Received: by 2002:a05:6a10:2785:0:0:0:0 with SMTP id ia5csp2421471pxb; Mon, 11 Jan 2021 09:12:13 -0800 (PST) X-Google-Smtp-Source: ABdhPJyd8zEY+B+5HCyCZZ6M/gK78+opA5NR0ulXtgVwRmw5lvRkExnqI7+APwtOfAXEfwzxKhPv X-Received: by 2002:a17:906:b56:: with SMTP id v22mr312961ejg.145.1610385133401; Mon, 11 Jan 2021 09:12:13 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1610385133; cv=none; d=google.com; s=arc-20160816; b=pVPpiyruvk+mv2x+peoclYbHBb0jknIoXcIuhao5lsQP7hr36IMCukIp9UoB6sm23j 01CK6XZf0ZUMv45/L7fvClMl0nZvYg+O/GZcA8qHDDF7zHThTcvuQPc+0FQPoe8Azg6i 3TKZ94jFSq4B7m3DGHZA1K3248zRhnJBTJc8XRBWcxnZ7PsWWwao1t+Ir3YViLyX9qGn GHtTnkO5sSNvAaBteVsYqS/Tlqcj5m6X9ccxHWJfUBw+dfBZ9SlR8zz7zeWaTAC2NTx3 FQPXKlKgMRga2bVqs2GBgYZ9Xvl+vNQ5G2s/v1DBUKW1m4iwErHMm7LJnLbPvstyW+H1 qUtw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=LBhiCRQ/hU8nUHPJqyu8ucV/q20tb78qZ9F6AUF5dl0=; b=m9cMtfn7qJSdbtJyKheVLl/O+19tDOHHMD3lBMYr/ZTgg2GHq1hnqvbjeQBJLt/5nJ l+ewmngFKIQDQJdBy2TA9mjqtZmJnQ8L6s8Yv57uNNni/QPIjN/h1VnymgMK/JLAKNTT uCVtaVcAkR/aesM8EwGRrFefR4rUwUx9JUzv0UtiZY9VFPD97boTtbVuz+2xPjgFDSsh NSNJ2RKl/P+1dDIi3Gwm+ix8loPaFU5f3OchVxeOtABHgQ1EQdQsIuivvWyZwbfTPlMO A21Fiqg/CfExRCz+07gvK0Ck+sLYRD/zuEN0cwxnMSL2cEGcvWMeDo9FljuN5+BeyI/Q gnxg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=vdETX3Az; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id k2si158545edf.160.2021.01.11.09.11.50; Mon, 11 Jan 2021 09:12:13 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=vdETX3Az; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2389286AbhAKRKI (ORCPT + 99 others); Mon, 11 Jan 2021 12:10:08 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43898 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2387654AbhAKRKG (ORCPT ); Mon, 11 Jan 2021 12:10:06 -0500 Received: from mail-wr1-x431.google.com (mail-wr1-x431.google.com [IPv6:2a00:1450:4864:20::431]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 74231C0617A6 for ; Mon, 11 Jan 2021 09:09:25 -0800 (PST) Received: by mail-wr1-x431.google.com with SMTP id w5so495066wrm.11 for ; Mon, 11 Jan 2021 09:09:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=LBhiCRQ/hU8nUHPJqyu8ucV/q20tb78qZ9F6AUF5dl0=; b=vdETX3AzAhGWS4XOn4U/L5M8mWyOcAW598aRM+jUl5TPCH8XLNK0r4mVzlinVSegPT 0Bshyv5uEO/Ch6Nc/L2gE6yb/0cG4+1+4rLpSaMTsw8S88w6HqPfjfYYoHJeaXU0dtFB LSwEnYt0jq7sZi2yLNO4AMRS68Asn+Xp/feHXG1C9xN8lbjUrxRxRqvmjq7rIm7Nlt5s 9eRuDUQcO76Ft46QvLZFpa8HqfhLIX5QUq1plsc+YbjGz5yX5iBust3IW1tRRDs9o5DC +2lG7OHbMB2mH26JeyxgT8EHYaJK/m38/CFtAQqDku9jlRIEJASEJbMMbpoXDvXm+cZh q6kA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=LBhiCRQ/hU8nUHPJqyu8ucV/q20tb78qZ9F6AUF5dl0=; b=dRHcEN/I3rzObVQ6EOZXIAkN2NKUqQNVZ1Lo51U8gIHZyXa/ZX75j3z5ZRKcikxG9w CpaJRD2jJCG2TaM2yQnOYIXRUAkAkrbKDWmxdHItY8eGca0qh5VnFeif0xBm3FsFtz6g