
kvm.c Guest-side KVM async #PF ABI cleanup for 6.9 2024-03-18 19:03:42 -04:00
kvmclock.c kvmclock: Unexport kvmclock clocksource 2024-02-07 17:05:21 +01:00
ldt.c x86/bugs: Rename CONFIG_PAGE_TABLE_ISOLATION => CONFIG_MITIGATION_PAGE_TABLE_ISOLATION 2024-01-10 10:52:28 +01:00
machine_kexec_32.c
machine_kexec_64.c x86, crash: wrap crash dumping code into crash related ifdefs 2024-02-23 17:48:23 -08:00
Makefile - Sumanth Korikkar has taught s390 to allocate hotplug-time page frames 2024-03-14 17:43:30 -07:00
mmconf-fam10h_64.c
module.c x86/paravirt: Switch mixed paravirt/alternative calls to alternatives 2023-12-10 23:33:09 +01:00
mpparse.c x86/mpparse: Register APIC address only once 2024-03-23 12:41:48 +01:00
msr.c
nmi_selftest.c x86/apic: Wrap IPI calls into helper functions 2023-08-09 12:00:55 -07:00
nmi.c x86/nmi: Upgrade NMI backtrace stall checks & messages 2024-03-26 10:07:59 +01:00
paravirt-spinlocks.c
paravirt.c x86/paravirt: Remove no longer needed paravirt patching code 2023-12-10 23:34:37 +01:00
pci-dma.c
pcspeaker.c
perf_regs.c
platform-quirks.c
pmem.c
probe_roms.c x86/sev: Skip ROM range scans and validation for SEV-SNP guests 2024-03-26 15:22:35 +01:00
process_32.c x86/fpu: Clean up FPU switching in the middle of task switching 2023-10-20 11:24:22 +02:00
process_64.c Core x86 changes for v6.9: 2024-03-11 19:53:15 -07:00
process.c Core x86 changes for v6.9: 2024-03-11 19:53:15 -07:00
process.h
ptrace.c
pvclock.c
quirks.c
reboot_fixups_32.c
reboot.c x86, crash: wrap crash dumping code into crash related ifdefs 2024-02-23 17:48:23 -08:00
relocate_kernel_32.S
relocate_kernel_64.S
resource.c
rethook.c
rtc.c rtc: Extend timeout for waiting for UIP to clear to 1s 2023-12-17 22:33:55 +01:00
setup_percpu.c x86/asm: Add DB flag to 32-bit percpu GDT entry 2023-12-20 10:57:51 +01:00
setup.c x86: remove unneeded memblock_find_dma_reserve() 2024-04-25 20:56:10 -07:00
sev_verify_cbit.S x86/boot: Use 32-bit XOR to clear registers 2024-03-01 12:47:37 +01:00
sev-shared.c Merge branch 'linus' into x86/boot, to resolve conflict 2024-03-12 09:55:57 +01:00
sev.c x86/CPU/AMD: Track SNP host status with cc_platform_*() 2024-04-04 10:40:30 +02:00
shstk.c x86/shstk: Add warning for shadow stack double unmap 2023-09-19 09:18:34 -07:00
signal_32.c
signal_64.c x86/shstk: Delay signal entry SSP write until after user accesses 2023-11-08 08:55:37 -08:00
signal.c rseq: Split out rseq.h from sched.h 2023-12-27 11:49:56 -05:00
smp.c - Sumanth Korikkar has taught s390 to allocate hotplug-time page frames 2024-03-14 17:43:30 -07:00
smpboot.c x86/cpu: Ensure that CPU info updates are propagated on UP 2024-03-23 12:22:04 +01:00
stacktrace.c
static_call.c x86/bugs: Rename CONFIG_RETHUNK => CONFIG_MITIGATION_RETHUNK 2024-01-10 10:52:29 +01:00
step.c x86/msr: Prepare for including <linux/percpu.h> into <asm/msr.h> 2024-03-04 12:01:39 +01:00
sys_ia32.c
sys_x86_64.c x86/mm: care about shadow stack guard gap during placement 2024-04-25 20:56:28 -07:00
tboot.c
time.c
tls.c
tls.h
topology.c x86/topology: convert to use arch_cpu_is_hotpluggable() 2023-12-06 12:41:49 +09:00
trace_clock.c
trace.c
tracepoint.c
traps.c Core x86 changes for v6.9: 2024-03-11 19:53:15 -07:00
tsc_msr.c
tsc_sync.c x86/tsc: Defer marking TSC unstable to a worker 2023-10-27 20:36:57 +02:00
tsc.c treewide: Remove system_counterval_t.cs, which is never read 2024-02-07 17:05:21 +01:00
umip.c
unwind_frame.c
unwind_guess.c
unwind_orc.c x86/unwind/orc: Remove redundant initialization of 'mid' pointer in __orc_find() 2023-09-21 08:41:23 +02:00
uprobes.c
verify_cpu.S
vm86_32.c
vmcore_info_32.c crash: split vmcoreinfo exporting code out from crash_core.c 2024-02-23 17:48:22 -08:00
vmcore_info_64.c crash: split vmcoreinfo exporting code out from crash_core.c 2024-02-23 17:48:22 -08:00
vmlinux.lds.S Merge branch 'x86/bugs' into x86/core, to pick up pending changes before dependent patches 2024-02-14 10:49:37 +01:00
vsmp_64.c x86/apic: Remove unused phys_pkg_id() callback 2024-02-15 22:07:38 +01:00
x86_init.c x86/sev: Skip ROM range scans and validation for SEV-SNP guests 2024-03-26 15:22:35 +01:00