Hi
On Wed, Jul 10, 2024 at 12:23 PM Liam R. Howlett
<Liam.Howlett@xxxxxxxxxx> wrote:
>
> From: "Liam R. Howlett" <Liam.Howlett@xxxxxxxxxx>
>
> Without an arch_unmap() call anymore,
Is there another patch that removes arch_unmap() ?
Can you please post the link for the patch ?
Thanks
-Jeff
> the check for mseal'ed vmas can be
> moved lower as well. This has the benefit of only actually checking if
> things are msealed when there is anything to check. That is, we know
> there is at least one vma that is in the way and needs to be checked.
>
> Only call the can_modify_mm() in do_vmi_align_munmap() and the MAP_FIXED
> case of mmap_region().
>
> Signed-off-by: Liam R. Howlett <Liam.Howlett@xxxxxxxxxx>
> Cc: Jeff Xu <jeffxu@xxxxxxxxxxxx>
> ---
> mm/mmap.c | 24 ++++++++----------------
> 1 file changed, 8 insertions(+), 16 deletions(-)
>
> diff --git a/mm/mmap.c b/mm/mmap.c
> index df565f51971d..c343366b3ad2 100644
> --- a/mm/mmap.c
> +++ b/mm/mmap.c
> @@ -2849,6 +2849,10 @@ do_vmi_align_munmap(struct vma_iterator *vmi, struct vm_area_struct *vma,
> struct vma_munmap_struct vms;
> int error;
>
> + /* Prevent unmapping a sealed VMA. */
> + if (unlikely(!can_modify_mm(mm, start, end)))
> + return -EPERM;
> +
> init_vma_munmap(&vms, vmi, vma, start, end, uf, unlock);
> error = vms_gather_munmap_vmas(&vms, &mas_detach);
> if (error)
> @@ -2899,13 +2903,6 @@ int do_vmi_munmap(struct vma_iterator *vmi, struct mm_struct *mm,
> if (end == start)
> return -EINVAL;
>
> - /*
> - * Prevent unmapping a sealed VMA.
> - * can_modify_mm assumes we have acquired the lock on MM.
> - */
> - if (unlikely(!can_modify_mm(mm, start, end)))
> - return -EPERM;
> -
> /* Find the first overlapping VMA */
> vma = vma_find(vmi, end);
> if (!vma) {
> @@ -2963,13 +2960,15 @@ unsigned long mmap_region(struct file *file, unsigned long addr,
> if (!may_expand_vm(mm, vm_flags, pglen - nr_pages))
> return -ENOMEM;
>
> - if (unlikely(!can_modify_mm(mm, addr, end)))
> - return -EPERM;
>
> /* Find the first overlapping VMA */
> vma = vma_find(&vmi, end);
> init_vma_munmap(&vms, &vmi, vma, addr, end, uf, /* unlock = */ false);
> if (vma) {
> + /* Prevent unmapping a sealed VMA. */
> + if (unlikely(!can_modify_mm(mm, addr, end)))
> + return -EPERM;
> +
> mt_init_flags(&mt_detach, vmi.mas.tree->ma_flags & MT_FLAGS_LOCK_MASK);
> mt_on_stack(mt_detach);
> mas_init(&mas_detach, &mt_detach, /* addr = */ 0);
> @@ -3341,13 +3340,6 @@ int do_vma_munmap(struct vma_iterator *vmi, struct vm_area_struct *vma,
> {
> struct mm_struct *mm = vma->vm_mm;
>
> - /*
> - * Prevent unmapping a sealed VMA.
> - * can_modify_mm assumes we have acquired the lock on MM.
> - */
> - if (unlikely(!can_modify_mm(mm, start, end)))
> - return -EPERM;
> -
> return do_vmi_align_munmap(vmi, vma, mm, start, end, uf, unlock);
> }
>
> --
> 2.43.0
>
