* What this patch does
This patch changes the behavior of replace_mm_exe_file to remove the
restriction that the current mm may not have any mappings of the
previous exe_file. This restriction has a bit of a complicated history,
which I will summarize below, but the upshot is that whatever value it
may have had when originally introduced (and it is worth pointing out
that the history does not suggest it was ever seen as a security
feature) - in its current state, the restriction is essentially useless
and merely forces userspace into awkward contusions (and extra system
calls) to be able to use it.
* Context/History
The /proc/<pid>/exe symlink provides access to the file that was used
to execve <pid>. It is used for example by gdb to find the on-disk location
of the executed binary and read its debug information.
Originally, the /proc/<pid>/exe symlink was immutable, set by the
kernel upon execve and never changed again. However, in b32dfe377
("c/r: prctl: add ability to set new mm_struct::exe_file"), `prctl`
gained the ability to modify this symlink for use by c/r, under a couple
of restrictions:
1. The process contains no mappings marked as VM_EXECUTABLE (i.e. mappings
created in execve or by splitting mappings thereof).
2. The new file has appropriate access permissions
3. The call may only be made once
4. The calling process has CAP_SYS_RESOURCE
The restriction we're considering here is point 1. For completeness, I
will note that restriction 3 was subsequently dropped, and restriction 4
was expanded to also allow the local user namespace's root to perform
the operation (as long as this was done using `PR_SET_MM_MAP`).
On restriction 1, the original commit notes that:
Note it allows to change /proc/$pid/exe if there are no VM_EXECUTABLE
vmas present for current process, simply because this feature is a special
to C/R and mm::num_exe_file_vmas become meaningless after that.
The `num_exe_file_vmas` counter was a refcount for the number of mapped VMAs
with the VM_EXECUTABLE flag set. It was used to drop the reference of
/proc/<pid>/exe to the execve'd file if all mappings to it created in
sys_execve were subsequently removed. Thus, as best I can tell, this restriction
was simply a convenience to avoid the additional complexity of correctly handling
non-zero `num_exe_file_vmas` while updating the exe_file.
However, `num_exe_file_vmas` was removed a few months later in e9714acf8c
("mm: kill vma flag VM_EXECUTABLE and mm->num_exe_file_vmas") with the
justification that nobody depended on it and the functionality could
be replaced by an appropriate use of PR_SET_MM_EXE_FILE.
Because of this change, the restriction was updated in bafb282d ("c/r: prctl:
update prctl_set_mm_exe_file() after mm->num_exe_file_vmas removal") to
not allow any mappings present in the memory map of the process other
than the *new* exe_file (a more strict restriction than the original
restriction) and then again in 4229fb1dc ("c/r: prctl: less paranoid
prctl_set_mm_exe_file()") to disallow any mappings of the old exe_file
(still a more strict restriction than the original restriction on
VM_EXECUTABLE mappings, as now any mapping with the same path would
be forbidden not just those created in execve).
It is worth noting that at this point the check for mappings of the
original file and the modification to mm->exe_file were still protected
by the mm's mmap_sem and thus atomic with respect to other modifications
of the mm. However, this too was changed in 6e399cd14 ("prctl: avoid using mmap_sem
for exe_file serialization") and the prctl now separately acquires the
mm's read sema just for the purpose of enforcing the restriction (but
does not enforce any sort of atomicity with respect to the update of
the exe_file).
Except for minor refactorings, this is essentially the state of the
restriction in today's kernel. It appears to me that this was originally
a technical restriction to avoid additional complexity from the interaction
with VM_EXECTUABLE, but when this was removed the question of whether the
restriction was still sensible was not revisited. I searched around for
any additional justifications for this restriction, but could not
find any, and given the lack of enforced atomicity, it does not seem
that any guarantees are actually provided in practice.
* The use case for dropping the restriction
Apart from a general dislike for executing unnecessary code, there are
some practical reasons to want to drop the restriction. In particular,
it is currently awkward to call PR_SET_MM_MAP from an executable itself.
In the original c/r usecase, the restorer was a ptracer and the original
exe_file merely a stub that essentially did nothing, so it was no trouble
to unmap it completely, However, there are a few usecases where
PR_SET_MM_MAP would be useful that are not ptracers.
One such use case are preloaders that run before ld.so and the main
executable in order to control the memory layout. Wine has such a
preloader, but they are also useful to control memory layout for
debugging purposes. Another use case are non-ptrace checkpoint/restore
systems (ptrace is powerful, but not particularly performant, so
c/r systems that are ok with some state changing can gain
performance by not using it).
It is of course possible to use PR_SET_MM_MAP in these contexts
by relocating the executable to private memory and unmapping the
original, but this introduces additional unnecessary complexity for
what appears to be no good reason.
* Summary
As far as I can tell, the restriction against mappings of the old
exe_file in PR_SET_MM_EXE_FILE/PR_SET_MM_MAP exists for no good
reason, but is simply an artifact of its development process.
Because it makes it hard to use this APIs in legitimate contexts
I propose that the restriction be dropped.
