lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 22 Mar 2019 23:43:47 +0200 From: Mike Rapoport <rppt@...ux.ibm.com> To: Peter Xu <peterx@...hat.com> Cc: linux-mm@...ck.org, linux-kernel@...r.kernel.org, David Hildenbrand <david@...hat.com>, Hugh Dickins <hughd@...gle.com>, Maya Gokhale <gokhale2@...l.gov>, Jerome Glisse <jglisse@...hat.com>, Pavel Emelyanov <xemul@...tuozzo.com>, Johannes Weiner <hannes@...xchg.org>, Martin Cracauer <cracauer@...s.org>, Shaohua Li <shli@...com>, Andrea Arcangeli <aarcange@...hat.com>, Mike Kravetz <mike.kravetz@...cle.com>, Denis Plotnikov <dplotnikov@...tuozzo.com>, Mike Rapoport <rppt@...ux.vnet.ibm.com>, Marty McFadden <mcfadden8@...l.gov>, Mel Gorman <mgorman@...e.de>, "Kirill A . Shutemov" <kirill@...temov.name>, "Dr . David Alan Gilbert" <dgilbert@...hat.com> Subject: Re: [PATCH v3 26/28] userfaultfd: wp: declare _UFFDIO_WRITEPROTECT conditionally On Wed, Mar 20, 2019 at 10:06:40AM +0800, Peter Xu wrote: > Only declare _UFFDIO_WRITEPROTECT if the user specified > UFFDIO_REGISTER_MODE_WP and if all the checks passed. Then when the > user registers regions with shmem/hugetlbfs we won't expose the new > ioctl to them. Even with complete anonymous memory range, we'll only > expose the new WP ioctl bit if the register mode has MODE_WP. > > Signed-off-by: Peter Xu <peterx@...hat.com> Reviewed-by: Mike Rapoport <rppt@...ux.ibm.com> > --- > fs/userfaultfd.c | 16 +++++++++++++--- > 1 file changed, 13 insertions(+), 3 deletions(-) > > diff --git a/fs/userfaultfd.c b/fs/userfaultfd.c > index f1f61a0278c2..7f87e9e4fb9b 100644 > --- a/fs/userfaultfd.c > +++ b/fs/userfaultfd.c > @@ -1456,14 +1456,24 @@ static int userfaultfd_register(struct userfaultfd_ctx *ctx, > up_write(&mm->mmap_sem); > mmput(mm); > if (!ret) { > + __u64 ioctls_out; > + > + ioctls_out = basic_ioctls ? UFFD_API_RANGE_IOCTLS_BASIC : > + UFFD_API_RANGE_IOCTLS; > + > + /* > + * Declare the WP ioctl only if the WP mode is > + * specified and all checks passed with the range > + */ > + if (!(uffdio_register.mode & UFFDIO_REGISTER_MODE_WP)) > + ioctls_out &= ~((__u64)1 << _UFFDIO_WRITEPROTECT); > + > /* > * Now that we scanned all vmas we can already tell > * userland which ioctls methods are guaranteed to > * succeed on this range. > */ > - if (put_user(basic_ioctls ? UFFD_API_RANGE_IOCTLS_BASIC : > - UFFD_API_RANGE_IOCTLS, > - &user_uffdio_register->ioctls)) > + if (put_user(ioctls_out, &user_uffdio_register->ioctls)) > ret = -EFAULT; > } > out: > -- > 2.17.1 > -- Sincerely yours, Mike.
Powered by blists - more mailing lists