Received: by 2002:a05:6a10:f3d0:0:0:0:0 with SMTP id a16csp3645230pxv; Mon, 28 Jun 2021 09:16:21 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy+8PVRGbbR5U83mTzqEH+NAk93w0yRUYwjSMqVNK6Nr19Aife31kVmrIiYq2b4kfS+YSZX X-Received: by 2002:a05:6402:886:: with SMTP id e6mr34238331edy.33.1624896980889; Mon, 28 Jun 2021 09:16:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1624896980; cv=none; d=google.com; s=arc-20160816; b=FQ+CFLGEbdY7BGXzRJ07dwjhhFQXhrzYUFqcBlwu8EeGy9eiFh9FUat7vFcKRcB/65 wEBwePFFC3e0fqvmCQKUigONfVbs5dx+XjkQ/D9no5GJxho1RnsZ82uPzlgEdlFoiivc xf/5/FUvxx67GNEIrhb19LOgoFjkkBLG/QZO5HN+NNYtP5pE7aIQOlMuRRJ0jw6Uo8OG 5EqpDmv7wjjF94rzbOSb7L0bnTJupbRpI355bTjjO4Mrmct5FUbeofRwasnGj/rcdrGA xJpJzKo2RivWTsbHdtt8ptKg5p6LzJ0u3rQSkdNUGgZnT3x8QhG/5KvvDbLdRnyUUPXH UYdQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=3MPWI09cDaXVTeiQJMgfQS8bGelaaSuy44zASltbRb4=; b=Un3YmOKgMwHyZEiVEL2BD3FYU4RIDtp85AWYXHinsWIE+36mwyjVXK7Z0Hj4e/iFe7 rNr6D+pnIm3aiYe9QHan8PVZNaB4JjoVuqfsJbV7UICLUDMCvFVDkpF2Z4HW5EHNf6oX ukDJvuwnl57OrDru43CBqTSuPvei4j3we6hJMiGWnNKVf2Xml1DIDdPTMJ6jwr9C6NwK jhfoCJh6NQuSHYc4JNarj+iN3LX2l26n99rYvh3oHUS0MQ0Jfzll73jA/wdbUg9DZnxn zfKvaSjPuArgT5PdGUjxeDSBDmk1no7ZdCJz/QWMKac9GCA2/X7G9M1LQRRqG8rywFeo 2u4A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=rkwRM0fS; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id yh17si14117977ejb.336.2021.06.28.09.15.55; Mon, 28 Jun 2021 09:16:20 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=rkwRM0fS; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232853AbhF1QQZ (ORCPT + 99 others); Mon, 28 Jun 2021 12:16:25 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59408 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231472AbhF1QQY (ORCPT ); Mon, 28 Jun 2021 12:16:24 -0400 Received: from mail-lf1-x12e.google.com (mail-lf1-x12e.google.com [IPv6:2a00:1450:4864:20::12e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6BEE9C061574 for ; Mon, 28 Jun 2021 09:13:58 -0700 (PDT) Received: by mail-lf1-x12e.google.com with SMTP id a15so25724442lfr.6 for ; Mon, 28 Jun 2021 09:13:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=3MPWI09cDaXVTeiQJMgfQS8bGelaaSuy44zASltbRb4=; b=rkwRM0fS1WoGWcWVRW/6QFSgqfdRye+O5sp8Bib33VhmnJhVInq+Kk+YrqtdQ2KUMN cVqqGtolTmVmpZ7v4hxWOv+/SoYMpEGgRVoFXJOqR/SAer2Z5CcWmFgmNxymbO0j8XG3 gRz9U8eKvxyx6T2Ky8tF23fOM+LvGnxv+Nrk0omQbmgcF6emaCtFgAvm/i18QLdd3mKI SIJkCqMT7KQeMug823yLWgRWAdnyq33kWyWJKUWvbY4JQ2MfrJGJYhk9eCQ03Kn/qpCv EQnaLbeA0tBA1/GFwDNLsAj/SPrxMR/G70gyjwnLii+cOkiKy+qpWyISlT/L5mRSy9h2 T/Og== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=3MPWI09cDaXVTeiQJMgfQS8bGelaaSuy44zASltbRb4=; b=kYInLzb656Y4544C7vdLDKqNqBPNvWVRTB1CCRQBL3jZznJuH4xYQZlI9HwuhJD9O9 vgXO0mOwx49xsyYWSb2+UIMr+0zmbTsg2+XrZjhIfeT8dJ07oJWNTnvuNjKw0j5nyGfE