Signed-off-by: Keno Fischer <[email protected]>
---
kernel/fork.c | 18 ------------------
1 file changed, 18 deletions(-)
diff --git a/kernel/fork.c b/kernel/fork.c
index 3244cc56b697..11e01dae8bbc 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -1203,27 +1203,9 @@ int set_mm_exe_file(struct mm_struct *mm, struct file *new_exe_file)
*/
int replace_mm_exe_file(struct mm_struct *mm, struct file *new_exe_file)
{
- struct vm_area_struct *vma;
struct file *old_exe_file;
int ret = 0;
- /* Forbid mm->exe_file change if old file still mapped. */
- old_exe_file = get_mm_exe_file(mm);
- if (old_exe_file) {
- mmap_read_lock(mm);
- for (vma = mm->mmap; vma && !ret; vma = vma->vm_next) {
- if (!vma->vm_file)
- continue;
- if (path_equal(&vma->vm_file->f_path,
- &old_exe_file->f_path))
- ret = -EBUSY;
- }
- mmap_read_unlock(mm);
- fput(old_exe_file);
- if (ret)
- return ret;
- }
-
/* set the new file, lockless */
ret = deny_write_access(new_exe_file);
if (ret)
--
2.25.1
Hi Keno,
Thank you for the patch! Perhaps something to improve:
[auto build test WARNING on linux/master]
[also build test WARNING on hnaz-mm/master linus/master v5.16-rc5 next-20211214]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/Keno-Fischer/c-r-prctl-Remove-PR_SET_MM_EXE_FILE-old-file-mapping-restriction/20211215-142515
base: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 136057256686de39cc3a07c2e39ef6bc43003ff6
config: riscv-randconfig-s031-20211214 (https://download.01.org/0day-ci/archive/20211216/[email protected]/config)
compiler: riscv32-linux-gcc (GCC) 11.2.0
reproduce:
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# apt-get install sparse
# sparse version: v0.6.4-dirty
# https://github.com/0day-ci/linux/commit/08f30df401c936e27733e3b37765c2b7d35fe0e7
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Keno-Fischer/c-r-prctl-Remove-PR_SET_MM_EXE_FILE-old-file-mapping-restriction/20211215-142515
git checkout 08f30df401c936e27733e3b37765c2b7d35fe0e7
# save the config file to linux build tree
mkdir build_dir
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-11.2.0 make.cross C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' O=build_dir ARCH=riscv SHELL=/bin/bash
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <[email protected]>
sparse warnings: (new ones prefixed by >>)
kernel/fork.c:1215:24: sparse: sparse: incorrect type in initializer (different address spaces) @@ expected struct file [noderef] __rcu *_x_ @@ got struct file *new_exe_file @@
kernel/fork.c:1215:24: sparse: expected struct file [noderef] __rcu *_x_
kernel/fork.c:1215:24: sparse: got struct file *new_exe_file
>> kernel/fork.c:1215:22: sparse: sparse: incorrect type in assignment (different address spaces) @@ expected struct file *old_exe_file @@ got struct file [noderef] __rcu * @@
kernel/fork.c:1215:22: sparse: expected struct file *old_exe_file
kernel/fork.c:1215:22: sparse: got struct file [noderef] __rcu *
kernel/fork.c:1572:38: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct refcount_struct [usertype] *r @@ got struct refcount_struct [noderef] __rcu * @@
kernel/fork.c:1572:38: sparse: expected struct refcount_struct [usertype] *r
kernel/fork.c:1572:38: sparse: got struct refcount_struct [noderef] __rcu *
kernel/fork.c:1581:31: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:1581:31: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:1581:31: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:1582:36: sparse: sparse: incorrect type in argument 2 (different address spaces) @@ expected void const *q @@ got struct k_sigaction [noderef] __rcu * @@
kernel/fork.c:1582:36: sparse: expected void const *q
kernel/fork.c:1582:36: sparse: got struct k_sigaction [noderef] __rcu *
kernel/fork.c:1583:33: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:1583:33: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:1583:33: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:1676:9: sparse: sparse: cast removes address space '__rcu' of expression
kernel/fork.c:1995:31: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:1995:31: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:1995:31: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:1999:33: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:1999:33: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:1999:33: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2304:32: sparse: sparse: incorrect type in assignment (different address spaces) @@ expected struct task_struct [noderef] __rcu *real_parent @@ got struct task_struct * @@
kernel/fork.c:2304:32: sparse: expected struct task_struct [noderef] __rcu *real_parent
kernel/fork.c:2304:32: sparse: got struct task_struct *
kernel/fork.c:2313:27: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:2313:27: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:2313:27: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2362:54: sparse: sparse: incorrect type in argument 2 (different address spaces) @@ expected struct list_head *head @@ got struct list_head [noderef] __rcu * @@
kernel/fork.c:2362:54: sparse: expected struct list_head *head
kernel/fork.c:2362:54: sparse: got struct list_head [noderef] __rcu *
kernel/fork.c:2383:29: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:2383:29: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:2383:29: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2401:29: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:2401:29: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:2401:29: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2428:28: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct sighand_struct *sighand @@ got struct sighand_struct [noderef] __rcu *sighand @@
kernel/fork.c:2428:28: sparse: expected struct sighand_struct *sighand
kernel/fork.c:2428:28: sparse: got struct sighand_struct [noderef] __rcu *sighand
kernel/fork.c:2456:31: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:2456:31: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:2456:31: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2458:33: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:2458:33: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:2458:33: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2867:24: sparse: sparse: incorrect type in assignment (different address spaces) @@ expected struct task_struct *[assigned] parent @@ got struct task_struct [noderef] __rcu *real_parent @@
kernel/fork.c:2867:24: sparse: expected struct task_struct *[assigned] parent
kernel/fork.c:2867:24: sparse: got struct task_struct [noderef] __rcu *real_parent
kernel/fork.c:2948:43: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct refcount_struct const [usertype] *r @@ got struct refcount_struct [noderef] __rcu * @@
kernel/fork.c:2948:43: sparse: expected struct refcount_struct const [usertype] *r
kernel/fork.c:2948:43: sparse: got struct refcount_struct [noderef] __rcu *
kernel/fork.c:2039:22: sparse: sparse: dereference of noderef expression
kernel/fork.c: note: in included file (through include/linux/ftrace.h, include/linux/perf_event.h, include/linux/trace_events.h, ...):
include/linux/ptrace.h:218:45: sparse: sparse: incorrect type in argument 2 (different address spaces) @@ expected struct task_struct *new_parent @@ got struct task_struct [noderef] __rcu *parent @@
include/linux/ptrace.h:218:45: sparse: expected struct task_struct *new_parent
include/linux/ptrace.h:218:45: sparse: got struct task_struct [noderef] __rcu *parent
include/linux/ptrace.h:218:62: sparse: sparse: incorrect type in argument 3 (different address spaces) @@ expected struct cred const *ptracer_cred @@ got struct cred const [noderef] __rcu *ptracer_cred @@
include/linux/ptrace.h:218:62: sparse: expected struct cred const *ptracer_cred
include/linux/ptrace.h:218:62: sparse: got struct cred const [noderef] __rcu *ptracer_cred
kernel/fork.c:2360:59: sparse: sparse: dereference of noderef expression
kernel/fork.c:2361:59: sparse: sparse: dereference of noderef expression
vim +1215 kernel/fork.c
3864601387cf41 Jiri Slaby 2011-05-26 1194
35d7bdc86031a2 David Hildenbrand 2021-04-23 1195 /**
35d7bdc86031a2 David Hildenbrand 2021-04-23 1196 * replace_mm_exe_file - replace a reference to the mm's executable file
35d7bdc86031a2 David Hildenbrand 2021-04-23 1197 *
35d7bdc86031a2 David Hildenbrand 2021-04-23 1198 * This changes mm's executable file (shown as symlink /proc/[pid]/exe),
35d7bdc86031a2 David Hildenbrand 2021-04-23 1199 * dealing with concurrent invocation and without grabbing the mmap lock in
35d7bdc86031a2 David Hildenbrand 2021-04-23 1200 * write mode.
