Remove the hardcoded assumption that all shared mappings are untagged. Mapping's store capability permission is given explicitly using VM_WRITE_CAPS, so check against that.
Signed-off-by: Tudor Cretu tudor.cretu@arm.com --- arch/arm64/kernel/morello.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/arch/arm64/kernel/morello.c b/arch/arm64/kernel/morello.c index ccbf26e77919..2a57104c2bd7 100644 --- a/arch/arm64/kernel/morello.c +++ b/arch/arm64/kernel/morello.c @@ -187,14 +187,13 @@ static int access_remote_cap(struct task_struct *tsk, struct mm_struct *mm,
if (write) { /* - * Disallow writing a valid (tagged) capability to an untagged - * mapping (currently all shared mappings are untagged, this may - * change in the future). + * Disallow writing a valid (tagged) capability to a mapping + * without store capability permission. * * Reading/writing an untagged capability is always allowed * (just like regular load and store instructions). */ - if (user_cap->tag && (vma->vm_flags & VM_SHARED)) { + if (user_cap->tag && !(vma->vm_flags & VM_WRITE_CAPS)) { ret = -EOPNOTSUPP; goto out_put; }