lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CABi2SkWhgY4amyT+EGTma7a9ymPs7ArnFLkAnm5ko556DpC_Cg@mail.gmail.com>
Date: Thu, 17 Oct 2024 10:55:27 -0700
From: Jeff Xu <jeffxu@...omium.org>
To: "Liam R. Howlett" <Liam.Howlett@...cle.com>
Cc: Andrew Morton <akpm@...ux-foundation.org>, linux-mm@...ck.org, 
	linux-kernel@...r.kernel.org, Lorenzo Stoakes <lorenzo.stoakes@...cle.com>, 
	Jann Horn <jannh@...gle.com>, David Hildenbrand <david@...hat.com>, 
	Qi Zheng <zhengqi.arch@...edance.com>, Kefeng Wang <wangkefeng.wang@...wei.com>, 
	Pedro Falcato <pedro.falcato@...il.com>
Subject: Re: [PATCH 1/2] mm/mremap: Clean up vma_to_resize()

On Wed, Oct 16, 2024 at 1:17 PM Liam R. Howlett <Liam.Howlett@...cle.com> wrote:
>
> From: "Liam R. Howlett" <Liam.Howlett@...cle.com>
>
> vma_to_resize() is used in two locations to find and validate the vma
> for the mremap location.  One of the two locations already has the vma,
> which is then re-found to validate the same vma.
>
> This code can be simplified by moving the vma_lookup() from
> vma_to_resize() to mremap_to() and changing the return type to an int
> error.
>
> Since the function now just validates the vma, the function is renamed
> to mremap_vma_check() to better reflect what it is doing.
>
> Signed-off-by: Liam R. Howlett <Liam.Howlett@...cle.com>
> ---
>  mm/mremap.c | 39 +++++++++++++++++++--------------------
>  1 file changed, 19 insertions(+), 20 deletions(-)
>
> diff --git a/mm/mremap.c b/mm/mremap.c
> index 5917feafe8cc..648c29f568af 100644
> --- a/mm/mremap.c
> +++ b/mm/mremap.c
> @@ -826,17 +826,12 @@ static unsigned long move_vma(struct vm_area_struct *vma,
>         return new_addr;
>  }
>
> -static struct vm_area_struct *vma_to_resize(unsigned long addr,
> +static int mremap_vma_check(struct vm_area_struct *vma, unsigned long addr,
The original function is vma_to_resize, and mremap_vma_check is
missing this context.
Maybe mremap_vma_check_resize is a better name ?


>         unsigned long old_len, unsigned long new_len, unsigned long flags)
>  {
>         struct mm_struct *mm = current->mm;
> -       struct vm_area_struct *vma;
>         unsigned long pgoff;
>
> -       vma = vma_lookup(mm, addr);
> -       if (!vma)
> -               return ERR_PTR(-EFAULT);
> -
>         /*
>          * !old_len is a special case where an attempt is made to 'duplicate'
>          * a mapping.  This makes no sense for private mappings as it will
> @@ -847,37 +842,37 @@ static struct vm_area_struct *vma_to_resize(unsigned long addr,
>          */
>         if (!old_len && !(vma->vm_flags & (VM_SHARED | VM_MAYSHARE))) {
>                 pr_warn_once("%s (%d): attempted to duplicate a private mapping with mremap.  This is not supported.\n", current->comm, current->pid);
> -               return ERR_PTR(-EINVAL);
> +               return -EINVAL;
>         }
>
>         if ((flags & MREMAP_DONTUNMAP) &&
>                         (vma->vm_flags & (VM_DONTEXPAND | VM_PFNMAP)))
> -               return ERR_PTR(-EINVAL);
> +               return -EINVAL;
>
>         /* We can't remap across vm area boundaries */
>         if (old_len > vma->vm_end - addr)
> -               return ERR_PTR(-EFAULT);
> +               return -EFAULT;
>
>         if (new_len == old_len)
> -               return vma;
> +               return 0;
>
>         /* Need to be careful about a growing mapping */
>         pgoff = (addr - vma->vm_start) >> PAGE_SHIFT;
>         pgoff += vma->vm_pgoff;
>         if (pgoff + (new_len >> PAGE_SHIFT) < pgoff)
> -               return ERR_PTR(-EINVAL);
> +               return -EINVAL;
>
>         if (vma->vm_flags & (VM_DONTEXPAND | VM_PFNMAP))
> -               return ERR_PTR(-EFAULT);
> +               return -EFAULT;
>
>         if (!mlock_future_ok(mm, vma->vm_flags, new_len - old_len))
> -               return ERR_PTR(-EAGAIN);
> +               return -EAGAIN;
>
>         if (!may_expand_vm(mm, vma->vm_flags,
>                                 (new_len - old_len) >> PAGE_SHIFT))
> -               return ERR_PTR(-ENOMEM);
> +               return -ENOMEM;
>
> -       return vma;
> +       return 0;
>  }
>
>  static unsigned long mremap_to(unsigned long addr, unsigned long old_len,
> @@ -936,7 +931,13 @@ static unsigned long mremap_to(unsigned long addr, unsigned long old_len,
>                 old_len = new_len;
>         }
>
> -       vma = vma_to_resize(addr, old_len, new_len, flags);
> +       vma = vma_lookup(mm, addr);
> +       if (!vma) {
> +               ret = -EFAULT;
> +               goto out;
> +       }
> +
> +       mremap_vma_check(vma, addr, old_len, new_len, flags);
>         if (IS_ERR(vma)) {
>                 ret = PTR_ERR(vma);
>                 goto out;
> @@ -1114,11 +1115,9 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len,
>         /*
>          * Ok, we need to grow..
>          */
> -       vma = vma_to_resize(addr, old_len, new_len, flags);
> -       if (IS_ERR(vma)) {
> -               ret = PTR_ERR(vma);
> +       ret = mremap_vma_check(vma, addr, old_len, new_len, flags);
> +       if (ret)
>                 goto out;
> -       }
>
>         /* old_len exactly to the end of the area..
>          */
> --
> 2.43.0
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