35d7bdc86031a2 David Hildenbrand 2021-04-23 1201 *
35d7bdc86031a2 David Hildenbrand 2021-04-23 1202 * Main user is sys_prctl(PR_SET_MM_MAP/EXE_FILE).
35d7bdc86031a2 David Hildenbrand 2021-04-23 1203 */
35d7bdc86031a2 David Hildenbrand 2021-04-23 1204 int replace_mm_exe_file(struct mm_struct *mm, struct file *new_exe_file)
35d7bdc86031a2 David Hildenbrand 2021-04-23 1205 {
35d7bdc86031a2 David Hildenbrand 2021-04-23 1206 struct file *old_exe_file;
35d7bdc86031a2 David Hildenbrand 2021-04-23 1207 int ret = 0;
35d7bdc86031a2 David Hildenbrand 2021-04-23 1208
35d7bdc86031a2 David Hildenbrand 2021-04-23 1209 /* set the new file, lockless */
fe69d560b5bd9e David Hildenbrand 2021-04-23 1210 ret = deny_write_access(new_exe_file);
fe69d560b5bd9e David Hildenbrand 2021-04-23 1211 if (ret)
fe69d560b5bd9e David Hildenbrand 2021-04-23 1212 return -EACCES;
35d7bdc86031a2 David Hildenbrand 2021-04-23 1213 get_file(new_exe_file);
fe69d560b5bd9e David Hildenbrand 2021-04-23 1214
35d7bdc86031a2 David Hildenbrand 2021-04-23 @1215 old_exe_file = xchg(&mm->exe_file, new_exe_file);
fe69d560b5bd9e David Hildenbrand 2021-04-23 1216 if (old_exe_file) {
fe69d560b5bd9e David Hildenbrand 2021-04-23 1217 /*
fe69d560b5bd9e David Hildenbrand 2021-04-23 1218 * Don't race with dup_mmap() getting the file and disallowing
fe69d560b5bd9e David Hildenbrand 2021-04-23 1219 * write access while someone might open the file writable.
fe69d560b5bd9e David Hildenbrand 2021-04-23 1220 */
fe69d560b5bd9e David Hildenbrand 2021-04-23 1221 mmap_read_lock(mm);
fe69d560b5bd9e David Hildenbrand 2021-04-23 1222 allow_write_access(old_exe_file);
35d7bdc86031a2 David Hildenbrand 2021-04-23 1223 fput(old_exe_file);
fe69d560b5bd9e David Hildenbrand 2021-04-23 1224 mmap_read_unlock(mm);
fe69d560b5bd9e David Hildenbrand 2021-04-23 1225 }
35d7bdc86031a2 David Hildenbrand 2021-04-23 1226 return 0;
35d7bdc86031a2 David Hildenbrand 2021-04-23 1227 }
3864601387cf41 Jiri Slaby 2011-05-26 1228
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/[email protected]
Hi Keno,
Thank you for the patch! Perhaps something to improve:
[auto build test WARNING on linux/master]
[also build test WARNING on linus/master v5.16-rc5 next-20211214]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/Keno-Fischer/c-r-prctl-Remove-PR_SET_MM_EXE_FILE-old-file-mapping-restriction/20211215-142515
base: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 136057256686de39cc3a07c2e39ef6bc43003ff6
config: arc-randconfig-s031-20211214 (https://download.01.org/0day-ci/archive/20211216/[email protected]/config)
compiler: arceb-elf-gcc (GCC) 11.2.0
reproduce:
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# apt-get install sparse
# sparse version: v0.6.4-dirty
# https://github.com/0day-ci/linux/commit/08f30df401c936e27733e3b37765c2b7d35fe0e7
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Keno-Fischer/c-r-prctl-Remove-PR_SET_MM_EXE_FILE-old-file-mapping-restriction/20211215-142515
git checkout 08f30df401c936e27733e3b37765c2b7d35fe0e7
# save the config file to linux build tree
mkdir build_dir
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-11.2.0 make.cross C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' O=build_dir ARCH=arc SHELL=/bin/bash
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <[email protected]>
sparse warnings: (new ones prefixed by >>)
kernel/fork.c:1215:24: sparse: sparse: incorrect type in initializer (different address spaces) @@ expected struct file [noderef] __rcu *_val_ @@ got struct file *new_exe_file @@
kernel/fork.c:1215:24: sparse: expected struct file [noderef] __rcu *_val_
kernel/fork.c:1215:24: sparse: got struct file *new_exe_file
>> kernel/fork.c:1215:22: sparse: sparse: incorrect type in assignment (different address spaces) @@ expected struct file *old_exe_file @@ got struct file [noderef] __rcu *[assigned] _val_ @@
kernel/fork.c:1215:22: sparse: expected struct file *old_exe_file
kernel/fork.c:1215:22: sparse: got struct file [noderef] __rcu *[assigned] _val_
kernel/fork.c:1572:38: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct refcount_struct [usertype] *r @@ got struct refcount_struct [noderef] __rcu * @@
kernel/fork.c:1572:38: sparse: expected struct refcount_struct [usertype] *r
kernel/fork.c:1572:38: sparse: got struct refcount_struct [noderef] __rcu *
kernel/fork.c:1581:31: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:1581:31: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:1581:31: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:1582:36: sparse: sparse: incorrect type in argument 2 (different address spaces) @@ expected void const * @@ got struct k_sigaction [noderef] __rcu * @@
kernel/fork.c:1582:36: sparse: expected void const *
kernel/fork.c:1582:36: sparse: got struct k_sigaction [noderef] __rcu *
