Received: by 2002:a05:6a10:d5a5:0:0:0:0 with SMTP id gn37csp2074707pxb; Thu, 7 Oct 2021 23:37:02 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwcHl4prhG8vx5BwNyH/bj//U4w6d8EsVxe6DJv+OKNNiknp4QGhfb66aOXRD1te3koPufk X-Received: by 2002:a50:e183:: with SMTP id k3mr12831911edl.22.1633675022648; Thu, 07 Oct 2021 23:37:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1633675022; cv=none; d=google.com; s=arc-20160816; b=0BGapBWggDIzcKa+NZM9FUQeYfxZOTZltAIKSnUo5Z8hRQnNTHqqYPWMWhiHmkbirl zooeWw6WfBj3jQXFxm9RLSGE8ENvlnt6Z/xo2CB0Fykme71H35hUd89GDwItNq+h2y3W cbGfIJDqPqGCejkrjPkCNM6XquJnEQZJco6vPmog5w1jNGLAAzKAGIrPESZdfmH4H/tx a/8eivvF4sDuEx862nTMg99LPwzkP6tcUPTvMRNJ9De9rhk1tEodAsjWTSSMbnq7i+YL h2DxynIqcVxvavUlEKci42MxAoYYVVdAt9G3olPXcjEpiTOfMxB1TQdFhJdOk3NuHYls Kcjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=CcFIsT1c20GjUuqiYz9PJ+eUk+2oJK91pSz23fk2I9w=; b=1Ctk85rRDkhnaRr3EnTEpOxe+iKzhbvBDvnO1MaN31M25DotyPF7IsXmtdzgpbkPc/ RO4wfKr6+jNZPAj3XjlgPGQcnJWYSqgxB1hKjSfoXDnQ+qXRbitjnPBpZi2ZKrzfkaDY gfDzHnFnAgpbfIY+qF1F0ldKH+5Bbn34CsJ0Y/rQglXk0q2qG3FWYT8uAgl14T9w+kmg 8pBuypCkFGzdCXUG1kF39llBuYnXKDxGXx0YEm7sC4+31RIMmocimekVwH6yCz2XET7L 6Yv2dylgXy5xZ99IUaOyc4yPX/G/nVRcAWS4O3xtzFD3DdCp9zPQJfWESorIz3zi5iTp bSRQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b=X3yuN8h8; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=NONE dis=NONE) header.from=suse.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id gn9si3229932ejc.136.2021.10.07.23.36.39; Thu, 07 Oct 2021 23:37:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b=X3yuN8h8; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=NONE dis=NONE) header.from=suse.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231175AbhJHGgq (ORCPT + 99 others); Fri, 8 Oct 2021 02:36:46 -0400 Received: from smtp-out2.suse.de ([195.135.220.29]:55698 "EHLO smtp-out2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229585AbhJHGgo (ORCPT ); Fri, 8 Oct 2021 02:36:44 -0400 Received: from relay2.suse.de (relay2.suse.de [149.44.160.134]) by smtp-out2.suse.de (Postfix) with ESMTP id 25EDD1FD35; Fri, 8 Oct 2021 06:34:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1633674889; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=CcFIsT1c20GjUuqiYz9PJ+eUk+2oJK91pSz23fk2I9w=; b=X3yuN8h8Wp2n/qIrLAm1bgF3pbs0djN0Upa2GuSzWd7ZMvhNjTMfNGafyZfFa85St77ULb XlR1cukpoUA5j0NlftLczY56Cgls+aCdeZKzQw2YiMOjkGCPiBTNrmZhFC5EIWmx58V6OD Vzq+qZOju9bMpBwfXY2F+X0JZ8+Tp94= Received: from suse.cz (unknown [10.100.201.86]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by relay2.suse.de (Postfix) with ESMTPS id 0E692A3B84; Fri, 8 Oct 2021 06:34:48 +0000 (UTC) Date: Fri, 8 Oct 2021 08:34:47 +0200 From: Michal Hocko To: Kees Cook Cc: Suren Baghdasaryan , Pavel Machek , Rasmus Villemoes , David Hildenbrand , John Hubbard , Andrew Morton , Colin Cross , Sumit Semwal , Dave Hansen , Matthew Wilcox , "Kirill A . Shutemov" , Vlastimil Babka , Johannes Weiner , Jonathan Corbet , Al Viro , Randy Dunlap , Kalesh Singh , Peter Xu , rppt@kernel.org, Peter Zijlstra , Catalin Marinas , vincenzo.frascino@arm.com, Chinwen Chang =?utf-8?B?KOW8temMpuaWhyk=?= , Axel Rasmussen , Andrea Arcangeli , Jann Horn , apopple@nvidia.com, Yu Zhao , Will Deacon , fenghua.yu@intel.com, thunder.leizhen@huawei.com, Hugh Dickins , feng.tang@intel.com, Jason Gunthorpe , Roman Gushchin , Thomas Gleixner , krisman@collabora.com, Chris Hyser , Peter Collingbourne , "Eric W. Biederman" , Jens Axboe , legion@kernel.org, Rolf Eike Beer , Cyrill Gorcunov , Muchun Song , Viresh Kumar , Thomas Cedeno , sashal@kernel.org, cxfcosmos@gmail.com, LKML , linux-fsdevel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm , kernel-team Subject: Re: [PATCH v10 3/3] mm: add anonymous vma name refcounting Message-ID: References: <92cbfe3b-f3d1-a8e1-7eb9-bab735e782f6@rasmusvillemoes.dk> <20211007101527.GA26288@duo.ucw.cz> <202110071111.DF87B4EE3@keescook> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <202110071111.DF87B4EE3@keescook> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu 07-10-21 11:12:58, Kees Cook wrote: > On Thu, Oct 07, 2021 at 10:50:24AM -0700, Suren Baghdasaryan wrote: > > On Thu, Oct 7, 2021 at 10:31 AM Michal Hocko