| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 22 Mar 2019 23:43:47 +0200
From: Mike Rapoport <rppt@...ux.ibm.com>
To: Peter Xu <peterx@...hat.com>
Cc: linux-mm@...ck.org, linux-kernel@...r.kernel.org,
David Hildenbrand <david@...hat.com>,
Hugh Dickins <hughd@...gle.com>,
Maya Gokhale <gokhale2@...l.gov>,
Jerome Glisse <jglisse@...hat.com>,
Pavel Emelyanov <xemul@...tuozzo.com>,
Johannes Weiner <hannes@...xchg.org>,
Martin Cracauer <cracauer@...s.org>, Shaohua Li <shli@...com>,
Andrea Arcangeli <aarcange@...hat.com>,
Mike Kravetz <mike.kravetz@...cle.com>,
Denis Plotnikov <dplotnikov@...tuozzo.com>,
Mike Rapoport <rppt@...ux.vnet.ibm.com>,
Marty McFadden <mcfadden8@...l.gov>,
Mel Gorman <mgorman@...e.de>,
"Kirill A . Shutemov" <kirill@...temov.name>,
"Dr . David Alan Gilbert" <dgilbert@...hat.com>
Subject: Re: [PATCH v3 26/28] userfaultfd: wp: declare _UFFDIO_WRITEPROTECT
conditionally
On Wed, Mar 20, 2019 at 10:06:40AM +0800, Peter Xu wrote:
> Only declare _UFFDIO_WRITEPROTECT if the user specified
> UFFDIO_REGISTER_MODE_WP and if all the checks passed. Then when the
> user registers regions with shmem/hugetlbfs we won't expose the new
> ioctl to them. Even with complete anonymous memory range, we'll only
> expose the new WP ioctl bit if the register mode has MODE_WP.
>
> Signed-off-by: Peter Xu <peterx@...hat.com>
Reviewed-by: Mike Rapoport <rppt@...ux.ibm.com>
> ---
> fs/userfaultfd.c | 16 +++++++++++++---
> 1 file changed, 13 insertions(+), 3 deletions(-)
>
> diff --git a/fs/userfaultfd.c b/fs/userfaultfd.c
> index f1f61a0278c2..7f87e9e4fb9b 100644
> --- a/fs/userfaultfd.c
> +++ b/fs/userfaultfd.c
> @@ -1456,14 +1456,24 @@ static int userfaultfd_register(struct userfaultfd_ctx *ctx,
> up_write(&mm->mmap_sem);
> mmput(mm);
> if (!ret) {
> + __u64 ioctls_out;
> +
> + ioctls_out = basic_ioctls ? UFFD_API_RANGE_IOCTLS_BASIC :
> + UFFD_API_RANGE_IOCTLS;
> +
> + /*
> + * Declare the WP ioctl only if the WP mode is
> + * specified and all checks passed with the range
> + */
> + if (!(uffdio_register.mode & UFFDIO_REGISTER_MODE_WP))
> + ioctls_out &= ~((__u64)1 << _UFFDIO_WRITEPROTECT);
> +
> /*
> * Now that we scanned all vmas we can already tell
> * userland which ioctls methods are guaranteed to
> * succeed on this range.
> */
> - if (put_user(basic_ioctls ? UFFD_API_RANGE_IOCTLS_BASIC :
> - UFFD_API_RANGE_IOCTLS,
> - &user_uffdio_register->ioctls))
> + if (put_user(ioctls_out, &user_uffdio_register->ioctls))
> ret = -EFAULT;
> }
> out:
> --
> 2.17.1
>
--
Sincerely yours,
Mike.
Powered by blists - more mailing lists