kernel/fork.c:1583:33: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:1583:33: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:1583:33: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:1995:31: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:1995:31: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:1995:31: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:1999:33: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:1999:33: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:1999:33: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2304:32: sparse: sparse: incorrect type in assignment (different address spaces) @@ expected struct task_struct [noderef] __rcu *real_parent @@ got struct task_struct *task @@
kernel/fork.c:2304:32: sparse: expected struct task_struct [noderef] __rcu *real_parent
kernel/fork.c:2304:32: sparse: got struct task_struct *task
kernel/fork.c:2313:27: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:2313:27: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:2313:27: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2362:54: sparse: sparse: incorrect type in argument 2 (different address spaces) @@ expected struct list_head *head @@ got struct list_head [noderef] __rcu * @@
kernel/fork.c:2362:54: sparse: expected struct list_head *head
kernel/fork.c:2362:54: sparse: got struct list_head [noderef] __rcu *
kernel/fork.c:2383:29: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:2383:29: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:2383:29: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2401:29: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:2401:29: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:2401:29: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2428:28: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct sighand_struct *sighand @@ got struct sighand_struct [noderef] __rcu *sighand @@
kernel/fork.c:2428:28: sparse: expected struct sighand_struct *sighand
kernel/fork.c:2428:28: sparse: got struct sighand_struct [noderef] __rcu *sighand
kernel/fork.c:2456:31: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:2456:31: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:2456:31: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2458:33: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:2458:33: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:2458:33: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2867:24: sparse: sparse: incorrect type in assignment (different address spaces) @@ expected struct task_struct *[assigned] parent @@ got struct task_struct [noderef] __rcu *real_parent @@
kernel/fork.c:2867:24: sparse: expected struct task_struct *[assigned] parent
kernel/fork.c:2867:24: sparse: got struct task_struct [noderef] __rcu *real_parent
kernel/fork.c:2948:43: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct refcount_struct const [usertype] *r @@ got struct refcount_struct [noderef] __rcu * @@
kernel/fork.c:2948:43: sparse: expected struct refcount_struct const [usertype] *r
kernel/fork.c:2948:43: sparse: got struct refcount_struct [noderef] __rcu *
kernel/fork.c:2039:22: sparse: sparse: dereference of noderef expression
kernel/fork.c: note: in included file (through include/uapi/asm-generic/bpf_perf_event.h, arch/arc/include/generated/uapi/asm/bpf_perf_event.h, ...):
include/linux/ptrace.h:218:45: sparse: sparse: incorrect type in argument 2 (different address spaces) @@ expected struct task_struct *new_parent @@ got struct task_struct [noderef] __rcu *parent @@
include/linux/ptrace.h:218:45: sparse: expected struct task_struct *new_parent
include/linux/ptrace.h:218:45: sparse: got struct task_struct [noderef] __rcu *parent
include/linux/ptrace.h:218:62: sparse: sparse: incorrect type in argument 3 (different address spaces) @@ expected struct cred const *ptracer_cred @@ got struct cred const [noderef] __rcu *ptracer_cred @@
include/linux/ptrace.h:218:62: sparse: expected struct cred const *ptracer_cred
include/linux/ptrace.h:218:62: sparse: got struct cred const [noderef] __rcu *ptracer_cred
kernel/fork.c:2360:59: sparse: sparse: dereference of noderef expression
kernel/fork.c:2361:59: sparse: sparse: dereference of noderef expression
vim +1215 kernel/fork.c
3864601387cf41 Jiri Slaby 2011-05-26 1194
35d7bdc86031a2 David Hildenbrand 2021-04-23 1195 /**
35d7bdc86031a2 David Hildenbrand 2021-04-23 1196 * replace_mm_exe_file - replace a reference to the mm's executable file
35d7bdc86031a2 David Hildenbrand 2021-04-23 1197 *
35d7bdc86031a2 David Hildenbrand 2021-04-23 1198 * This changes mm's executable file (shown as symlink /proc/[pid]/exe),
35d7bdc86031a2 David Hildenbrand 2021-04-23 1199 * dealing with concurrent invocation and without grabbing the mmap lock in
35d7bdc86031a2 David Hildenbrand 2021-04-23 1200 * write mode.
