From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.1 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI, SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 529D1C10F0B for ; Thu, 18 Apr 2019 05:58:09 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 226ED2183F for ; Thu, 18 Apr 2019 05:58:09 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=Mellanox.com header.i=@Mellanox.com header.b="Ivwh1UKu" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2387856AbfDRF6I (ORCPT ); Thu, 18 Apr 2019 01:58:08 -0400 Received: from mail-eopbgr80047.outbound.protection.outlook.com ([40.107.8.47]:38953 "EHLO EUR04-VI1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1725836AbfDRF6H (ORCPT ); Thu, 18 Apr 2019 01:58:07 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Mellanox.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=efwA6jafB4XpHEScgHYT755X0CtpnXkieGI/8k2Ebz8=; b=Ivwh1UKuBTSXuquIs08V9LllyrjCFzRiJ1EeH50A6jt1hP65pnRAHfcJh9I3NEXCZruZ4+4ssQFjtE4F4BbvjLNdhHtX9roxH4qmv+pvFbyY7wkmRV1WSrVUqk7BcS1tXu2n86EA5GMNl/habtOUvz5hx0xhMxU4tLym3+G9us4= Received: from AM6PR05MB4439.eurprd05.prod.outlook.com (52.135.162.148) by AM6PR05MB5539.eurprd05.prod.outlook.com (20.177.118.161) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1813.12; Thu, 18 Apr 2019 05:58:01 +0000 Received: from AM6PR05MB4439.eurprd05.prod.outlook.com ([fe80::24cd:a3f1:870b:bd92]) by AM6PR05MB4439.eurprd05.prod.outlook.com ([fe80::24cd:a3f1:870b:bd92%6]) with mapi id 15.20.1813.013; Thu, 18 Apr 2019 05:58:01 +0000 From: Jason Gunthorpe To: "Ruhl, Michael J" , Kees Cook CC: Leon Romanovsky , Doug Ledford , Leon Romanovsky , RDMA mailing list , Andrea Arcangeli , Feras Daoud , Haggai Eran , Saeed Mahameed , linux-netdev Subject: Re: [PATCH rdma-next 3/6] RDMA/ucontext: Do not allow BAR mappings to be executable Thread-Topic: [PATCH rdma-next 3/6] RDMA/ucontext: Do not allow BAR mappings to be executable Thread-Index: AQHU9ESlyFzdjB344kKV3wt/lo2o66ZAuIuAgAC2RYA= Date: Thu, 18 Apr 2019 05:58:01 +0000 Message-ID: <20190418055759.GA3155@mellanox.com> References: <20190416110730.32230-1-leon@kernel.org> <20190416110730.32230-4-leon@kernel.org> <14063C7AD467DE4B82DEDB5C278E8663BE6A5513@FMSMSX108.amr.corp.intel.com> In-Reply-To: <14063C7AD467DE4B82DEDB5C278E8663BE6A5513@FMSMSX108.amr.corp.intel.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: DB6PR07CA0021.eurprd07.prod.outlook.com (2603:10a6:6:2d::31) To AM6PR05MB4439.eurprd05.prod.outlook.com (2603:10a6:209:43::20) authentication-results: spf=none (sender IP is ) smtp.mailfrom=jgg@mellanox.com; x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [193.47.165.251] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: cc9d6212-f3f7-41f1-73fb-08d6c3c2d0cd x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: BCL:0;PCL:0;RULEID:(2390118)(7020095)(4652040)(8989299)(5600141)(711020)(4605104)(4618075)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020);SRVR:AM6PR05MB5539; x-ms-traffictypediagnostic: AM6PR05MB5539: x-microsoft-antispam-prvs: x-forefront-prvs: 0011612A55 x-forefront-antispam-report: