From: "Timothy Pepper" <timothy.c.pepper@linux.intel.com>
To: linux-arm-kernel@lists.infradead.org
Subject: Re: mm: insure topdown mmap chooses addresses above security minimum
Date: Fri, 27 Sep 2013 15:39:52 +0000 [thread overview]
Message-ID: <20130927153951.GA15257@tcpepper-desk.jf.intel.com> (raw)
In-Reply-To: <20130925174436.GA14037@gmail.com>
On Wed 25 Sep at 19:44:36 +0200 mingo@kernel.org said:
>
> * Timothy Pepper <timothy.c.pepper@linux.intel.com> wrote:
>
> > On Wed 25 Sep at 09:30:49 +0200 mingo@kernel.org said:
> > > > info.flags = VM_UNMAPPED_AREA_TOPDOWN;
> > > > info.length = len;
> > > > - info.low_limit = PAGE_SIZE;
> > > > + info.low_limit = max(PAGE_SIZE, PAGE_ALIGN(mmap_min_addr));
> > > > info.high_limit = mm->mmap_base;
> > > > info.align_mask = filp ? get_align_mask() : 0;
> > > > info.align_offset = pgoff << PAGE_SHIFT;
> > >
> > > There appears to be a lot of repetition in these methods - instead of
> > > changing 6 places it would be more future-proof to first factor out the
> > > common bits and then to apply the fix to the shared implementation.
> >
> > Besides that existing redundancy in the multiple somewhat similar
> > arch_get_unmapped_area_topdown() functions, I was expecting people might
> > question the added redundancy of the six instances of:
> >
> > max(PAGE_SIZE, PAGE_ALIGN(mmap_min_addr));
>
> That redundancy would be automatically addressed by my suggestion.
Yes.
I'm looking at the cleanup and will post a bisectable series that
introduces a common helper, addes the calls to use that helper where
applicable (looks like it might be a few dozen per arch locations), and
then the single line change for the topdown case within the common helper
to do:
info->low_limit = max(PAGE_SIZE, PAGE_ALIGN(mmap_min_addr));
--
Tim Pepper <timothy.c.pepper@linux.intel.com>
Intel Open Source Technology Center
WARNING: multiple messages have this Message-ID (diff)
From: "Timothy Pepper" <timothy.c.pepper@linux.intel.com>
To: Ingo Molnar <mingo@kernel.org>
Cc: linux-mm@kvack.org, Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
x86@kernel.org, Russell King <linux@arm.linux.org.uk>,
linux-arm-kernel@lists.infradead.org,
Ralf Baechle <ralf@linux-mips.org>,
linux-mips@linux-mips.org,
Benjamin Herrenschmidt <benh@kernel.crashing.org>,
Paul Mackerras <paulus@samba.org>,
linuxppc-dev@lists.ozlabs.org, Paul Mundt <lethal@linux-sh.org>,
linux-sh@vger.kernel.org, "David S. Miller" <davem@davemloft.net>,
sparclinux@vger.kernel.org,
Andrew Morton <akpm@linux-foundation.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Al Viro <viro@zeniv.linux.org.uk>,
James Morris <james.l.morris@oracle.com>,
Michel Lespinasse <walken@google.com>,
Rik van Riel <riel@redhat.com>
Subject: Re: mm: insure topdown mmap chooses addresses above security minimum
Date: Fri, 27 Sep 2013 08:39:52 -0700 [thread overview]
Message-ID: <20130927153951.GA15257@tcpepper-desk.jf.intel.com> (raw)
In-Reply-To: <20130925174436.GA14037@gmail.com>
On Wed 25 Sep at 19:44:36 +0200 mingo@kernel.org said:
>
> * Timothy Pepper <timothy.c.pepper@linux.intel.com> wrote:
>
> > On Wed 25 Sep at 09:30:49 +0200 mingo@kernel.org said:
> > > > info.flags = VM_UNMAPPED_AREA_TOPDOWN;
> > > > info.length = len;
> > > > - info.low_limit = PAGE_SIZE;
> > > > + info.low_limit = max(PAGE_SIZE, PAGE_ALIGN(mmap_min_addr));
> > > > info.high_limit = mm->mmap_base;
> > > > info.align_mask = filp ? get_align_mask() : 0;
> > > > info.align_offset = pgoff << PAGE_SHIFT;
> > >
> > > There appears to be a lot of repetition in these methods - instead of
> > > changing 6 places it would be more future-proof to first factor out the
> > > common bits and then to apply the fix to the shared implementation.
