From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7D72BC433FE for ; Wed, 9 Dec 2020 04:58:43 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id E135D23B5F for ; Wed, 9 Dec 2020 04:58:42 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org E135D23B5F Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-foundation.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 188056B009B; Tue, 8 Dec 2020 23:58:42 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 111F36B009C; Tue, 8 Dec 2020 23:58:42 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id F1ABC6B009D; Tue, 8 Dec 2020 23:58:41 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0066.hostedemail.com [216.40.44.66]) by kanga.kvack.org (Postfix) with ESMTP id D76FF6B009B for ; Tue, 8 Dec 2020 23:58:41 -0500 (EST) Received: from smtpin29.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay04.hostedemail.com (Postfix) with ESMTP id A145C1EE6 for ; Wed, 9 Dec 2020 04:58:41 +0000 (UTC) X-FDA: 77572538442.29.cause16_0510984273ec Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin29.hostedemail.com (Postfix) with ESMTP id 7EF0F180868E3 for ; Wed, 9 Dec 2020 04:58:41 +0000 (UTC) X-HE-Tag: cause16_0510984273ec X-Filterd-Recvd-Size: 3985 Received: from mail-lf1-f66.google.com (mail-lf1-f66.google.com [209.85.167.66]) by imf46.hostedemail.com (Postfix) with ESMTP for ; Wed, 9 Dec 2020 04:58:41 +0000 (UTC) Received: by mail-lf1-f66.google.com with SMTP id a12so1159965lfl.6 for ; Tue, 08 Dec 2020 20:58:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=BBU+e9OSHN03tEBuFDzMijCMQwPZkTjl7eLQDLYiRp4=; b=G7vkKJtO3pRwuncSuACCNx/qk9DuzS7aAXF8Y9Vir0gvCVajW6oaXVgWYTcpiVuxDT u1UpXH/ZOHzPmC+S68cNG/A+OogChxR2/b8Bf1Ef+gSPieL9uABVBcY6/PiAqb8u3J+h sRtjGlFHY6r8JWATLbfdX6C+Dr1wjDoOsi/58= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=BBU+e9OSHN03tEBuFDzMijCMQwPZkTjl7eLQDLYiRp4=; b=nWXvhGkv+zcZXTAmToqIvoqzEf8dzvrWkBkgEIyKeE8j8H7B8jeHGSs+AzZFfJKlI+ 0M+WomZgtv+2CgdQrx7H2Aev8qeEPRqdBZ92v/fNV+1kn02ko3HLLVO9BKOFtUbkPT+m IyqO592+r7BFUJZmoYKzepAwuGCC0vWf25L18DEVHsPAQmxxAQDeBSbFWUdQUSi1svZo 9RCcyFMMCnJY5l+V0O9K/m2Qyb4WPGMpCrT82zApxFUDvN4GF+55Xqsffv4S0sFqAKv8 YU7qeFOCtdwJo2DUwJkjAceyYDqJHc0aQW3JOhcYTTReDTlJ1CWncOJRmq1+JolVh6HJ 0ZyA== X-Gm-Message-State: AOAM5302sylIjZOQWTNzFQWEhGiosb06eVkc9wADHXeR8gcB0607D1at zwzfCMIdfvGLhR9+Jvelb2y5+bgyc26Hew== X-Google-Smtp-Source: ABdhPJxRb9488WWCpM10aNF4PPhQiwKwFGXshIg+VjXu4kTwT/1ThEDiN+CZonw+d7HFRgGHyE3x7w== X-Received: by 2002:ac2:5490:: with SMTP id t16mr396413lfk.109.1607489919042; Tue, 08 Dec 2020 20:58:39 -0800 (PST) Received: from mail-lj1-f182.google.com (mail-lj1-f182.google.com. [209.85.208.182]) by smtp.gmail.com with ESMTPSA id u4sm70580ljl.26.2020.12.08.20.58.37 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 08 Dec 2020 20:58:37 -0800 (PST) Received: by mail-lj1-f182.google.com with SMTP id t22so563053ljk.0 for ; Tue, 08 Dec 2020 20:58:37 -0800 (PST) X-Received: by 2002:a2e:9b13:: with SMTP id u19mr296752lji.48.1607489917095; Tue, 08 Dec 2020 20:58:37 -0800 (PST) MIME-Version: 1.0 References: <20201209032155.564991-1-minchan@kernel.org> In-Reply-To: <20201209032155.564991-1-minchan@kernel.org> From: Linus Torvalds Date: Tue, 8 Dec 2020 20:58:20 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH] mm/madvise: remove racy mm ownership check To: Minchan Kim Cc: Andrew Morton , LKML , linux-mm , Jann Horn , Michal Hocko , Shakeel Butt , Suren Baghdasaryan , Christian Brauner , David Rientjes , Brian Geffon , Vlastimil Babka , Security Officers Content-Type: text/plain; charset="UTF-8" X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Tue, Dec 8, 2020 at 7:22 PM Minchan Kim wrote: > > Jann spotted the security hole due to race of mm ownership check. > If the task is sharing the mm_struct but goes through execve() > before mm_access(), it could skip process_madvise_behavior_valid > check. That makes *any advice hint* to reach into the remote process. > > This patch removes the mm ownership check. Applied directly - I'm not sure Andrew has anything else pending, so might as well short-circuit it. Linus