From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id A31D9D2125F for ; Thu, 17 Oct 2024 09:00:06 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 2DF986B007B; Thu, 17 Oct 2024 05:00:06 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 28F9A6B0082; Thu, 17 Oct 2024 05:00:06 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 109C06B0083; Thu, 17 Oct 2024 05:00:06 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id E45726B007B for ; Thu, 17 Oct 2024 05:00:05 -0400 (EDT) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 5241E80E12 for ; Thu, 17 Oct 2024 08:59:56 +0000 (UTC) X-FDA: 82682496792.19.2A74F82 Received: from www62.your-server.de (www62.your-server.de [213.133.104.62]) by imf29.hostedemail.com (Postfix) with ESMTP id 4C9C6120013 for ; Thu, 17 Oct 2024 08:59:50 +0000 (UTC) Authentication-Results: imf29.hostedemail.com; dkim=pass header.d=iogearbox.net header.s=default2302 header.b=mMTWYWsi; dmarc=pass (policy=reject) header.from=iogearbox.net; spf=pass (imf29.hostedemail.com: domain of daniel@iogearbox.net designates 213.133.104.62 as permitted sender) smtp.mailfrom=daniel@iogearbox.net ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1729155570; a=rsa-sha256; cv=none; b=ufOdOtDo9wX1l4tETGEht2vjdkochDPYp3VxRXM+hq4UKqtfyJm4l1vPbGgRO0DZ9D+GZ+ H8mYYGVo0po4LQY6KtuViYnmdqZlK+vi/ieXh4o1hd87WjZ8nbhMFSPYi1qg5DNZhW6RbB Y0lYg9iIRhsD7m1DptOYN5ekkFLc24o= ARC-Authentication-Results: i=1; imf29.hostedemail.com; dkim=pass header.d=iogearbox.net header.s=default2302 header.b=mMTWYWsi; dmarc=pass (policy=reject) header.from=iogearbox.net; spf=pass (imf29.hostedemail.com: domain of daniel@iogearbox.net designates 213.133.104.62 as permitted sender) smtp.mailfrom=daniel@iogearbox.net ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1729155570; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=KNVS107AIclv5ArrKA4z0mqtApOgznYqT/yrCS3aN4k=; b=DSmb/mm/EW0bSDNCGkm18jE1iWFtKU7LzS1BdX3i3AeDhq7jOtPvsgno0lfuQXm4WHXrSF ZUQrKpWhgmSqY9GyIVmKBoPuN6vIY6GH/RHCUFfKtlne+Vixg3cZQMifOv1y/KN20bLnyH 17WfTC0ivlr5vPgmry9CdFNMZdQG6/o= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=iogearbox.net; s=default2302; h=Content-Transfer-Encoding:Content-Type: In-Reply-To:From:References:Cc:To:Subject:MIME-Version:Date:Message-ID:Sender :Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID; bh=KNVS107AIclv5ArrKA4z0mqtApOgznYqT/yrCS3aN4k=; b=mMTWYWsi3X73s/G8EE2PdmqlpG ke5ONBNoL3uodkK6u8RiP8BR53EqpUY/SUgYPO3A/0ztO/OwKZ3TMITihPGPoUiTV9V46pc+1l1XP YFkPQg84KUuItR6kWxjYJ/XsOu/lesj8ZIk/IowpwR6RoE28NUcnOyhN7eD/MKR5ztiKvjnEnkdK9 2+Lw+DgEdf7wCRezTaFog6fc+V+vTRnW12XVhjcGvo3+2eyZfBeCUIx86phV3DZRQx3mBOkSJL73Z o5s4cJ1cSiGAyj5YHUrPWhrdknNrGCBtpmd32aYbtWmD9JmNLAdhuMsuHftTf+M1ATbvN/LYWCcf3 rK1WCUsQ==; Received: from sslproxy02.your-server.de ([78.47.166.47]) by www62.your-server.de with esmtpsa (TLS1.3) tls TLS_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1t1MM4-0004Bz-Ok; Thu, 17 Oct 2024 10:59:36 +0200 Received: from [178.197.248.44] (helo=[192.168.1.114]) by sslproxy02.your-server.de with esmtpsa (TLS1.3) tls TLS_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1t1MM3-000Cln-2j; Thu, 17 Oct 2024 10:59:35 +0200 Message-ID: <045de961-ac69-40cc-b141-ab70ec9377ec@iogearbox.net> Date: Thu, 17 Oct 2024 10:59:34 +0200 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v2 bpf] lib/buildid: handle memfd_secret() files in build_id_parse() To: Andrii Nakryiko , bpf@vger.kernel.org, ast@kernel.org, martin.lau@kernel.org Cc: linux-mm@kvack.org, linux-perf-users@vger.kernel.org, linux-fsdevel@vger.kernel.org, rppt@kernel.org, david@redhat.com, yosryahmed@google.com, shakeel.butt@linux.dev, Yi Lai , iii@linux.ibm.com, gor@linux.ibm.com, hca@linux.ibm.com References: <20241016221629.1043883-1-andrii@kernel.org> Content-Language: en-US From: Daniel Borkmann Autocrypt: addr=daniel@iogearbox.net; keydata= xsFNBGNAkI0BEADiPFmKwpD3+vG5nsOznvJgrxUPJhFE46hARXWYbCxLxpbf2nehmtgnYpAN 2HY+OJmdspBntWzGX8lnXF6eFUYLOoQpugoJHbehn9c0Dcictj8tc28MGMzxh4aK02H99KA8 VaRBIDhmR7NJxLWAg9PgneTFzl2lRnycv8vSzj35L+W6XT7wDKoV4KtMr3Szu3g68OBbp1TV HbJH8qe2rl2QKOkysTFRXgpu/haWGs1BPpzKH/ua59+lVQt3ZupePpmzBEkevJK3iwR95TYF 06Ltpw9ArW/g3KF0kFUQkGXYXe/icyzHrH1Yxqar/hsJhYImqoGRSKs1VLA5WkRI6KebfpJ+ RK7Jxrt02AxZkivjAdIifFvarPPu0ydxxDAmgCq5mYJ5I/+BY0DdCAaZezKQvKw+RUEvXmbL 94IfAwTFA1RAAuZw3Rz5SNVz7p4FzD54G4pWr3mUv7l6dV7W5DnnuohG1x6qCp+/3O619R26 1a7Zh2HlrcNZfUmUUcpaRPP7sPkBBLhJfqjUzc2oHRNpK/1mQ/+mD9CjVFNz9OAGD0xFzNUo yOFu/N8EQfYD9lwntxM0dl+QPjYsH81H6zw6ofq+jVKcEMI/JAgFMU0EnxrtQKH7WXxhO4hx 3DFM7Ui90hbExlFrXELyl/ahlll8gfrXY2cevtQsoJDvQLbv7QARAQABzSZEYW5pZWwgQm9y a21hbm4gPGRhbmllbEBpb2dlYXJib3gubmV0PsLBkQQTAQoAOxYhBCrUdtCTcZyapV2h+93z