| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 6 May 2019 12:28:21 +0300
From: Kirill Tkhai <ktkhai@...tuozzo.com>
To: Michal Koutný <mkoutny@...e.com>,
gorcunov@...il.com
Cc: akpm@...ux-foundation.org, arunks@...eaurora.org, brgl@...ev.pl,
geert+renesas@...der.be, ldufour@...ux.ibm.com,
linux-kernel@...r.kernel.org, linux-mm@...ck.org,
mguzik@...hat.com, mhocko@...nel.org, rppt@...ux.ibm.com,
vbabka@...e.cz
Subject: Re: [PATCH v3 2/2] prctl_set_mm: downgrade mmap_sem to read lock
On 02.05.2019 15:52, Michal Koutný wrote:
> The commit a3b609ef9f8b ("proc read mm's {arg,env}_{start,end} with mmap
> semaphore taken.") added synchronization of reading argument/environment
> boundaries under mmap_sem. Later commit 88aa7cc688d4 ("mm: introduce
> arg_lock to protect arg_start|end and env_start|end in mm_struct")
> avoided the coarse use of mmap_sem in similar situations. But there
> still remained two places that (mis)use mmap_sem.
>
> get_cmdline should also use arg_lock instead of mmap_sem when it reads the
> boundaries.
>
> The second place that should use arg_lock is in prctl_set_mm. By
> protecting the boundaries fields with the arg_lock, we can downgrade
> mmap_sem to reader lock (analogous to what we already do in
> prctl_set_mm_map).
>
> v2: call find_vma without arg_lock held
> v3: squashed get_cmdline arg_lock patch
>
> Fixes: 88aa7cc688d4 ("mm: introduce arg_lock to protect arg_start|end and env_start|end in mm_struct")
> Cc: Yang Shi <yang.shi@...ux.alibaba.com>
> Cc: Mateusz Guzik <mguzik@...hat.com>
> CC: Cyrill Gorcunov <gorcunov@...il.com>
> Co-developed-by: Laurent Dufour <ldufour@...ux.ibm.com>
> Signed-off-by: Laurent Dufour <ldufour@...ux.ibm.com>
> Signed-off-by: Michal Koutný <mkoutny@...e.com>
Reviewed-by: Kirill Tkhai <ktkhai@...tuozzo.com>
> ---
> kernel/sys.c | 10 ++++++++--
> mm/util.c | 4 ++--
> 2 files changed, 10 insertions(+), 4 deletions(-)
>
> diff --git a/kernel/sys.c b/kernel/sys.c
> index 5e0a5edf47f8..14be57840511 100644
> --- a/kernel/sys.c
> +++ b/kernel/sys.c
> @@ -2122,9 +2122,14 @@ static int prctl_set_mm(int opt, unsigned long addr,
>
> error = -EINVAL;
>
> - down_write(&mm->mmap_sem);
> + /*
> + * arg_lock protects concurent updates of arg boundaries, we need mmap_sem for
> + * a) concurrent sys_brk, b) finding VMA for addr validation.
> + */
> + down_read(&mm->mmap_sem);
> vma = find_vma(mm, addr);
>
> + spin_lock(&mm->arg_lock);
> prctl_map.start_code = mm->start_code;
> prctl_map.end_code = mm->end_code;
> prctl_map.start_data = mm->start_data;
> @@ -2212,7 +2217,8 @@ static int prctl_set_mm(int opt, unsigned long addr,
>
> error = 0;
> out:
> - up_write(&mm->mmap_sem);
> + spin_unlock(&mm->arg_lock);
> + up_read(&mm->mmap_sem);
> return error;
> }
>
> diff --git a/mm/util.c b/mm/util.c
> index 43a2984bccaa..5cf0e84a0823 100644
> --- a/mm/util.c
> +++ b/mm/util.c
> @@ -758,12 +758,12 @@ int get_cmdline(struct task_struct *task, char *buffer, int buflen)
> if (!mm->arg_end)
> goto out_mm; /* Shh! No looking before we're done */
>
> - down_read(&mm->mmap_sem);
> + spin_lock(&mm->arg_lock);
> arg_start = mm->arg_start;
> arg_end = mm->arg_end;
> env_start = mm->env_start;
> env_end = mm->env_end;
> - up_read(&mm->mmap_sem);
> + spin_unlock(&mm->arg_lock);
>
> len = arg_end - arg_start;
>
>
Powered by blists - more mailing lists