[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <361ec8ba-8335-157a-53e8-38a656626519@arista.com>
Date: Wed, 31 Mar 2021 19:53:46 +0100
From: Dmitry Safonov <dima@...sta.com>
To: Michael Ellerman <mpe@...erman.id.au>,
Christophe Leroy <christophe.leroy@...roup.eu>,
linux-kernel@...r.kernel.org
Cc: Dmitry Safonov <0x7f454c46@...il.com>,
Andrei Vagin <avagin@...il.com>,
Andy Lutomirski <luto@...nel.org>,
Benjamin Herrenschmidt <benh@...nel.crashing.org>,
Laurent Dufour <ldufour@...ux.ibm.com>,
Paul Mackerras <paulus@...ba.org>,
linuxppc-dev@...ts.ozlabs.org, stable@...r.kernel.org
Subject: Re: [PATCH] powerpc/vdso: Separate vvar vma from vdso
On 3/31/21 10:59 AM, Michael Ellerman wrote:
> Christophe Leroy <christophe.leroy@...roup.eu> writes:
[..]
>>
>>> @@ -133,7 +135,13 @@ static int __arch_setup_additional_pages(struct linux_binprm *bprm, int uses_int
>>> * install_special_mapping or the perf counter mmap tracking code
>>> * will fail to recognise it as a vDSO.
>>> */
>>> - mm->context.vdso = (void __user *)vdso_base + PAGE_SIZE;
>>> + mm->context.vdso = (void __user *)vdso_base + vvar_size;
>>> +
>>> + vma = _install_special_mapping(mm, vdso_base, vvar_size,
>>> + VM_READ | VM_MAYREAD | VM_IO |
>>> + VM_DONTDUMP | VM_PFNMAP, &vvar_spec);
>>> + if (IS_ERR(vma))
>>> + return PTR_ERR(vma);
>>>
>>> /*
>>> * our vma flags don't have VM_WRITE so by default, the process isn't
>>
>>
>> IIUC, VM_PFNMAP is for when we have a vvar_fault handler.
>> Allthough we will soon have one for handle TIME_NS, at the moment
>> powerpc doesn't have that handler.
>> Isn't it dangerous to set VM_PFNMAP then ?
I believe, it's fine, special_mapping_fault() does:
: if (sm->fault)
: return sm->fault(sm, vmf->vma, vmf);
> Some of the other flags seem odd too.
> eg. VM_IO ? VM_DONTDUMP ?
Yeah, so:
VM_PFNMAP | VM_IO is a protection from remote access on pages. So one
can't access such page with ptrace(), /proc/$pid/mem or
process_vm_write(). Otherwise, it would create COW mapping and the
tracee will stop working with stale vvar.
VM_DONTDUMP restricts the area from coredumping and gdb will also avoid
accessing those[1][2].
I agree that VM_PFNMAP was probably excessive in this patch alone and
rather synchronized code with other architectures, but it makes more
sense now in the new patches set by Christophe:
https://lore.kernel.org/linux-arch/cover.1617209141.git.christophe.leroy@csgroup.eu/
[1] https://lore.kernel.org/lkml/550731AF.6080904@redhat.com/T/
[2] https://sourceware.org/legacy-ml/gdb-patches/2015-03/msg00383.html
Thanks,
Dmitry
Powered by blists - more mailing lists