| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 10 Feb 2021 14:06:12 -0500
From: Peter Xu <peterx@...hat.com>
To: Axel Rasmussen <axelrasmussen@...gle.com>
Cc: Alexander Viro <viro@...iv.linux.org.uk>,
Alexey Dobriyan <adobriyan@...il.com>,
Andrea Arcangeli <aarcange@...hat.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Anshuman Khandual <anshuman.khandual@....com>,
Catalin Marinas <catalin.marinas@....com>,
Chinwen Chang <chinwen.chang@...iatek.com>,
Huang Ying <ying.huang@...el.com>,
Ingo Molnar <mingo@...hat.com>, Jann Horn <jannh@...gle.com>,
Jerome Glisse <jglisse@...hat.com>,
Lokesh Gidra <lokeshgidra@...gle.com>,
"Matthew Wilcox (Oracle)" <willy@...radead.org>,
Michael Ellerman <mpe@...erman.id.au>,
Michal Koutný <mkoutny@...e.com>,
Michel Lespinasse <walken@...gle.com>,
Mike Kravetz <mike.kravetz@...cle.com>,
Mike Rapoport <rppt@...ux.vnet.ibm.com>,
Nicholas Piggin <npiggin@...il.com>, Shaohua Li <shli@...com>,
Shawn Anastasio <shawn@...stas.io>,
Steven Rostedt <rostedt@...dmis.org>,
Steven Price <steven.price@....com>,
Vlastimil Babka <vbabka@...e.cz>,
LKML <linux-kernel@...r.kernel.org>,
linux-fsdevel@...r.kernel.org, Linux MM <linux-mm@...ck.org>,
Adam Ruprecht <ruprecht@...gle.com>,
Cannon Matthews <cannonmatthews@...gle.com>,
"Dr . David Alan Gilbert" <dgilbert@...hat.com>,
David Rientjes <rientjes@...gle.com>,
Mina Almasry <almasrymina@...gle.com>,
Oliver Upton <oupton@...gle.com>
Subject: Re: [PATCH v4 08/10] userfaultfd: add UFFDIO_CONTINUE ioctl
On Wed, Feb 10, 2021 at 10:00:21AM -0800, Axel Rasmussen wrote:
> > > static __always_inline ssize_t mfill_atomic_pte(struct mm_struct *dst_mm,
> > > @@ -417,10 +416,14 @@ static __always_inline ssize_t mfill_atomic_pte(struct mm_struct *dst_mm,
> > > unsigned long dst_addr,
> > > unsigned long src_addr,
> > > struct page **page,
> > > - bool zeropage,
> > > + enum mcopy_atomic_mode mode,
> > > bool wp_copy)
> > > {
> > > ssize_t err;
> > > + bool zeropage = (mode == MCOPY_ATOMIC_ZEROPAGE);
> > > +
> > > + if (mode == MCOPY_ATOMIC_CONTINUE)
> > > + return -EINVAL;
> >
> > So you still passed in the mode into mfill_atomic_pte() just to make sure
> > CONTINUE is not called there. It's okay, but again I think it's not extremely
> > necessary: we should make sure to fail early at the entry of uffdio_continue()
> > by checking against the vma type to be hugetlb, rather than reaching here.
>
> Hmm, it's not quite as simple as that. We don't have the dst_vma yet
> in uffdio_continue(), __mcopy_atomic looks it up.
>
> I'd prefer not to look it up in uffdio_continue(), because I think
> that means changing the API so all the ioctls look up the vma, and
> then plumb it into __mcopy_atomic. (We don't want to look it up twice,
> since each lookup has to traverse the rbtree.) This is complicated too
> by the fact that the ioctl handlers would need to perform various
> validation / checks - e.g., acquiring mmap_lock, dealing with
> *mmap_changing, validating the range, ....
Sure.
>
> We can move the enforcement up one more layer, into __mcopy_atomic,
> easily enough, though.
Right, that sounds good to me. It should be right after the "if
(!vma_is_anonymous(dst_vma) && !vma_is_shmem(dst_vma))" check.
Thanks,
--
Peter Xu
Powered by blists - more mailing lists