lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 15 Aug 2017 14:27:01 +0200 From: Jan Kara <jack@...e.cz> To: Dan Williams <dan.j.williams@...el.com> Cc: darrick.wong@...cle.com, Jan Kara <jack@...e.cz>, Arnd Bergmann <arnd@...db.de>, linux-nvdimm@...ts.01.org, linux-api@...r.kernel.org, linux-kernel@...r.kernel.org, linux-xfs@...r.kernel.org, linux-mm@...ck.org, luto@...nel.org, linux-fsdevel@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org>, Christoph Hellwig <hch@....de> Subject: Re: [PATCH v4 2/3] mm: introduce MAP_VALIDATE a mechanism for adding new mmap flags On Mon 14-08-17 23:12:16, Dan Williams wrote: > The mmap syscall suffers from the ABI anti-pattern of not validating > unknown flags. However, proposals like MAP_SYNC and MAP_DIRECT need a > mechanism to define new behavior that is known to fail on older kernels > without the feature. Use the fact that specifying MAP_SHARED and > MAP_PRIVATE at the same time is invalid as a cute hack to allow a new > set of validated flags to be introduced. > > This also introduces the ->fmmap() file operation that is ->mmap() plus > flags. Each ->fmmap() implementation must fail requests when a locally > unsupported flag is specified. ... > diff --git a/include/linux/fs.h b/include/linux/fs.h > index 1104e5df39ef..bbe755d0caee 100644 > --- a/include/linux/fs.h > +++ b/include/linux/fs.h > @@ -1674,6 +1674,7 @@ struct file_operations { > long (*unlocked_ioctl) (struct file *, unsigned int, unsigned long); > long (*compat_ioctl) (struct file *, unsigned int, unsigned long); > int (*mmap) (struct file *, struct vm_area_struct *); > + int (*fmmap) (struct file *, struct vm_area_struct *, unsigned long); > int (*open) (struct inode *, struct file *); > int (*flush) (struct file *, fl_owner_t id); > int (*release) (struct inode *, struct file *); > @@ -1748,6 +1749,12 @@ static inline int call_mmap(struct file *file, struct vm_area_struct *vma) > return file->f_op->mmap(file, vma); > } > > +static inline int call_fmmap(struct file *file, struct vm_area_struct *vma, > + unsigned long flags) > +{ > + return file->f_op->fmmap(file, vma, flags); > +} > + Hum, I dislike a new file op for this when the only problem with ->mmap is that it misses 'flags' argument. I understand there are lots of ->mmap implementations out there and modifying prototype of them all is painful but is it so bad? Coccinelle patch for this should be rather easy... Also for MAP_SYNC I want the flag to be copied in VMA anyway so for that I don't need additional flags argument anyway. And I wonder how you want to make things work without VMA flag in case of MAP_DIRECT as well - VMAs can be split, partially unmapped etc. and so without VMA flag you are going to have hard time to detect whether there's any mapping left which blocks block mapping changes. Honza -- Jan Kara <jack@...e.com> SUSE Labs, CR
Powered by blists - more mailing lists