lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZEaGjad50lqRNTWD@nvidia.com> Date: Mon, 24 Apr 2023 10:39:25 -0300 From: Jason Gunthorpe <jgg@...dia.com> To: Lorenzo Stoakes <lstoakes@...il.com> Cc: Christoph Hellwig <hch@...radead.org>, linux-mm@...ck.org, linux-kernel@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org>, Jens Axboe <axboe@...nel.dk>, Matthew Wilcox <willy@...radead.org>, Dennis Dalessandro <dennis.dalessandro@...nelisnetworks.com>, Leon Romanovsky <leon@...nel.org>, Christian Benvenuti <benve@...co.com>, Nelson Escobar <neescoba@...co.com>, Bernard Metzler <bmt@...ich.ibm.com>, Peter Zijlstra <peterz@...radead.org>, Ingo Molnar <mingo@...hat.com>, Arnaldo Carvalho de Melo <acme@...nel.org>, Mark Rutland <mark.rutland@....com>, Alexander Shishkin <alexander.shishkin@...ux.intel.com>, Jiri Olsa <jolsa@...nel.org>, Namhyung Kim <namhyung@...nel.org>, Ian Rogers <irogers@...gle.com>, Adrian Hunter <adrian.hunter@...el.com>, Bjorn Topel <bjorn@...nel.org>, Magnus Karlsson <magnus.karlsson@...el.com>, Maciej Fijalkowski <maciej.fijalkowski@...el.com>, Jonathan Lemon <jonathan.lemon@...il.com>, "David S . Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, Christian Brauner <brauner@...nel.org>, Richard Cochran <richardcochran@...il.com>, Alexei Starovoitov <ast@...nel.org>, Daniel Borkmann <daniel@...earbox.net>, Jesper Dangaard Brouer <hawk@...nel.org>, John Fastabend <john.fastabend@...il.com>, linux-fsdevel@...r.kernel.org, linux-perf-users@...r.kernel.org, netdev@...r.kernel.org, bpf@...r.kernel.org, Oleg Nesterov <oleg@...hat.com> Subject: Re: [PATCH v2] mm/gup: disallow GUP writing to file-backed mappings by default On Mon, Apr 24, 2023 at 01:38:49PM +0100, Lorenzo Stoakes wrote: > I was being fairly conservative in that list, though we certainly need to > set the flag for /proc/$pid/mem and ptrace to avoid breaking this > functionality (I observed breakpoints breaking without it which obviously > is a no go :). I'm not sure if there's a more general way we could check > for this though? More broadly we should make sure these usages of GUP safe somehow so that it can reliably write to those types of pages without breaking the current FS contract.. I forget exactly, but IIRC, don't you have to hold some kind of page spinlock while writing to the page memory? So, users that do this, or can be fixed to do this, can get file backed pages. It suggests that a flag name is more like FOLL_CALLER_USES_FILE_WRITE_LOCKING > I wouldn't be totally opposed to dropping it for RDMA too, because I > suspect accessing file-backed mappings for that is pretty iffy. > > Do you have a sense of which in the list you feel could be pared back? Anything using FOLL_LONGTERM should not set the flag, GUP should even block the combination. And we need to have in mind that the flag indicates the code is buggy, so if you set it then we should understand how is that caller expected to be fixed. Jason
Powered by blists - more mailing lists