35d7bdc86031a2 David Hildenbrand 2021-04-23 1201 *
35d7bdc86031a2 David Hildenbrand 2021-04-23 1202 * Main user is sys_prctl(PR_SET_MM_MAP/EXE_FILE).
35d7bdc86031a2 David Hildenbrand 2021-04-23 1203 */
35d7bdc86031a2 David Hildenbrand 2021-04-23 1204 int replace_mm_exe_file(struct mm_struct *mm, struct file *new_exe_file)
35d7bdc86031a2 David Hildenbrand 2021-04-23 1205 {
35d7bdc86031a2 David Hildenbrand 2021-04-23 1206 struct file *old_exe_file;
35d7bdc86031a2 David Hildenbrand 2021-04-23 1207 int ret = 0;
35d7bdc86031a2 David Hildenbrand 2021-04-23 1208
35d7bdc86031a2 David Hildenbrand 2021-04-23 1209 /* set the new file, lockless */
fe69d560b5bd9e David Hildenbrand 2021-04-23 1210 ret = deny_write_access(new_exe_file);
fe69d560b5bd9e David Hildenbrand 2021-04-23 1211 if (ret)
fe69d560b5bd9e David Hildenbrand 2021-04-23 1212 return -EACCES;
35d7bdc86031a2 David Hildenbrand 2021-04-23 1213 get_file(new_exe_file);
fe69d560b5bd9e David Hildenbrand 2021-04-23 1214
35d7bdc86031a2 David Hildenbrand 2021-04-23 @1215 old_exe_file = xchg(&mm->exe_file, new_exe_file);
fe69d560b5bd9e David Hildenbrand 2021-04-23 1216 if (old_exe_file) {
fe69d560b5bd9e David Hildenbrand 2021-04-23 1217 /*
fe69d560b5bd9e David Hildenbrand 2021-04-23 1218 * Don't race with dup_mmap() getting the file and disallowing
fe69d560b5bd9e David Hildenbrand 2021-04-23 1219 * write access while someone might open the file writable.
fe69d560b5bd9e David Hildenbrand 2021-04-23 1220 */
fe69d560b5bd9e David Hildenbrand 2021-04-23 1221 mmap_read_lock(mm);
fe69d560b5bd9e David Hildenbrand 2021-04-23 1222 allow_write_access(old_exe_file);
35d7bdc86031a2 David Hildenbrand 2021-04-23 1223 fput(old_exe_file);
fe69d560b5bd9e David Hildenbrand 2021-04-23 1224 mmap_read_unlock(mm);
fe69d560b5bd9e David Hildenbrand 2021-04-23 1225 }
35d7bdc86031a2 David Hildenbrand 2021-04-23 1226 return 0;
35d7bdc86031a2 David Hildenbrand 2021-04-23 1227 }
3864601387cf41 Jiri Slaby 2011-05-26 1228
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/[email protected]
Hi Keno,
Thank you for the patch! Perhaps something to improve:
[auto build test WARNING on linux/master]
[also build test WARNING on hnaz-mm/master linus/master v5.16-rc5 next-20211214]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/Keno-Fischer/c-r-prctl-Remove-PR_SET_MM_EXE_FILE-old-file-mapping-restriction/20211215-142515
base: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 136057256686de39cc3a07c2e39ef6bc43003ff6
config: i386-randconfig-s002-20211214 (https://download.01.org/0day-ci/archive/20211216/[email protected]/config)
compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
reproduce:
# apt-get install sparse
# sparse version: v0.6.4-dirty
# https://github.com/0day-ci/linux/commit/08f30df401c936e27733e3b37765c2b7d35fe0e7
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Keno-Fischer/c-r-prctl-Remove-PR_SET_MM_EXE_FILE-old-file-mapping-restriction/20211215-142515
git checkout 08f30df401c936e27733e3b37765c2b7d35fe0e7
# save the config file to linux build tree
mkdir build_dir
make W=1 C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' O=build_dir ARCH=i386 SHELL=/bin/bash
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <[email protected]>
sparse warnings: (new ones prefixed by >>)
kernel/fork.c:1215:24: sparse: sparse: incorrect type in initializer (different address spaces) @@ expected struct file [noderef] __rcu *__ret @@ got struct file *new_exe_file @@
kernel/fork.c:1215:24: sparse: expected struct file [noderef] __rcu *__ret
kernel/fork.c:1215:24: sparse: got struct file *new_exe_file
>> kernel/fork.c:1215:22: sparse: sparse: incorrect type in assignment (different address spaces) @@ expected struct file *old_exe_file @@ got struct file [noderef] __rcu *[assigned] __ret @@
kernel/fork.c:1215:22: sparse: expected struct file *old_exe_file
kernel/fork.c:1215:22: sparse: got struct file [noderef] __rcu *[assigned] __ret
kernel/fork.c:1572:38: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct refcount_struct [usertype] *r @@ got struct refcount_struct [noderef] __rcu * @@
kernel/fork.c:1572:38: sparse: expected struct refcount_struct [usertype] *r
kernel/fork.c:1572:38: sparse: got struct refcount_struct [noderef] __rcu *
kernel/fork.c:1581:31: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:1581:31: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:1581:31: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:1582:36: sparse: sparse: incorrect type in argument 2 (different address spaces) @@ expected void const *q @@ got struct k_sigaction [noderef] __rcu * @@
kernel/fork.c:1582:36: sparse: expected void const *q
kernel/fork.c:1582:36: sparse: got struct k_sigaction [noderef] __rcu *
kernel/fork.c:1583:33: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:1583:33: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:1583:33: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:1995:31: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:1995:31: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:1995:31: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:1999:33: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:1999:33: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:1999:33: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2304:32: sparse: sparse: incorrect type in assignment (different address spaces) @@ expected struct task_struct [noderef] __rcu *real_parent @@ got struct task_struct * @@