cY/jfzlXBQJjQJCNAhsDBQkHhM4ACAsJCAcNDAsKBRUKCQgLAh4BAheAAAoJEN3zcY/jfzlX dkUQAIFayRgjML1jnwKs7kvfbRxf11VI57EAG8a0IvxDlNKDcz74mH66HMyhMhPqCPBqphB5 ZUjN4N5I7iMYB/oWUeohbuudH4+v6ebzzmgx/EO+jWksP3gBPmBeeaPv7xOvN/pPDSe/0Ywp dHpl3Np2dS6uVOMnyIsvmUGyclqWpJgPoVaXrVGgyuer5RpE/a3HJWlCBvFUnk19pwDMMZ8t 0fk9O47HmGh9Ts3O8pGibfdREcPYeGGqRKRbaXvcRO1g5n5x8cmTm0sQYr2xhB01RJqWrgcj ve1TxcBG/eVMmBJefgCCkSs1suriihfjjLmJDCp9XI/FpXGiVoDS54TTQiKQinqtzP0jv+TH 1Ku+6x7EjLoLH24ISGyHRmtXJrR/1Ou22t0qhCbtcT1gKmDbTj5TcqbnNMGWhRRTxgOCYvG0 0P2U6+wNj3HFZ7DePRNQ08bM38t8MUpQw4Z2SkM+jdqrPC4f/5S8JzodCu4x80YHfcYSt+Jj ipu1Ve5/ftGlrSECvy80ZTKinwxj6lC3tei1bkI8RgWZClRnr06pirlvimJ4R0IghnvifGQb M1HwVbht8oyUEkOtUR0i0DMjk3M2NoZ0A3tTWAlAH8Y3y2H8yzRrKOsIuiyKye9pWZQbCDu4 ZDKELR2+8LUh+ja1RVLMvtFxfh07w9Ha46LmRhpCzsFNBGNAkI0BEADJh65bNBGNPLM7cFVS nYG8tqT+hIxtR4Z8HQEGseAbqNDjCpKA8wsxQIp0dpaLyvrx4TAb/vWIlLCxNu8Wv4W1JOST wI+PIUCbO/UFxRy3hTNlb3zzmeKpd0detH49bP/Ag6F7iHTwQQRwEOECKKaOH52tiJeNvvyJ pPKSKRhmUuFKMhyRVK57ryUDgowlG/SPgxK9/Jto1SHS1VfQYKhzMn4pWFu0ILEQ5x8a0RoX k9p9XkwmXRYcENhC1P3nW4q1xHHlCkiqvrjmWSbSVFYRHHkbeUbh6GYuCuhqLe6SEJtqJW2l EVhf5AOp7eguba23h82M8PC4cYFl5moLAaNcPHsdBaQZznZ6NndTtmUENPiQc2EHjHrrZI5l kRx9hvDcV3Xnk7ie0eAZDmDEbMLvI13AvjqoabONZxra5YcPqxV2Biv0OYp+OiqavBwmk48Z P63kTxLddd7qSWbAArBoOd0wxZGZ6mV8Ci/ob8tV4rLSR/UOUi+9QnkxnJor14OfYkJKxot5 hWdJ3MYXjmcHjImBWplOyRiB81JbVf567MQlanforHd1r0ITzMHYONmRghrQvzlaMQrs0V0H 5/sIufaiDh7rLeZSimeVyoFvwvQPx5sXhjViaHa+zHZExP9jhS/WWfFE881fNK9qqV8pi+li 2uov8g5yD6hh+EPH6wARAQABwsF8BBgBCgAmFiEEKtR20JNxnJqlXaH73fNxj+N/OVcFAmNA kI0CGwwFCQeEzgAACgkQ3fNxj+N/OVfFMhAA2zXBUzMLWgTm6iHKAPfz3xEmjtwCF2Qv/TT3 KqNUfU3/0VN2HjMABNZR+q3apm+jq76y0iWroTun8Lxo7g89/VDPLSCT0Nb7+VSuVR/nXfk8 R+OoXQgXFRimYMqtP+LmyYM5V0VsuSsJTSnLbJTyCJVu8lvk3T9B0BywVmSFddumv3/pLZGn 17EoKEWg4lraXjPXnV/zaaLdV5c3Olmnj8vh+14HnU5Cnw/dLS8/e8DHozkhcEftOf+puCIl Awo8txxtLq3H7KtA0c9kbSDpS+z/oT2S+WtRfucI+WN9XhvKmHkDV6+zNSH1FrZbP9FbLtoE T8qBdyk//d0GrGnOrPA3Yyka8epd/bXA0js9EuNknyNsHwaFrW4jpGAaIl62iYgb0jCtmoK/ rCsv2dqS6Hi8w0s23IGjz51cdhdHzkFwuc8/WxI1ewacNNtfGnorXMh6N0g7E/r21pPeMDFs rUD9YI1Je/WifL/HbIubHCCdK8/N7rblgUrZJMG3W+7vAvZsOh/6VTZeP4wCe7Gs/cJhE2gI DmGcR+7rQvbFQC4zQxEjo8fNaTwjpzLM9NIp4vG9SDIqAm20MXzLBAeVkofixCsosUWUODxP owLbpg7pFRJGL9YyEHpS7MGPb3jSLzucMAFXgoI8rVqoq6si2sxr2l0VsNH5o3NgoAgJNIg= In-Reply-To: <20241016221629.1043883-1-andrii@kernel.