| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240829-guest-memfd-lib-v2-4-b9afc1ff3656@quicinc.com>
Date: Thu, 29 Aug 2024 15:24:12 -0700
From: Elliot Berman <quic_eberman@...cinc.com>
To: Andrew Morton <akpm@...ux-foundation.org>,
Sean Christopherson
<seanjc@...gle.com>,
Paolo Bonzini <pbonzini@...hat.com>,
Thomas Gleixner
<tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>,
Borislav Petkov
<bp@...en8.de>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Fuad Tabba
<tabba@...gle.com>, David Hildenbrand <david@...hat.com>,
Patrick Roy
<roypat@...zon.co.uk>, <qperret@...gle.com>,
Ackerley Tng
<ackerleytng@...gle.com>,
Mike Rapoport <rppt@...nel.org>, <x86@...nel.org>,
"H. Peter Anvin" <hpa@...or.com>
CC: <linux-kernel@...r.kernel.org>, <linux-mm@...ck.org>,
<kvm@...r.kernel.org>, <linux-coco@...ts.linux.dev>,
<linux-arm-msm@...r.kernel.org>,
Elliot Berman <quic_eberman@...cinc.com>
Subject: [PATCH RFC v2 4/5] mm: guest_memfd: Add ability for userspace to
mmap pages
"Inaccessible" and "accessible" state are properly tracked by the
guest_memfd. Userspace can now safely access pages to preload binaries
in a hypervisor/architecture-agnostic manner.
Signed-off-by: Elliot Berman <quic_eberman@...cinc.com>
---
mm/guest_memfd.c | 46 ++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 46 insertions(+)
diff --git a/mm/guest_memfd.c b/mm/guest_memfd.c
index 62cb576248a9d..194b2c3ea1525 100644
--- a/mm/guest_memfd.c
+++ b/mm/guest_memfd.c
@@ -279,6 +279,51 @@ int guest_memfd_make_inaccessible(struct folio *folio)
}
EXPORT_SYMBOL_GPL(guest_memfd_make_inaccessible);
+static vm_fault_t gmem_fault(struct vm_fault *vmf)
+{
+ struct file *file = vmf->vma->vm_file;
+ struct guest_memfd_private *private;
+ struct folio *folio;
+
+ folio = guest_memfd_grab_folio(file, vmf->pgoff, GUEST_MEMFD_GRAB_ACCESSIBLE);
+ if (IS_ERR(folio))
+ return VM_FAULT_SIGBUS;
+
+ vmf->page = folio_page(folio, vmf->pgoff - folio_index(folio));
+
+ /**
+ * Drop the safe and accessible references, the folio refcount will
+ * be preserved and unmap_mapping_folio() will decrement the
+ * refcount when converting to inaccessible.
+ */
+ private = folio_get_private(folio);
+ atomic_dec(&private->accessible);
+ atomic_dec(&private->safe);
+
+ return VM_FAULT_LOCKED;
+}
+
+static const struct vm_operations_struct gmem_vm_ops = {
+ .fault = gmem_fault,
+};
+
+static int gmem_mmap(struct file *file, struct vm_area_struct *vma)
+{
+ const struct guest_memfd_operations *ops = file_inode(file)->i_private;
+
+ if (!ops->prepare_accessible)
+ return -EPERM;
+
+ /* No support for private mappings to avoid COW. */
+ if ((vma->vm_flags & (VM_SHARED | VM_MAYSHARE)) !=
+ (VM_SHARED | VM_MAYSHARE))
+ return -EINVAL;
+
+ file_accessed(file);
+ vma->vm_ops = &gmem_vm_ops;
+ return 0;
+}
+
static long gmem_punch_hole(struct file *file, loff_t offset, loff_t len)
{
struct inode *inode = file_inode(file);
@@ -390,6 +435,7 @@ static int gmem_release(struct inode *inode, struct file *file)
static const struct file_operations gmem_fops = {
.open = generic_file_open,
.llseek = generic_file_llseek,
+ .mmap = gmem_mmap,
.release = gmem_release,
.fallocate = gmem_fallocate,
.owner = THIS_MODULE,
--
2.34.1
Powered by blists - more mailing lists