wrote: > > > > > > On Thu 07-10-21 09:58:02, Suren Baghdasaryan wrote: > > > > On Thu, Oct 7, 2021 at 9:40 AM Michal Hocko wrote: > > > > > > > > > > On Thu 07-10-21 09:04:09, Suren Baghdasaryan wrote: > > > > > > On Thu, Oct 7, 2021 at 3:15 AM Pavel Machek wrote: > > > > > > > > > > > > > > Hi! > > > > > > > > > > > > > > > >> Hmm, so the suggestion is to have some directory which contains files > > > > > > > > >> representing IDs, each containing the string name of the associated > > > > > > > > >> vma? Then let's say we are creating a new VMA and want to name it. We > > > > > > > > >> would have to scan that directory, check all files and see if any of > > > > > > > > >> them contain the name we want to reuse the same ID. > > > > > > > > > > > > > > > > > > I believe Pavel meant something as simple as > > > > > > > > > $ YOUR_FILE=$YOUR_IDS_DIR/my_string_name > > > > > > > > > $ touch $YOUR_FILE > > > > > > > > > $ stat -c %i $YOUR_FILE > > > > > > > > > > > > Ah, ok, now I understand the proposal. Thanks for the clarification! > > > > > > So, this would use filesystem as a directory for inode->name mappings. > > > > > > One rough edge for me is that the consumer would still need to parse > > > > > > /proc/$pid/maps and convert [anon:inode] into [anon:name] instead of > > > > > > just dumping the content for the user. Would it be acceptable if we > > > > > > require the ID provided by prctl() to always be a valid inode and > > > > > > show_map_vma() would do the inode-to-filename conversion when > > > > > > generating maps/smaps files? I know that inode->dentry is not > > > > > > one-to-one mapping but we can simply output the first dentry name. > > > > > > WDYT? > > > > > > > > > > No. You do not want to dictate any particular way of the mapping. The > > > > > above is just one way to do that without developing any actual mapping > > > > > yourself. You just use a filesystem for that. Kernel doesn't and > > > > > shouldn't understand the meaning of those numbers. It has no business in > > > > > that. > > > > > > > > > > In a way this would be pushing policy into the kernel. > > > > > > > > I can see your point. Any other ideas on how to prevent tools from > > > > doing this id-to-name conversion themselves? > > > > > > I really fail to understand why you really want to prevent them from that. > > > Really, the whole thing is just a cookie that kernel maintains for memory > > > mappings so that two parties can understand what the meaning of that > > > mapping is from a higher level. They both have to agree on the naming > > > but the kernel shouldn't dictate any specific convention because the > > > kernel _doesn't_ _care_. These things are not really anything actionable > > > for the kernel. It is just a metadata. > > > > The desire is for one of these two parties to be a human who can get > > the data and use it as is without additional conversions. > > /proc/$pid/maps could report FD numbers instead of pathnames, which > > could be converted to pathnames in userspace. However we do not do > > that because pathnames are more convenient for humans to identify a > > specific resource. Same logic applies here IMHO. > > Yes, please. It really seems like the folks that are interested in this > feature want strings. (I certainly do.) I am sorry but there were no strong arguments mentioned for strings so far. Effectively string require a more complex and more resource hungry solution. The only advantage is that strings are nicer to read for humans. There hasn't been any plan presented for actual naming convention or how those names would be used in practice. Except for a more advanced resource management and that sounds like something that can work with ids just fine. > For those not interested in the > feature, it sounds like a CONFIG to keep it away would be sufficient. CONFIG is not an answer here as already pointed out. Distro kernels will be forced to enable this because there might be somebody to use this feature. Initially I was not really feeling strongly one way or other but more we are discussing the topic the more I see that strings have a very weak justification behind. -- Michal Hocko SUSE Labs