lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 17 Oct 2017 12:38:14 -0700 From: Dan Williams <dan.j.williams@...el.com> To: Jan Kara <jack@...e.cz> Cc: "hch@...radead.org" <hch@...radead.org>, "linux-xfs@...r.kernel.org" <linux-xfs@...r.kernel.org>, "darrick.wong@...cle.com" <darrick.wong@...cle.com>, "akpm@...ux-foundation.org" <akpm@...ux-foundation.org>, "luto@...nel.org" <luto@...nel.org>, "linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>, "ross.zwisler@...ux.intel.com" <ross.zwisler@...ux.intel.com>, "linux-ext4@...r.kernel.org" <linux-ext4@...r.kernel.org>, "tytso@....edu" <tytso@....edu>, "arnd@...db.de" <arnd@...db.de> Subject: Re: [PATCH 01/19] mm: introduce MAP_SHARED_VALIDATE, a mechanism to safely define new mmap flags On Tue, Oct 17, 2017 at 4:50 AM, Jan Kara <jack@...e.cz> wrote: > On Mon 16-10-17 00:45:04, Christoph Hellwig wrote: >> > How about the following incremental update? It allows ->mmap_validate() >> > to be used as a full replacement for ->mmap() and it limits the error >> > code freedom to a centralized mmap_status_errno() routine: >> >> Nah - my earlier comment was simply misinformed because I didn't >> read the whole patch and the _validate name mislead me. >> >> So I think the current calling conventions are ok, I'd just like a >> better name (mmap_flags maybe?) and avoid the need the file system >> also has to implement ->mmap. > > OK, I can do that. But I had just realized that if MAP_DIRECT isn't going > to end up using mmap(2) interface but something else (and I'm not sure > where discussions on this matter ended), we don't need flags argument for > ->mmap at all. MAP_SYNC uses a VMA flag anyway and thus it is fine with the > current ->mmap interface. We still need some opt-in mechanism for > MAP_SHARED_VALIDATE though (probably supported mmap flags as Dan had in one > version of his patch). Thoughts on which way to go for now? The "supported mmap flags" approach also solves the problem you raised about MAP_SYNC being silently accepted by an ->mmap() handler that does not know about the new flag. I.e. leading userpace to potentially assume an invalid data consistency model. I'll revive that approach now that the MAP_DIRECT problem is going to be solved via a different interface.
Powered by blists - more mailing lists