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Authenticated-Sender: daniel@iogearbox.net X-Virus-Scanned: Clear (ClamAV 0.103.10/27429/Wed Oct 16 10:34:11 2024) X-Rspam-User: X-Stat-Signature: 13q6rzqhnftoa981msxo4zw5p6pesez9 X-Rspamd-Queue-Id: 4C9C6120013 X-Rspamd-Server: rspam02 X-HE-Tag: 1729155590-829640 X-HE-Meta: U2FsdGVkX18NSclluDHJBLym9fxAeqTWI5wdD1b+cLdUdH9qtThviMBbOaVv1a3cqM1oKhZ6dSxrlprwO2/qSm799ktmoRqLz5xtVdKDjqu+CQ73i6Y4aUI7Q945XJ3p0q+Em0SFWF653QjRMy+kMNOt/0yC52OhEkCH0CZR23LXCdnLm7gpIIXfokr425BusBVbRC/1nwMxEaapE5cvkdM8qbnD0hYFe0OsjjwonUVgbY03T0sTMg8z+zbCHSA5kjRYmfnQie8YnLIReD60amZl/vJ54VkdfdbC7igH+AouUGJ5CTJhsSbYOQbHrGSkZxY7xFhuFfQiM9yyt5oSIo+9vHTBMP5QvrdQ8Li2z5aR7p11WbHBTTS/YzxvV/SoX9LHmO/mORn7T4i3MJlXXGYK3cUVphRDuC4YYtMMUQcfEXXpJUEnR3tJJuzQy67rGSv6Bx0VnN5q1yR/c6HqgR9TPev+9ovRP+99sn3UFM5RZkEUzwSnxmsxxxWCLnBLOE4v5mQ12kA/Gs2k0R1rsduf1G9DGvqtT1u6SLNm99tX8sn5f2dihZy3vZqLQWZCzy+16IkqkQ8tmbG780MXxytwNbzFN8FU868WyatLbz6gZdw6fAeIUJGMruTjHlkAOC62qfxLRRvTR7sBJHPz04PqdzZ4aREdF0NjPYXk/NA9pOwOm3qXQanZiQanInRNpiHxTFgXLMAs5V0kqz+VBaOsGvu6D9K18mEkdhNmPXQ88r9CvmgnCXNUuvDklaxS4N4FsFVC17ycK5jCnOcJJ8tbyQdvE6SJbyNsEFxTQMudPpTRoOnYb7e20S0eqH9+hV8G6Bef0lp7MS1qZKmN2T/5bPRnnILhV6YwqkFyGOU6KQKysSx90zOU1kMQqkz2XXKPXnpfXUvTlqHUVMI6OsRapiPf9DNq3w8+bUTgvRXWzcMCM6kAPWNQ8XhGRXplXBQopo4iSvZR6BxWeu1 RZQlJZsh ykFYTNkRKQ0ytyh4w27kBs5RGdNs69Q1pyWWBQtCfBAyR8U4++/00vKIjTrcCSidHAmOOqsvGV2JS3IpTofvyKeiLaKGMHInJevMybCzxbcSDPkPBoZdjxVDfiTuF2TXVPPEadVnDYCYSsC4Xa1cQdn/Qc0Fc3C7doGUIvhZlnYzPyd4eUGr8l5sxZQBOKDOJKFLeUQWJW4AWcugjs8nGvAQA6zt8sVw7mHZ32lUsIzbkO+2en+wEN59Gx0WNJxvbtcWKtr/nXtAMNeVmHvtTfTykN8bHqCl6luSK7FkLBC/jCu0WVSnoqGGnTp0GCpap7lm3thWXHoLBEjIkQZ3BfsuTUMN3yFMz6BYsGYRk21LExOe+EEzK5AtcNVZF3KnBg6kDlRsRWhxeRxCz0IaI0XyMLZJZPqVyr8MNkIrDAJwuKgDoMD6FHOBfXl7m4cDfrsYQnZuqweneadov8zN6dQ1OTlUG7qlv3delMAyWYVLGgeP68ldicx7dScOde2leBEThVLwunlepE7nX69hARwIO55ulgaRtXUoBa7fRDAnMWddurfPq8BaccQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On 10/17/24 12:16 AM, Andrii Nakryiko wrote: > From memfd_secret(2) manpage: > > The memory areas backing the file created with memfd_secret(2) are > visible only to the processes that have access to the file descriptor. > The memory region is removed from the kernel page tables and only the > page tables of the processes holding the file descriptor