* [PATCH] Fix compat regression in process_vm_rw()
@ 2020-10-27 0:03 Jens Axboe
2020-10-27 0:09 ` Al Viro
` (3 more replies)
0 siblings, 4 replies; 9+ messages in thread
From: Jens Axboe @ 2020-10-27 0:03 UTC (permalink / raw)
To: Linus Torvalds; +Cc: linux-kernel, Christoph Hellwig, Kyle Huey
The removal of compat_process_vm_{readv,writev} didn't change
process_vm_rw(), which always assumes it's not doing a compat syscall.
Instead of passing in 'false' unconditionally for 'compat', make it
conditional on in_compat_syscall().
Fixes: c3973b401ef2 ("mm: remove compat_process_vm_{readv,writev}")
Reported-by: Kyle Huey <me@kylehuey.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
---
diff --git a/mm/process_vm_access.c b/mm/process_vm_access.c
index fd12da80b6f2..05676722d9cd 100644
--- a/mm/process_vm_access.c
+++ b/mm/process_vm_access.c
@@ -273,7 +273,8 @@ static ssize_t process_vm_rw(pid_t pid,
return rc;
if (!iov_iter_count(&iter))
goto free_iov_l;
- iov_r = iovec_from_user(rvec, riovcnt, UIO_FASTIOV, iovstack_r, false);
+ iov_r = iovec_from_user(rvec, riovcnt, UIO_FASTIOV, iovstack_r,
+ in_compat_syscall());
if (IS_ERR(iov_r)) {
rc = PTR_ERR(iov_r);
goto free_iov_l;
--
Jens Axboe
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH] Fix compat regression in process_vm_rw()
2020-10-27 0:03 [PATCH] Fix compat regression in process_vm_rw() Jens Axboe
@ 2020-10-27 0:09 ` Al Viro
2020-10-27 8:01 ` Christoph Hellwig
2020-10-27 0:47 ` Kyle Huey
` (2 subsequent siblings)
3 siblings, 1 reply; 9+ messages in thread
From: Al Viro @ 2020-10-27 0:09 UTC (permalink / raw)
To: Jens Axboe; +Cc: Linus Torvalds, linux-kernel, Christoph Hellwig, Kyle Huey
On Mon, Oct 26, 2020 at 06:03:18PM -0600, Jens Axboe wrote:
> The removal of compat_process_vm_{readv,writev} didn't change
> process_vm_rw(), which always assumes it's not doing a compat syscall.
> Instead of passing in 'false' unconditionally for 'compat', make it
> conditional on in_compat_syscall().
>
> Fixes: c3973b401ef2 ("mm: remove compat_process_vm_{readv,writev}")
> Reported-by: Kyle Huey <me@kylehuey.com>
> Signed-off-by: Jens Axboe <axboe@kernel.dk>
ACK with some reservations - I suspect that we want an explicit flag
for process_vm_{read,write}v() that would force the 64bit layout for
the vector refering to the foreign process. It's not relevant for
regression fix; however, as it is these syscalls are not usable for
32bit process trying to access memory of 64bit one - there's no way
to specify the addresses past 4G.
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] Fix compat regression in process_vm_rw()
2020-10-27 0:03 [PATCH] Fix compat regression in process_vm_rw() Jens Axboe
2020-10-27 0:09 ` Al Viro
@ 2020-10-27 0:47 ` Kyle Huey
2020-10-27 8:00 ` Christoph Hellwig
2020-10-27 19:19 ` damian
3 siblings, 0 replies; 9+ messages in thread
From: Kyle Huey @ 2020-10-27 0:47 UTC (permalink / raw)
To: Jens Axboe; +Cc: Linus Torvalds, linux-kernel, Christoph Hellwig
On Mon, Oct 26, 2020 at 5:03 PM Jens Axboe <axboe@kernel.dk> wrote:
>
> The removal of compat_process_vm_{readv,writev} didn't change
> process_vm_rw(), which always assumes it's not doing a compat syscall.
> Instead of passing in 'false' unconditionally for 'compat', make it
> conditional on in_compat_syscall().
