| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2ab9d7e3-3edc-4366-9c3e-100da41c4ffc@linux.ibm.com>
Date: Tue, 9 Jul 2024 19:08:35 +0530
From: Donet Tom <donettom@...ux.ibm.com>
To: "Kirill A . Shutemov" <kirill.shutemov@...ux.intel.com>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
Muchun Song <muchun.song@...ux.dev>, linux-mm@...ck.org,
linux-kernel@...r.kernel.org, Ritesh Harjani <ritesh.list@...il.com>,
Mike Rapoport <rppt@...nel.org>, David Hildenbrand <david@...hat.com>,
Matthew Wilcox <willy@...radead.org>,
Tony Battersby
<tonyb@...ernetics.com>,
"Aneesh Kumar K . V" <aneesh.kumar@...nel.org>,
Nicholas Piggin <npiggin@...il.com>,
Alexei Starovoitov <ast@...nel.org>, Andy Lutomirski <luto@...nel.org>
Subject: Re: [PATCH v2] fs/hugetlbfs/inode.c: Ensure
generic_hugetlb_get_unmapped_area() returns higher address than mmap_min_addr
On 7/9/24 16:04, Kirill A . Shutemov wrote:
> On Tue, Jul 09, 2024 at 04:21:22AM -0500, Donet Tom wrote:
>> generic_hugetlb_get_unmapped_area() was returning an address less
>> than mmap_min_addr if the mmap argument addr, after alignment, was
>> less than mmap_min_addr, causing mmap to fail.
>>
>> This is because current generic_hugetlb_get_unmapped_area() code does
>> not take into account mmap_min_addr.
>>
>> This patch ensures that generic_hugetlb_get_unmapped_area() always returns
>> an address that is greater than mmap_min_addr. Additionally, similar to
>> generic_get_unmapped_area(), vm_end_gap() checks are included to ensure
>> that the address is within the limit.
> checks are included to maintain stack gap.
Thank you. I will update and send V3.
-Donet
>> How to reproduce
>> ================
>>
>> #include <stdio.h>
>> #include <stdlib.h>
>> #include <sys/mman.h>
>> #include <unistd.h>
>>
>> #define HUGEPAGE_SIZE (16 * 1024 * 1024)
>>
>> int main() {
>>
>> void *addr = mmap((void *)-1, HUGEPAGE_SIZE,
>> PROT_READ | PROT_WRITE,
>> MAP_SHARED | MAP_ANONYMOUS | MAP_HUGETLB, -1, 0);
>> if (addr == MAP_FAILED) {
>> perror("mmap");
>> exit(EXIT_FAILURE);
>> }
>>
>> snprintf((char *)addr, HUGEPAGE_SIZE, "Hello, Huge Pages!");
>>
>> printf("%s\n", (char *)addr);
>>
>> if (munmap(addr, HUGEPAGE_SIZE) == -1) {
>> perror("munmap");
>> exit(EXIT_FAILURE);
>> }
>>
>> return 0;
>> }
>>
>> Result without fix
>> ==================
>> # cat /proc/meminfo |grep -i HugePages_Free
>> HugePages_Free: 20
>> # ./test
>> mmap: Permission denied
>> #
>>
>> Result with fix
>> ===============
>> # cat /proc/meminfo |grep -i HugePages_Free
>> HugePages_Free: 20
>> # ./test
>> Hello, Huge Pages!
>> #
>>
>> V2:
>> Added vm_end_gap() check.
>>
>> V1:
>> https://lore.kernel.org/all/20240705071150.84972-1-donettom@linux.ibm.com/
>>
>> Reported-by Pavithra Prakash <pavrampu@...ux.vnet.ibm.com>
>> Signed-off-by: Donet Tom <donettom@...ux.ibm.com>
> Please use "hugetlbfs:" as subject prefix. No need to spell out full path.
>
> Otherwise,
>
> Acked-by: Kirill A. Shutemov <kirill.shutemov@...ux.intel.com>
>
Powered by blists - more mailing lists