kernel/fork.c:2304:32: sparse: expected struct task_struct [noderef] __rcu *real_parent
kernel/fork.c:2304:32: sparse: got struct task_struct *
kernel/fork.c:2313:27: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:2313:27: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:2313:27: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2362:54: sparse: sparse: incorrect type in argument 2 (different address spaces) @@ expected struct list_head *head @@ got struct list_head [noderef] __rcu * @@
kernel/fork.c:2362:54: sparse: expected struct list_head *head
kernel/fork.c:2362:54: sparse: got struct list_head [noderef] __rcu *
kernel/fork.c:2383:29: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:2383:29: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:2383:29: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2401:29: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:2401:29: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:2401:29: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2428:28: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct sighand_struct *sighand @@ got struct sighand_struct [noderef] __rcu *sighand @@
kernel/fork.c:2428:28: sparse: expected struct sighand_struct *sighand
kernel/fork.c:2428:28: sparse: got struct sighand_struct [noderef] __rcu *sighand
kernel/fork.c:2456:31: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:2456:31: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:2456:31: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2458:33: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:2458:33: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:2458:33: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2867:24: sparse: sparse: incorrect type in assignment (different address spaces) @@ expected struct task_struct *[assigned] parent @@ got struct task_struct [noderef] __rcu *real_parent @@
kernel/fork.c:2867:24: sparse: expected struct task_struct *[assigned] parent
kernel/fork.c:2867:24: sparse: got struct task_struct [noderef] __rcu *real_parent
kernel/fork.c:2948:43: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct refcount_struct const [usertype] *r @@ got struct refcount_struct [noderef] __rcu * @@
kernel/fork.c:2948:43: sparse: expected struct refcount_struct const [usertype] *r
kernel/fork.c:2948:43: sparse: got struct refcount_struct [noderef] __rcu *
kernel/fork.c:2039:22: sparse: sparse: dereference of noderef expression
kernel/fork.c: note: in included file (through include/uapi/asm-generic/bpf_perf_event.h, arch/x86/include/generated/uapi/asm/bpf_perf_event.h, ...):
include/linux/ptrace.h:218:45: sparse: sparse: incorrect type in argument 2 (different address spaces) @@ expected struct task_struct *new_parent @@ got struct task_struct [noderef] __rcu *parent @@
include/linux/ptrace.h:218:45: sparse: expected struct task_struct *new_parent
include/linux/ptrace.h:218:45: sparse: got struct task_struct [noderef] __rcu *parent
include/linux/ptrace.h:218:62: sparse: sparse: incorrect type in argument 3 (different address spaces) @@ expected struct cred const *ptracer_cred @@ got struct cred const [noderef] __rcu *ptracer_cred @@
include/linux/ptrace.h:218:62: sparse: expected struct cred const *ptracer_cred
include/linux/ptrace.h:218:62: sparse: got struct cred const [noderef] __rcu *ptracer_cred
kernel/fork.c:2360:59: sparse: sparse: dereference of noderef expression
kernel/fork.c:2361:59: sparse: sparse: dereference of noderef expression
vim +1215 kernel/fork.c
3864601387cf41 Jiri Slaby 2011-05-26 1194
35d7bdc86031a2 David Hildenbrand 2021-04-23 1195 /**
35d7bdc86031a2 David Hildenbrand 2021-04-23 1196 * replace_mm_exe_file - replace a reference to the mm's executable file
35d7bdc86031a2 David Hildenbrand 2021-04-23 1197 *
35d7bdc86031a2 David Hildenbrand 2021-04-23 1198 * This changes mm's executable file (shown as symlink /proc/[pid]/exe),
35d7bdc86031a2 David Hildenbrand 2021-04-23 1199 * dealing with concurrent invocation and without grabbing the mmap lock in
35d7bdc86031a2 David Hildenbrand 2021-04-23 1200 * write mode.
35d7bdc86031a2 David Hildenbrand 2021-04-23 1201 *
35d7bdc86031a2 David Hildenbrand 2021-04-23 1202 * Main user is sys_prctl(PR_SET_MM_MAP/EXE_FILE).
35d7bdc86031a2 David Hildenbrand 2021-04-23 1203 */
35d7bdc86031a2 David Hildenbrand 2021-04-23 1204 int replace_mm_exe_file(struct mm_struct *mm, struct file *new_exe_file)
35d7bdc86031a2 David Hildenbrand 2021-04-23 1205 {
35d7bdc86031a2 David Hildenbrand 2021-04-23 1206 struct file *old_exe_file;
35d7bdc86031a2 David Hildenbrand 2021-04-23 1207 int ret = 0;
35d7bdc86031a2 David Hildenbrand 2021-04-23 1208
35d7bdc86031a2 David Hildenbrand 2021-04-23 1209 /* set the new file, lockless */
fe69d560b5bd9e David Hildenbrand 2021-04-23 1210 ret = deny_write_access(new_exe_file);
fe69d560b5bd9e David Hildenbrand 2021-04-23 1211 if (ret)
fe69d560b5bd9e David Hildenbrand 2021-04-23 1212 return -EACCES;
35d7bdc86031a2 David Hildenbrand 2021-04-23 1213 get_file(new_exe_file);
fe69d560b5bd9e David Hildenbrand 2021-04-23 1214
35d7bdc86031a2 David Hildenbrand 2021-04-23 @1215 old_exe_file = xchg(&mm->exe_file, new_exe_file);
fe69d560b5bd9e David Hildenbrand 2021-04-23 1216 if (old_exe_file) {
fe69d560b5bd9e David Hildenbrand 2021-04-23 1217 /*
fe69d560b5bd9e David Hildenbrand 2021-04-23 1218 * Don't race with dup_mmap() getting the file and disallowing
fe69d560b5bd9e David Hildenbrand 2021-04-23 1219 * write access while someone might open the file writable.
