Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp2416008imu; Thu, 17 Jan 2019 13:52:02 -0800 (PST) X-Google-Smtp-Source: ALg8bN4/eQqOO7aGmJ46D6KXjXwG2PxduwGs5VvXA2aDn1eHRl3H1uoIIPBwKU6N2RtXg/6OxSQt X-Received: by 2002:a62:6408:: with SMTP id y8mr16510317pfb.202.1547761922188; Thu, 17 Jan 2019 13:52:02 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1547761922; cv=none; d=google.com; s=arc-20160816; b=b4QsqRjs1hvh+9Gx56MqIgwT/GtxHngTyMJIjdP1N1PUqxZVFs+9vkKHvKUioTa/J1 5X+lgMkdtss9Jbq7Zrlqc4mrb1x7Bccz5QEpsxk2jOPtizMoi7pzmf4ARnyJeLkUf7xi ChPlwFW0bzIPqtPYniWH9DHtaimUycDRVY+bB+APdsWUh6XxUPTbnFJm6DtZgxtuF3wr wgNwXWDN2xZZHKfXxoCGEnmZQAyuHvNoqw/WW8qAiJIAIKeUctAec2DA8h76PqJC3ZYt OQ67zsFvAQxEcqzQkbzbvKFx1pd9Kowy57B372Hkr1UT4Dn2jcj468zzbMF/jXH7C+0v 0IVw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject; bh=w4D6Rv0aSG+Cbu4wap0fbyOcRSd594sPCslE7HzCFDY=; b=RSegOmDenOTiPsSS2ezp9hB6uOYWLr98y509Smt1cmRJ5YY6Dw2lUdO+lsAFGuFzy4 3YUfbr8+MrBNIkhWYBh5NGxDELWO1ouoJ6fq2Ob4+kutuDuQjHv3azSeSr5RyGYyuw6Q PVpWLjTA7fhQ6Yt0ayushYsGShIeoab4cUTpy+X8k3IZ6TVldaB4igkPSYbys7rQgAmf zA5o8lrxwzSP7VrUlgblQKW4dza/P7bfWGCxSjg2LunGdLZIH7Sy8V+tEuS0ElckN0iK hEvZSsssiMQff0BxvqsIcKAehu1Ti10XUeTUct/q7f7sRck/IZlqidRAjntaNis0650T uBMQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v14si2988851pfc.76.2019.01.17.13.51.42; Thu, 17 Jan 2019 13:52:02 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728111AbfAQVpa (ORCPT + 99 others); Thu, 17 Jan 2019 16:45:30 -0500 Received: from mx2.suse.de ([195.135.220.15]:43942 "EHLO mx1.suse.de" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726900AbfAQVp3 (ORCPT ); Thu, 17 Jan 2019 16:45:29 -0500 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay1.suse.de (unknown [195.135.220.254]) by mx1.suse.de (Postfix) with ESMTP id 1DF0CAD7D; Thu, 17 Jan 2019 21:45:28 +0000 (UTC) Subject: Re: [PATCH] mm/mincore: allow for making sys_mincore() privileged To: Josh Snyder , Dominique Martinet Cc: Linus Torvalds , Andy Lutomirski , Dave Chinner , Jiri Kosina , Matthew Wilcox , Jann Horn , Andrew Morton , Greg KH , Peter Zijlstra , Michal Hocko , Linux-MM , kernel list , Linux API References: <20190110070355.GJ27534@dastard> <20190110122442.GA21216@nautica> <5c3e7de6.1c69fb81.4aebb.3fec@mx.google.com> <9E337EA6-7CDA-457B-96C6-E91F83742587@amacapital.net> <20190116054613.GA11670@nautica> <20190116063430.GA22938@nautica> From: Vlastimil Babka Message-ID: Date: Thu, 17 Jan 2019 22:45:25 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 1/16/2019 8:52 AM, Josh Snyder wrote: > On Tue, Jan 15, 2019 at 10:34 PM Dominique Martinet > wrote: >> >> There is a difference with your previous patch though, that used to list no >> page in core when it didn't know; this patch lists pages as in core when it >> refuses to tell. I don't think that's very important, though. I've argued previously that reporting false positives (as your patch does) should be better, otherwise there might be somebody trying to fault in their pages in a loop until mincore reports positive, which would become an endless loop. So agreed with your change. Or maybe we could resort to the 5.0-rc1 page table check (that is now being reverted) but only in cases when we are not allowed the page cache residency check? Or would that be needlessly complicated? And it would be able to leak if a page was evicted from the page cache... > Is there a reason not to return -EPERM in this case? That would definitely break somebody. >> >> If anything, the 0400 user-owner file might be a problem in some edge >> case (e.g. if you're preloading git directories, many objects are 0444); >> should we *also* check ownership?... > > Yes, this seems valuable. Some databases with immutable files (e.g. git, as > you've mentioned) conceivably operate this way. > > Josh >