From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 41EEAD44161 for ; Tue, 19 Nov 2024 14:26:24 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 0B53B6B00B2; Tue, 19 Nov 2024 09:26:22 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 03DEB6B00B4; Tue, 19 Nov 2024 09:26:21 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id DF88D6B00B5; Tue, 19 Nov 2024 09:26:21 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id BC7536B00B2 for ; Tue, 19 Nov 2024 09:26:21 -0500 (EST) Received: from smtpin17.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 6B8C01204C5 for ; Tue, 19 Nov 2024 14:26:21 +0000 (UTC) X-FDA: 82803066234.17.6007AC4 Received: from nyc.source.kernel.org (nyc.source.kernel.org [147.75.193.91]) by imf20.hostedemail.com (Postfix) with ESMTP id EA2591C0016 for ; Tue, 19 Nov 2024 14:25:16 +0000 (UTC) Authentication-Results: imf20.hostedemail.com; dkim=pass header.d=linuxfoundation.org header.s=korg header.b=2hnXLOSf; dmarc=pass (policy=none) header.from=linuxfoundation.org; spf=pass (imf20.hostedemail.com: domain of gregkh@linuxfoundation.org designates 147.75.193.91 as permitted sender) smtp.mailfrom=gregkh@linuxfoundation.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1732026289; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:dkim-signature; bh=Ht1L2hUwWtTVbnhns3l6dsMfNdn33mSNBya81Hv/HKs=; b=JU30abD/M5AAXMJqgiVyHx+IEbIVNyVhZQPpzxHPuecEM/gZOQHW94zELMYLr7AraAkzaC hOBabcRKqkgOktLNp9C3iyp3bw+4+Ezry5Qw0sGOe2VV3+uXWcOu4M5x3g7OYxbvmQWf6U M1psCIKBUd3fYRtI4pp/kGbTtz+Fg+M= ARC-Authentication-Results: i=1; imf20.hostedemail.com; dkim=pass header.d=linuxfoundation.org header.s=korg header.b=2hnXLOSf; dmarc=pass (policy=none) header.from=linuxfoundation.org; spf=pass (imf20.hostedemail.com: domain of gregkh@linuxfoundation.org designates 147.75.193.91 as permitted sender) smtp.mailfrom=gregkh@linuxfoundation.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1732026289; a=rsa-sha256; cv=none; b=gpEe/I6gOCpRPTWG3J+g8jARGcA7vOIIyO41DLa2spWikYvzDE3WRPWxQMcpgXPVJfmJXj FkvbA8CVwCB7iBvcUEpOUoCdPnARKbVBZcUl5Dv2LRQY+Zfll45zDcTEU8+3wMOCqeQe3C 66lRYR7/Vcz+aVKYYToNDqQzUjOv5gQ= Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by nyc.source.kernel.org (Postfix) with ESMTP id 99CEAA42AE8; Tue, 19 Nov 2024 14:24:25 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id B77A0C4CECF; Tue, 19 Nov 2024 14:26:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1732026378; bh=fL5mzVEB62hIoMBI5KqBw8wJqWntMMUYvtpbz8bzpuE=; h=Subject:To:Cc:From:Date:In-Reply-To:From; b=2hnXLOSf5cksmlpvYCVF6IMufrQCjtsmOufYnV8ACvV0MaKmJtGDlZ9BjKvngLxce lY5EVyeexeaQdCOgOI+FNot+fGlUjrJgGHNRRztT6Cz9wTalbYUvW9NmubwF7gZJSk UIKDqP9Vgg2Tpgn1Th91i9Bl944B/Ii4KJHY3IXI= Subject: Patch "mm: refactor map_deny_write_exec()" has been added to the 6.6-stable tree To: James.Bottomley@HansenPartnership.com,Liam.Howlett@oracle.com,akpm@linux-foundation.org,andreas@gaisler.com,broonie@kernel.org,catalin.marinas@arm.com,davem@davemloft.net,deller@gmx.de,gregkh@linuxfoundation.org,jannh@google.com,linux-mm@kvack.org,lorenzo.stoakes@oracle.com,peterx@redhat.com,torvalds@linux-foundation.org,vbabka@suse.cz,will@kernel.org Cc: From: Date: Tue, 19 Nov 2024 15:25:46 +0100 In-Reply-To: Message-ID: <2024111946-aged-algorithm-4920@gregkh> MIME-Version: 1.0 Content-Type: text/plain; charset=ANSI_X3.4-1968 Content-Transfer-Encoding: 8bit X-stable: commit X-Patchwork-Hint: ignore X-Rspam-User: X-Rspamd-Server: rspam03 X-Rspamd-Queue-Id: EA2591C0016 X-Stat-Signature: fmnt75etnq99wyaux4pzmd6qgkuwiabg X-HE-Tag: 1732026316-390271 X-HE-Meta: U2FsdGVkX1+Vq8wvblPje8UPW5i2BrL1+/jqfq35THMpBlr9h+HndWcT9RaDAFMgIuWR/F71SDRRDMQI0LBjtb0HxxKmEIWBkzn8hgtyoLC5UHLmk2VKiadCrZ7CzO77kj/x+OrmJKkGZ+U35OiWImbJVzmSeLA4u10Gt+6jkRtQJ5Zg4JJNCuHc2ELjzN6f6Q5XG242lc2yPNQfQdiMEbXoRL85m7fPmEFM3qu8tevUT+Pw9BPsqZL1MaHmN682RDglXR3Szj3P0aTSY9CyLOH6f2gO5dc9M/yxhSe0IKvRR/+BbU01NMTfMMYUUQFdtj+X5QTWxk4ltHE4avZ2Kv3ItInJqr/C4b8ckhpi/NshWX4qi7jv+UiCztUBfmozPzLznituYloisI+iaWWBAg5/JmL4DqveZJ9nW86rfmq0g1/SaRMt5LOmeXi1Avvh1et8R3Z3e91s0MwpazSj77EquPVxGHTDcMa2E+gwcwRwPex1hZEx9kIme0La16Ltsdf30uEPAwdfITs6WeqsYe4PMo3F8aHn0EvBYpNo0xLPFwdMWN8XVMDGTwdgppY1gNqaRTfW08jy7Zjlg6Tdlv0lue33/FwdjkelBp/2iQ5rRCQWMFBYCtj3VnnV4VPSKai8vl4Eawwfe6L42gh9pVynvSAuKuvvxUro1rRSunEzsG90EMz/d8nsBHbjgMVWrUO8CTi0UMmarEUoiw3ZQt97LdM/yHadtY7CLbcy/8zZezWoYId7btjWwgb3yS9ag891CkvucDLHoEbt4QCDbcHv40lDgsvtlX2T2Q5Yamado0Q8qWwdl+po3VIBM3FU7nHvc4yXbPuu1EG9Fnpal6xugXwE4//X2WWybNrvfVAF94IULQalm1kjfX1iMNNJK++labIgOKyBeBafYInrnW3fZOrxmOkZnxb7k90c75VCMytBT2cDoyg0SdQrVCUGMAC+XqucKvY510fbgBC xTDBMnDE 0nQvDTIA1ujyb70ZsQ83tR/dlKh+flSYxCp7XAKzeo8zSRid0aP8FLxUvasOd0tfzbRzSNewBmaJDCriJq8o7svQE6V4uEuT3ThGR3vaQBK1Mc/eT5Dcsk7+UI9cERPESuZf/XtxMF9vf3UuovGmBRPIC5bNxha0O5G0Gi8pN3/TDyEdwbFwj8B4n6z7S3OJpoUCGwVTul3PkQI3AYQJv4e5A9OJZzlyPOcue/svoRZLRcKSqyJmxOgc/3Gq9MuWl1reWapw46c3+PHcm6BSWg/L9Z3ZbL0+677i399K0qOrR2B19le70nJ4AnPXKcw150Z3c0OfyQjLimowUUR1rA2Qmi0BIdNGlLLETzs2T/LksOYgah5v0GVuEgfgUc3QND8unK0skFagxDr3Rk9RNHLIJaAxpGlncqSK0b87xFWPjclphX0YqTqSA2xWuwRZjkG8lWISiEE75OX6gQxqLhZxVzUEB6Z0Z1LyRGei1Di318ZwC47PAUAMprVx4EF+ZAKTy6g5m3ar5+GqUIlMqoxKbvV2hE+k46UAef8KT92h93EgyxCiaLmjicJaIirpjnXbFrC3YJFmD/fykaasuvfv2gmpQIQuTtn/FtyAAlQ+5CW63vAxT/z2cBNYf/SZQBXpdv6p7MRV/TWJtNhUmIVUa2pR9viG6gwlgzqS+r67fyCljyRfPCuvyOm4guGdyhCA+D/r+Ao7iZYgT+xR775wgjb4F6EqO4a5+ZIrfFYxuRCYzFevOUt3v8fs6QX1pYoP6I6/lskhDa7qWIgZ1cgIBiP+Kb9mA1Gs1SXImNQMT4zUhcwGvUb9qr8NnNwg4aVF13zFNZyztRTdcsubgmqF1Tbhq2kgva/snI0fwlHknqXgZVdXNI248YQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: This is a note to let you know that I've just added the patch titled mm: refactor map_deny_write_exec() to the 6.6-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: mm-refactor-map_deny_write_exec.patch and it can be found in the queue-6.6 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From stable+bounces-93537-greg=kroah.com@vger.kernel.org Fri Nov 15 13:43:12 2024 From: Lorenzo Stoakes Date: Fri, 15 Nov 2024 12:41:56 +0000 Subject: mm: refactor map_deny_write_exec() To: stable@vger.kernel.org Cc: Andrew Morton , "Liam R . Howlett" , Vlastimil Babka , Jann Horn , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Linus Torvalds , Peter Xu , Catalin Marinas , Will Deacon , Mark Brown , "David S . Miller" , Andreas Larsson , "James E . J . Bottomley" , Helge Deller Message-ID: From: Lorenzo Stoakes [ Upstream commit 0fb4a7ad270b3b209e510eb9dc5b07bf02b7edaf ] Refactor the map_deny_write_exec() to not unnecessarily require a VMA parameter but rather to accept VMA flags parameters, which allows us to use this function early in mmap_region() in a subsequent commit. While we're here, we refactor the function to be more readable and add some additional documentation. Link: https://lkml.kernel.org/r/6be8bb59cd7c68006ebb006eb9d8dc27104b1f70.1730224667.git.lorenzo.stoakes@oracle.com Fixes: deb0f6562884 ("mm/mmap: undo ->mmap() when arch_validate_flags() fails") Signed-off-by: Lorenzo Stoakes Reported-by: Jann Horn Reviewed-by: Liam R. Howlett Reviewed-by: Vlastimil Babka Reviewed-by: Jann Horn Cc: Andreas Larsson Cc: Catalin Marinas Cc: David S. Miller Cc: Helge Deller Cc: James E.J. Bottomley Cc: Linus Torvalds Cc: Mark Brown Cc: Peter Xu Cc: Will Deacon Cc: Signed-off-by: Andrew Morton Signed-off-by: Lorenzo Stoakes Signed-off-by: Greg Kroah-Hartman --- include/linux/mman.h | 21 ++++++++++++++++++--- mm/mmap.c | 2 +- mm/mprotect.c | 2 +- 3 files changed, 20 insertions(+), 5 deletions(-) --- a/include/linux/mman.h +++ b/include/linux/mman.h @@ -187,16 +187,31 @@ static inline bool arch_memory_deny_writ * * d) mmap(PROT_READ | PROT_EXEC) * mmap(PROT_READ | PROT_EXEC | PROT_BTI) + * + * This is only applicable if the user has set the Memory-Deny-Write-Execute + * (MDWE) protection mask for the current process. + * + * @old specifies the VMA flags the VMA originally possessed, and @new the ones + * we propose to set. + * + * Return: false if proposed change is OK, true if not ok and should be denied. */ -static inline bool map_deny_write_exec(struct vm_area_struct *vma, unsigned long vm_flags) +static inline bool map_deny_write_exec(unsigned long old, unsigned long new) { + /* If MDWE is disabled, we have nothing to deny. */ if (!test_bit(MMF_HAS_MDWE, ¤t->mm->flags)) return false; - if ((vm_flags & VM_EXEC) && (vm_flags & VM_WRITE)) + /* If the new VMA is not executable, we have nothing to deny. */ + if (!(new & VM_EXEC)) + return false; + + /* Under MDWE we do not accept newly writably executable VMAs... */ + if (new & VM_WRITE) return true; - if (!(vma->vm_flags & VM_EXEC) && (vm_flags & VM_EXEC)) + /* ...nor previously non-executable VMAs becoming executable. */ + if (!(old & VM_EXEC)) return true; return false; --- a/mm/mmap.c +++ b/mm/mmap.c @@ -2826,7 +2826,7 @@ cannot_expand: vma_set_anonymous(vma); } - if (map_deny_write_exec(vma, vma->vm_flags)) { + if (map_deny_write_exec(vma->vm_flags, vma->vm_flags)) { error = -EACCES; goto close_and_free_vma; } --- a/mm/mprotect.c +++ b/mm/mprotect.c @@ -791,7 +791,7 @@ static int do_mprotect_pkey(unsigned lon break; } - if (map_deny_write_exec(vma, newflags)) { + if (map_deny_write_exec(vma->vm_flags, newflags)) { error = -EACCES; break; } Patches currently in stable-queue which might be from lorenzo.stoakes@oracle.com are queue-6.6/mm-resolve-faulty-mmap_region-error-path-behaviour.patch queue-6.6/mm-refactor-arch_calc_vm_flag_bits-and-arm64-mte-handling.patch queue-6.6/mm-unconditionally-close-vmas-on-error.patch queue-6.6/mm-avoid-unsafe-vma-hook-invocation-when-error-arises-on-mmap-hook.patch queue-6.6/mm-refactor-map_deny_write_exec.patch