linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: "Michael Kerrisk (man-pages)" <mtk.manpages@gmail.com>
To: Dave Hansen <dave@sr71.net>
Cc: mtk.manpages@gmail.com, Jonathan Corbet <corbet@lwn.net>,
	lkml <linux-kernel@vger.kernel.org>,
	"x86@kernel.org" <x86@kernel.org>,
	Linux API <linux-api@vger.kernel.org>,
	linux-arch <linux-arch@vger.kernel.org>,
	"linux-mm@kvack.org" <linux-mm@kvack.org>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	Andrew Morton <akpm@linux-foundation.org>,
	Dave Hansen <dave.hansen@linux.intel.com>
Subject: Re: [PATCH 5/8] x86, pkeys: allocation/free syscalls
Date: Thu, 2 Jun 2016 19:26:03 -0500	[thread overview]
Message-ID: <5499ff55-ae0f-e54c-05fd-b1e76dc05a89@gmail.com> (raw)
In-Reply-To: <574F7B16.4080906@sr71.net>

On 06/01/2016 07:17 PM, Dave Hansen wrote:
> On 06/01/2016 05:11 PM, Michael Kerrisk (man-pages) wrote:
>>>>>>
>>>>>> If I read this right, it doesn't actually remove any pkey restrictions
>>>>>> that may have been applied while the key was allocated.  So there could be
>>>>>> pages with that key assigned that might do surprising things if the key is
>>>>>> reallocated for another use later, right?  Is that how the API is intended
>>>>>> to work?
>>>>
>>>> Yeah, that's how it works.
>>>>
>>>> It's not ideal.  It would be _best_ if we during mm_pkey_free(), we
>>>> ensured that no VMAs under that mm have that vma_pkey() set.  But, that
>>>> search would be potentially expensive (a walk over all VMAs), or would
>>>> force us to keep a data structure with a count of all the VMAs with a
>>>> given key.
>>>>
>>>> I should probably discuss this behavior in the manpages and address it
>> s/probably//
>>
>> And, did I miss it. Was there an updated man-pages patch in the latest
>> series? I did not notice it.
> 
> There have been to changes to the patches that warranted updating the
> manpages until now.  I'll send the update immediately.

Do those updated pages include discussion of the point noted above?
I could not see it mentioned there.

Just by the way, the above behavior seems to offer possibilities
for users to shoot themselves in the foot, in a way that has security
implications. (Or do I misunderstand?)

Thanks,

Michael


-- 
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/

  reply	other threads:[~2016-06-03  0:26 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-05-31 15:28 [PATCH 0/8] System Calls for Memory Protection Keys Dave Hansen
2016-05-31 15:28 ` [PATCH 1/8] x86, pkeys: add fault handling for PF_PK page fault bit Dave Hansen
2016-05-31 15:28 ` [PATCH 2/8] mm: implement new pkey_mprotect() system call Dave Hansen
2016-05-31 15:28 ` [PATCH 3/8] x86, pkeys: make mprotect_key() mask off additional vm_flags Dave Hansen
2016-05-31 15:28 ` [PATCH 4/8] x86: wire up mprotect_key() system call Dave Hansen
2016-05-31 15:28 ` [PATCH 5/8] x86, pkeys: allocation/free syscalls Dave Hansen
2016-06-01 18:37   ` Jonathan Corbet
2016-06-01 19:32     ` Dave Hansen
2016-06-02  0:11       ` Michael Kerrisk (man-pages)
2016-06-02  0:17         ` Dave Hansen
2016-06-03  0:26           ` Michael Kerrisk (man-pages) [this message]
2016-06-03 17:28             ` Dave Hansen
2016-06-03 19:27               ` Michael Kerrisk (man-pages)
2016-06-01 20:48   ` Arnd Bergmann
2016-06-02 21:10     ` Dave Hansen
2016-05-31 15:28 ` [PATCH 6/8] x86, pkeys: add pkey set/get syscalls Dave Hansen
2016-05-31 15:28 ` [PATCH 7/8] pkeys: add details of system call use to Documentation/ Dave Hansen
2016-06-01 16:43   ` Jonathan Corbet
2016-06-01 16:46     ` Dave Hansen
2016-06-01 16:49       ` Jonathan Corbet
2016-06-01 17:10         ` Dave Hansen
2016-05-31 15:28 ` [PATCH 8/8] x86, pkeys: add self-tests Dave Hansen
  -- strict thread matches above, loose matches on Subject: below --
2016-04-11 15:54 [PATCH 0/8] System Calls for Memory Protection Keys Dave Hansen
2016-04-11 15:54 ` [PATCH 5/8] x86, pkeys: allocation/free syscalls Dave Hansen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=5499ff55-ae0f-e54c-05fd-b1e76dc05a89@gmail.com \
    --to=mtk.manpages@gmail.com \
    --cc=akpm@linux-foundation.org \
    --cc=corbet@lwn.net \
    --cc=dave.hansen@linux.intel.com \
    --cc=dave@sr71.net \
    --cc=linux-api@vger.kernel.org \
    --cc=linux-arch@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=torvalds@linux-foundation.org \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).