Re: [PATCH] userfaultfd: prevent registration of special VMAs

Next message: Jinjie Ruan: "[PATCH v2 1/4] cpu/hotplug: Introduce CONFIG_PARALLEL_SMT_PRIMARY_FIRST"
Previous message: Ruidong Tian: "[PATCH v15 1/9] uaccess: add generic fallback version of copy_mc_to_user()"
In reply to: Mike Rapoport: "Re: [PATCH] userfaultfd: prevent registration of special VMAs"
Next in thread: Mike Rapoport: "Re: [PATCH] userfaultfd: prevent registration of special VMAs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: David Hildenbrand (Arm)

Date: Thu Jun 18 2026 - 05:25:43 EST

On 6/18/26 11:21, Mike Rapoport wrote:
> On Thu, Jun 18, 2026 at 10:47:19AM +0200, David Hildenbrand (Arm) wrote:
>> On 6/18/26 10:43, Mike Rapoport wrote:
>>>
>>> Ah, hugetlb sets VM_DONTEXPAND, so it must me excluded to allow uffd with
>>> hugetlb.
>>
>> It would probably be cleaner to just allow hugetlb, and then check for
>> VM_SPECIAL if not hugetlb.
>
> Cleaner in what sense?
> Will be uglier for sure, just take a look at vma_can_userfault().

I was thinking of this:

diff --git a/mm/userfaultfd.c b/mm/userfaultfd.c
index 180bad42fc79..8a6803618a91 100644
--- a/mm/userfaultfd.c
+++ b/mm/userfaultfd.c
@@ -2029,7 +2029,10 @@ bool vma_can_userfault(struct vm_area_struct *vma,
vm_flags_t vm_flags,
{
const struct vm_uffd_ops *ops = vma_uffd_ops(vma);

- if (vma->vm_flags & VM_DROPPABLE)
+ if (vma->vm_flags & (VM_DROPPABLE | VM_SHADOW_STACK))
+ return false;
+
+ if (!is_vm_hugetlb_page(vma) && (vma->vm_flags & VM_SPECIAL))
return false;

vm_flags &= __VM_UFFD_FLAGS;

--
Cheers,

David