SFV:NSPM;SFS:(10009020)(979002)(376002)(396003)(39860400002)(346002)(136003)(366004)(189003)(199004)(36756003)(478600001)(53936002)(14454004)(76176011)(229853002)(6512007)(4326008)(6246003)(25786009)(6436002)(68736007)(66066001)(6486002)(256004)(71200400001)(1076003)(486006)(2616005)(446003)(86362001)(52116002)(476003)(11346002)(99286004)(71190400001)(186003)(26005)(2906002)(33656002)(8936002)(81156014)(7736002)(110136005)(386003)(6506007)(3846002)(6116002)(54906003)(102836004)(316002)(81166006)(305945005)(8676002)(97736004)(5660300002)(969003)(989001)(999001)(1009001)(1019001);DIR:OUT;SFP:1101;SCL:1;SRVR:AM6PR05MB5539;H:AM6PR05MB4439.eurprd05.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords;MX:1;A:1; received-spf: None (protection.outlook.com: mellanox.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: PM3VfrxwgULnWXBNZ1IGLur3Sq5goSTgd/0l8dDp0Lnonf5Q1RPT1Gc2jJWL0LwH7PfV//tL1ag6jsnNLQflZtfwWhYsE6hQeoV+xAz+90KBuMgZRbx700rK4XnqlauVttSdgF/DugtuC/WHmd5zu7+TE5T8r34AXLxFojgWzbL0DrNqkXKF2wA018GfIKAnmA0Uv0j3v5AEQRNQHR0d7ccax5HJtvjb2mpkqxR4bPUYIX0eOqvrDmQi035whPYJ0U1GixTIdTwX6wSnI6b9WsogEVjynKOcOMrsAEFo7L/ENlSkuPbADxYPMpSSwdDgCpT72UG6Uv6CMzE2P+syIA5JsINOPipPUv6fp969YXJwjwSGVdBJorv4VD4ZvpwRK0xHe9oGiMPu8JRNErfMrBH3OAuI8u6+uWe/fzra7lY= Content-Type: text/plain; charset="us-ascii" Content-ID: <8785FA9F16468446BC4673E3B86BB48B@eurprd05.prod.outlook.com> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: Mellanox.com X-MS-Exchange-CrossTenant-Network-Message-Id: cc9d6212-f3f7-41f1-73fb-08d6c3c2d0cd X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Apr 2019 05:58:01.6072 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: a652971c-7d2e-4d9b-a6a4-d149256f461b X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR05MB5539 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org On Wed, Apr 17, 2019 at 07:05:37PM +0000, Ruhl, Michael J wrote: > >diff --git a/drivers/infiniband/core/uverbs_main.c > >b/drivers/infiniband/core/uverbs_main.c > >index fef4519d1241..3ef6474cd201 100644 > >+++ b/drivers/infiniband/core/uverbs_main.c > >@@ -889,6 +889,10 @@ static struct rdma_umap_priv > >*rdma_user_mmap_pre(struct ib_ucontext *ucontext, > > struct ib_uverbs_file *ufile =3D ucontext->ufile; > > struct rdma_umap_priv *priv; > > > >+ if (vma->vm_flags & VM_EXEC) > >+ return ERR_PTR(-EINVAL); > >+ vma->vm_flags &=3D ~VM_MAYEXEC; > >+ >=20 > A change like this was made in HFI with: >=20 > commit 12220267645cb7d1f3f699218e0098629e932e1f > IB/hfi: Protect against writable mmap >=20 > This caused user applications that use the stack for execution to fail. > The VM_EXEC flag is passed down during mmaps. >=20 > We had to remove this patch with: >=20 > commit 7709b0dc265f28695487712c45f02bbd1f98415d > IB/hfi1: Remove overly conservative VM_EXEC flag check >=20 > to resolve this issue. >=20 > I am not sure if this is an equivalent issue, but the code path > appears very similar. It does seem problematic here too Kees: You have worked in this W^X area in other parts of the kernel, what should drivers do here? The situation is we have a driver providing mmap against BAR memory that is absolutely not intended for execution, so we would prefer to block VM_EXEC in the driver's mmap fops callback However READ_IMPLIES_EXEC forces VM_EXEC on for everything with no way to opt out.. Jason