Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751848AbdLBOoN (ORCPT <rfc822;w@1wt.eu>);
        Sat, 2 Dec 2017 09:44:13 -0500
Received: from relay-out6.mail.masterhost.ru ([83.222.12.16]:61040 "EHLO
        relay-out6.mail.masterhost.ru" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1751740AbdLBOoL (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 2 Dec 2017 09:44:11 -0500
Date: Sat, 2 Dec 2017 17:43:52 +0300
From: Philippe Mikoyan <philippe.mikoyan@skat.systems>
To: Manfred Spraul <manfred@colorfullife.com>,
        Davidlohr Bueso <dave@stgolabs.net>
Cc: akpm@linux-foundation.org, viro@zeniv.linux.org.uk,
        linux-kernel@vger.kernel.org, edgar.kaziakhmedov@virtuozzo.com
Subject: Re: [PATCH 2/2] ipc: Fix ipc data structures inconsistency
Message-ID: <20171202174352.39bda865@PhilDeb>
In-Reply-To: <bcf68a7f-d860-2c7e-69ed-341eb81c69e6@colorfullife.com>
References: <20171130061224.25466-1-philippe.mikoyan@skat.systems>
        <20171130061224.25466-3-philippe.mikoyan@skat.systems>
        <20171201172007.q2rqmo4jqaxb63tk@linux-n805>
        <bcf68a7f-d860-2c7e-69ed-341eb81c69e6@colorfullife.com>
X-Mailer: Claws Mail 3.14.1 (GTK+ 2.24.31; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-KLMS-Rule-ID: 1
X-KLMS-Message-Action: clean
X-KLMS-AntiSpam-Lua-Profiles: 119396 [Dec 02 2017]
X-KLMS-AntiSpam-Version: 5.7.67.0
X-KLMS-AntiSpam-Envelope-From: philippe.mikoyan@skat.systems
X-KLMS-AntiSpam-Rate: 0
X-KLMS-AntiSpam-Status: not_detected
X-KLMS-AntiSpam-Method: none
X-KLMS-AntiSpam-Info: LuaCore: 93 93 df0a2856d02e86f3280f253179d00609db7f0d5d, Auth:dkim=none, {DNS response errors}
X-KLMS-AntiSpam-Interceptor-Info: scan successful
X-KLMS-AntiPhishing: not scanned, disabled by settings
X-KLMS-AntiVirus: Kaspersky Security 8.0 for Linux Mail Server, version 8.0.1.721, not scanned, license restriction
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1490
Lines: 50

On Fri, 1 Dec 2017 09:20:07 -0800
Davidlohr Bueso <dave@stgolabs.net> wrote:

> 
> Hmm yeah that's pretty fishy, also shm_atime = 0, no?
> 

Yeah, definitely, other data structure fields can also be
inconsistent, and applying not only to shmem, but also to 
other ipc mechanisms.

Thank you for noting the typo, 'll send fixed version in next
message(without another patch, see below).

On Sat, 2 Dec 2017 07:03:30 +0100
Manfred Spraul <manfred@colorfullife.com> wrote:

> Especially: I don't know the shm code good enough to immediately
> check the change you make to nattach.

It seems that I didn't know the shm code good enough too: I've
recently discovered that 
[PATCH 1/2] ipc/shm: Fix shm_nattch incorrect value
is, frankly speaking, clearly total crap as it 
1) doesn't handle that shmem segment can be already RMID-ed
when entering shm_mmap, when called from 'remap_file_pages'
2) doesn't support (broken) logic of detaching remapped via
'remap_file_pages' shmem segment.

Regardless of handling (deprecated) 'remap_file_pages' call, patch
shall be OK. However, it has to be made over.

Sorry about that, hope I will find at least halfway elegant 
solution and send it ASAP.

On Sat, 2 Dec 2017 07:03:30 +0100
Manfred Spraul <manfred@colorfullife.com> wrote:

> 
> And, perhaps as a side information:
> There appears to be a use-after-free in shm, I now got a 2nd mail
> from syzbot:
> http://lkml.iu.edu/hypermail/linux/kernel/1702.3/02480.html
> 

Will dig into.


Thanks,
Phil