pzQ6NFnwunalEh2TFE216+6KH35Ru7z9lcOSUsoUMIY32iBdqHOtkqe3uUVNdb0ZpLUx YGs1tHigSzw0SzKSPKR4XuzaeNuJk+MX1hk91q2tjFspaN0kmp5ZSpqcgjjVtFs/MrHf QsbFoWAni50W3HGXqFEVtVXkxBIxvf4snF/7448MUzT7L/vCye57J53U7mLjl5xRfABG fW/A== X-Gm-Message-State: AOAM530Mn2b8TZ5UBhViGE9193W6XKvUuOVRWVSpD+8qPducmxiYmTqO xTQ78v5zs07iTcIVrvYoVlugO9RQNBRZHhA8IRXHyA== X-Received: by 2002:a05:6512:210e:: with SMTP id q14mr18614285lfr.356.1624896835735; Mon, 28 Jun 2021 09:13:55 -0700 (PDT) MIME-Version: 1.0 References: <20210414055217.543246-1-avagin@gmail.com> <20210414055217.543246-3-avagin@gmail.com> In-Reply-To: <20210414055217.543246-3-avagin@gmail.com> From: Jann Horn Date: Mon, 28 Jun 2021 18:13:29 +0200 Message-ID: Subject: Re: [PATCH 2/4] arch/x86: implement the process_vm_exec syscall To: Andrei Vagin Cc: linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, linux-um@lists.infradead.org, criu@openvz.org, avagin@google.com, Andrew Morton , Andy Lutomirski , Anton Ivanov , Christian Brauner , Dmitry Safonov <0x7f454c46@gmail.com>, Ingo Molnar , Jeff Dike , Mike Rapoport , Michael Kerrisk , Oleg Nesterov , Peter Zijlstra , Richard Weinberger , Thomas Gleixner Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Apr 14, 2021 at 7:59 AM Andrei Vagin wrote: > This change introduces the new system call: > process_vm_exec(pid_t pid, struct sigcontext *uctx, unsigned long flags, > siginfo_t * uinfo, sigset_t *sigmask, size_t sizemask) > > process_vm_exec allows to execute the current process in an address > space of another process. [...] I still think that this whole API is fundamentally the wrong approach because it tries to shoehorn multiple usecases with different requirements into a single API. But that aside: > +static void swap_mm(struct mm_struct *prev_mm, struct mm_struct *target_mm) > +{ > + struct task_struct *tsk = current; > + struct mm_struct *active_mm; > + > + task_lock(tsk); > + /* Hold off tlb flush IPIs while switching mm's */ > + local_irq_disable(); > + > + sync_mm_rss(prev_mm); > + > + vmacache_flush(tsk); > + > + active_mm = tsk->active_mm; > + if (active_mm != target_mm) { > + mmgrab(target_mm); > + tsk->active_mm = target_mm; > + } > + tsk->mm = target_mm; I'm pretty sure you're not currently allowed to overwrite the ->mm pointer of a userspace thread. For example, zap_threads() assumes that all threads running under a process have the same ->mm. (And if you're fiddling with ->mm stuff, you should probably CC linux-mm@.) As far as I understand, only kthreads are allowed to do this (as implemented in kthread_use_mm()). > + switch_mm_irqs_off(active_mm, target_mm, tsk); > + local_irq_enable(); > + task_unlock(tsk); > +#ifdef finish_arch_post_lock_switch > + finish_arch_post_lock_switch(); > +#endif > + > + if (active_mm != target_mm) > + mmdrop(active_mm); > +}