lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YJBro5N+1SHkx8D3@t490s>
Date:   Mon, 3 May 2021 17:31:15 -0400
From:   Peter Xu <peterx@...hat.com>
To:     Mike Kravetz <mjk.linux@...il.com>
Cc:     linux-mm@...ck.org, linux-kernel@...r.kernel.org,
        Hugh Dickins <hughd@...gle.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Andrea Arcangeli <aarcange@...hat.com>,
        Mike Kravetz <mike.kravetz@...cle.com>,
        Axel Rasmussen <axelrasmussen@...gle.com>
Subject: Re: [PATCH 1/2] mm/hugetlb: Fix F_SEAL_FUTURE_WRITE

Mike,

On Mon, May 03, 2021 at 11:55:41AM -0700, Mike Kravetz wrote:
> On 5/1/21 7:41 AM, Peter Xu wrote:
> > F_SEAL_FUTURE_WRITE is missing for hugetlb starting from the first day.
> > There is a test program for that and it fails constantly.
> > 
> > $ ./memfd_test hugetlbfs
> > memfd-hugetlb: CREATE
> > memfd-hugetlb: BASIC
> > memfd-hugetlb: SEAL-WRITE
> > memfd-hugetlb: SEAL-FUTURE-WRITE
> > mmap() didn't fail as expected
> > Aborted (core dumped)
> > 
> > I think it's probably because no one is really running the hugetlbfs test.
> > 
> > Fix it by checking FUTURE_WRITE also in hugetlbfs_file_mmap() as what we do in
> > shmem_mmap().  Generalize a helper for that.
> > 
> > Reported-by: Hugh Dickins <hughd@...gle.com>
> > Signed-off-by: Peter Xu <peterx@...hat.com>
> > ---
> >  fs/hugetlbfs/inode.c |  5 +++++
> >  include/linux/mm.h   | 32 ++++++++++++++++++++++++++++++++
> >  mm/shmem.c           | 22 ++++------------------
> >  3 files changed, 41 insertions(+), 18 deletions(-)
> 
> Thanks Peter and Hugh!
> 
> One question below,
> 
> > 
> > diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c
> > index a2a42335e8fd2..39922c0f2fc8c 100644
> > --- a/fs/hugetlbfs/inode.c
> > +++ b/fs/hugetlbfs/inode.c
> > @@ -131,10 +131,15 @@ static void huge_pagevec_release(struct pagevec *pvec)
> >  static int hugetlbfs_file_mmap(struct file *file, struct vm_area_struct *vma)
> >  {
> >  	struct inode *inode = file_inode(file);
> > +	struct hugetlbfs_inode_info *info = HUGETLBFS_I(inode);
> >  	loff_t len, vma_len;
> >  	int ret;
> >  	struct hstate *h = hstate_file(file);
> >  
> > +	ret = seal_check_future_write(info->seals, vma);
> > +	if (ret)
> > +		return ret;
> > +
> >  	/*
> >  	 * vma address alignment (but not the pgoff alignment) has
> >  	 * already been checked by prepare_hugepage_range.  If you add
> 
> The full comment below the code you added is:
> 
> 	/*
> 	 * vma address alignment (but not the pgoff alignment) has
> 	 * already been checked by prepare_hugepage_range.  If you add
> 	 * any error returns here, do so after setting VM_HUGETLB, so
> 	 * is_vm_hugetlb_page tests below unmap_region go the right
> 	 * way when do_mmap unwinds (may be important on powerpc
> 	 * and ia64).
> 	 */
> 
> This comment was added in commit 68589bc35303 by Hugh, although it
> appears David Gibson added the reason for the comment in the commit
> message:
> 
> "If hugetlbfs_file_mmap() returns a failure to do_mmap_pgoff() - for example,
> because the given file offset is not hugepage aligned - then do_mmap_pgoff
> will go to the unmap_and_free_vma backout path.
> 
> But at this stage the vma hasn't been marked as hugepage, and the backout path
> will call unmap_region() on it.  That will eventually call down to the
> non-hugepage version of unmap_page_range().  On ppc64, at least, that will
> cause serious problems if there are any existing hugepage pagetable entries in
> the vicinity - for example if there are any other hugepage mappings under the
> same PUD.  unmap_page_range() will trigger a bad_pud() on the hugepage pud
> entries.  I suspect this will also cause bad problems on ia64, though I don't
> have a machine to test it on."
> 
> There are still comments in the unmap code about special handling of
> ppc64 PUDs.  So, this may still be an issue.
> 
> I am trying to dig into the code to determine if this is still and
> issue.  Just curious if you looked into this?  Might be simpler and
> safer to just put the seal check after setting the VM_HUGETLB flag?

Good catch!  I overlooked on that, and I definitely didn't look into it yet.
For now I'd better move that check to be after the flag settings in all cases.

I'll also add:

Fixes: ab3948f58ff84 ("mm/memfd: add an F_SEAL_FUTURE_WRITE seal to memfd")

Thanks,

-- 
Peter Xu

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