lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 16 Apr 2024 07:36:58 +0200
From: Oscar Salvador <osalvador@...e.de>
To: Matthew Wilcox <willy@...radead.org>
Cc: Vishal Moola <vishal.moola@...il.com>,
	syzbot <syzbot+ad1b592fc4483655438b@...kaller.appspotmail.com>,
	akpm@...ux-foundation.org, linux-kernel@...r.kernel.org,
	linux-mm@...ck.org, muchun.song@...ux.dev,
	syzkaller-bugs@...glegroups.com
Subject: Re: [syzbot] [mm?] KASAN: slab-use-after-free Read in
 __vma_reservation_common

On Tue, Apr 16, 2024 at 05:35:50AM +0100, Matthew Wilcox wrote:
> Why does hugetlbfs use VM_MAYSHARE while regular faults use VM_SHARED?

It goes back to:

commit f83a275dbc5ca1721143698e844243fcadfabf6a
Author: Mel Gorman <mel@....ul.ie>
Date:   Thu May 28 14:34:40 2009 -0700

    mm: account for MAP_SHARED mappings using VM_MAYSHARE and not VM_SHARED in hugetlbfs


"hugetlbfs currently checks if a VMA is MAP_SHARED with the VM_SHARED flag
 and not VM_MAYSHARE.  For file-backed mappings, such as hugetlbfs,
 VM_SHARED is set only if the mapping is MAP_SHARED and the file was opened
 read-write.  If a shared memory mapping was mapped shared-read-write for
 populating of data and mapped shared-read-only by other processes, then
 hugetlbfs would account for the mapping as if it was MAP_PRIVATE.  This
 causes processes to fail to map the file MAP_SHARED even though it should
 succeed as the reservation is there."

-- 
Oscar Salvador
SUSE Labs

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