| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20201117191540.GB10393@kernel.org>
Date: Tue, 17 Nov 2020 21:15:40 +0200
From: Jarkko Sakkinen <jarkko@...nel.org>
To: Mel Gorman <mgorman@...hsingularity.net>
Cc: Dave Hansen <dave.hansen@...el.com>,
Matthew Wilcox <willy@...radead.org>, x86@...nel.org,
linux-sgx@...r.kernel.org, linux-kernel@...r.kernel.org,
Sean Christopherson <sean.j.christopherson@...el.com>,
linux-mm@...ck.org, Andrew Morton <akpm@...ux-foundation.org>,
Jethro Beekman <jethro@...tanix.com>,
andriy.shevchenko@...ux.intel.com, asapek@...gle.com, bp@...en8.de,
cedric.xing@...el.com, chenalexchen@...gle.com,
conradparker@...gle.com, cyhanish@...gle.com,
haitao.huang@...el.com, kai.huang@...el.com, kai.svahn@...el.com,
kmoy@...gle.com, ludloff@...gle.com, luto@...nel.org,
nhorman@...hat.com, npmccallum@...hat.com, puiterwijk@...hat.com,
rientjes@...gle.com, tglx@...utronix.de, yaozhangx@...gle.com,
mikko.ylinen@...el.com
Subject: Re: [PATCH v41 10/24] mm: Add 'mprotect' hook to struct
vm_operations_struct
On Mon, Nov 16, 2020 at 10:09:57AM +0000, Mel Gorman wrote:
> On Sun, Nov 15, 2020 at 10:36:51AM -0800, Dave Hansen wrote:
> > On 11/15/20 9:32 AM, Matthew Wilcox wrote:
> > > On Fri, Nov 13, 2020 at 12:01:21AM +0200, Jarkko Sakkinen wrote:
> > >> +++ b/include/linux/mm.h
> > >> @@ -559,6 +559,13 @@ struct vm_operations_struct {
> > >> void (*close)(struct vm_area_struct * area);
> > >> int (*split)(struct vm_area_struct * area, unsigned long addr);
> > >> int (*mremap)(struct vm_area_struct * area);
> > >> + /*
> > >> + * Called by mprotect() to make driver-specific permission
> > >> + * checks before mprotect() is finalised. The VMA must not
> > >> + * be modified. Returns 0 if eprotect() can proceed.
> > >> + */
Wonder if this should also document the negative case for the return
value, i.e. -EACCES is returned otherwise.
> > >
> > > This is the wrong place for this documentation, and it's absurdly
> > > specific to your implementation. It should be in
> > > Documentation/filesystems/locking.rst.
> >
> > I'll let you and Mel duke that one out:
> >
>
> I suggested placing the comment there to make it clear what the expected
> semantics of the hook was to reduce the chances of abuse or surprises. The
> hook does not affect locking so Documentation/filesystems/locking.rst
> didn't appear appropriate other than maybe adding a note there
> that it doesn't affect locks. The hook also is not expecting any
> filesystems-specific action that I aware of but a note could be added to
> the effect that filesystems should not need to take special action for it.
> Protections on the filesystem level are for the inode, I can't imagine what
> a filesystem would do with a protection change on the page table level
> but maybe I'm not particularly imaginative today.
I try to decipher this in generic context.
In a permission check of a filesystem, truncated pages should be
encapsulated in to the permission decision. It's a just a query.
So maybe I'll add something like:
"This callback does only a permission query, and thus does never
return locked pages."
> --
> Mel Gorman
> SUSE Labs
/Jarkko
Powered by blists - more mailing lists