lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 22 Mar 2019 23:43:47 +0200
From:   Mike Rapoport <rppt@...ux.ibm.com>
To:     Peter Xu <peterx@...hat.com>
Cc:     linux-mm@...ck.org, linux-kernel@...r.kernel.org,
        David Hildenbrand <david@...hat.com>,
        Hugh Dickins <hughd@...gle.com>,
        Maya Gokhale <gokhale2@...l.gov>,
        Jerome Glisse <jglisse@...hat.com>,
        Pavel Emelyanov <xemul@...tuozzo.com>,
        Johannes Weiner <hannes@...xchg.org>,
        Martin Cracauer <cracauer@...s.org>, Shaohua Li <shli@...com>,
        Andrea Arcangeli <aarcange@...hat.com>,
        Mike Kravetz <mike.kravetz@...cle.com>,
        Denis Plotnikov <dplotnikov@...tuozzo.com>,
        Mike Rapoport <rppt@...ux.vnet.ibm.com>,
        Marty McFadden <mcfadden8@...l.gov>,
        Mel Gorman <mgorman@...e.de>,
        "Kirill A . Shutemov" <kirill@...temov.name>,
        "Dr . David Alan Gilbert" <dgilbert@...hat.com>
Subject: Re: [PATCH v3 26/28] userfaultfd: wp: declare _UFFDIO_WRITEPROTECT
 conditionally

On Wed, Mar 20, 2019 at 10:06:40AM +0800, Peter Xu wrote:
> Only declare _UFFDIO_WRITEPROTECT if the user specified
> UFFDIO_REGISTER_MODE_WP and if all the checks passed.  Then when the
> user registers regions with shmem/hugetlbfs we won't expose the new
> ioctl to them.  Even with complete anonymous memory range, we'll only
> expose the new WP ioctl bit if the register mode has MODE_WP.
> 
> Signed-off-by: Peter Xu <peterx@...hat.com>

Reviewed-by: Mike Rapoport <rppt@...ux.ibm.com>

> ---
>  fs/userfaultfd.c | 16 +++++++++++++---
>  1 file changed, 13 insertions(+), 3 deletions(-)
> 
> diff --git a/fs/userfaultfd.c b/fs/userfaultfd.c
> index f1f61a0278c2..7f87e9e4fb9b 100644
> --- a/fs/userfaultfd.c
> +++ b/fs/userfaultfd.c
> @@ -1456,14 +1456,24 @@ static int userfaultfd_register(struct userfaultfd_ctx *ctx,
>  	up_write(&mm->mmap_sem);
>  	mmput(mm);
>  	if (!ret) {
> +		__u64 ioctls_out;
> +
> +		ioctls_out = basic_ioctls ? UFFD_API_RANGE_IOCTLS_BASIC :
> +		    UFFD_API_RANGE_IOCTLS;
> +
> +		/*
> +		 * Declare the WP ioctl only if the WP mode is
> +		 * specified and all checks passed with the range
> +		 */
> +		if (!(uffdio_register.mode & UFFDIO_REGISTER_MODE_WP))
> +			ioctls_out &= ~((__u64)1 << _UFFDIO_WRITEPROTECT);
> +
>  		/*
>  		 * Now that we scanned all vmas we can already tell
>  		 * userland which ioctls methods are guaranteed to
>  		 * succeed on this range.
>  		 */
> -		if (put_user(basic_ioctls ? UFFD_API_RANGE_IOCTLS_BASIC :
> -			     UFFD_API_RANGE_IOCTLS,
> -			     &user_uffdio_register->ioctls))
> +		if (put_user(ioctls_out, &user_uffdio_register->ioctls))
>  			ret = -EFAULT;
>  	}
>  out:
> -- 
> 2.17.1
> 

-- 
Sincerely yours,
Mike.

Powered by blists - more mailing lists