>
> Fixes: c3973b401ef2 ("mm: remove compat_process_vm_{readv,writev}")
> Reported-by: Kyle Huey <me@kylehuey.com>
> Signed-off-by: Jens Axboe <axboe@kernel.dk>
>
> ---
>
> diff --git a/mm/process_vm_access.c b/mm/process_vm_access.c
> index fd12da80b6f2..05676722d9cd 100644
> --- a/mm/process_vm_access.c
> +++ b/mm/process_vm_access.c
> @@ -273,7 +273,8 @@ static ssize_t process_vm_rw(pid_t pid,
> return rc;
> if (!iov_iter_count(&iter))
> goto free_iov_l;
> - iov_r = iovec_from_user(rvec, riovcnt, UIO_FASTIOV, iovstack_r, false);
> + iov_r = iovec_from_user(rvec, riovcnt, UIO_FASTIOV, iovstack_r,
> + in_compat_syscall());
> if (IS_ERR(iov_r)) {
> rc = PTR_ERR(iov_r);
> goto free_iov_l;
>
> --
> Jens Axboe
>
I tested this patch and it does fix the original testcase I reported.
- Kyle
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] Fix compat regression in process_vm_rw()
2020-10-27 0:03 [PATCH] Fix compat regression in process_vm_rw() Jens Axboe
2020-10-27 0:09 ` Al Viro
2020-10-27 0:47 ` Kyle Huey
@ 2020-10-27 8:00 ` Christoph Hellwig
2020-10-27 19:19 ` damian
3 siblings, 0 replies; 9+ messages in thread
From: Christoph Hellwig @ 2020-10-27 8:00 UTC (permalink / raw)
To: Jens Axboe; +Cc: Linus Torvalds, linux-kernel, Christoph Hellwig, Kyle Huey
Looks good,
Reviewed-by: Christoph Hellwig <hch@lst.de>
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] Fix compat regression in process_vm_rw()
2020-10-27 0:09 ` Al Viro
@ 2020-10-27 8:01 ` Christoph Hellwig
2020-10-27 17:00 ` Linus Torvalds
0 siblings, 1 reply; 9+ messages in thread
From: Christoph Hellwig @ 2020-10-27 8:01 UTC (permalink / raw)
To: Al Viro
Cc: Jens Axboe, Linus Torvalds, linux-kernel, Christoph Hellwig, Kyle Huey
On Tue, Oct 27, 2020 at 12:09:20AM +0000, Al Viro wrote:
> On Mon, Oct 26, 2020 at 06:03:18PM -0600, Jens Axboe wrote:
> > The removal of compat_process_vm_{readv,writev} didn't change
> > process_vm_rw(), which always assumes it's not doing a compat syscall.
> > Instead of passing in 'false' unconditionally for 'compat', make it
> > conditional on in_compat_syscall().
> >
> > Fixes: c3973b401ef2 ("mm: remove compat_process_vm_{readv,writev}")
> > Reported-by: Kyle Huey <me@kylehuey.com>
> > Signed-off-by: Jens Axboe <axboe@kernel.dk>
>
> ACK with some reservations - I suspect that we want an explicit flag
> for process_vm_{read,write}v() that would force the 64bit layout for
> the vector refering to the foreign process. It's not relevant for
> regression fix; however, as it is these syscalls are not usable for
> 32bit process trying to access memory of 64bit one - there's no way
> to specify the addresses past 4G.
Independent of this fix I think we just need to explicitly prohibit
cross-access.
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] Fix compat regression in process_vm_rw()
2020-10-27 8:01 ` Christoph Hellwig
@ 2020-10-27 17:00 ` Linus Torvalds
0 siblings, 0 replies; 9+ messages in thread
From: Linus Torvalds @ 2020-10-27 17:00 UTC (permalink / raw)
To: Christoph Hellwig; +Cc: Al Viro, Jens Axboe, linux-kernel, Kyle Huey
On Tue, Oct 27, 2020 at 1:01 AM Christoph Hellwig <hch@lst.de> wrote:
>
> Independent of this fix I think we just need to explicitly prohibit
> cross-access.
Well, prohibiting a 32-bit process from accessing a 64-bit one might
make sense, since it fundamentally cannot work, and returning an
explicit error early might help avoid confusion.
But a 64-bit one can certainly validly look at a 32-bit one (ie
debugging a compat process from a 64-bit gdb or similar is not
unreasonable).
That said, I wonder how muich of a problem that can be, so it may be
sufficient to just fix this compat case up and leave it alone.
So applied,
Linus
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] Fix compat regression in process_vm_rw()
2020-10-27 0:03 [PATCH] Fix compat regression in process_vm_rw() Jens Axboe
` (2 preceding siblings ...)