fe69d560b5bd9e David Hildenbrand 2021-04-23 1220 */
fe69d560b5bd9e David Hildenbrand 2021-04-23 1221 mmap_read_lock(mm);
fe69d560b5bd9e David Hildenbrand 2021-04-23 1222 allow_write_access(old_exe_file);
35d7bdc86031a2 David Hildenbrand 2021-04-23 1223 fput(old_exe_file);
fe69d560b5bd9e David Hildenbrand 2021-04-23 1224 mmap_read_unlock(mm);
fe69d560b5bd9e David Hildenbrand 2021-04-23 1225 }
35d7bdc86031a2 David Hildenbrand 2021-04-23 1226 return 0;
35d7bdc86031a2 David Hildenbrand 2021-04-23 1227 }
3864601387cf41 Jiri Slaby 2011-05-26 1228
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/[email protected]
Hi Keno,
Thank you for the patch! Perhaps something to improve:
[auto build test WARNING on linux/master]
[also build test WARNING on hnaz-mm/master linus/master v5.16-rc5 next-20211215]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/Keno-Fischer/c-r-prctl-Remove-PR_SET_MM_EXE_FILE-old-file-mapping-restriction/20211215-142515
base: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 136057256686de39cc3a07c2e39ef6bc43003ff6
config: mips-randconfig-s031-20211216 (https://download.01.org/0day-ci/archive/20211217/[email protected]/config)
compiler: mips64el-linux-gcc (GCC) 11.2.0
reproduce:
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# apt-get install sparse
# sparse version: v0.6.4-dirty
# https://github.com/0day-ci/linux/commit/08f30df401c936e27733e3b37765c2b7d35fe0e7
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Keno-Fischer/c-r-prctl-Remove-PR_SET_MM_EXE_FILE-old-file-mapping-restriction/20211215-142515
git checkout 08f30df401c936e27733e3b37765c2b7d35fe0e7
# save the config file to linux build tree
mkdir build_dir
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-11.2.0 make.cross C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' O=build_dir ARCH=mips SHELL=/bin/bash
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <[email protected]>
sparse warnings: (new ones prefixed by >>)
command-line: note: in included file:
builtin:1:9: sparse: sparse: preprocessor token __ATOMIC_ACQUIRE redefined
builtin:0:0: sparse: this was the original definition
builtin:1:9: sparse: sparse: preprocessor token __ATOMIC_SEQ_CST redefined
builtin:0:0: sparse: this was the original definition
builtin:1:9: sparse: sparse: preprocessor token __ATOMIC_ACQ_REL redefined
builtin:0:0: sparse: this was the original definition
builtin:1:9: sparse: sparse: preprocessor token __ATOMIC_RELEASE redefined
builtin:0:0: sparse: this was the original definition
>> kernel/fork.c:1215:22: sparse: sparse: incorrect type in assignment (different address spaces) @@ expected struct file *old_exe_file @@ got struct file [noderef] __rcu *[assigned] __res @@
kernel/fork.c:1215:22: sparse: expected struct file *old_exe_file
kernel/fork.c:1215:22: sparse: got struct file [noderef] __rcu *[assigned] __res
kernel/fork.c:1572:38: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct refcount_struct [usertype] *r @@ got struct refcount_struct [noderef] __rcu * @@
kernel/fork.c:1572:38: sparse: expected struct refcount_struct [usertype] *r
kernel/fork.c:1572:38: sparse: got struct refcount_struct [noderef] __rcu *
kernel/fork.c:1581:31: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:1581:31: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:1581:31: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:1582:36: sparse: sparse: incorrect type in argument 2 (different address spaces) @@ expected void const *q @@ got struct k_sigaction [noderef] __rcu * @@
kernel/fork.c:1582:36: sparse: expected void const *q
kernel/fork.c:1582:36: sparse: got struct k_sigaction [noderef] __rcu *
kernel/fork.c:1583:33: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:1583:33: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:1583:33: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:1676:9: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct qspinlock *lock @@ got struct qspinlock [noderef] __rcu * @@
kernel/fork.c:1676:9: sparse: expected struct qspinlock *lock
kernel/fork.c:1676:9: sparse: got struct qspinlock [noderef] __rcu *
kernel/fork.c:1995:31: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:1995:31: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:1995:31: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:1999:33: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:1999:33: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:1999:33: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2304:32: sparse: sparse: incorrect type in assignment (different address spaces) @@ expected struct task_struct [noderef] __rcu *real_parent @@ got struct task_struct *task @@
kernel/fork.c:2304:32: sparse: expected struct task_struct [noderef] __rcu *real_parent
kernel/fork.c:2304:32: sparse: got struct task_struct *task
kernel/fork.c:2313:27: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:2313:27: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:2313:27: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2362:54: sparse: sparse: incorrect type in argument 2 (different address spaces) @@ expected struct list_head *head @@ got struct list_head [noderef] __rcu * @@
kernel/fork.c:2362:54: sparse: expected struct list_head *head
kernel/fork.c:2362:54: sparse: got struct list_head [noderef] __rcu *
