Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp79552imm;
        Thu, 7 Jun 2018 14:10:44 -0700 (PDT)
X-Google-Smtp-Source: ADUXVKJYnqtdTBRN9Q4U7ReZXwulYQdGpLlNLfD3E3vemyq0roj2F7xtYsUZ1ntn1Joj5pqDNPP3
X-Received: by 2002:a65:4d47:: with SMTP id j7-v6mr2826730pgt.19.1528405844730;
        Thu, 07 Jun 2018 14:10:44 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1528405844; cv=none;
        d=google.com; s=arc-20160816;
        b=MjdpLmqgfwUJA+CAeT0LaSFUsdIYvId4t1S/VJW6J1mwTBb2+4hM1U+Y1dPnypiBvd
         Njgep7D3Tj1jWfX6XXw/YaUPkIfFhSX0ACw+2+v9cgD2g7PI2IH3XBJk1RCJHSapxzkI
         DxvCJpz/7dxd9bw7X2sm4e221A/dB+hiaW8vh8+mt+AaRj8bMey4R2+TWZgJxqMq9VvA
         Nw63q48rbqzq4AXD+8s1GE2nFZ90HH3VPq1Ma0gkC8CNmVvVvCqpq4g3ylXqSaqssLhP
         gpknIKrCuTtZkSmkfIFuLqizVCgFFfx/ZvhT+mvJelzMtYL4ppf5PiUX8WfxTw9uw5jE
         WcOw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:to:references:message-id
         :content-transfer-encoding:cc:date:in-reply-to:from:subject
         :mime-version:dkim-signature:arc-authentication-results;
        bh=gfrV7QMiBEcp+oCgt/tkqzayckx4v0NC6uDo26uyLDM=;
        b=Lzg0Hc9ADTSkVb2mzQcJimmHl30ZLl3aTig3z/j4orLE2jOjpLjldPV4fM9K02e4ib
         3qHlkbT0p8US3JMzPJu2O0zWcC93eJHqfScZak9S+pLzQS4dlPyiOAYNOYWCGQK8vx85
         vKReKQDCy0OfyU434fSPbH9bIzIYO+M0l/2N74glpegX0rHCEP3RRDJW2ksmXiUe/1IL
         08jw4rFpR2E01nCBO3WUy4ADcxVMASHym34BrIgb9lSXtu4RbuS72K4cEaD/dht5xqP6
         w44NB5nwcT/z1TaD8Jl98Mo1gCYzbIHqlfyZ3Oxed/oLxQs2FNVBDA3Oapz1Zu+NWV9t
         oAoQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=LKIRZsb/;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id y3-v6si12602472pgp.102.2018.06.07.14.10.30;
        Thu, 07 Jun 2018 14:10:44 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=LKIRZsb/;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752367AbeFGVJS (ORCPT <rfc822;austinkernel.kim@gmail.com>
        + 99 others); Thu, 7 Jun 2018 17:09:18 -0400
Received: from mail-pf0-f194.google.com ([209.85.192.194]:33942 "EHLO
        mail-pf0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1752172AbeFGVJK (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 7 Jun 2018 17:09:10 -0400
Received: by mail-pf0-f194.google.com with SMTP id a63-v6so5518129pfl.1;
        Thu, 07 Jun 2018 14:09:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:subject:from:in-reply-to:date:cc
         :content-transfer-encoding:message-id:references:to;
        bh=gfrV7QMiBEcp+oCgt/tkqzayckx4v0NC6uDo26uyLDM=;
        b=LKIRZsb/ciNZRb2d+XOhFwJhktI3KabxvXAz9jn+oB7sSAPuCElKtKMQYL+33VZMir
         OPq5esX1DWlDOIon4376fCfx6c8hytbhKRD1/2WipAAkD6Lq/MUTpRDpSbA+hM9zc1dw
         z9IYeU/CrmOw8g/A1Vuqh8upkBhoo1Bzn9n8p3PggfNxCxbCKS88yRDznINtQcELLHvX
         5y4gpIXhjMU4NPF0Q6+6QvOteL4LfUAoGWgnlgV29amInFkPLIj/TxwMhsug4OGaCq60
         j2u3Nhvyjrf7DII2991NOtgcbTiJ07H/SZN5RUaGfjvjohMseqjP2K5CYzDwawOmoWQx
         kn6Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc
         :content-transfer-encoding:message-id:references:to;
        bh=gfrV7QMiBEcp+oCgt/tkqzayckx4v0NC6uDo26uyLDM=;
