Received: by 10.192.165.156 with SMTP id m28csp2347123imm; Thu, 12 Apr 2018 12:44:46 -0700 (PDT) X-Google-Smtp-Source: AIpwx4+Y7cdZ7OAeuNw0bTDfhTAVIPrmivZTwqT54rqPelXn9vxVZ0OtfpQTM7ES4HKIMjwkqghO X-Received: by 2002:a17:902:102c:: with SMTP id b41-v6mr2416349pla.39.1523562286815; Thu, 12 Apr 2018 12:44:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1523562286; cv=none; d=google.com; s=arc-20160816; b=W5f8UKU2cYyUETBwxRvdWGgYtZZGDy9BtxUSugtb5KE7gnVfMfWk+sgQLGhxmf0W5u HrZJS3zXk55TsMumGQFIela5w5AAaMYkmnd4pDGCsnSiytznns54opy85OzKw5+bQ8gv kzfVXmmKRl+wW1h9C9eOi7WFDWxhKPtXNtPIwALNDvWAJSn4cuMsGvpxvThfCXp4cU4p 4lIdpddulq8bx7zYpfFdwU2ukredQUF80ZHnyqUJYeVty7bIQxa6tDoPknP/IDZc4oHR 0iu7o3W+lgMFscPiChMfeYqJlZ/BfZCWPh8Vbecee5XA7ei7ewVNdJ/fKJUkfl3rN0HK 0nEg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:reply-to:mime-version:dkim-signature :arc-authentication-results; bh=7XoVeYOKhKizKbH5vfFhHrvxgX3EUi4/b24IUJE1oVU=; b=IQuaDSOj524JpYqFDSJf9eY8vRdemkhGx5RIdyUDhYeqrbWa35Vj+s02h9VmIZXls5 kGYC27zhtBaT2a4OPTE6Z2udmQhUvA/kaSI4dbitsflaPxzvYHfnSmlAFZkl0aUNGB7R jbP/X7L+PE+UyAHoW50yN9n4dfL2EW4qGJoaTwOZeFFmrBVP7MRPq9uZn+OwFvjttapT KGhxC0tAsZ3IgIHhVcVLEOMqSYNTtwcFklWk++XhMFnNE/XcGLeSz7xhH1LMKsTvOLlg x8hWzfCS1bNLmcNLXNOvfMb1mRsbuTb9Y0E+1xbFgnmv1xbQMTHYip1hbKwECQazrmmB mxow== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=h6GtdQcp; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id z1-v6si3825433plb.101.2018.04.12.12.44.32; Thu, 12 Apr 2018 12:44:46 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=h6GtdQcp; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753276AbeDLShw (ORCPT + 99 others); Thu, 12 Apr 2018 14:37:52 -0400 Received: from mail-wm0-f68.google.com ([74.125.82.68]:40921 "EHLO mail-wm0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752962AbeDLShu (ORCPT ); Thu, 12 Apr 2018 14:37:50 -0400 Received: by mail-wm0-f68.google.com with SMTP id x4so89229wmh.5; Thu, 12 Apr 2018 11:37:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:reply-to:in-reply-to:references:from:date:message-id :subject:to:cc; bh=7XoVeYOKhKizKbH5vfFhHrvxgX3EUi4/b24IUJE1oVU=; b=h6GtdQcp3Gl+knkIyZ3uFQjDrdjlaz9UO1GdiCajoDI71E7yYDHGqEC2Fa6Blx3pbU fambZ5a/OqbO4Esj5E3Lhy6H3zD0Y15I23g+FcvEqbtDlv2axPsCJ7F3iC2QJU/kKM3l bwYmUIXfKKgXP7AXgVvrNP12PgEHNwrr/+UfYBeN7uxaW8N/dokaaSKYJHbHOfY7qpuH iEMgJu2qK78QW51vd60kMcMixgbwh+ykoaiW2EbM7yR9mDZxSO3VPYK16KXVp6+MaAyQ E5ExF8hdJsFIyh6E98xPGUsFYuUA4vK8tAry/JNNR8ILmDxOCcunb54RxEKJ7miHtaZ0 UIyw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:reply-to:in-reply-to:references :from:date:message-id:subject:to:cc; bh=7XoVeYOKhKizKbH5vfFhHrvxgX3EUi4/b24IUJE1oVU=; b=mhFWzDX/c33wgzxtusEU55Yt8UCFdkEZEL711DAaKGuT6ya4VHDuZ8XImWuuR+xRk2 SxmawMksMDgu7s3Hlp3pHETGODua9AQfDU+gwsvvAlhGMhtsY3OQuvjejmuiWXMUTXAq 3SDHTQlJcMOvwnH6kpj4oVgNmzIPRhT6sHFdpiJyGkEJ8b5bjiURpbZdTRMWIl6C6OK1 03j7QzyD2FbZuLbbVOn6gVpD+l7wqh36D/3Yl+CRPXhVZsag/IbbL4MlGUoseIIfp9SB auJzDjIG3A+fPCq6PfGYFO/Hd6MNSpibSkqpi2RHXm9YzFKxS6NHqT1d6DiXe93LPaA4 Pc4A== X-Gm-Message-State: ALQs6tA7G9skkbU984JUm8lOn2PbFjrRY4qLnkvMZl7hKH36NmTE95Kk bsjtEUs6MEPf9seLirunI9LEqXcOA0tFYQJu5eI= X-Received: