From: Suren Baghdasaryan <surenb@google.com>
To: Michal Hocko <mhocko@suse.com>
Cc: "Andrew Morton" <akpm@linux-foundation.org>,
"Colin Cross" <ccross@google.com>,
"Sumit Semwal" <sumit.semwal@linaro.org>,
"Dave Hansen" <dave.hansen@intel.com>,
"Kees Cook" <keescook@chromium.org>,
"Matthew Wilcox" <willy@infradead.org>,
"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
"Vlastimil Babka" <vbabka@suse.cz>,
"Johannes Weiner" <hannes@cmpxchg.org>,
"Jonathan Corbet" <corbet@lwn.net>,
"Al Viro" <viro@zeniv.linux.org.uk>,
"Randy Dunlap" <rdunlap@infradead.org>,
"Kalesh Singh" <kaleshsingh@google.com>,
"Peter Xu" <peterx@redhat.com>,
rppt@kernel.org, "Peter Zijlstra" <peterz@infradead.org>,
"Catalin Marinas" <catalin.marinas@arm.com>,
vincenzo.frascino@arm.com,
"Chinwen Chang (張錦文)" <chinwen.chang@mediatek.com>,
"Axel Rasmussen" <axelrasmussen@google.com>,
"Andrea Arcangeli" <aarcange@redhat.com>,
"Jann Horn" <jannh@google.com>,
apopple@nvidia.com, "John Hubbard" <jhubbard@nvidia.com>,
"Yu Zhao" <yuzhao@google.com>, "Will Deacon" <will@kernel.org>,
fenghua.yu@intel.com, thunder.leizhen@huawei.com,
"Hugh Dickins" <hughd@google.com>,
feng.tang@intel.com, "Jason Gunthorpe" <jgg@ziepe.ca>,
"Roman Gushchin" <guro@fb.com>,
"Thomas Gleixner" <tglx@linutronix.de>,
krisman@collabora.com, chris.hyser@oracle.com,
"Peter Collingbourne" <pcc@google.com>,
"Eric W. Biederman" <ebiederm@xmission.com>,
"Jens Axboe" <axboe@kernel.dk>,
legion@kernel.org, "Rolf Eike Beer" <eb@emlix.com>,
"Muchun Song" <songmuchun@bytedance.com>,
"Viresh Kumar" <viresh.kumar@linaro.org>,
"Thomas Cedeno" <thomascedeno@google.com>,
sashal@kernel.org, cxfcosmos@gmail.com,
"Rasmus Villemoes" <linux@rasmusvillemoes.dk>,
LKML <linux-kernel@vger.kernel.org>,
linux-fsdevel@vger.kernel.org, linux-doc@vger.kernel.org,
linux-mm <linux-mm@kvack.org>,
kernel-team <kernel-team@android.com>
Subject: Re: [PATCH v8 2/3] mm: add a field to store names for private anonymous memory
Date: Wed, 1 Sep 2021 08:42:29 -0700 [thread overview]
Message-ID: <CAJuCfpHWCtqCcuZdyfc4-virtynOMv2f_iU=OJUB_6b2Xz+k9g@mail.gmail.com> (raw)
In-Reply-To: <YS81abHD8KZMrX8D@dhcp22.suse.cz>
On Wed, Sep 1, 2021 at 1:10 AM 'Michal Hocko' via kernel-team
<kernel-team@android.com> wrote:
>
> On Fri 27-08-21 12:18:57, Suren Baghdasaryan wrote:
> [...]
> > +static void replace_vma_anon_name(struct vm_area_struct *vma, const char *name)
> > +{
> > + if (!name) {
> > + free_vma_anon_name(vma);
> > + return;
> > + }
> > +
> > + if (vma->anon_name) {
> > + /* Should never happen, to dup use dup_vma_anon_name() */
> > + WARN_ON(vma->anon_name == name);
>
> What is the point of this warning?
I wanted to make sure replace_vma_anon_name() is not used from inside
vm_area_dup() or some similar place (does not exist today but maybe in
the future) where "new" vma is a copy of "orig" vma and
new->anon_name==orig->anon_name. If someone by mistake calls
replace_vma_anon_name(new, orig->anon_name) and
new->anon_name==orig->anon_name then they will keep pointing to the
same name pointer, which breaks an assumption that ->anon_name
pointers are not shared among vmas even if the string is the same.
That would eventually lead to use-after-free error. After the next
patch implementing refcounting, the similar situation would lead to
both new and orig vma pointing to the same anon_vma_name structure
without raising the refcount, which would also lead to use-after-free
error. That's why the above comment asks to use dup_vma_anon_name() if
this warning ever happens.
I can remove the warning but I thought the problem is subtle enough to
put some safeguards.
