Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp2356845pxb; Sat, 7 Nov 2020 20:15:44 -0800 (PST) X-Google-Smtp-Source: ABdhPJyNydR+B3qaRghs2sSyVUztntyoZCVsyf2sDsB2iTo7fLUKTeBJl268xlesicBl0uzltzt1 X-Received: by 2002:a17:906:888b:: with SMTP id ak11mr9158377ejc.278.1604808944700; Sat, 07 Nov 2020 20:15:44 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1604808944; cv=none; d=google.com; s=arc-20160816; b=TXEZC2Dh9dxC/ORll6ew1BrolLM0YPsHCEtbI2IXyuv75DwaetGA8goHbEDLGbgBZ+ irTtKLPTsgOi1hle2wPI5S2Opqho1xwCiZXaMWnL7ss1K1+V4xLkdgkBE/9EZVAkScMx u/OmlIaKX8PV0XIJoCinI0AwPVN8Fn7Dr/QtXLke1wJsMYUMyB+uoOX6Po7LFY9iKHgm qSNEycBbwfLB/99alv/MUbwuS5Kf9+RrudNvWBpSzveC1bIuninaVfBnZ641w/1tjA2l J08y3mTeKZXEJtgFoUN+zQukCt+vrs1AsSr40KOhEC2hGaEKXP7AApDJRCcm/ijXDCcM vSHg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject; bh=S3aA9ze4cMXvfQMTxeQF+wBPczoNimPOYveQREKyltE=; b=fq5yfjVbl+rmWTrEjyn+fwJnprgagdfxbDie0VR/ZtX/4tjsyTOex/TSGsq82oZulI gwKLG7XzkHxvazLNLJOZklxnYQXe9EUSp4xLTGA/XhvjGtcMSNdKxq2X5g4VwxvFIDVi 5K1Rv2S/EjVTMf5kzDdfvs526QMCwvUA4wpCMr6vEzJiEOkioYAKPM0vMCQx2jGZJNno gZB5olLN191nNTMP5TdqPLJRI4yfcnIrheivPtJfRnHgFVEXRQBO5r6Fm+SYJur9P4W+ zpgQStZcWeyLXb2x2fnFQA2qZ81/SBpiy+mTuR9UzvBYL2wb3k6lBUKh96bidOFkADqH tr/Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id p9si4337914edm.38.2020.11.07.20.15.22; Sat, 07 Nov 2020 20:15:44 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727298AbgKHEMQ (ORCPT + 99 others); Sat, 7 Nov 2020 23:12:16 -0500 Received: from www262.sakura.ne.jp ([202.181.97.72]:62949 "EHLO www262.sakura.ne.jp" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726062AbgKHEMP (ORCPT ); Sat, 7 Nov 2020 23:12:15 -0500 Received: from fsav101.sakura.ne.jp (fsav101.sakura.ne.jp [27.133.134.228]) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTP id 0A84CDPO039523; Sun, 8 Nov 2020 13:12:13 +0900 (JST) (envelope-from penguin-kernel@i-love.sakura.ne.jp) Received: from www262.sakura.ne.jp (202.181.97.72) by fsav101.sakura.ne.jp (F-Secure/fsigk_smtp/550/fsav101.sakura.ne.jp); Sun, 08 Nov 2020 13:12:13 +0900 (JST) X-Virus-Status: clean(F-Secure/fsigk_smtp/550/fsav101.sakura.ne.jp) Received: from [192.168.1.9] (M106072142033.v4.enabler.ne.jp [106.72.142.33]) (authenticated bits=0) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTPSA id 0A84CDQ5039516 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NO); Sun, 8 Nov 2020 13:12:13 +0900 (JST) (envelope-from penguin-kernel@i-love.sakura.ne.jp) Subject: Re: [PATCH 1/2] tomoyo: Convert get_user_pages*() to pin_user_pages*() To: John Hubbard , Souptick Joarder Cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, Jan Kara , Matthew Wilcox , James Morris , "Serge E. Hallyn" References: <1604737451-19082-1-git-send-email-jrdr.linux@gmail.com> <5efeb909-3e02-ba14-7a86-f18562a2fe69@i-love.sakura.ne.jp> <8590eb4c-256b-9ab0-5291-de8ec8d75276@nvidia.com> From: Tetsuo Handa Message-ID: <40bd424d-6c4d-8b03-5d97-c572ca777b77@i-love.sakura.ne.jp> Date: Sun, 8 Nov 2020 13:12:09 +0900 User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.4.0 MIME-Version: 1.0 In-Reply-To: <8590eb4c-256b-9ab0-5291-de8ec8d75276@nvidia.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2020/11/08 11:17, John Hubbard wrote: >> Excuse me, but Documentation/core-api/pin_user_pages.rst says >> "CASE 5: Pinning in order to _write_ to the data within the page" >> while tomoyo_dump_page() is for "_read_ the data within the page". >> Do we want to convert to pin_user_pages_remote() or lock_page() ? >> > > Sorry, I missed the direction here, was too focused on the Case 5 > aspect. Yes. Case 5 (which, again, I think we're about to re-document) > is only about *writing* to data within the page. > > So in this case, where it is just reading from the page, I think it's > already from a gup vs pup point of view. > > btw, it's not clear to me whether the current code is susceptible to any > sort of problem involving something writing to the page while it > is being dumped (I am curious). But changing from gup to pup wouldn't > fix that, if it were a problem. It a separate question from this patch. The "struct page" tomoyo_dump_page() accesses is argv/envp arguments passed to execve() syscall. Therefore, these pages are not visible from threads except current thread, and thus there is no possibility that these pages are modified by other threads while current thread is reading.