> >
> > Besides that existing redundancy in the multiple somewhat similar
> > arch_get_unmapped_area_topdown() functions, I was expecting people might
> > question the added redundancy of the six instances of:
> >
> > max(PAGE_SIZE, PAGE_ALIGN(mmap_min_addr));
>
> That redundancy would be automatically addressed by my suggestion.
Yes.
I'm looking at the cleanup and will post a bisectable series that
introduces a common helper, addes the calls to use that helper where
applicable (looks like it might be a few dozen per arch locations), and
then the single line change for the topdown case within the common helper
to do:
info->low_limit = max(PAGE_SIZE, PAGE_ALIGN(mmap_min_addr));
--
Tim Pepper <timothy.c.pepper@linux.intel.com>
Intel Open Source Technology Center
WARNING: multiple messages have this Message-ID (diff)
From: "Timothy Pepper" <timothy.c.pepper@linux.intel.com>
To: Ingo Molnar <mingo@kernel.org>
Cc: linux-mm@kvack.org, Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
x86@kernel.org, Russell King <linux@arm.linux.org.uk>,
linux-arm-kernel@lists.infradead.org,
Ralf Baechle <ralf@linux-mips.org>,
linux-mips@linux-mips.org,
Benjamin Herrenschmidt <benh@kernel.crashing.org>,
Paul Mackerras <paulus@samba.org>,
linuxppc-dev@lists.ozlabs.org, Paul Mundt <lethal@linux-sh.org>,
linux-sh@vger.kernel.org, "David S. Miller" <davem@davemloft.net>,
sparclinux@vger.kernel.org,
Andrew Morton <akpm@linux-foundation.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Al Viro <viro@zeniv.linux.org.uk>,
James Morris <james.l.morris@oracle.com>,
Michel Lespinasse <walken@google.com>,
Rik van Riel <riel@redhat.com>
Subject: Re: mm: insure topdown mmap chooses addresses above security minimum
Date: Fri, 27 Sep 2013 08:39:52 -0700 [thread overview]
Message-ID: <20130927153951.GA15257@tcpepper-desk.jf.intel.com> (raw)
In-Reply-To: <20130925174436.GA14037@gmail.com>
On Wed 25 Sep at 19:44:36 +0200 mingo@kernel.org said:
>
> * Timothy Pepper <timothy.c.pepper@linux.intel.com> wrote:
>
> > On Wed 25 Sep at 09:30:49 +0200 mingo@kernel.org said:
> > > > info.flags = VM_UNMAPPED_AREA_TOPDOWN;
> > > > info.length = len;
> > > > - info.low_limit = PAGE_SIZE;
> > > > + info.low_limit = max(PAGE_SIZE, PAGE_ALIGN(mmap_min_addr));
> > > > info.high_limit = mm->mmap_base;
> > > > info.align_mask = filp ? get_align_mask() : 0;
> > > > info.align_offset = pgoff << PAGE_SHIFT;
> > >
> > > There appears to be a lot of repetition in these methods - instead of
> > > changing 6 places it would be more future-proof to first factor out the
> > > common bits and then to apply the fix to the shared implementation.
> >
> > Besides that existing redundancy in the multiple somewhat similar
> > arch_get_unmapped_area_topdown() functions, I was expecting people might
> > question the added redundancy of the six instances of:
> >
> > max(PAGE_SIZE, PAGE_ALIGN(mmap_min_addr));
>
> That redundancy would be automatically addressed by my suggestion.
