From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id A1236C3ABC0 for ; Wed, 7 May 2025 13:10:26 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 09CFA6B008C; Wed, 7 May 2025 09:10:26 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 024886B0092; Wed, 7 May 2025 09:10:25 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E30736B0093; Wed, 7 May 2025 09:10:25 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id C04C36B008C for ; Wed, 7 May 2025 09:10:25 -0400 (EDT) Received: from smtpin21.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 9258D14016F for ; Wed, 7 May 2025 13:10:25 +0000 (UTC) X-FDA: 83416145610.21.44F4912 Received: from mail-wm1-f54.google.com (mail-wm1-f54.google.com [209.85.128.54]) by imf26.hostedemail.com (Postfix) with ESMTP id AB57E14001B for ; Wed, 7 May 2025 13:10:23 +0000 (UTC) Authentication-Results: imf26.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=QTQgkzjB; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf26.hostedemail.com: domain of revest@chromium.org designates 209.85.128.54 as permitted sender) smtp.mailfrom=revest@chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1746623423; a=rsa-sha256; cv=none; b=CQ9zU2GNPlov8CYPpUlvGP0jDGMyPCo3TFJGhgM3xWS0QS9GxbwvmCF+MEbdeHM5mLn1k6 FxkUDzYvPkoDvpjR2orlajKH14tDn5QtgEUjIPmNouIAFdT2bIibZnb35VICBcpuNjsX6c UThuIiGbGDGBx6E7N2XS1hK0DO1ktAw= ARC-Authentication-Results: i=1; imf26.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=QTQgkzjB; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf26.hostedemail.com: domain of revest@chromium.org designates 209.85.128.54 as permitted sender) smtp.mailfrom=revest@chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1746623423; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:references:dkim-signature; bh=ZuljOjVKEheANDj4X5NFu7CpRnHqZIPs2oP4fw0GcM8=; b=1jVYqaFeX07xrYiR13YCZPXrcgOwbGnU1ZpnSrDhlulVpDV8L5AS6gE5Abb7zZmo2+W9K7 8FOjoOnTc3KyX61a1NHRh04duzZgrGJgGD2/8iADvHqIsWgZe26f05gnqDc58avTPLzMhk iftsI3dceo+egvTXCfixDUGHZuTys8A= Received: by mail-wm1-f54.google.com with SMTP id 5b1f17b1804b1-442cd12d28cso57625e9.3 for ; Wed, 07 May 2025 06:10:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1746623422; x=1747228222; darn=kvack.