Received: by 2002:a05:6a11:4021:0:0:0:0 with SMTP id ky33csp530117pxb; Wed, 22 Sep 2021 07:33:15 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzwY4Ps0bPULCkMTvSMCFoYuqW+6fJMRQQs3HqBUjyYChki0lOIbOuqWy2l4RNOzEvTP48C X-Received: by 2002:a05:6e02:2185:: with SMTP id j5mr194180ila.189.1632321194943; Wed, 22 Sep 2021 07:33:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1632321194; cv=none; d=google.com; s=arc-20160816; b=coPXQWlYinQyR6M+aTVtbvVyIl+uDBBE++LPeqZYzq1HeUpo0z37h1uZcRhh54N/Il TJUDe6jv5hqOfv++4iWrdU0DkkI5El26+mzbkp/WWCVK6aM4jYnZaoIUws8U97n+HqFY jVfBX1mlurE2oEZYzXn0I9CxdGDp9UjmKyQwLeaCB3VRwz3KNdPKP/fHx1k+SXCHprwb oLBF1O410U2OHqr4yisDNSrn75lgoqyfdpeGEDLfbTgQ4fX1PpiOZPO5Z6Tng9EHwQMw vwfItN/VmaBYcxr5YadiPWUz+cGinKxlMMIzbc+aElWJtYTKWLCHcEEgCib3zK9AwIqM lMaA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=H9MFwjIYK3NzURsIL5ZeXXjauXt11emCz529o4qozFY=; b=rwchiRsqyqeeAhJ5Gn5AqLjHYeLlA4hjskpO+9/r7v2ptHP3FJUdNEwUqqQMcJ7aw/ mzUgH+AD9mrefwYTOJVePj2eJMKDILEzpBxMbPemzVWbmaWZSo6ToTstdE6laErezAJ5 yEeVgXtvrDnuyRxTn4WsMYqksdSchWRMdnX7P8sKKJGnat4LkUPYUs3JR0mMOZbevhir dOnl/CoLtKQWMDtnDAH/u7mTAGkSXjkgn1grdi4zFQVnkOCZz33hyp4C/bBjtpmSYzyp EHja8Ii+0dm9Kh9JEc52f6T/jw75XHicf3MWKeWZ91y2e8DkpeO8lYDixCMG7Lhz/Gmk VUvQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=CNk7IbYe; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id g17si2519990ilr.112.2021.09.22.07.32.58; Wed, 22 Sep 2021 07:33:14 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=CNk7IbYe; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235464AbhIVOcd (ORCPT + 99 others); Wed, 22 Sep 2021 10:32:33 -0400 Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:32849 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232401AbhIVOcc (ORCPT ); Wed, 22 Sep 2021 10:32:32 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1632321062; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=H9MFwjIYK3NzURsIL5ZeXXjauXt11emCz529o4qozFY=; b=CNk7IbYe1HcgRaylWTk1jdMcyxSAC0Tydy80194TLLDbDoWvPbfLLrnYP+w6eZCznBrUZu vy0TnABm09vKag+s/9geTaFnPn0Jd5cSNmdrH6RykvzKHWe82bi8XHUyUpMLfKv7L4IySX Nn9H35NY8sdJlSif3o7Nzo2ris6pgNw= Received: from mail-qt1-f197.google.com (mail-qt1-f197.google.com [209.85.160.197]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-265-MApuHH1YNo2KttL6mh7pIw-1; Wed, 22 Sep 2021 10:30:56 -0400 X-MC-Unique: MApuHH1YNo2KttL6mh7pIw-1 Received: by mail-qt1-f197.google.com with SMTP id b15-20020a05622a020f00b0029e28300d94so8719268qtx.16 for ; Wed, 22 Sep 2021 07:30:56 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=H9MFwjIYK3NzURsIL5ZeXXjauXt11emCz529o4qozFY=; b=5+iq63JlhDzhh2v3z/poASjSnAfGRvv7QuMXoundVC7jyM6dBTY61s5yImkltsDpDA qYobFlVJmNRMCWYV5ORkV+2EyzeNEr4pF/E3Z98AH1rQYGKccQhIqkLD/w2Ec8yM4/6W i4rYYwSrgL02ocs2YwD6vZAU+kpKS+drNENCV8TcgTgOlgYw0z3Uz+SGnWtxPh3smGqH lySHvN2396ComQayqlii49xbgdPwbK3vPKgfK3zCzW2SpNcDCejKs5UqlDjbxQEUdtXA mcQwOYDDNE0w6/qujm6p7wHFyAynxsFA7Cd1chRhG1nRi3dhPyVmAT6OG4SEXvVBf+Qv I4Jg== X-Gm-Message-State: AOAM531A4ys8s/0Sb3D5gaqlVOoF9lInhd/Ak6lW3xwqsLShoA1fn5w/ wZsh05Xq9GC1Cbt8S23BasJDk/i+KAROPdP8WPJLrVER8ss0imU2hJctJQscCHHLb4uUxopCwGz tM8vYSMBuxUWaJB+UWruHDFvI X-Received: by 2002:ac8:1c6:: with SMTP id b6mr32958205qtg.221.1632321056079; Wed, 22 Sep 2021 07:30:56 -0700 (PDT) X-Received: by 2002:ac8:1c6:: with SMTP id b6mr32958174qtg.221.1632321055765; Wed, 22 Sep 2021 07:30:55 -0700 (PDT) Received: from t490s ([2607:fea8:56a2:9100::d3ec]) by smtp.gmail.com with ESMTPSA id f83sm1917615qke.79.2021.09.22.07.30.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 22 Sep 2021 07:30:55 -0700 (PDT) Date: Wed, 22 Sep 2021 10:30:53 -0400 From: Peter Xu To: Nadav Amit Cc: Andrew Morton , linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, Nadav Amit , Andrea Arcangeli , stable@vger.kernel.org Subject: Re: [PATCH] userfaultfd: fix a race between writeprotect and exit_mmap() Message-ID: References: <20210921200247.25749-1-namit@vmware.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20210921200247.25749-1-namit@vmware.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Sep 21, 2021 at 01:02:47PM -0700, Nadav Amit wrote: > From: Nadav Amit > > A race is possible when a process exits, its VMAs are removed > by exit_mmap() and at the same time userfaultfd_writeprotect() is > called. > > The race was detected by KASAN on a development kernel, but it appears > to be possible on vanilla kernels as well. > > Use mmget_not_zero() to prevent the race as done in other userfaultfd > operations. > > Cc: Peter Xu > Cc: Andrea Arcangeli > Cc: stable@vger.kernel.org > Fixes: 63b2d4174c4ad ("userfaultfd: wp: add the writeprotect API to userfaultfd ioctl") > Signed-off-by: Nadav Amit Reviewed-by: Peter Xu Thanks! -- Peter Xu