2020-10-27 8:00 ` Christoph Hellwig
@ 2020-10-27 19:19 ` damian
2020-10-27 19:27 ` Naresh Kamboju
2020-10-27 19:32 ` Jens Axboe
3 siblings, 2 replies; 9+ messages in thread
From: damian @ 2020-10-27 19:19 UTC (permalink / raw)
To: Jens Axboe; +Cc: Linus Torvalds, linux-kernel, Christoph Hellwig, Kyle Huey
On Mo, 26. Okt 18:03, Jens Axboe wrote:
> The removal of compat_process_vm_{readv,writev} didn't change
> process_vm_rw(), which always assumes it's not doing a compat syscall.
> Instead of passing in 'false' unconditionally for 'compat', make it
> conditional on in_compat_syscall().
>
> Fixes: c3973b401ef2 ("mm: remove compat_process_vm_{readv,writev}")
> Reported-by: Kyle Huey <me@kylehuey.com>
> Signed-off-by: Jens Axboe <axboe@kernel.dk>
>
> ---
>
> diff --git a/mm/process_vm_access.c b/mm/process_vm_access.c
> index fd12da80b6f2..05676722d9cd 100644
> --- a/mm/process_vm_access.c
> +++ b/mm/process_vm_access.c
> @@ -273,7 +273,8 @@ static ssize_t process_vm_rw(pid_t pid,
> return rc;
> if (!iov_iter_count(&iter))
> goto free_iov_l;
> - iov_r = iovec_from_user(rvec, riovcnt, UIO_FASTIOV, iovstack_r, false);
> + iov_r = iovec_from_user(rvec, riovcnt, UIO_FASTIOV, iovstack_r,
> + in_compat_syscall());
> if (IS_ERR(iov_r)) {
> rc = PTR_ERR(iov_r);
> goto free_iov_l;
>
> --
> Jens Axboe
>
Hello Jens,
i got the following error when i try to build.
m/process_vm_access.c: In Funktion »process_vm_rw«:
mm/process_vm_access.c:277:5: Fehler: Implizite Deklaration der Funktion »in_compat_syscall«; meinten Sie »in_ia32_syscall«? [-Werror=implicit-function-declaration]
277 | in_compat_syscall());
| ^~~~~~~~~~~~~~~~~
| in_ia32_syscall
--
VG
Damian Tometzki
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] Fix compat regression in process_vm_rw()
2020-10-27 19:19 ` damian
@ 2020-10-27 19:27 ` Naresh Kamboju
2020-10-27 19:32 ` Jens Axboe
1 sibling, 0 replies; 9+ messages in thread
From: Naresh Kamboju @ 2020-10-27 19:27 UTC (permalink / raw)
To: Jens Axboe, Linus Torvalds, linux-kernel, Christoph Hellwig, Kyle Huey
Cc: lkft-triage
On Wed, 28 Oct 2020 at 00:49, damian
<damian.tometzki@familie-tometzki.de> wrote:
>
> On Mo, 26. Okt 18:03, Jens Axboe wrote:
> > The removal of compat_process_vm_{readv,writev} didn't change
> > process_vm_rw(), which always assumes it's not doing a compat syscall.
> > Instead of passing in 'false' unconditionally for 'compat', make it
> > conditional on in_compat_syscall().
> >
> > Fixes: c3973b401ef2 ("mm: remove compat_process_vm_{readv,writev}")
> > Reported-by: Kyle Huey <me@kylehuey.com>
> > Signed-off-by: Jens Axboe <axboe@kernel.dk>
> >
> > ---
> >
> > diff --git a/mm/process_vm_access.c b/mm/process_vm_access.c
> > index fd12da80b6f2..05676722d9cd 100644
> > --- a/mm/process_vm_access.c
> > +++ b/mm/process_vm_access.c
> > @@ -273,7 +273,8 @@ static ssize_t process_vm_rw(pid_t pid,
> > return rc;
> > if (!iov_iter_count(&iter))
> > goto free_iov_l;
> > - iov_r = iovec_from_user(rvec, riovcnt, UIO_FASTIOV, iovstack_r, false);
> > + iov_r = iovec_from_user(rvec, riovcnt, UIO_FASTIOV, iovstack_r,
> > + in_compat_syscall());
> > if (IS_ERR(iov_r)) {
> > rc = PTR_ERR(iov_r);
> > goto free_iov_l;
> >
> > --
> > Jens Axboe
> >
> Hello Jens,
>
> i got the following error when i try to build.