by 10.80.250.13 with SMTP id b13mr16586391edq.290.1523558269286; Thu, 12 Apr 2018 11:37:49 -0700 (PDT) MIME-Version: 1.0 Received: by 10.80.184.29 with HTTP; Thu, 12 Apr 2018 11:37:29 -0700 (PDT) Reply-To: mtk.manpages@gmail.com In-Reply-To: References: <20180412153941.170849-1-jannh@google.com> From: "Michael Kerrisk (man-pages)" Date: Thu, 12 Apr 2018 20:37:29 +0200 Message-ID: Subject: Re: [PATCH] mmap.2: MAP_FIXED is okay if the address range has been reserved To: John Hubbard Cc: Jann Horn , linux-man , Michal Hocko , Andrew Morton , Linux-MM , lkml , Linux API Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi John, On 12 April 2018 at 20:33, John Hubbard wrote: > On 04/12/2018 08:39 AM, Jann Horn wrote: >> Clarify that MAP_FIXED is appropriate if the specified address range has >> been reserved using an existing mapping, but shouldn't be used otherwise. >> >> Signed-off-by: Jann Horn >> --- >> man2/mmap.2 | 19 +++++++++++-------- >> 1 file changed, 11 insertions(+), 8 deletions(-) >> >> diff --git a/man2/mmap.2 b/man2/mmap.2 >> index bef8b4432..80c9ec285 100644 >> --- a/man2/mmap.2 >> +++ b/man2/mmap.2 >> @@ -253,8 +253,9 @@ Software that aspires to be portable should use this option with care, >> keeping in mind that the exact layout of a process's memory mappings >> is allowed to change significantly between kernel versions, >> C library versions, and operating system releases. >> -Furthermore, this option is extremely hazardous (when used on its own), >> -because it forcibly removes preexisting mappings, >> +This option should only be used when the specified memory region has >> +already been reserved using another mapping; otherwise, it is extremely >> +hazardous because it forcibly removes preexisting mappings, >> making it easy for a multithreaded process to corrupt its own address space. > > Yes, that's clearer and provides more information than before. > >> .IP >> For example, suppose that thread A looks through >> @@ -284,13 +285,15 @@ and the PAM libraries >> .UR http://www.linux-pam.org >> .UE . >> .IP >> -Newer kernels >> -(Linux 4.17 and later) have a >> +For cases in which the specified memory region has not been reserved using an >> +existing mapping, newer kernels (Linux 4.17 and later) provide an option >> .B MAP_FIXED_NOREPLACE >> -option that avoids the corruption problem; if available, >> -.B MAP_FIXED_NOREPLACE >> -should be preferred over >> -.BR MAP_FIXED . >> +that should be used instead; older kernels require the caller to use >> +.I addr >> +as a hint (without >> +.BR MAP_FIXED ) > > Here, I got lost: the sentence suddenly jumps into explaining non-MAP_FIXED > behavior, in the MAP_FIXED section. Maybe if you break up the sentence, and > possibly omit non-MAP_FIXED discussion, it will help. Hmmm -- true. That piece could be a little clearer. Jann, I've already pushed the existing patch. Do you want to add a patch on top? Thanks, Michael -- Michael Kerrisk Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/ Linux/UNIX System Programming Training: http://man7.org/training/