From: Dmitry Safonov <dima@arista.com>
To: Michael Ellerman <mpe@ellerman.id.au>,
Christophe Leroy <christophe.leroy@csgroup.eu>,
linux-kernel@vger.kernel.org
Cc: Dmitry Safonov <0x7f454c46@gmail.com>,
stable@vger.kernel.org, Andrei Vagin <avagin@gmail.com>,
Paul Mackerras <paulus@samba.org>,
Andy Lutomirski <luto@kernel.org>,
Laurent Dufour <ldufour@linux.ibm.com>,
linuxppc-dev@lists.ozlabs.org
Subject: Re: [PATCH] powerpc/vdso: Separate vvar vma from vdso
Date: Wed, 31 Mar 2021 19:53:46 +0100 [thread overview]
Message-ID: <361ec8ba-8335-157a-53e8-38a656626519@arista.com> (raw)
In-Reply-To: <8735wby77v.fsf@mpe.ellerman.id.au>
On 3/31/21 10:59 AM, Michael Ellerman wrote:
> Christophe Leroy <christophe.leroy@csgroup.eu> writes:
[..]
>>
>>> @@ -133,7 +135,13 @@ static int __arch_setup_additional_pages(struct linux_binprm *bprm, int uses_int
>>> * install_special_mapping or the perf counter mmap tracking code
>>> * will fail to recognise it as a vDSO.
>>> */
>>> - mm->context.vdso = (void __user *)vdso_base + PAGE_SIZE;
>>> + mm->context.vdso = (void __user *)vdso_base + vvar_size;
>>> +
>>> + vma = _install_special_mapping(mm, vdso_base, vvar_size,
>>> + VM_READ | VM_MAYREAD | VM_IO |
>>> + VM_DONTDUMP | VM_PFNMAP, &vvar_spec);
>>> + if (IS_ERR(vma))
>>> + return PTR_ERR(vma);
>>>
>>> /*
>>> * our vma flags don't have VM_WRITE so by default, the process isn't
>>
>>
>> IIUC, VM_PFNMAP is for when we have a vvar_fault handler.
>> Allthough we will soon have one for handle TIME_NS, at the moment
>> powerpc doesn't have that handler.
>> Isn't it dangerous to set VM_PFNMAP then ?
I believe, it's fine, special_mapping_fault() does:
: if (sm->fault)
: return sm->fault(sm, vmf->vma, vmf);
> Some of the other flags seem odd too.
> eg. VM_IO ? VM_DONTDUMP ?
Yeah, so:
VM_PFNMAP | VM_IO is a protection from remote access on pages. So one
can't access such page with ptrace(), /proc/$pid/mem or
process_vm_write(). Otherwise, it would create COW mapping and the
tracee will stop working with stale vvar.
VM_DONTDUMP restricts the area from coredumping and gdb will also avoid
accessing those[1][2].
I agree that VM_PFNMAP was probably excessive in this patch alone and
rather synchronized code with other architectures, but it makes more
sense now in the new patches set by Christophe:
https://lore.kernel.org/linux-arch/cover.1617209141.git.christophe.leroy@csgroup.eu/
[1] https://lore.kernel.org/lkml/550731AF.6080904@redhat.com/T/
[2] https://sourceware.org/legacy-ml/gdb-patches/2015-03/msg00383.html
Thanks,
Dmitry
next prev parent reply other threads:[~2021-03-31 18:54 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-26 19:17 [PATCH] powerpc/vdso: Separate vvar vma from vdso Dmitry Safonov
2021-03-27 17:19 ` Christophe Leroy
2021-03-27 17:43 ` Dmitry Safonov
2021-03-29 9:51 ` Laurent Dufour
2021-03-29 15:14 ` Laurent Dufour
2021-03-29 19:59 ` Dmitry Safonov
2021-03-30 8:41 ` Christophe Leroy
2021-03-31 9:59 ` Michael Ellerman
2021-03-31 18:53 ` Dmitry Safonov [this message]
2021-03-30 10:17 ` Christophe Leroy
2021-03-31 18:15 ` Dmitry Safonov
2021-04-19 3:59 ` Michael Ellerman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=361ec8ba-8335-157a-53e8-38a656626519@arista.com \
--to=dima@arista.com \
--cc=0x7f454c46@gmail.com \
--cc=avagin@gmail.com \
--cc=christophe.leroy@csgroup.eu \
--cc=ldufour@linux.ibm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=luto@kernel.org \
--cc=mpe@ellerman.id.au \
--cc=paulus@samba.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).