>
> m/process_vm_access.c: In Funktion »process_vm_rw«:
> mm/process_vm_access.c:277:5: Fehler: Implizite Deklaration der Funktion »in_compat_syscall«; meinten Sie »in_ia32_syscall«? [-Werror=implicit-function-declaration]
> 277 | in_compat_syscall());
> | ^~~~~~~~~~~~~~~~~
> | in_ia32_syscall
>
I have also noticed this build failure on Linus's mainline master branch.
x86_64 : FAILED
i386: FAILED
arm: FAILED
make -sk KBUILD_BUILD_USER=TuxBuild -C/linux -j16 ARCH=x86 HOSTCC=gcc
CC="sccache gcc" O=build
50../mm/process_vm_access.c: In function ‘process_vm_rw’:
51../mm/process_vm_access.c:277:5: error: implicit declaration of
function ‘in_compat_syscall’; did you mean ‘in_ia32_syscall’?
[-Werror=implicit-function-declaration]
52 277 | in_compat_syscall());
53 | ^~~~~~~~~~~~~~~~~
54 | in_ia32_syscall
55cc1: some warnings being treated as errors
Reported-by: Naresh Kamboju <naresh.kamboju@linaro.org>
full test build log:
https://gitlab.com/Linaro/lkft/mirrors/torvalds/linux-mainline/-/jobs/815202967
--
Linaro LKFT
https://lkft.linaro.org
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] Fix compat regression in process_vm_rw()
2020-10-27 19:19 ` damian
2020-10-27 19:27 ` Naresh Kamboju
@ 2020-10-27 19:32 ` Jens Axboe
1 sibling, 0 replies; 9+ messages in thread
From: Jens Axboe @ 2020-10-27 19:32 UTC (permalink / raw)
To: Linus Torvalds, linux-kernel, Christoph Hellwig, Kyle Huey
On 10/27/20 1:19 PM, damian wrote:
> On Mo, 26. Okt 18:03, Jens Axboe wrote:
>> The removal of compat_process_vm_{readv,writev} didn't change
>> process_vm_rw(), which always assumes it's not doing a compat syscall.
>> Instead of passing in 'false' unconditionally for 'compat', make it
>> conditional on in_compat_syscall().
>>
>> Fixes: c3973b401ef2 ("mm: remove compat_process_vm_{readv,writev}")
>> Reported-by: Kyle Huey <me@kylehuey.com>
>> Signed-off-by: Jens Axboe <axboe@kernel.dk>
>>
>> ---
>>
>> diff --git a/mm/process_vm_access.c b/mm/process_vm_access.c
>> index fd12da80b6f2..05676722d9cd 100644
>> --- a/mm/process_vm_access.c
>> +++ b/mm/process_vm_access.c
>> @@ -273,7 +273,8 @@ static ssize_t process_vm_rw(pid_t pid,
>> return rc;
>> if (!iov_iter_count(&iter))
>> goto free_iov_l;
>> - iov_r = iovec_from_user(rvec, riovcnt, UIO_FASTIOV, iovstack_r, false);
>> + iov_r = iovec_from_user(rvec, riovcnt, UIO_FASTIOV, iovstack_r,
>> + in_compat_syscall());
>> if (IS_ERR(iov_r)) {
>> rc = PTR_ERR(iov_r);
>> goto free_iov_l;
>>
>> --
>> Jens Axboe
>>
> Hello Jens,
>
> i got the following error when i try to build.
>
> m/process_vm_access.c: In Funktion »process_vm_rw«:
> mm/process_vm_access.c:277:5: Fehler: Implizite Deklaration der Funktion »in_compat_syscall«; meinten Sie »in_ia32_syscall«? [-Werror=implicit-function-declaration]
> 277 | in_compat_syscall());
> | ^~~~~~~~~~~~~~~~~
> | in_ia32_syscall
Yeah, sorry about that. Geert sent out a fix:
https://lore.kernel.org/lkml/20201027182246.651908-1-geert+renesas@glider.be/
--
Jens Axboe
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2020-10-27 19:32 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-27 0:03 [PATCH] Fix compat regression in process_vm_rw() Jens Axboe
2020-10-27 0:09 ` Al Viro
2020-10-27 8:01 ` Christoph Hellwig
2020-10-27 17:00 ` Linus Torvalds
2020-10-27 0:47 ` Kyle Huey
2020-10-27 8:00 ` Christoph Hellwig
2020-10-27 19:19 ` damian
2020-10-27 19:27 ` Naresh Kamboju
2020-10-27 19:32 ` Jens Axboe
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.