From: "Huang, Ying" <ying.huang@intel.com>
To: Eric Dumazet <eric.dumazet@gmail.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
linux-kernel <linux-kernel@vger.kernel.org>,
linux-mm <linux-mm@kvack.org>, Eric Dumazet <edumazet@google.com>,
syzbot <syzkaller@googlegroups.com>, Mel Gorman <mgorman@suse.de>
Subject: Re: [PATCH v2] mm/mempolicy: do not allow illegal MPOL_F_NUMA_BALANCING | MPOL_LOCAL in mbind()
Date: Fri, 08 Oct 2021 09:22:54 +0800 [thread overview]
Message-ID: <87pmsgqpht.fsf@yhuang6-desk2.ccr.corp.intel.com> (raw)
In-Reply-To: <20211001215630.810592-1-eric.dumazet@gmail.com> (Eric Dumazet's message of "Fri, 1 Oct 2021 14:56:30 -0700")
Hi, Eric,
Eric Dumazet <eric.dumazet@gmail.com> writes:
> From: Eric Dumazet <edumazet@google.com>
>
> syzbot reported access to unitialized memory in mbind() [1]
>
> Issue came with commit bda420b98505 ("numa balancing: migrate on
> fault among multiple bound nodes")
>
> This commit added a new bit in MPOL_MODE_FLAGS, but only checked
> valid combination (MPOL_F_NUMA_BALANCING can only be used with MPOL_BIND)
> in do_set_mempolicy()
>
> This patch moves the check in sanitize_mpol_flags() so that it
> is also used by mbind()
Good catch! Thanks! When MPOL_F_NUMA_BALANCING is introduced, it is
intended to be used with set_memopolicy() syscall only, it is not
allowed to be used with mbind() syscall at least for now. But I
misunderstood the original code apparently.
So I think it may be better to return EINVAL for mbind() +
MPOL_F_NUMA_BALANCING?
Best Regards,
Huang, Ying
prev parent reply other threads:[~2021-10-08 1:23 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-01 21:56 [PATCH v2] mm/mempolicy: do not allow illegal MPOL_F_NUMA_BALANCING | MPOL_LOCAL in mbind() Eric Dumazet
2021-10-01 22:49 ` Andrew Morton
2021-10-01 23:37 ` Eric Dumazet
2021-10-01 23:37 ` Eric Dumazet
2021-10-02 17:15 ` Matthew Wilcox
2021-10-08 1:22 ` Huang, Ying [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87pmsgqpht.fsf@yhuang6-desk2.ccr.corp.intel.com \
--to=ying.huang@intel.com \
--cc=akpm@linux-foundation.org \
--cc=edumazet@google.com \
--cc=eric.dumazet@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mgorman@suse.de \
--cc=syzkaller@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.