Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp683383ybt; Mon, 6 Jul 2020 20:25:41 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw7zoAn6vj9sETfIwFEatIAFHassZsmVSvW/7l3/VINgu2uk1H68CqpgkvxvG3pFUhi51i0 X-Received: by 2002:a50:ef10:: with SMTP id m16mr57261211eds.206.1594092341616; Mon, 06 Jul 2020 20:25:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1594092341; cv=none; d=google.com; s=arc-20160816; b=TP5/jqpHIvetGQ5boHH0aB45GAM3tGvsROMmsuuarGEnutAPv8Q6rA77pip8xlK1bz Sj4zr6sWbtl6e+rFxNCl0HCqqg2rpb4FGZ96NF48AvkuImiYvxs8qPsHXmPYm/DMVPQz WX+jVIDhIKKMkrtjGNxiG9OOixfjRoQQJSBvpJDO2DMHlWv9kA/voXKORn/zqWvItd0q 9xlwOFIracJt7iHginJU42RVLS22w5aa4yM/uMJzp5BFWnAnLr/FzD/d1uL5D0Qh0cbe ktSoy9tUW/fRtoTKBc6najGepYgwa8YksVNipUvnrSU/HmWlwLLxunheAugUnonYhcl/ qk6w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:ironport-sdr:ironport-sdr; bh=SGOAcj83P6TPseS/uIzVApU/GSVjoaaMwwzCvaQf2+o=; b=lU3j6Mxd+AEc6ZOP+CBIqQXeYvfHix56DOFwyLR/pp0pbUEEERmqlHzHZJ/pLAxH5C IavoTQkE2cm0NKoaCNFz7kIRKS1k5d08KjmVN1mvGqiJ4tBdzjFX7on6Hz8I+3Ru82zq Ehfzxxx32ZTfhdLGlhcej/zt/xBuu+q5dzk0fcM0+QTnygd+zjCZOnfJo0A0uPnj3SgA oDZbqic1GHMuIVLklkzKOwTxsBBnUagAysQwEEsJ9tjT1H2hLD2qVMEm+y6q303/HsPa TzLNLn2Mo2uNgCnwsHZtbwzhRcplxFnFVhtJw9Sehxir1FzLQysBRC8KZxQcqpJmqpfg OpTA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id dg2si14758913edb.326.2020.07.06.20.25.18; Mon, 06 Jul 2020 20:25:41 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727891AbgGGDW4 (ORCPT + 99 others); Mon, 6 Jul 2020 23:22:56 -0400 Received: from mga05.intel.com ([192.55.52.43]:50529 "EHLO mga05.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726540AbgGGDWz (ORCPT ); Mon, 6 Jul 2020 23:22:55 -0400 IronPort-SDR: kjwhbp//dGl1fXJjOprbT8HiYAGhcpkyt/XCuEXRyqjRfr2N/YoD50lS6OcsjKx/8j0x3gxiQm 5HrthiBf7P9Q== X-IronPort-AV: E=McAfee;i="6000,8403,9674"; a="232393801" X-IronPort-AV: E=Sophos;i="5.75,321,1589266800"; d="scan'208";a="232393801" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Jul 2020 20:22:55 -0700 IronPort-SDR: kFG3YGSwU14G0VmMYUJYxvgt7qnUy1WiYQg/a7BqkOz04+jXrJV5/Ucx3XmXs1E0EGD97qONgk KX0AZl737OCw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,321,1589266800"; d="scan'208";a="315377658" Received: from sjchrist-coffee.jf.intel.com (HELO linux.intel.com) ([10.54.74.152]) by fmsmga002.fm.intel.com with ESMTP; 06 Jul 2020 20:22:54 -0700 Date: Mon, 6 Jul 2020 20:22:54 -0700 From: Sean Christopherson To: Matthew Wilcox Cc: Jarkko Sakkinen , x86@kernel.org, linux-sgx@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, Andrew Morton , Jethro Beekman , andriy.shevchenko@linux.intel.com, asapek@google.com, bp@alien8.de, cedric.xing@intel.com, chenalexchen@google.com, conradparker@google.com, cyhanish@google.com, dave.hansen@intel.com, haitao.huang@intel.com, josh@joshtriplett.org, kai.huang@intel.com, kai.svahn@intel.com, kmoy@google.com, ludloff@google.com, luto@kernel.org, nhorman@redhat.com, npmccallum@redhat.com, puiterwijk@redhat.com, rientjes@google.com, tglx@linutronix.de, yaozhangx@google.com Subject: Re: [PATCH v34 10/24] mm: Add vm_ops->mprotect() Message-ID: <20200707032254.GB5208@linux.intel.com> References: <20200707030204.126021-1-jarkko.sakkinen@linux.intel.com> <20200707030204.126021-11-jarkko.sakkinen@linux.intel.com> <20200707031424.GD25523@casper.infradead.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200707031424.GD25523@casper.infradead.org> User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jul 07, 2020 at 04:14:24AM +0100, Matthew Wilcox wrote: > On Tue, Jul 07, 2020 at 06:01:50AM +0300, Jarkko Sakkinen wrote: > > +++ b/mm/mprotect.c > > @@ -603,13 +603,20 @@ static int do_mprotect_pkey(unsigned long start, size_t len, > > goto out; > > } > > > > + tmp = vma->vm_end; > > + if (tmp > end) > > + tmp = end; > > + > > error = security_file_mprotect(vma, reqprot, prot); > > if (error) > > goto out; > > > > - tmp = vma->vm_end; > > - if (tmp > end) > > - tmp = end; > > You don't need to move this any more, right? Ya, I was typing up a longer version, you beat me to the punch... The calculation of 'tmp' doesn't need to be moved. The previous incarnation only moved it so that that 'tmp would be available for .may_mprotect(). The only reason .may_mprotect() was placed before security_file_mprotect() was to avoid triggering LSM errors that would have been blocked by .may_mprotect(), but that justification is no longer relevant as the proposed SGX LSM hooks obviously didn't worm their way into this series. > > + if (vma->vm_ops && vma->vm_ops->mprotect) { > > + error = vma->vm_ops->mprotect(vma, nstart, tmp, prot); > > + if (error) > > + goto out; > > + } Based on "... and then the vma owner can do whatever it needs to before calling mprotect_fixup(), which is already not static", my interpretation is that Matthew's intent was to do: if (vma->vm_ops && vma->vm_ops->mprotect) error = = vma->vm_ops->mprotect(vma, nstart, tmp, prot); else error = mprotect_fixup(vma, &prev, nstart, tmp, newflags); if (error) goto out; i.e. make .mprotect() a full replacement as opposed to a prereq hook. > > + > > error = mprotect_fixup(vma, &prev, nstart, tmp, newflags); > > if (error) > > goto out; > > -- > > 2.25.1 > >