Received: by 10.213.65.68 with SMTP id h4csp3063974imn; Mon, 9 Apr 2018 13:44:35 -0700 (PDT) X-Google-Smtp-Source: AIpwx4/5LeOIR+wGIHj94Kp40iNT6QzhKS84jHJy+Wo4Vn3wTIjwNAL4JAvWvJ46YzqgRBSxaBGU X-Received: by 2002:a17:902:8505:: with SMTP id bj5-v6mr21592954plb.231.1523306675018; Mon, 09 Apr 2018 13:44:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1523306674; cv=none; d=google.com; s=arc-20160816; b=fWh4+OLsXKOyXOEUQOaT9MEPs+eJGUbWYgCyne3cd3pIZg+zDrjItRYIRXbOKv5Xou 7WA1ZzM23Au8eeJxZYJuVV4VT+ENgYeZnfXfD4/qTtTfiZbLAtvEwHx/dTtEWSMK3irG RvukYC0POH4SttL1XrZ1TN7XrIUb/4+zBUQqi37NzFleVWKteEW4t8DkpNlPXLKebUP0 gkexx3AEd7XdvZCeblc93vYGSIv29iXznKr5VfHbfquXAvbOWMIeb/OJcJlkj01bQhzk vB31SUKkwEm4+2BKpsDEs9ri5Wh62Cm8DTH/qj9af8My7Lvk+wM/6CtbXFNbwhtAzX3E MEZQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:mail-followup-to :message-id:subject:cc:to:from:date:arc-authentication-results; bh=46a2vUn9eabaLNWId8ZambGm3sjq8x3OKouRRc6ha7I=; b=jyjbVy/DtqAcNk7w6Lat+fJehNHYjxD5qzjtagqpixnw8g7fLiI8A24DCXU4AvLdck 0e41pg2F1Dip9WEeJFUqa5LURM/hDLigc4h+zP+OXbW2YdYD2V4s5r38Lrrnt3wHctNV vAAkCLHVnOyx8Y8GsSnWD16ei3uh6iW+t7vb32S7mWdbEU3ktVH9cAW7OZOCK8ELxUiM 9ZPYPJ88qA5gpvpK4beKoFJkCm/+x16XTyL1ia41ZOlI4SbK37HZ54Qz5LLyO23s/7bT X9yV+0t5Xmxvztkj4EaoUSk+Hvy1/gLa9Jo211Y+oyNuu+9J3uknL/JKzJN604yF+gJx 4mVQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id z23-v6si1013259plo.540.2018.04.09.13.43.58; Mon, 09 Apr 2018 13:44:34 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754338AbeDIUkG (ORCPT + 99 others); Mon, 9 Apr 2018 16:40:06 -0400 Received: from mx2.suse.de ([195.135.220.15]:53894 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753480AbeDIUkC (ORCPT ); Mon, 9 Apr 2018 16:40:02 -0400 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (charybdis-ext.suse.de [195.135.220.254]) by mx2.suse.de (Postfix) with ESMTP id F08A4AE07; Mon, 9 Apr 2018 20:40:00 +0000 (UTC) Date: Mon, 9 Apr 2018 13:26:41 -0700 From: Davidlohr Bueso To: Eric Biggers Cc: "Kirill A. Shutemov" , linux-mm@kvack.org, Andrew Morton , linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, Manfred Spraul , "Eric W . Biederman" , syzkaller-bugs@googlegroups.com Subject: Re: [PATCH] ipc/shm: fix use-after-free of shm file via remap_file_pages() Message-ID: <20180409202641.j773oepagmhcb2nh@linux-n805> Mail-Followup-To: Eric Biggers , "Kirill A. Shutemov" , linux-mm@kvack.org, Andrew Morton , linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, Manfred Spraul , "Eric W . Biederman" , syzkaller-bugs@googlegroups.com References: <94eb2c06f65e5e2467055d036889@google.com> <20180409043039.28915-1-ebiggers3@gmail.com> <20180409094813.bsjc3u2hnsrdyiuk@black.fi.intel.com> <20180409185016.GA203367@gmail.com> <20180409201232.3rweldbjtvxjj5ql@linux-n805> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: <20180409201232.3rweldbjtvxjj5ql@linux-n805> User-Agent: NeoMutt/20170421 (1.8.2) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 09 Apr 2018, Davidlohr Bueso wrote: >So I don't think the pointer is going anywhere, or am I missing >something? Ah, yes, wrong pointer, this is sdf->file -- sorry for the noise.