[RFC PATCH v4 25/27] mm/mmap: Prevent Shadow Stack VMA merges
From: Yu-cheng Yu
Date: Fri Sep 21 2018 - 11:11:56 EST
Function returns could unwind stacks beyond its allocated area.
We do not merge shadow stack areas.
This and VMA guards prevent shadow stack underflow.
Signed-off-by: Yu-cheng Yu <yu-cheng.yu@xxxxxxxxx>
---
mm/mmap.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/mm/mmap.c b/mm/mmap.c
index de2d0faa1c61..fa581ced3f56 100644
--- a/mm/mmap.c
+++ b/mm/mmap.c
@@ -1123,6 +1123,12 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm,
if (vm_flags & VM_SPECIAL)
return NULL;
+ /*
+ * Do not merge shadow stack areas.
+ */
+ if (vm_flags & VM_SHSTK)
+ return NULL;
+
if (prev)
next = prev->vm_next;
else
--
2.17.1