lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20120713132916.GA12507@redhat.com>
Date:	Fri, 13 Jul 2012 15:29:16 +0200
From:	Oleg Nesterov <oleg@...hat.com>
To:	Srikar Dronamraju <srikar@...ux.vnet.ibm.com>
Cc:	Ingo Molnar <mingo@...e.hu>,
	Ananth N Mavinakayanahalli <ananth@...ibm.com>,
	Anton Arapov <anton@...hat.com>,
	Peter Zijlstra <peterz@...radead.org>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 5/5] uprobes: kill insert_vm_struct()->uprobe_mmap()

On 07/13, Srikar Dronamraju wrote:
>
> * Oleg Nesterov <oleg@...hat.com> [2012-07-08 22:30:11]:
>
> > Kill insert_vm_struct()->uprobe_mmap(). It is not needed, nobody
> > except arch/ia64/kernel/perfmon.c uses insert_vm_struct(vma) with
> > vma->vm_file != NULL.
> >
>
> Right, but somebody else might start using this later.

Unlikely, I think...

> I cant think of a use case though.

Yes.

> > And it is wrong. Again, get_user_pages() can not succeed before
> > vma_link(vma) makes is visible to find_vma(). And even if this
> > worked, we must not insert the new bp before this mapping is
> > visible to vma_prio_tree_foreach() for uprobe_unregister().
> >
>
> Agree, we are wrong to do it before vma_link.
>
>
> > Signed-off-by: Oleg Nesterov <oleg@...hat.com>
> > ---
> >  mm/mmap.c |    3 ---
> >  1 files changed, 0 insertions(+), 3 deletions(-)
> >
> > diff --git a/mm/mmap.c b/mm/mmap.c
> > index e5a4614..4fe2697 100644
> > --- a/mm/mmap.c
> > +++ b/mm/mmap.c
> > @@ -2345,9 +2345,6 @@ int insert_vm_struct(struct mm_struct * mm, struct vm_area_struct * vma)
> >  	     security_vm_enough_memory_mm(mm, vma_pages(vma)))
> >  		return -ENOMEM;
> >
> > -	if (vma->vm_file && uprobe_mmap(vma))
> > -		return -EINVAL;
> > -
> >  	vma_link(mm, vma, prev, rb_link, rb_parent);
> >  	return 0;
> >  }
>
> Can we do something like:
>
> 	vma_link(mm, vma, prev, rb_link, rb_parent);
>
> 	if (vma->vm_file && uprobe_mmap(vma)) {
> 		/* FIXME: dont know if calling unmap_region is fine here */
> 		unmap_region(mm, vma, prev, vma->vm_start, vma->vm_end);
> 		return -EINVAL;
> 	}

Yes, I was thinking about the possible fix, but afaics this is not
enough. At least this needs vm_unacct_memory(). And I am not sure
about unmap_region...

The main problem is that I have no idea how could I test the fix.
Once again, currently this file can't be probed.

So. Can't we kill this obviously wrong and unneeded (at least currently)
code? Currently uprobe_mmap/munmap logic is not correct (I'll try to send
more fixes after I return from vacation), it would be nice to remove the
callsite.

If somebody else will use insert_vm_struct() to mmap the can-be-uprobed
file then yes, we will need to add uprobe_mmap() somewhere. But until
then, the right fix is not clear and not testable.

Oleg.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