lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 2 Dec 2017 07:05:55 -0800
From:   Matthew Wilcox <willy@...radead.org>
To:     john.hubbard@...il.com
Cc:     Michael Kerrisk <mtk.manpages@...il.com>,
        linux-man <linux-man@...r.kernel.org>, linux-api@...r.kernel.org,
        Michael Ellerman <mpe@...erman.id.au>, linux-mm@...ck.org,
        LKML <linux-kernel@...r.kernel.org>, linux-arch@...r.kernel.org,
        Michal Hocko <mhocko@...e.com>,
        John Hubbard <jhubbard@...dia.com>
Subject: Re: [PATCH] mmap.2: MAP_FIXED is no longer discouraged

On Fri, Dec 01, 2017 at 06:16:26PM -0800, john.hubbard@...il.com wrote:
> MAP_FIXED has been widely used for a very long time, yet the man
> page still claims that "the use of this option is discouraged".

I think we should continue to discourage the use of this option, but
I'm going to include some of your text in my replacement paragraph ...

-Because requiring a fixed address for a mapping is less portable,
-the use of this option is discouraged.
+The use of this option is discouraged because it forcibly unmaps any
+existing mapping at that address.  Programs which use this option need
+to be aware that their memory map may change significantly from one run to
+the next, depending on library versions, kernel versions and random numbers.
+In a threaded process, checking the existing mappings can race against
+a new dynamic library being loaded, for example in response to another
+thread making a library call which causes a PAM module to be loaded.

(I don't love this text, in particular "PAM module".  I'm going off to
use the ATM machine now.  Please edit.)

Powered by blists - more mailing lists