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=ZuljOjVKEheANDj4X5NFu7CpRnHqZIPs2oP4fw0GcM8=; b=QTQgkzjB4YeNssnBKcJ7hY469lQtwrCv2CNp1LEH9NtJuzNUy5+bhhbKA2qpsBhOV+ ofY2sxHaXwu5nJRRLHYSVTFjGmYa15B7WSrXb6gjFHqKUxASWlri0WkCFdrkjO5p641n XDQ4GZRLwZjJ1OxpkbKz8PUOiSFFyHH6Ox+sU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1746623422; x=1747228222; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=ZuljOjVKEheANDj4X5NFu7CpRnHqZIPs2oP4fw0GcM8=; b=fFLTa5ql7yWcbJar37gqS6GFhbfiF4ljBlVb0/WMmD//NJHk8KIY2vvpYVqY6L0Gj7 r0ywyCM45MJGBV1dGPJ6bhEMLy/yJ8cJsQFnD7xF6K1pMMuMjZ1Wteph1kPz6sr3h85F Cp2pc9qN/Qyp728tCSWMctwWeRiUio6bSbmaL+5SAjerCPXqkRNIMX+2oKELlfKrqDX3 0b7wWOG0yGM0uP+cMtaxTNwqRek2wBQL1DJ5cNnNyWoOnIA9vqErkfml4W/flkcgVxzB JgTBqLiJedtn2mZLD49OiIy7v05P7dqCtR5ZWO5qrpLzkW5Xoss8GWVevBKscObg22fb Za2g== X-Forwarded-Encrypted: i=1; AJvYcCWL0T0/z8OkdQKJ7KOVAUf9RubyOHUsOHMP9F0QfTxW9Ljjigk/fdU4kZO8vDvGRCdHSlU2Vms4gQ==@kvack.org X-Gm-Message-State: AOJu0YzUn/98Vxkwox9SopTlQRfvL3SDtiEDjKad0p9MFjdj5fakhjmO sZkA+aPCbuHZ+1MVZJAjqa3YJdM5Le9QT/DE9cciyEBdNqlire/ry+v7FtXYMA== X-Gm-Gg: ASbGncuzMBpgCCZrMnPer/2YAvj7/bYet3NVShigWz54bpS8fSgYKTZxKq/HiIe01Cr vTZNrJG94ki9dw7hXQSjTZinDatJTihkjx6N+dksoYOQxbJSYdrb8Tnk5p+ly/irYsk/u3h7Zom jw0rWGFCmat6BjX4qALj5ET9rqT0VL1H0ye3frwhAB1MSHDOboHP2FFmZrYF8enW7lk90vixigY +V26kSQU8dE1BsekS6qnPsxrcTRCoL259xdz5IuGtQCpb1HvJuCtmazSCNcbmcUI2pHTn0sTohI 8AxdCS+N2f8yt755c6Gw0hoK5Z6+v4YP3smzQrbhkTxT8rhSBBcgv74b X-Google-Smtp-Source: AGHT+IGQdVONhAnziM5XOmvjkygUSVMeNIhGXDruc+oA+VZgUio51qlq4lW6/p72ELieysS4m556ZQ== X-Received: by 2002:a05:600c:3d9b:b0:43d:fa5d:2675 with SMTP id 5b1f17b1804b1-441d44ebb3dmr9248255e9.9.1746623422143; Wed, 07 May 2025 06:10:22 -0700 (PDT) Received: from revest.zrh.corp.google.com ([2a00:79e0:9d:6:558d:e1fb:c2ec:7513]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-442cd32adcasm647435e9.6.2025.05.07.06.10.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 07 May 2025 06:10:21 -0700 (PDT) From: Florent Revest To: linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org Cc: catalin.marinas@arm.com, will@kernel.org, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, akpm@linux-foundation.org, broonie@kernel.org, thiago.bauermann@linaro.org, jackmanb@google.com, Florent Revest Subject: [PATCH v2 0/4] mm: Avoid sharing high VMA flag bits Date: Wed, 7 May 2025 15:09:56 +0200 Message-ID: <20250507131000.1204175-1-revest@chromium.org> X-Mailer: git-send-email 2.49.0.987.g0cc8ee98dc-goog MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Rspamd-Server: rspam11 X-Rspamd-Queue-Id: AB57E14001B X-Stat-Signature: jg5gqibo9xt6zx6e3pdkqiiibqqfjhrt X-Rspam-User: X-HE-Tag: 1746623423-217878 X-HE-Meta: U2FsdGVkX1/zTbbK2FIa8jsOMFa0npkOamNZ5yFidhId0zcs27aXsVu/KwXXm3J/km0ZXNbhDBb/iD6kFAs31k13yOdpE1AS6qJrGPDVh5hEyk1QBXnn+0kM/V+LKRNxXdrjzYn2N2ECP/YJSc9yLgipM0liyY6JcrpJqJSAWcCmYvoefdjjaWrSA2N/lWdUbfCdjgokkuFgD39e8dB81SKRllNaYFdR6Ex7gpOfpGHPmLz1KQlEJmDBkge5oUtXlLxhS5wx6cVz7YreRWatWdi+wu7rnLwU4cnvg6r1vMRM6ZLrSnaBZqxcE6+xHFGKR32+U0ns3yJy1p5tDR2XQoqjS6GGupqXjDizscEisvIIYRkSTkMk77jvIOfgERJ/h7Iphoj4NTRUxgy/u/l5wmQ7puULcYOshSMqgXc8O9ssKueQ1JJj9tQhfQPsOu69LohNEsNXvK20qwQtNXvElucxA+MreOypZfnQIQ0J5VEF58xbFCRB9nTT383VQ1+52fo0j9iigHH8U726/MIVgMf0cMPxQLJFGw37/vU4Znw89otN9KRBzc13+aqN2QhPcKKqrbNa1ozOp4TW6pILO3gWxiAjHDynv1c4ouLNylxlcLBmMLx+izCEsgCzLsMeZPANQ7xJD0vnw50o508/xVKi72aXnkhff+l0bo3fcj4Pilw4EfmY9/5jJHdDd3AOxmxgyyTijaflGjHPR29ktGD9cj13NvCqLqKYkhexpwtw863E9nVpQtP8GwSQZw+Pe5mFbM+aJAN71UY4Ku+d1cAjvTA4gPeQozy6PMYTfNgnAYN+54AYSX+jH6Lmj4u4/enTxgdVpxadK8BENKQuQivVyda528U+B+KDrfk1LMegztqMH4m3Ypth8L1eps1rsW5y5AufsGA3UXODrATvR7ff/ZQVbhDA5Qq7DFc/nvWZt49P8FehLDKMk8VCcx+qO9EQKTiWbHG3GvPymXf o7qbY3Zn 36xVdMTymzdOrVuHiZiLEV6/WhXcuqaoHp4YFX4MDUOES46aU8JXWp7FP4SYSZNTqkJrrY8hNNi1NmZr+m1VYSrEBRAIh0H5bWgYNDdZrF4qzbd2tkB5ISNQChvqoiSsXB5UmucVKK1T/byrZPYFkF/QZLU8K6g2R+R4Vfjh97J65n0zZ9r2AV0M1HUMp0W4csReYaWxk+Ru66O5q74f0+Q4DsDHGjKRrjA1eXQIsoEvYknE08V76uC2VkKV9WoBNiOApv/+YzYamPCLEipttOVYmPKjczvsMcKxWHY+6FNouZ0Zh4bf68HWEgXyqYyjWRWd7 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: While staring at include/linux/mm.h, I was wondering why VM_UFFD_MINOR and VM_SHADOW_STACK share the same bit on arm64. I think I gained enough confidence now to call it a bug. The first patch of this series is a straightforward attempt at fixing this specific bug by changing the bit used by VM_UFFD_MINOR. I cc-ed stable on that one and I expect it to not be all too controversial. The rest of the series however is a more zealous refactoring and likely to be more contentious... :) Since this bug looks like a near miss which could have been quite severe in terms of security, I think it's worth trying to simplify the high VMA flag bits code. I tried to consolidate around the current usage of VM_HIGH_ARCH_* macros but I'm not sure if this is the preferred approach here. I really don't feel strongly about those refactorings so this is more of a platform for discussion for people with more mm background, I'll be more than happy to respin a v2! This series applies on v6.15-rc5. v1 -> v2: - Fixed a couple of typos in patch 4 - Added Mark Brown's Reviewed-by tag Florent Revest (4): mm: fix VM_UFFD_MINOR == VM_SHADOW_STACK on USERFAULTFD=y && ARM64_GCS=y mm: remove CONFIG_ARCH_USES_HIGH_VMA_FLAGS mm: use VM_HIGH_ARCH_* macros consistently mm: consolidate VM_HIGH_ARCH_* macros into parametric macros arch/arm64/Kconfig | 3 --- arch/powerpc/Kconfig | 1 - arch/x86/Kconfig | 2 -- include/linux/mm.h | 51 ++++++++++++++++---------------------------- mm/Kconfig | 2 -- 5 files changed, 18 insertions(+), 41 deletions(-) -- 2.49.0.987.g0cc8ee98dc-goog