Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp334489imu;
        Fri, 11 Jan 2019 01:00:45 -0800 (PST)
X-Google-Smtp-Source: ALg8bN58ZXtK+eNyb3n8d+c/C1LKrPEkG1tSCh4rgioQClLeMgh2yqWlW+CK0QYiXOasUSkC7pyY
X-Received: by 2002:a17:902:20e9:: with SMTP id v38mr13270409plg.250.1547197245547;
        Fri, 11 Jan 2019 01:00:45 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1547197245; cv=none;
        d=google.com; s=arc-20160816;
        b=wtpc/IwoPaFNzJZItECN6b77uOe2qq3s/id5iRPWNjzblqYHnDXJE7n+jsYteIXOGq
         p1kxg6aGYK5z8xt4xICm4XHBGW/LDLWwnHnkqSnsnkP6Oigzc1DhgPo9M8XXPjI1c7jS
         5GZA8GmtwszVjtmbwFTYptpiOhiM8PS23ZjYxF9JpbS9Xw79gqkdsYJ9xlwm96lB7qOK
         ihJTDD7SrEOOMp6Qi4BnSazWbOKuFZuem2d+x/1OVWBLHkl3bptNn0rwqVR80yDOSktT
         y/4rE8z5U/jqH7mFSmlCuIAWqNstBbx5SRhwIOcK4fh15nie3HpR2W5KWr5u8VfVFVfP
         GQMQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=PKD1At/O7ZEDrn3ozoKbe9tnGNbvB39gn1zok3N8Drk=;
        b=l/S8+iXM6WyLCI2BRoA96ywt3fvfpIAr4q9/54PK07+UfKlQQfnI83sElR9bOQYrsz
         /CcfPa3wer/wNq4awHEKPDq2/hk7XPKixh109TFKw4mbuAzWtTvSoDwIgvhgrQ5qpMvy
         C7KPQc14JUIm//zKXq5gu18Kj6CRfJN5WkRA37fBKJwz8Vt/kn6Bq05plmkvAJOSKSUf
         VBfmFRkGhNLysllULW3gpnfvi4xJyAJcXTtuVeXLz5cXulbrG1eQaOznhCPmZpZdtXLn
         mA3wLv0k6+ms89v5HatwjN1hfO1tJ9qB7hMXJmn6JIZB39q4rHlHMgSBcGvJ6THdEe71
         /MAg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id k5si25493319pfj.153.2019.01.11.01.00.29;
        Fri, 11 Jan 2019 01:00:45 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728927AbfAKHgL (ORCPT <rfc822;morganleezd2003@gmail.com>
        + 99 others); Fri, 11 Jan 2019 02:36:11 -0500
Received: from ipmail06.adl6.internode.on.net ([150.101.137.145]:35251 "EHLO
        ipmail06.adl6.internode.on.net" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1727578AbfAKHgK (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 11 Jan 2019 02:36:10 -0500
Received: from ppp59-167-129-252.static.internode.on.net (HELO dastard) ([59.167.129.252])
  by ipmail06.adl6.internode.on.net with ESMTP; 11 Jan 2019 18:06:07 +1030
Received: from dave by dastard with local (Exim 4.80)
        (envelope-from <david@fromorbit.com>)
        id 1ghrMM-0003fE-8m; Fri, 11 Jan 2019 18:36:06 +1100
Date:   Fri, 11 Jan 2019 18:36:06 +1100
From:   Dave Chinner <david@fromorbit.com>
To:     Linus Torvalds <torvalds@linux-foundation.org>
Cc:     Dominique Martinet <asmadeus@codewreck.org>,
        Jiri Kosina <jikos@kernel.org>,
        Matthew Wilcox <willy@infradead.org>,
        Jann Horn <jannh@google.com>,
        Andrew Morton <akpm@linux-foundation.org>,
        Greg KH <gregkh@linuxfoundation.org>,
        Peter Zijlstra <peterz@infradead.org>,
        Michal Hocko <mhocko@suse.com>, Linux-MM <linux-mm@kvack.org>,
        kernel list <linux-kernel@vger.kernel.org>,
        Linux API <linux-api@vger.kernel.org>
Subject: Re: [PATCH] mm/mincore: allow for making sys_mincore() privileged
Message-ID: <20190111073606.GP27534@dastard>
References: <20190110004424.GH27534@dastard>
 <CAHk-=wg1jSQ-gq-M3+HeTBbDs1VCjyiwF4gqnnBhHeWizyrigg@mail.gmail.com>
 <20190110070355.GJ27534@dastard>
 <CAHk-=wigwXV_G-V1VxLs6BAvVkvW5=Oj+xrNHxE_7yxEVwoe3w@mail.gmail.com>
 <20190110122442.GA21216@nautica>
 <CAHk-=wip2CPrdOwgF0z4n2tsdW7uu+Egtcx9Mxxe3gPfPW_JmQ@mail.gmail.com>
 <20190111020340.GM27534@dastard>
 <CAHk-=wgLgAzs42=W0tPrTVpu7H7fQ=BP5gXKnoNxMxh9=9uXag@mail.gmail.com>
 <20190111040434.GN27534@dastard>
 <CAHk-=wh-kegfnPC_dmw0A72Sdk4B9tvce-cOR=jEfHDU1-4Eew@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAHk-=wh-kegfnPC_dmw0A72Sdk4B9tvce-cOR=jEfHDU1-4Eew@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, Jan 10, 2019 at 11:08:07PM -0800, Linus Torvalds wrote:
> On Thu, Jan 10, 2019 at 8:04 PM Dave Chinner <david@fromorbit.com> wrote:
> >
> > So it will only read the single page we tried to access and won't
> > perturb the rest of the message encoded into subsequent pages in
> > file.
> 
> Dave, you're being intentionally obtuse, aren't you?
> 
> It's only that single page that *matters*. That's the page that the
> probe reveals the status of - but it's also the page that the probe
> then *changes* the status of.

It changes the state of it /after/ we've already got the information
we need from it. It's not up to date, it has to come from disk, we
return EAGAIN, which means it was not in the cache.

i.e. if we return EAGAIN, we've leaked the inforation the attacker
wants regardless of how the act of initiating readahead on the page
change the state of the page.  Yes, it raises the complexity bar a
bit, and lowers the monitoring frequency somewhat, but that's about
it.

Cheers,

Dave.
-- 
Dave Chinner
david@fromorbit.com