| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHk-=wh0nuSn=zYB1z9bHXJRPi33mmbpv-Z6z7ARkHQupbQ3fQ@mail.gmail.com>
Date: Tue, 22 Nov 2022 09:33:16 -0800
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Hans Verkuil <hverkuil@...all.nl>
Cc: Tomasz Figa <tfiga@...omium.org>,
David Hildenbrand <david@...hat.com>,
Marek Szyprowski <m.szyprowski@...sung.com>,
linux-kernel@...r.kernel.org, linux-mm@...ck.org,
etnaviv@...ts.freedesktop.org, dri-devel@...ts.freedesktop.org,
linux-arm-kernel@...ts.infradead.org,
linux-samsung-soc@...r.kernel.org, linux-rdma@...r.kernel.org,
linux-media@...r.kernel.org, linux-kselftest@...r.kernel.org,
Andrew Morton <akpm@...ux-foundation.org>,
Jason Gunthorpe <jgg@...pe.ca>,
John Hubbard <jhubbard@...dia.com>,
Peter Xu <peterx@...hat.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Andrea Arcangeli <aarcange@...hat.com>,
Hugh Dickins <hughd@...gle.com>, Nadav Amit <namit@...are.com>,
Vlastimil Babka <vbabka@...e.cz>,
Matthew Wilcox <willy@...radead.org>,
Mike Kravetz <mike.kravetz@...cle.com>,
Muchun Song <songmuchun@...edance.com>,
Lucas Stach <l.stach@...gutronix.de>,
David Airlie <airlied@...il.com>,
Oded Gabbay <ogabbay@...nel.org>,
Arnd Bergmann <arnd@...db.de>,
Mauro Carvalho Chehab <mchehab@...nel.org>
Subject: Re: [PATCH RFC 16/19] mm/frame-vector: remove FOLL_FORCE usage
On Tue, Nov 22, 2022 at 4:25 AM Hans Verkuil <hverkuil@...all.nl> wrote:
>
> I tracked the use of 'force' all the way back to the first git commit
> (2.6.12-rc1) in the very old video-buf.c. So it is very, very old and the
> reason is lost in the mists of time.
Well, not entirely.
For archaeology reasons, I went back to the old BK history, which
exists as a git conversion in
https://git.kernel.org/pub/scm/linux/kernel/git/tglx/history.git/
and there you can actually find it.
Not with a lot of explanations, though - it's commit b7649ef789
("[PATCH] videobuf update"):
This updates the video-buf.c module (helper module for video buffer
management). Some memory management fixes, also some adaptions to the
final v4l2 api.
but it went from
err = get_user_pages(current,current->mm,
- data, dma->nr_pages,
- rw == READ, 0, /* don't force */
+ data & PAGE_MASK, dma->nr_pages,
+ rw == READ, 1, /* force */
dma->pages, NULL);
in that commit.
So it goes back to October 2002.
> Looking at this old LWN article https://lwn.net/Articles/28548/ suggests
> that it might be related to calling get_user_pages for write buffers
The timing roughly matches.
> I assume that removing FOLL_FORCE from 'FOLL_FORCE|FOLL_WRITE' will still
> allow drivers to read from the buffer?
The issue with some of the driver hacks has been that
- they only want to read, and the buffer may be read-only
- they then used FOLL_WRITE despite that, because they want to break
COW (due to the issue that David is now fixing with his series)
- but that means that the VM layer says "nope, you can't write to
this read-only user mapping"
- ... and then they use FOLL_FORCE to say "yes, I can".
iOW, the FOLL_FORCE may be entirely due to an (incorrect, but
historically needed) FOLL_WRITE.
Linus
Powered by blists - more mailing lists