www.infradead.org Git - users/dwmw2/linux.git/commit

author	Pedro Falcato <pedro.falcato@gmail.com>
	Sat, 17 Aug 2024 00:18:32 +0000 (01:18 +0100)
committer	Andrew Morton <akpm@linux-foundation.org>
	Wed, 4 Sep 2024 04:15:41 +0000 (21:15 -0700)
commit	23c57d1fa2b9530e38f7964b4e457fed5a7a0ae8
tree	18ea09d6de61f1054f67568a06878502faa98ba2	tree
parent	38075679b5f157eeacd46c900e9cfc684bdbc167	commit \| diff

mseal: replace can_modify_mm_madv with a vma variant

Replace can_modify_mm_madv() with a single vma variant, and associated
checks in madvise.

While we're at it, also invert the order of checks in:
if (unlikely(is_ro_anon(vma) && !can_modify_vma(vma))

Checking if we can modify the vma itself (through vm_flags) is certainly
cheaper than is_ro_anon() due to arch_vma_access_permitted() looking at
e.g pkeys registers (with extra branches) in some architectures.

This patch allows for partial madvise success when finding a sealed VMA,
which historically has been allowed in Linux.

Link: https://lkml.kernel.org/r/20240817-mseal-depessimize-v3-5-d8d2e037df30@gmail.com
Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com>
Reviewed-by: Liam R. Howlett <Liam.Howlett@Oracle.com>
Reviewed-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
Cc: Jeff Xu <jeffxu@chromium.org>
Cc: Kees Cook <kees@kernel.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: Shuah Khan <shuah@kernel.org>
Cc: Vlastimil Babka <vbabka@suse.cz>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

mm/internal.h		diff \| blob \| history
mm/madvise.c		diff \| blob \| history
mm/mseal.c		diff \| blob \| history
mm/vma.h		diff \| blob \| history