Yes.
I'm looking at the cleanup and will post a bisectable series that
introduces a common helper, addes the calls to use that helper where
applicable (looks like it might be a few dozen per arch locations), and
then the single line change for the topdown case within the common helper
to do:
info->low_limit = max(PAGE_SIZE, PAGE_ALIGN(mmap_min_addr));
--
Tim Pepper <timothy.c.pepper@linux.intel.com>
Intel Open Source Technology Center
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
WARNING: multiple messages have this Message-ID (diff)
From: "Timothy Pepper" <timothy.c.pepper@linux.intel.com>
To: Ingo Molnar <mingo@kernel.org>
Cc: linux-mips@linux-mips.org, linux-sh@vger.kernel.org,
linux-mm@kvack.org, Paul Mackerras <paulus@samba.org>,
"H. Peter Anvin" <hpa@zytor.com>,
sparclinux@vger.kernel.org, Michel Lespinasse <walken@google.com>,
Russell King <linux@arm.linux.org.uk>,
x86@kernel.org, Ingo Molnar <mingo@redhat.com>,
Rik van Riel <riel@redhat.com>, Al Viro <viro@zeniv.linux.org.uk>,
James Morris <james.l.morris@oracle.com>,
Thomas Gleixner <tglx@linutronix.de>,
linux-arm-kernel@lists.infradead.org,
linuxppc-dev@lists.ozlabs.org, Ralf Baechle <ralf@linux-mips.org>,
Paul Mundt <lethal@linux-sh.org>,
Andrew Morton <akpm@linux-foundation.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
"David S. Miller" <davem@davemloft.net>
Subject: Re: mm: insure topdown mmap chooses addresses above security minimum
Date: Fri, 27 Sep 2013 08:39:52 -0700 [thread overview]
Message-ID: <20130927153951.GA15257@tcpepper-desk.jf.intel.com> (raw)
In-Reply-To: <20130925174436.GA14037@gmail.com>
On Wed 25 Sep at 19:44:36 +0200 mingo@kernel.org said:
>
> * Timothy Pepper <timothy.c.pepper@linux.intel.com> wrote:
>
> > On Wed 25 Sep at 09:30:49 +0200 mingo@kernel.org said:
> > > > info.flags = VM_UNMAPPED_AREA_TOPDOWN;
> > > > info.length = len;
> > > > - info.low_limit = PAGE_SIZE;
> > > > + info.low_limit = max(PAGE_SIZE, PAGE_ALIGN(mmap_min_addr));
> > > > info.high_limit = mm->mmap_base;
> > > > info.align_mask = filp ? get_align_mask() : 0;
> > > > info.align_offset = pgoff << PAGE_SHIFT;
> > >
> > > There appears to be a lot of repetition in these methods - instead of
> > > changing 6 places it would be more future-proof to first factor out the
> > > common bits and then to apply the fix to the shared implementation.
> >
> > Besides that existing redundancy in the multiple somewhat similar
> > arch_get_unmapped_area_topdown() functions, I was expecting people might
> > question the added redundancy of the six instances of:
> >
> > max(PAGE_SIZE, PAGE_ALIGN(mmap_min_addr));
>
> That redundancy would be automatically addressed by my suggestion.
Yes.
