| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 16 May 2023 12:21:51 +0200
From: David Hildenbrand <david@...hat.com>
To: Sean Christopherson <seanjc@...gle.com>,
Lorenzo Stoakes <lstoakes@...il.com>
Cc: linux-mm@...ck.org, linux-kernel@...r.kernel.org,
Andrew Morton <akpm@...ux-foundation.org>,
Matthew Wilcox <willy@...radead.org>, x86@...nel.org,
linux-sgx@...r.kernel.org, amd-gfx@...ts.freedesktop.org,
dri-devel@...ts.freedesktop.org, kvm@...r.kernel.org,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
Jarkko Sakkinen <jarkko@...nel.org>,
"H . Peter Anvin" <hpa@...or.com>, Xinhui Pan <Xinhui.Pan@....com>,
David Airlie <airlied@...il.com>,
Daniel Vetter <daniel@...ll.ch>,
Dimitri Sivanich <dimitri.sivanich@....com>,
Arnd Bergmann <arnd@...db.de>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Paolo Bonzini <pbonzini@...hat.com>,
Jens Axboe <axboe@...nel.dk>,
Pavel Begunkov <asml.silence@...il.com>,
Jason Gunthorpe <jgg@...pe.ca>,
John Hubbard <jhubbard@...dia.com>,
Christian Konig <christian.koenig@....com>,
Jason Gunthorpe <jgg@...dia.com>
Subject: Re: [PATCH v5 1/6] mm/gup: remove unused vmas parameter from
get_user_pages()
On 15.05.23 21:07, Sean Christopherson wrote:
> On Sun, May 14, 2023, Lorenzo Stoakes wrote:
>> No invocation of get_user_pages() use the vmas parameter, so remove it.
>>
>> The GUP API is confusing and caveated. Recent changes have done much to
>> improve that, however there is more we can do. Exporting vmas is a prime
>> target as the caller has to be extremely careful to preclude their use
>> after the mmap_lock has expired or otherwise be left with dangling
>> pointers.
>>
>> Removing the vmas parameter focuses the GUP functions upon their primary
>> purpose - pinning (and outputting) pages as well as performing the actions
>> implied by the input flags.
>>
>> This is part of a patch series aiming to remove the vmas parameter
>> altogether.
>>
>> Suggested-by: Matthew Wilcox (Oracle) <willy@...radead.org>
>> Acked-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
>> Acked-by: David Hildenbrand <david@...hat.com>
>> Reviewed-by: Jason Gunthorpe <jgg@...dia.com>
>> Acked-by: Christian K�nig <christian.koenig@....com> (for radeon parts)
>> Acked-by: Jarkko Sakkinen <jarkko@...nel.org>
>> Signed-off-by: Lorenzo Stoakes <lstoakes@...il.com>
>> ---
>> arch/x86/kernel/cpu/sgx/ioctl.c | 2 +-
>> drivers/gpu/drm/radeon/radeon_ttm.c | 2 +-
>> drivers/misc/sgi-gru/grufault.c | 2 +-
>> include/linux/mm.h | 3 +--
>> mm/gup.c | 9 +++------
>> mm/gup_test.c | 5 ++---
>> virt/kvm/kvm_main.c | 2 +-
>> 7 files changed, 10 insertions(+), 15 deletions(-)
>
> Acked-by: Sean Christopherson <seanjc@...gle.com> (KVM)
>
>> diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
>> index cb5c13eee193..eaa5bb8dbadc 100644
>> --- a/virt/kvm/kvm_main.c
>> +++ b/virt/kvm/kvm_main.c
>> @@ -2477,7 +2477,7 @@ static inline int check_user_page_hwpoison(unsigned long addr)
>> {
>> int rc, flags = FOLL_HWPOISON | FOLL_WRITE;
>>
>> - rc = get_user_pages(addr, 1, flags, NULL, NULL);
>> + rc = get_user_pages(addr, 1, flags, NULL);
>> return rc == -EHWPOISON;
>
> Unrelated to this patch, I think there's a pre-existing bug here. If gup() returns
> a valid page, KVM will leak the refcount and unintentionally pin the page. That's
When passing NULL as "pages" to get_user_pages(),
__get_user_pages_locked() won't set FOLL_GET. As FOLL_PIN is also not
set, we won't be messing with the mapcount of the page.
So even if get_user_pages() returns "1", we should be fine.
Or am I misunderstanding your concern? At least hva_to_pfn_slow() most
certainly didn't return "1" if we end up calling
check_user_page_hwpoison(), so nothing would have been pinned there as well.
--
Thanks,
David / dhildenb
Powered by blists - more mailing lists