lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Mon, 4 Dec 2017 08:49:08 +0800
From:   Yisheng Xie <xieyisheng1@...wei.com>
To:     Vlastimil Babka <vbabka@...e.cz>, <akpm@...ux-foundation.org>
CC:     <linux-mm@...ck.org>, <linux-kernel@...r.kernel.org>,
        <linux-api@...r.kernel.org>, Andi Kleen <ak@...ux.intel.com>,
        Chris Salls <salls@...ucsb.edu>,
        Christopher Lameter <cl@...ux.com>,
        David Rientjes <rientjes@...gle.com>,
        Ingo Molnar <mingo@...nel.org>,
        Naoya Horiguchi <n-horiguchi@...jp.nec.com>,
        Tan Xiaojun <tanxiaojun@...wei.com>
Subject: Re: [PATCH v4 3/3] mm/mempolicy: add nodes_empty check in
 SYSC_migrate_pages

Hi Vlastimil,

On 2017/12/1 23:18, Vlastimil Babka wrote:
> On 12/01/2017 10:55 AM, Yisheng Xie wrote:
>> As in manpage of migrate_pages, the errno should be set to EINVAL when
>> none of the node IDs specified by new_nodes are on-line and allowed by the
>> process's current cpuset context, or none of the specified nodes contain
>> memory.  However, when test by following case:
>>
>> 	new_nodes = 0;
>> 	old_nodes = 0xf;
>> 	ret = migrate_pages(pid, old_nodes, new_nodes, MAX);
>>
>> The ret will be 0 and no errno is set.  As the new_nodes is empty, we
>> should expect EINVAL as documented.
>>
>> To fix the case like above, this patch check whether target nodes AND
>> current task_nodes is empty, and then check whether AND
>> node_states[N_MEMORY] is empty.
>>
>> Meanwhile,this patch also remove the check of EPERM on CAP_SYS_NICE. 
>> The caller of migrate_pages should be able to migrate the target process
>> pages anywhere the caller can allocate memory, if the caller can access
>> the mm_struct.
>>
>> Signed-off-by: Yisheng Xie <xieyisheng1@...wei.com>
>> Cc: Andi Kleen <ak@...ux.intel.com>
>> Cc: Chris Salls <salls@...ucsb.edu>
>> Cc: Christopher Lameter <cl@...ux.com>
>> Cc: David Rientjes <rientjes@...gle.com>
>> Cc: Ingo Molnar <mingo@...nel.org>
>> Cc: Naoya Horiguchi <n-horiguchi@...jp.nec.com>
>> Cc: Tan Xiaojun <tanxiaojun@...wei.com>
>> Cc: Vlastimil Babka <vbabka@...e.cz>
>> ---
>> v3:
>>  * check whether node is empty after AND current task node, and then nodes
>>    which have memory
>> v4:
>>  * remove the check of EPERM on CAP_SYS_NICE.
>>
>> Hi Vlastimil and Christopher,
>>
>> Could you please help to review this version?
> 
> Hi, I think we should stay with v3 after all. What I missed when
> reviewing it, is that the EPERM check is for cpuset_mems_allowed(task)
> and in v3 you add EINVAL check for cpuset_mems_allowed(current), which
> may not be the same, and the intention of CAP_SYS_NICE is not whether we
> can bypass our own cpuset, but whether we can bypass the target task's
> cpuset. Sorry for the confusion.

Ok, so please ignore this version.

Thanks
Yisheng Xie
> 
> 
> .
> 

Powered by blists - more mailing lists