>
> > +
> > + /* Same name, nothing to do here */
> > + if (!strcmp(name, vma->anon_name))
> > + return;
> > +
> > + free_vma_anon_name(vma);
> > + }
> > + vma->anon_name = kstrdup(name, GFP_KERNEL);
> > +}
> --
> Michal Hocko
> SUSE Labs
>
> --
> To unsubscribe from this group and stop receiving emails from it, send an email to kernel-team+unsubscribe@android.com.
>
next prev parent reply other threads:[~2021-09-01 15:42 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-27 19:18 [PATCH v8 0/3] Anonymous VMA naming patches Suren Baghdasaryan
2021-08-27 19:18 ` Suren Baghdasaryan
2021-08-27 19:18 ` [PATCH v8 1/3] mm: rearrange madvise code to allow for reuse Suren Baghdasaryan
2021-08-27 19:18 ` Suren Baghdasaryan
2021-08-28 0:14 ` Kees Cook
2021-08-28 0:58 ` Suren Baghdasaryan
2021-08-28 16:19 ` Cyrill Gorcunov
2021-08-28 21:59 ` Suren Baghdasaryan
2021-08-27 19:18 ` [PATCH v8 2/3] mm: add a field to store names for private anonymous memory Suren Baghdasaryan
2021-08-27 19:18 ` Suren Baghdasaryan
2021-08-28 1:47 ` Matthew Wilcox
2021-08-28 5:52 ` Kees Cook
2021-08-28 21:47 ` Suren Baghdasaryan
2021-08-30 8:12 ` Rasmus Villemoes
2021-08-30 16:16 ` Suren Baghdasaryan
2021-08-30 16:59 ` Matthew Wilcox
2021-08-31 17:21 ` Suren Baghdasaryan
2021-08-28 21:28 ` Cyrill Gorcunov
2021-08-28 21:53 ` Suren Baghdasaryan
2021-09-01 8:09 ` Michal Hocko
2021-09-01 15:28 ` Suren Baghdasaryan
2021-09-01 8:10 ` Michal Hocko
2021-09-01 15:42 ` Suren Baghdasaryan [this message]
2021-09-03 11:49 ` Michal Hocko
2021-09-03 15:47 ` Suren Baghdasaryan
2021-08-27 19:18 ` [PATCH v8 3/3] mm: add anonymous vma name refcounting Suren Baghdasaryan
2021-08-27 19:18 ` Suren Baghdasaryan
2021-08-28 5:28 ` Kees Cook
2021-08-28 21:13 ` Suren Baghdasaryan
2021-08-30 7:03 ` Rolf Eike Beer
2021-08-30 7:03 ` Rolf Eike Beer
2021-08-30 16:12 ` Suren Baghdasaryan
2021-08-28 12:48 ` [PATCH v8 0/3] Anonymous VMA naming patches Pavel Machek
2021-08-28 22:06 ` Suren Baghdasaryan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAJuCfpHWCtqCcuZdyfc4-virtynOMv2f_iU=OJUB_6b2Xz+k9g@mail.gmail.com' \
--to=surenb@google.com \
--cc=aarcange@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=apopple@nvidia.com \
--cc=axboe@kernel.dk \
--cc=axelrasmussen@google.com \
--cc=catalin.marinas@arm.com \
--cc=ccross@google.com \
--cc=chinwen.chang@mediatek.com \
--cc=chris.hyser@oracle.com \
--cc=corbet@lwn.net \
--cc=cxfcosmos@gmail.com \
--cc=dave.hansen@intel.com \
--cc=eb@emlix.com \
--cc=ebiederm@xmission.com \
--cc=feng.tang@intel.com \
--cc=fenghua.yu@intel.com \
--cc=guro@fb.com \
--cc=hannes@cmpxchg.org \
--cc=hughd@google.com \
--cc=jannh@google.com \
--cc=jgg@ziepe.ca \
--cc=jhubbard@nvidia.com \
--cc=kaleshsingh@google.com \
--cc=keescook@chromium.org \
--cc=kernel-team@android.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=krisman@collabora.com \
--cc=legion@kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux@rasmusvillemoes.dk \
--cc=mhocko@suse.com \
--cc=pcc@google.com \
--cc=peterx@redhat.com \
--cc=peterz@infradead.org \
--cc=rdunlap@infradead.org \
--cc=rppt@kernel.org \
--cc=sashal@kernel.org \
--cc=songmuchun@bytedance.com \
--cc=sumit.semwal@linaro.org \
--cc=tglx@linutronix.de \
--cc=thomascedeno@google.com \
--cc=thunder.leizhen@huawei.com \
--cc=vbabka@suse.cz \
--cc=vincenzo.frascino@arm.com \
--cc=viresh.kumar@linaro.org \
--cc=viro@zeniv.linux.org.uk \
--cc=will@kernel.org \
--cc=willy@infradead.org \
--cc=yuzhao@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.