From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751262AbdBKUNG (ORCPT <rfc822;w@1wt.eu>);
        Sat, 11 Feb 2017 15:13:06 -0500
Received: from Galois.linutronix.de ([146.0.238.70]:35625 "EHLO
        Galois.linutronix.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751047AbdBKUNF (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 11 Feb 2017 15:13:05 -0500
Date: Sat, 11 Feb 2017 21:13:01 +0100 (CET)
From: Thomas Gleixner <tglx@linutronix.de>
To: Dmitry Safonov <dsafonov@virtuozzo.com>
cc: linux-kernel@vger.kernel.org, 0x7f454c46@gmail.com,
        Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
        Andy Lutomirski <luto@kernel.org>, Borislav Petkov <bp@suse.de>,
        x86@kernel.org, linux-mm@kvack.org
Subject: Re: [PATCHv4 4/5] x86/mm: check in_compat_syscall() instead TIF_ADDR32
 for mmap(MAP_32BIT)
In-Reply-To: <20170130120432.6716-5-dsafonov@virtuozzo.com>
Message-ID: <alpine.DEB.2.20.1702112107490.3734@nanos>
References: <20170130120432.6716-1-dsafonov@virtuozzo.com> <20170130120432.6716-5-dsafonov@virtuozzo.com>
User-Agent: Alpine 2.20 (DEB 67 2015-01-07)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, 30 Jan 2017, Dmitry Safonov wrote:

> At this momet, logic in arch_get_unmapped_area{,_topdown} for mmaps with
> MAP_32BIT flag checks TIF_ADDR32 which means:
> o if 32-bit ELF changes mode to 64-bit on x86_64 and then tries to
>   mmap() with MAP_32BIT it'll result in addr over 4Gb (as default is
>   top-down allocation)
> o if 64-bit ELF changes mode to 32-bit and tries mmap() with MAP_32BIT,
>   it'll allocate only memory in 1GB space: [0x40000000, 0x80000000).
> 
> Fix it by handeling MAP_32BIT in 64-bit syscalls only.

I really have a hard time to understand what is fixed and how that is
related to the $subject.

Again. Please explain the problem first properly so one can understand the
issue immediately.

> As a little bonus it'll make thread flag a little less used.

I really do not understand the bonus part here. You replace the thread flag
check with a different one and AFAICT this looks like oart of the 'fix'.

Thanks,

	tglx

> @@ -101,7 +101,7 @@ SYSCALL_DEFINE6(mmap, unsigned long, addr, unsigned long, len,
>  static void find_start_end(unsigned long flags, unsigned long *begin,
>  			   unsigned long *end)
>  {
> -	if (!test_thread_flag(TIF_ADDR32) && (flags & MAP_32BIT)) {
> +	if (!in_compat_syscall() && (flags & MAP_32BIT)) {
>  		/* This is usually used needed to map code in small
>  		   model, so it needs to be in the first 31bit. Limit
>  		   it to that.  This means we need to move the
> @@ -195,7 +195,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0,
>  		return addr;
>  
>  	/* for MAP_32BIT mappings we force the legacy mmap base */
> -	if (!test_thread_flag(TIF_ADDR32) && (flags & MAP_32BIT))
> +	if (!in_compat_syscall() && (flags & MAP_32BIT))
>  		goto bottomup;
>  
>  	/* requesting a specific address */
> -- 
> 2.11.0
> 
>