All of lore.kernel.org
 help / color / mirror / Atom feed
From: Jann Horn <jannh@google.com>
To: mtk.manpages@gmail.com, linux-man@vger.kernel.org,
	mhocko@kernel.org, jhubbard@nvidia.com,
	akpm@linux-foundation.org, linux-mm@kvack.org,
	linux-kernel@vger.kernel.org, linux-api@vger.kernel.org,
	jannh@google.com
Cc: linux-man@vger.kernel.org, Michal Hocko <mhocko@kernel.org>,
	John Hubbard <jhubbard@nvidia.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	linux-mm@kvack.org, linux-kernel@vger.kernel.org,
	linux-api@vger.kernel.org
Subject: [PATCH] mmap.2: MAP_FIXED is okay if the address range has been reserved
Date: Thu, 12 Apr 2018 17:39:41 +0200	[thread overview]
Message-ID: <20180412153941.170849-1-jannh@google.com> (raw)

Clarify that MAP_FIXED is appropriate if the specified address range has
been reserved using an existing mapping, but shouldn't be used otherwise.

Signed-off-by: Jann Horn <jannh@google.com>
---
 man2/mmap.2 | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/man2/mmap.2 b/man2/mmap.2
index bef8b4432..80c9ec285 100644
--- a/man2/mmap.2
+++ b/man2/mmap.2
@@ -253,8 +253,9 @@ Software that aspires to be portable should use this option with care,
 keeping in mind that the exact layout of a process's memory mappings
 is allowed to change significantly between kernel versions,
 C library versions, and operating system releases.
-Furthermore, this option is extremely hazardous (when used on its own),
-because it forcibly removes preexisting mappings,
+This option should only be used when the specified memory region has
+already been reserved using another mapping; otherwise, it is extremely
+hazardous because it forcibly removes preexisting mappings,
 making it easy for a multithreaded process to corrupt its own address space.
 .IP
 For example, suppose that thread A looks through
@@ -284,13 +285,15 @@ and the PAM libraries
 .UR http://www.linux-pam.org
 .UE .
 .IP
-Newer kernels
-(Linux 4.17 and later) have a
+For cases in which the specified memory region has not been reserved using an
+existing mapping, newer kernels (Linux 4.17 and later) provide an option
 .B MAP_FIXED_NOREPLACE
-option that avoids the corruption problem; if available,
-.B MAP_FIXED_NOREPLACE
-should be preferred over
-.BR MAP_FIXED .
+that should be used instead; older kernels require the caller to use
+.I addr
+as a hint (without
+.BR MAP_FIXED )
+and take appropriate action if the kernel places the new mapping at a
+different address.
 .TP
 .BR MAP_FIXED_NOREPLACE " (since Linux 4.17)"
 .\" commit a4ff8e8620d3f4f50ac4b41e8067b7d395056843
-- 
2.17.0.484.g0c8726318c-goog


WARNING: multiple messages have this Message-ID
From: Jann Horn <jannh@google.com>
To: mtk.manpages@gmail.com, jannh@google.com
Cc: linux-man@vger.kernel.org, Michal Hocko <mhocko@kernel.org>,
	John Hubbard <jhubbard@nvidia.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	linux-mm@kvack.org, linux-kernel@vger.kernel.org,
	linux-api@vger.kernel.org
Subject: [PATCH] mmap.2: MAP_FIXED is okay if the address range has been reserved
Date: Thu, 12 Apr 2018 17:39:41 +0200	[thread overview]
Message-ID: <20180412153941.170849-1-jannh@google.com> (raw)

Clarify that MAP_FIXED is appropriate if the specified address range has
been reserved using an existing mapping, but shouldn't be used otherwise.

Signed-off-by: Jann Horn <jannh@google.com>
---
 man2/mmap.2 | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/man2/mmap.2 b/man2/mmap.2
index bef8b4432..80c9ec285 100644
--- a/man2/mmap.2
+++ b/man2/mmap.2
@@ -253,8 +253,9 @@ Software that aspires to be portable should use this option with care,
 keeping in mind that the exact layout of a process's memory mappings
 is allowed to change significantly between kernel versions,
 C library versions, and operating system releases.
-Furthermore, this option is extremely hazardous (when used on its own),
-because it forcibly removes preexisting mappings,
+This option should only be used when the specified memory region has
+already been reserved using another mapping; otherwise, it is extremely
+hazardous because it forcibly removes preexisting mappings,
 making it easy for a multithreaded process to corrupt its own address space.
 .IP
 For example, suppose that thread A looks through
@@ -284,13 +285,15 @@ and the PAM libraries
 .UR http://www.linux-pam.org
 .UE .
 .IP
-Newer kernels
-(Linux 4.17 and later) have a
+For cases in which the specified memory region has not been reserved using an
+existing mapping, newer kernels (Linux 4.17 and later) provide an option
 .B MAP_FIXED_NOREPLACE
-option that avoids the corruption problem; if available,
-.B MAP_FIXED_NOREPLACE
-should be preferred over
-.BR MAP_FIXED .
+that should be used instead; older kernels require the caller to use
+.I addr
+as a hint (without
+.BR MAP_FIXED )
+and take appropriate action if the kernel places the new mapping at a
+different address.
 .TP
 .BR MAP_FIXED_NOREPLACE " (since Linux 4.17)"
 .\" commit a4ff8e8620d3f4f50ac4b41e8067b7d395056843
-- 
2.17.0.484.g0c8726318c-goog

