This patch series addresses the VM_READ_CAPS/VM_WRITE_CAPS flags issue: https://git.morello-project.org/morello/kernel/linux/-/issues/36
io_uring system uses buffers shared with userspace to read the io events and report their results. The structs that populate the submission and completion queues can contain capabilities. Shared mappings don't have the Load/Store capabilities permission to avoid leaking capabilities outside their original address space, so add two new VM flags that would allow the kernel to set up such mappings.
While at it, also fix pte_modify to allow setting PTE_*_CAPS flags, add new the new rc/wc smaps flags, and remove the automatic addition of PTE_*_CAPS to user mappings.
To note: this wouldn't allow userspace to make arbitrary shared mappings with tag access, the new VM flags would be for internal use only for the time being.
v3: - Improved documentation, comments, and commit message - Fixed condition in Patch 3, now tested properly with Morello GDB
v2: - Removed Patch 1 from the series as it wasn't essential - Added docs to Documentation/filesystems/proc.rst - Removed VM_RW_CAPS - Moved definition of VM_*_CAPS just after the definition of VM_MTE - Added details for a TODO related to file-backed mappings - Introduced Patch 3 that removes an assumption about shared mappings
Review branch: https://git.morello-project.org/tudcre01/linux/-/commits/vm_rw_caps_v3/
Thanks, Tudor
Tudor Cretu (3): arm64: morello: Add VM_READ_CAPS and VM_WRITE_CAPS flags arm64: morello: Explicitly add VM_*_CAPS to private user mappings arm64: morello: Check against VM_WRITE_CAPS in access_remote_cap
Documentation/filesystems/proc.rst | 2 ++ arch/arm64/Kconfig | 1 + arch/arm64/include/asm/mman.h | 26 ++++++++++++++++++++++++-- arch/arm64/include/asm/page.h | 3 ++- arch/arm64/include/asm/pgtable-prot.h | 12 +++++------- arch/arm64/kernel/morello.c | 7 +++---- fs/proc/task_mmu.c | 4 ++++ include/linux/mm.h | 8 ++++++++ 8 files changed, 49 insertions(+), 14 deletions(-)