Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp67604pxk; Wed, 30 Sep 2020 18:08:48 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy3xVlz6BbrUAHTwVhgKvxSNzRswgrW4eclOggpUy8IjbtMUsgDRwDlxNkZbNGv1kJKba/h X-Received: by 2002:a17:907:648:: with SMTP id wq8mr5829853ejb.291.1601514528482; Wed, 30 Sep 2020 18:08:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1601514528; cv=none; d=google.com; s=arc-20160816; b=bwd2rzY8cAyO6JtKHe/e8f+ywng88/yNl5VZ1aNlroaXe0j43uhW2jESSe4pphK4/W nxPdLnusKYFiNbLiYMuT4qbRZzE2YnbA+ZE/Cw3aMW2JUv0HAvx5D93RCZy0Wyjzw48R 8t5wMBcLdkUU73PUrtyVTf3s4GghJHoN625xBal8j43sqsDaFY+gokYNeXNKJsE6b7aE zHgEKuzOhImwEkIBIFocdeCzDEUQ3vsyYsvE0/OiQlFAhqBbxW6TYFC6RL15NyMF4QzA Lt2D61t2H6pQatCgwBnaCm2pL0bOqSeC6neif899zoCcdvSJ9uHmqYpbYTQtjU4zoJSz 0w3A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=PGlnswLCEbO8zj3EJbctth4RiRNCq3y8UGSmi1Mw83E=; b=Uvvyp2n+M7PtcyQtW3zuIN1OnyK1sgfZlx0GpiVmYnsw00kPov2giQuAYPNL9S2leR fSPo+dOkOC/Ou2lehU27RVqlvWImsgqZeZORqtjOb/E/pgiuYKGAAtYdI94e+pvA1x6l MW/BEoQp8MbHMJdxs5werkzY8pNIximKdGL371Tn5dLyitHEhTIfkWFDJixcKPVZ8B7W XKdoB+QUKbJbAWA+rPLkuPCfBe7QzH2jfdtxgIIdIluOdfcBoOOET3A40sxW+/VtKTH0 FlvoEtVyym9ppKSrh0bx86XG4w6QWWKnQat6sSbRJ9ry1H8cwQjiyyWacj1PHbfP/hUr hHaQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=o6wFEBgI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id h19si2301781ejb.619.2020.09.30.18.08.25; Wed, 30 Sep 2020 18:08:48 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=o6wFEBgI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731600AbgI3XWU (ORCPT + 99 others); Wed, 30 Sep 2020 19:22:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59258 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731321AbgI3XWP (ORCPT ); Wed, 30 Sep 2020 19:22:15 -0400 Received: from mail-yb1-xb42.google.com (mail-yb1-xb42.google.com [IPv6:2607:f8b0:4864:20::b42]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 06C65C061755 for ; Wed, 30 Sep 2020 16:22:14 -0700 (PDT) Received: by mail-yb1-xb42.google.com with SMTP id v60so2564309ybi.10 for ; Wed, 30 Sep 2020 16:22:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=PGlnswLCEbO8zj3EJbctth4RiRNCq3y8UGSmi1Mw83E=; b=o6wFEBgIzTm9Qy5lEIMUS/k8X2PABBVt1TCORpbI/sROaLzcsJIjQraiWU9XcnujRF 4EqBI/4aPa/ucrjdz0MSrCEVlut+eqiudSD5l8CaT+MmrMctt0aK+iO8fX52uI6VogGP vVd8d5P04W2IllMoLxdJpu3I4i4p3UD8uGUoATr51xPDShI0sM1ctjqsJsJWQUUdNUr6 fgjee1q2DQYiNxzaEwnEG+JzDY8joxBgMNyTAp7w7uvMpoAZImKfwkID0abaMoow8aG5 03hxtsXXDXkLKYEToY+C8ZAshPt/pC2XGh/AivywvzI5x7m8C5L5Xn+JBuFmSGjxsh7T VArg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=PGlnswLCEbO8zj3EJbctth4RiRNCq3y8UGSmi1Mw83E=; b=gWwUZ9+MDfobsMHK01GjWme5sVPmJLdaVTN7lI+L8C1fnoMGnfhT/0rB2yrE4EOI7o xhbWKNeFUlmpFsSfqGegwkrhR7kKJVEh1pe6MsuTS3mjW8qrfxiFhz+SbdWFsImSJcXI S+/QpMu6+aJAZjZVSVz0yHwR5F5ca8QVQtMZrF0O/Qj+/poPWzkh/FmFRT7yh3CnUSGw xbKStelU6jk99YhGb1L7meYBifTHbA1qRXWBy4wt+e78UukMrPMTDjNuVXnXmQ/9pVNO 2wdvKqSHmwX7zvntKUawWfj5VIMGN045U/0Py129ZjAYXOjVipWPSEXQnVZ3zONwKW18 I3LQ== X-Gm-Message-State: AOAM5320Wdm/UbysnYNts77lcGxS3qTBUi5zACUNlYoD+Rb+qRk0Zfoa 3oMqG3BMsk1qBOozq5VR3k70Mj27OzsROhB3xbkkxg== X-Received: by 2002:a25:c549:: with SMTP id v70mr6871788ybe.516.1601508133034; Wed, 30 Sep 2020 16:22:13 -0700 (PDT) MIME-Version: 1.0 References: <20200930011944.19869-1-jannh@google.com> In-Reply-To: From: Michel Lespinasse Date: Wed, 30 Sep 2020 16:22:00 -0700 Message-ID: Subject: Re: [PATCH 2/4] binfmt_elf: Take the mmap lock around find_extend_vma() To: Jann Horn Cc: Andrew Morton , linux-mm , LKML , "Eric W . Biederman" , Mauro Carvalho Chehab , Sakari Ailus Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Sep 29, 2020 at 6:20 PM Jann Horn wrote: > create_elf_tables() runs after setup_new_exec(), so other tasks can > already access our new mm and do things like process_madvise() on it. > (At the time I'm writing this commit, process_madvise() is not in mainline > yet, but has been in akpm's tree for some time.) > > While I believe that there are currently no APIs that would actually allow > another process to mess up our VMA tree (process_madvise() is limited to > MADV_COLD and MADV_PAGEOUT, and uring and userfaultfd cannot reach an mm > under which no syscalls have been executed yet), this seems like an > accident waiting to happen. > > Let's make sure that we always take the mmap lock around GUP paths as long > as another process might be able to see the mm. > > (Yes, this diff looks suspicious because we drop the lock before doing > anything with `vma`, but that's because we actually don't do anything with > it apart from the NULL check.) > > Signed-off-by: Jann Horn Thanks for these cleanups :) Acked-by: Michel Lespinasse