WARNING: multiple messages have this Message-ID
From: Jann Horn <jannh@google.com>
To: mtk.manpages@gmail.com, linux-man@vger.kernel.org,
	mhocko@kernel.org, jhubbard@nvidia.com,
	akpm@linux-foundation.org, linux-mm@kvack.org,
	linux-kernel@vger.kernel.org, linux-api@vger.kernel.org,
	jannh@google.com
Subject: [PATCH] mmap.2: MAP_FIXED is okay if the address range has been reserved
Date: Thu, 12 Apr 2018 17:39:41 +0200	[thread overview]
Message-ID: <20180412153941.170849-1-jannh@google.com> (raw)

Clarify that MAP_FIXED is appropriate if the specified address range has
been reserved using an existing mapping, but shouldn't be used otherwise.

Signed-off-by: Jann Horn <jannh@google.com>
---
 man2/mmap.2 | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/man2/mmap.2 b/man2/mmap.2
index bef8b4432..80c9ec285 100644
--- a/man2/mmap.2
+++ b/man2/mmap.2
@@ -253,8 +253,9 @@ Software that aspires to be portable should use this option with care,
 keeping in mind that the exact layout of a process's memory mappings
 is allowed to change significantly between kernel versions,
 C library versions, and operating system releases.
-Furthermore, this option is extremely hazardous (when used on its own),
-because it forcibly removes preexisting mappings,
+This option should only be used when the specified memory region has
+already been reserved using another mapping; otherwise, it is extremely
+hazardous because it forcibly removes preexisting mappings,
 making it easy for a multithreaded process to corrupt its own address space.
 .IP
 For example, suppose that thread A looks through
@@ -284,13 +285,15 @@ and the PAM libraries
 .UR http://www.linux-pam.org
 .UE .
 .IP
-Newer kernels
-(Linux 4.17 and later) have a
+For cases in which the specified memory region has not been reserved using an
+existing mapping, newer kernels (Linux 4.17 and later) provide an option
 .B MAP_FIXED_NOREPLACE
-option that avoids the corruption problem; if available,
-.B MAP_FIXED_NOREPLACE
-should be preferred over
-.BR MAP_FIXED .
+that should be used instead; older kernels require the caller to use
+.I addr
+as a hint (without
+.BR MAP_FIXED )
+and take appropriate action if the kernel places the new mapping at a
+different address.
 .TP
 .BR MAP_FIXED_NOREPLACE " (since Linux 4.17)"
 .\" commit a4ff8e8620d3f4f50ac4b41e8067b7d395056843
-- 
2.17.0.484.g0c8726318c-goog

             reply	other threads:[~2018-04-12 15:39 UTC|newest]

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-04-12 15:39 Jann Horn [this message]
2018-04-12 15:39 ` [PATCH] mmap.2: MAP_FIXED is okay if the address range has been reserved Jann Horn
2018-04-12 15:39 ` Jann Horn
2018-04-12 18:32 ` Michael Kerrisk (man-pages)
2018-04-12 18:33 ` John Hubbard
2018-04-12 18:33   ` John Hubbard
2018-04-12 18:37   ` Michael Kerrisk (man-pages)
2018-04-12 18:49     ` Jann Horn
2018-04-12 18:59       ` John Hubbard
2018-04-12 19:18         ` Jann Horn
2018-04-12 19:24           ` John Hubbard
2018-04-13  6:43             ` Michael Kerrisk (man-pages)
2018-04-13  6:49               ` Michal Hocko
2018-04-13 15:04                 ` Jann Horn
2018-04-13 16:04                   ` Michal Hocko
2018-04-13 16:05                     ` Jann Horn
2018-04-13 16:17                       ` Jann Horn
2018-04-16 10:07                         ` Michal Hocko
2018-04-16 13:55                           ` Jann Horn
2018-04-16 19:18                             ` Michal Hocko
2018-04-16 19:30                               ` Jann Horn
2018-04-16 19:57                                 ` Michal Hocko
2018-04-16 20:17                                   ` Jann Horn
2018-04-16 21:11                                     ` Michal Hocko
2018-04-16 21:12                                       ` Jann Horn
2018-04-17  6:23                                         ` Michal Hocko
2018-05-02 13:06                                       ` Michael Kerrisk (man-pages)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180412153941.170849-1-jannh@google.com \
    --to=jannh@google.com \
    --cc=akpm@linux-foundation.org \
    --cc=jhubbard@nvidia.com \
    --cc=linux-api@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-man@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=mhocko@kernel.org \
    --cc=mtk.manpages@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.