kernel/fork.c:2383:29: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:2383:29: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:2383:29: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2401:29: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:2401:29: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:2401:29: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2428:28: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct sighand_struct *sighand @@ got struct sighand_struct [noderef] __rcu *sighand @@
kernel/fork.c:2428:28: sparse: expected struct sighand_struct *sighand
kernel/fork.c:2428:28: sparse: got struct sighand_struct [noderef] __rcu *sighand
kernel/fork.c:2456:31: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:2456:31: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:2456:31: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2458:33: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct spinlock [usertype] *lock @@ got struct spinlock [noderef] __rcu * @@
kernel/fork.c:2458:33: sparse: expected struct spinlock [usertype] *lock
kernel/fork.c:2458:33: sparse: got struct spinlock [noderef] __rcu *
kernel/fork.c:2867:24: sparse: sparse: incorrect type in assignment (different address spaces) @@ expected struct task_struct *[assigned] parent @@ got struct task_struct [noderef] __rcu *real_parent @@
kernel/fork.c:2867:24: sparse: expected struct task_struct *[assigned] parent
kernel/fork.c:2867:24: sparse: got struct task_struct [noderef] __rcu *real_parent
kernel/fork.c:2948:43: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct refcount_struct const [usertype] *r @@ got struct refcount_struct [noderef] __rcu * @@
kernel/fork.c:2948:43: sparse: expected struct refcount_struct const [usertype] *r
kernel/fork.c:2948:43: sparse: got struct refcount_struct [noderef] __rcu *
kernel/fork.c:2039:22: sparse: sparse: dereference of noderef expression
kernel/fork.c: note: in included file (through include/uapi/asm-generic/bpf_perf_event.h, arch/mips/include/generated/uapi/asm/bpf_perf_event.h, ...):
include/linux/ptrace.h:218:45: sparse: sparse: incorrect type in argument 2 (different address spaces) @@ expected struct task_struct *new_parent @@ got struct task_struct [noderef] __rcu *parent @@
include/linux/ptrace.h:218:45: sparse: expected struct task_struct *new_parent
include/linux/ptrace.h:218:45: sparse: got struct task_struct [noderef] __rcu *parent
include/linux/ptrace.h:218:62: sparse: sparse: incorrect type in argument 3 (different address spaces) @@ expected struct cred const *ptracer_cred @@ got struct cred const [noderef] __rcu *ptracer_cred @@
include/linux/ptrace.h:218:62: sparse: expected struct cred const *ptracer_cred
include/linux/ptrace.h:218:62: sparse: got struct cred const [noderef] __rcu *ptracer_cred
kernel/fork.c:2360:59: sparse: sparse: dereference of noderef expression
kernel/fork.c:2361:59: sparse: sparse: dereference of noderef expression
vim +1215 kernel/fork.c
3864601387cf419 Jiri Slaby 2011-05-26 1194
35d7bdc86031a2c David Hildenbrand 2021-04-23 1195 /**
35d7bdc86031a2c David Hildenbrand 2021-04-23 1196 * replace_mm_exe_file - replace a reference to the mm's executable file
35d7bdc86031a2c David Hildenbrand 2021-04-23 1197 *
35d7bdc86031a2c David Hildenbrand 2021-04-23 1198 * This changes mm's executable file (shown as symlink /proc/[pid]/exe),
35d7bdc86031a2c David Hildenbrand 2021-04-23 1199 * dealing with concurrent invocation and without grabbing the mmap lock in
35d7bdc86031a2c David Hildenbrand 2021-04-23 1200 * write mode.
35d7bdc86031a2c David Hildenbrand 2021-04-23 1201 *
35d7bdc86031a2c David Hildenbrand 2021-04-23 1202 * Main user is sys_prctl(PR_SET_MM_MAP/EXE_FILE).
35d7bdc86031a2c David Hildenbrand 2021-04-23 1203 */
35d7bdc86031a2c David Hildenbrand 2021-04-23 1204 int replace_mm_exe_file(struct mm_struct *mm, struct file *new_exe_file)
35d7bdc86031a2c David Hildenbrand 2021-04-23 1205 {
35d7bdc86031a2c David Hildenbrand 2021-04-23 1206 struct file *old_exe_file;
35d7bdc86031a2c David Hildenbrand 2021-04-23 1207 int ret = 0;
35d7bdc86031a2c David Hildenbrand 2021-04-23 1208
35d7bdc86031a2c David Hildenbrand 2021-04-23 1209 /* set the new file, lockless */
fe69d560b5bd9ec David Hildenbrand 2021-04-23 1210 ret = deny_write_access(new_exe_file);
fe69d560b5bd9ec David Hildenbrand 2021-04-23 1211 if (ret)
fe69d560b5bd9ec David Hildenbrand 2021-04-23 1212 return -EACCES;
35d7bdc86031a2c David Hildenbrand 2021-04-23 1213 get_file(new_exe_file);
fe69d560b5bd9ec David Hildenbrand 2021-04-23 1214
35d7bdc86031a2c David Hildenbrand 2021-04-23 @1215 old_exe_file = xchg(&mm->exe_file, new_exe_file);
fe69d560b5bd9ec David Hildenbrand 2021-04-23 1216 if (old_exe_file) {
fe69d560b5bd9ec David Hildenbrand 2021-04-23 1217 /*
fe69d560b5bd9ec David Hildenbrand 2021-04-23 1218 * Don't race with dup_mmap() getting the file and disallowing
fe69d560b5bd9ec David Hildenbrand 2021-04-23 1219 * write access while someone might open the file writable.
fe69d560b5bd9ec David Hildenbrand 2021-04-23 1220 */
fe69d560b5bd9ec David Hildenbrand 2021-04-23 1221 mmap_read_lock(mm);
fe69d560b5bd9ec David Hildenbrand 2021-04-23 1222 allow_write_access(old_exe_file);
35d7bdc86031a2c David Hildenbrand 2021-04-23 1223 fput(old_exe_file);
fe69d560b5bd9ec David Hildenbrand 2021-04-23 1224 mmap_read_unlock(mm);
fe69d560b5bd9ec David Hildenbrand 2021-04-23 1225 }
35d7bdc86031a2c David Hildenbrand 2021-04-23 1226 return 0;
35d7bdc86031a2c David Hildenbrand 2021-04-23 1227 }
3864601387cf419 Jiri Slaby 2011-05-26 1228
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/[email protected]