I'm looking at the cleanup and will post a bisectable series that
introduces a common helper, addes the calls to use that helper where
applicable (looks like it might be a few dozen per arch locations), and
then the single line change for the topdown case within the common helper
to do:
info->low_limit = max(PAGE_SIZE, PAGE_ALIGN(mmap_min_addr));
--
Tim Pepper <timothy.c.pepper@linux.intel.com>
Intel Open Source Technology Center
WARNING: multiple messages have this Message-ID (diff)
From: timothy.c.pepper@linux.intel.com (Timothy Pepper)
To: linux-arm-kernel@lists.infradead.org
Subject: mm: insure topdown mmap chooses addresses above security minimum
Date: Fri, 27 Sep 2013 08:39:52 -0700 [thread overview]
Message-ID: <20130927153951.GA15257@tcpepper-desk.jf.intel.com> (raw)
In-Reply-To: <20130925174436.GA14037@gmail.com>
On Wed 25 Sep at 19:44:36 +0200 mingo at kernel.org said:
>
> * Timothy Pepper <timothy.c.pepper@linux.intel.com> wrote:
>
> > On Wed 25 Sep at 09:30:49 +0200 mingo at kernel.org said:
> > > > info.flags = VM_UNMAPPED_AREA_TOPDOWN;
> > > > info.length = len;
> > > > - info.low_limit = PAGE_SIZE;
> > > > + info.low_limit = max(PAGE_SIZE, PAGE_ALIGN(mmap_min_addr));
> > > > info.high_limit = mm->mmap_base;
> > > > info.align_mask = filp ? get_align_mask() : 0;
> > > > info.align_offset = pgoff << PAGE_SHIFT;
> > >
> > > There appears to be a lot of repetition in these methods - instead of
> > > changing 6 places it would be more future-proof to first factor out the
> > > common bits and then to apply the fix to the shared implementation.
> >
> > Besides that existing redundancy in the multiple somewhat similar
> > arch_get_unmapped_area_topdown() functions, I was expecting people might
> > question the added redundancy of the six instances of:
> >
> > max(PAGE_SIZE, PAGE_ALIGN(mmap_min_addr));
>
> That redundancy would be automatically addressed by my suggestion.
Yes.
I'm looking at the cleanup and will post a bisectable series that
introduces a common helper, addes the calls to use that helper where
applicable (looks like it might be a few dozen per arch locations), and
then the single line change for the topdown case within the common helper
to do:
info->low_limit = max(PAGE_SIZE, PAGE_ALIGN(mmap_min_addr));
--
Tim Pepper <timothy.c.pepper@linux.intel.com>
Intel Open Source Technology Center
next prev parent reply other threads:[~2013-09-27 15:39 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-09-24 21:23 mm: insure topdown mmap chooses addresses above security minimum Timothy Pepper
2013-09-24 21:23 ` Timothy Pepper
2013-09-24 21:23 ` Timothy Pepper
2013-09-24 21:23 ` Timothy Pepper
2013-09-24 21:23 ` Timothy Pepper
2013-09-24 21:23 ` Timothy Pepper
2013-09-24 21:28 ` Russell King - ARM Linux
2013-09-24 21:28 ` Russell King - ARM Linux
2013-09-24 21:28 ` Russell King - ARM Linux
2013-09-24 21:28 ` Russell King - ARM Linux
2013-09-24 21:28 ` Russell King - ARM Linux
2013-09-25 7:30 ` Ingo Molnar
2013-09-25 7:30 ` Ingo Molnar
2013-09-25 7:30 ` Ingo Molnar
2013-09-25 7:30 ` Ingo Molnar
2013-09-25 7:30 ` Ingo Molnar
2013-09-25 17:12 ` Timothy Pepper
2013-09-25 17:12 ` Timothy Pepper
2013-09-25 17:12 ` Timothy Pepper
2013-09-25 17:12 ` Timothy Pepper
2013-09-25 17:12 ` Timothy Pepper
2013-09-25 17:44 ` Ingo Molnar
2013-09-25 17:44 ` Ingo Molnar
2013-09-25 17:44 ` Ingo Molnar
2013-09-25 17:44 ` Ingo Molnar
2013-09-25 17:44 ` Ingo Molnar
2013-09-27 15:39 ` Timothy Pepper [this message]
2013-09-27 15:39 ` Timothy Pepper
2013-09-27 15:39 ` Timothy Pepper
2013-09-27 15:39 ` Timothy Pepper
2013-09-27 15:39 ` Timothy Pepper
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130927153951.GA15257@tcpepper-desk.jf.intel.com \
--to=timothy.c.pepper@linux.intel.com \
--cc=linux-arm-kernel@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.