arm64/gcs: Fix error handling in arch_set_shadow_stack_status()

alloc_gcs() returns an error-encoded pointer on failure, which comes
from do_mmap(), not NULL.

The current NULL check fails to detect errors, which could lead to using
an invalid GCS address.

Use IS_ERR_VALUE() to properly detect errors, consistent with the
check in gcs_alloc_thread_stack().

Fixes: b57180c75c7e ("arm64/gcs: Implement shadow stack prctl() interface")
Reviewed-by: Mark Brown <broonie@kernel.org>
Signed-off-by: Breno Leitao <leitao@debian.org>
Signed-off-by: Will Deacon <will@kernel.org>

diff --git a/arch/arm64/mm/gcs.c b/arch/arm64/mm/gcs.c
index 6e93f78de79b17652867025435d705c70295ae70..04a23a497f2051da7676d52176ed72959f634d6f 100644 (file)
--- a/arch/arm64/mm/gcs.c
+++ b/arch/arm64/mm/gcs.c
@@ -199,8 +199,8 @@ int arch_set_shadow_stack_status(struct task_struct *task, unsigned long arg)
 
                size = gcs_size(0);
                gcs = alloc_gcs(0, size);
-               if (!gcs)
-                       return -ENOMEM;
+               if (IS_ERR_VALUE(gcs))
+                       return gcs;
 
                task->thread.gcspr_el0 = gcs + size - sizeof(u64);
                task->thread.gcs_base = gcs;