Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752283AbbGEPpG (ORCPT <rfc822;w@1wt.eu>);
	Sun, 5 Jul 2015 11:45:06 -0400
Received: from mta-out1.inet.fi ([62.71.2.229]:55749 "EHLO johanna2.inet.fi"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1751653AbbGEPpA (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Sun, 5 Jul 2015 11:45:00 -0400
RazorGate-KAS: Rate: 5
RazorGate-KAS: {RECEIVED: dynamic ip detected}
RazorGate-KAS: Envelope from: 
RazorGate-KAS: Version: 5.5.3
RazorGate-KAS: LuaCore: 80 2014-11-10_18-01-23
 260f8afb9361da3c7edfd3a8e3a4ca908191ad29
RazorGate-KAS: Method: none
RazorGate-KAS: Lua profiles 69136 [Nov 12 2014]
RazorGate-KAS: Status: not_detected
Date: Sun, 5 Jul 2015 18:44:41 +0300
From: "Kirill A. Shutemov" <kirill@shutemov.name>
To: Boaz Harrosh <boaz@plexistor.com>
Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
        Andrew Morton <akpm@linux-foundation.org>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Rik van Riel <riel@redhat.com>, Mel Gorman <mgorman@suse.de>,
        Hugh Dickins <hughd@google.com>,
        Andrea Arcangeli <aarcange@redhat.com>, linux-kernel@vger.kernel.org,
        linux-mm@kvack.org, linux-fsdevel@vger.kernel.org
Subject: Re: [PATCH] mm: avoid setting up anonymous pages into file mapping
Message-ID: <20150705154441.GA4682@node.dhcp.inet.fi>
References: <1435932447-84377-1-git-send-email-kirill.shutemov@linux.intel.com>
 <55994A08.3030308@plexistor.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <55994A08.3030308@plexistor.com>
User-Agent: Mutt/1.5.23.1 (2014-03-12)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1834
Lines: 47

On Sun, Jul 05, 2015 at 06:15:20PM +0300, Boaz Harrosh wrote:
> On 07/03/2015 05:07 PM, Kirill A. Shutemov wrote:
> > Reading page fault handler code I've noticed that under right
> > circumstances kernel would map anonymous pages into file mappings:
> > if the VMA doesn't have vm_ops->fault() and the VMA wasn't fully
> > populated on ->mmap(), kernel would handle page fault to not populated
> > pte with do_anonymous_page().
> > 
> > There's chance that it was done intentionally, but I don't see good
> > justification for this. We just hide bugs in broken drivers.
> > 
> 
> Have you done a preliminary audit for these broken drivers? If they actually
> exist in-tree then this patch is a regression for them.

No, I didn't check drivers.

On other hand, if such driver exists it has security issue. If you're
able to setup zero page into file mapping, you can make it writable with
security implications.

> We need to look for vm_ops without an .fault = . Perhaps define a
> map_annonimous() for those to revert to the old behavior, if any
> actually exist.

No. Drivers should be fixed properly.

> > Let's change page fault handler to use do_anonymous_page() only on
> > anonymous VMA (->vm_ops == NULL).
> > 
> > For file mappings without vm_ops->fault() page fault on pte_none() entry
> > would lead to SIGBUS.
> > 
> 
> Again that could mean a theoretical regression for some in-tree driver,
> do you know of any such driver?

I did very little testing with the patch: boot kvm with Fedora and run
trinity there for a while. More testing is required.

-- 
 Kirill A. Shutemov
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/