[PATCH v8 09/27] mm/mmap: Prevent Shadow Stack VMA merges

Tue, 13 Aug 2019 14:06:20 -0700 

To prevent function call/return spills into the next shadow stack
area, do not merge shadow stack areas.

Signed-off-by: Yu-cheng Yu <yu-cheng...@intel.com>
---
 mm/mmap.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/mm/mmap.c b/mm/mmap.c
index 7e8c3e8ae75f..b1a921c0de63 100644
--- a/mm/mmap.c
+++ b/mm/mmap.c
@@ -1149,6 +1149,12 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm,
        if (vm_flags & VM_SPECIAL)
                return NULL;
 
+       /*
+        * Do not merge shadow stack areas.
+        */
+       if (vm_flags & VM_SHSTK)
+               return NULL;
+
        if (prev)
                next = prev->vm_next;
        else
-- 
2.17.1

Reply via email to