        b=tKeaISsVHh31dLIovQtKy9vdl8t0dtB38O5Rv25OCjq04gOOHdaKseDOM9BgPewBT8
         Nt/CZC5EGhVn+VEsGBR7X9Ot+oYYaoiBXYUzalqGdKZjSDsxaSnWxLcEszPdOE6cRqhc
         rVouzlE6j6ACPHoiRx5qucBNHMNeXKicSLa9/5YuTl8o/UVzaQ+m+fOtkQ3waWBC7oxv
         liBfaTHygoawvjIVf+dhZdI+7EK+doB8IauGZjgPhpOTN8f7Z/LiRAHvOsTH9dCw7OFC
         ZNOuQ2tG5DbJUf8nRREfQrqkESIShtSfPhqcxHUE7vA5F0E/YLyzVEoBOyy70BdvAtgE
         qRdg==
X-Gm-Message-State: APt69E3KBBt/Lpa/pHqwv6zSvEEDBkKMSvkR+Oo4uTGEG9DszM46Dll7
        etcYaOz8/yvG1wO/hViVqBI=
X-Received: by 2002:a65:61a7:: with SMTP id i7-v6mr2900781pgv.219.1528405749295;
        Thu, 07 Jun 2018 14:09:09 -0700 (PDT)
Received: from [10.2.101.129] ([208.91.2.2])
        by smtp.gmail.com with ESMTPSA id h17-v6sm84929786pfn.80.2018.06.07.14.09.07
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 07 Jun 2018 14:09:08 -0700 (PDT)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Subject: Re: [PATCH 09/10] mm: Prevent madvise from changing shadow stack
From:   Nadav Amit <nadav.amit@gmail.com>
In-Reply-To: <20180607143807.3611-10-yu-cheng.yu@intel.com>
Date:   Thu, 7 Jun 2018 14:09:05 -0700
Cc:     Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        linux-doc@vger.kernel.org,
        "open list:MEMORY MANAGEMENT" <linux-mm@kvack.org>,
        linux-arch@vger.kernel.org,
        the arch/x86 maintainers <x86@kernel.org>,
        "H. Peter Anvin" <hpa@zytor.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>,
        "H.J. Lu" <hjl.tools@gmail.com>,
        Vedvyas Shanbhogue <vedvyas.shanbhogue@intel.com>,
        "Ravi V. Shankar" <ravi.v.shankar@intel.com>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        Andy Lutomirski <luto@amacapital.net>,
        Jonathan Corbet <corbet@lwn.net>,
        Oleg Nesterov <oleg@redhat.com>, Arnd Bergmann <arnd@arndb.de>,
        Mike Kravetz <mike.kravetz@oracle.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <D1A84B62-E971-4ECD-A873-2072F2692382@gmail.com>
References: <20180607143807.3611-1-yu-cheng.yu@intel.com>
 <20180607143807.3611-10-yu-cheng.yu@intel.com>
To:     Yu-cheng Yu <yu-cheng.yu@intel.com>
X-Mailer: Apple Mail (2.3273)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Yu-cheng Yu <yu-cheng.yu@intel.com> wrote:

> Signed-off-by: Yu-cheng Yu <yu-cheng.yu@intel.com>
> ---
> mm/madvise.c | 9 +++++++++
> 1 file changed, 9 insertions(+)
>=20
> diff --git a/mm/madvise.c b/mm/madvise.c
> index 4d3c922ea1a1..2a6988badd6b 100644
> --- a/mm/madvise.c
> +++ b/mm/madvise.c
> @@ -839,6 +839,14 @@ SYSCALL_DEFINE3(madvise, unsigned long, start, =
size_t, len_in, int, behavior)
> 	if (vma && start > vma->vm_start)
> 		prev =3D vma;
>=20
> +	/*
> +	 * Don't do anything on shadow stack.
> +	 */
> +	if (vma->vm_flags & VM_SHSTK) {
> +		error =3D -EINVAL;
> +		goto out_no_plug;
> +	}
> +
> 	blk_start_plug(&plug);
> 	for (;;) {
> 		/* Still start < end. */

What happens if the madvise() revolves multiple VMAs, the first one is =
not
VM_SHSTK, but the another one is? Shouldn=E2=80=99t the test be done =
inside the
loop, potentially in madvise_vma() ?