zOs4k798zNtdfYgIutmHyhze79CFdsgltN3Vu1ZzqBKnCEnLM/qMwqqA3B3lQ66Sbrci scVWDPDiQ5ZTq1yB+2iaDeaI9sPKpyajnbgNyY1wSXYPrDzC59oY+JVUhzLZIUb0ic98 n2/MliyzE+9gzLJAFm18EtWnML5Sgryp6s5n1adLF9Qg2ye3cINaXTxredo9ZVA/nkkB YObw== X-Gm-Message-State: AOAM533mWfBhr+Z/Rp1I0KBoVaDg2HtHkBKmODr8/O6qj5FMhkkrtKQo 7/1E/rTorgpWenz3Id1AfuK1QXJKibMmoApPUAAuiw== X-Received: by 2002:a5d:4704:: with SMTP id y4mr120140wrq.358.1610384964099; Mon, 11 Jan 2021 09:09:24 -0800 (PST) MIME-Version: 1.0 References: <20210108205857.1471269-1-surenb@google.com> <875z43rd0u.fsf@oldenburg2.str.redhat.com> In-Reply-To: From: Suren Baghdasaryan Date: Mon, 11 Jan 2021 09:09:13 -0800 Message-ID: Subject: Re: [PATCH 1/1] mm/madvise: replace ptrace attach requirement for process_madvise To: Florian Weimer Cc: Andrew Morton , Jann Horn , Kees Cook , Jeffrey Vander Stoep , Minchan Kim , Michal Hocko , Shakeel Butt , David Rientjes , =?UTF-8?Q?Edgar_Arriaga_Garc=C3=ADa?= , Tim Murray , linux-mm , selinux@vger.kernel.org, Linux API , LKML , kernel-team Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jan 11, 2021 at 9:05 AM Suren Baghdasaryan wrote: > > On Mon, Jan 11, 2021 at 2:20 AM Florian Weimer wrote: > > > > * Suren Baghdasaryan: > > > > > diff --git a/mm/madvise.c b/mm/madvise.c > > > index 6a660858784b..c2d600386902 100644 > > > --- a/mm/madvise.c > > > +++ b/mm/madvise.c > > > @@ -1197,12 +1197,22 @@ SYSCALL_DEFINE5(process_madvise, int, pidfd, const struct iovec __user *, vec, > > > goto release_task; > > > } > > > > > > - mm = mm_access(task, PTRACE_MODE_ATTACH_FSCREDS); > > > + /* Require PTRACE_MODE_READ to avoid leaking ASLR metadata. */ > > > + mm = mm_access(task, PTRACE_MODE_READ_FSCREDS); > > > if (IS_ERR_OR_NULL(mm)) { > > > ret = IS_ERR(mm) ? PTR_ERR(mm) : -ESRCH; > > > goto release_task; > > > } > > > > Shouldn't this depend on the requested behavior? Several operations > > directly result in observable changes, and go beyond performance tuning. > > Thanks for the comment Florian. > process_madvise supports only MADV_COLD and MADV_PAGEOUT hints which > are both non-destructive (see process_madvise_behavior_valid() > function). Maybe you meant something else by "observable changes", if > so please clarify. > Thanks, > Suren. > V2 with Minchan's fix is posted at: https://lore.kernel.org/lkml/20210111170622.2613577-1-surenb@google.com/T/#u > > > > Thanks, > > Florian > > -- > > Red Hat GmbH, https://de.redhat.com/ , Registered seat: Grasbrunn, > > Commercial register: Amtsgericht Muenchen, HRB 153243, > > Managing Directors: Charles Cachera, Brian Klemm, Laurie Krebs, Michael O'Neill > > > > -- > > To unsubscribe from this group and stop receiving emails from it, send an email to kernel-team+unsubscribe@android.com. > >