map the > corresponding physical memory. (Thus, the pages in the region can't be > accessed by the kernel itself, so that, for example, pointers to the > region can't be passed to system calls.) > > So folios backed by such secretmem files are not mapped into kernel > address space and shouldn't be accessed, in general. > > To make this a bit more generic of a fix and prevent regression in the > future for similar special mappings, do a generic check of whether the > folio we got is mapped with kernel_page_present(), as suggested in [1]. > This will handle secretmem, and any future special cases that use > a similar approach. > > Original report and repro can be found in [0]. > > [0] https://lore.kernel.org/bpf/ZwyG8Uro%2FSyTXAni@ly-workstation/ > [1] https://lore.kernel.org/bpf/CAJD7tkbpEMx-eC4A-z8Jm1ikrY_KJVjWO+mhhz1_fni4x+COKw@mail.gmail.com/ > > Reported-by: Yi Lai > Suggested-by: Yosry Ahmed > Fixes: de3ec364c3c3 ("lib/buildid: add single folio-based file reader abstraction") > Signed-off-by: Andrii Nakryiko > --- > lib/buildid.c | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/lib/buildid.c b/lib/buildid.c > index 290641d92ac1..90df64fd64c1 100644 > --- a/lib/buildid.c > +++ b/lib/buildid.c > @@ -5,6 +5,7 @@ > #include > #include > #include > +#include > > #define BUILD_ID 3 > > @@ -74,7 +75,9 @@ static int freader_get_folio(struct freader *r, loff_t file_off) > filemap_invalidate_unlock_shared(r->file->f_mapping); > } > > - if (IS_ERR(r->folio) || !folio_test_uptodate(r->folio)) { > + if (IS_ERR(r->folio) || > + !kernel_page_present(&r->folio->page) || > + !folio_test_uptodate(r->folio)) { BPF CI fails to build this on s390 (+ Ilya & others): [...] CC crypto/ctr.o ../lib/buildid.c: In function ‘freader_get_folio’: ../lib/buildid.c:79:14: error: implicit declaration of function ‘kernel_page_present’ [-Werror=implicit-function-declaration] 79 | !kernel_page_present(&r->folio->page) || | ^~~~~~~~~~~~~~~~~~~ CC net/sched/cls_bpf.o [...] Interestingly, the generic kernel_page_present() which returns true under !CONFIG_ARCH_HAS_SET_DIRECT_MAP is not used here since s390 selects the CONFIG_ARCH_HAS_SET_DIRECT_MAP, but does not provide an implementation of the function compared to the others which select it (x86, arm64, riscv). Relevant commit is 0490d6d7ba0a ("s390/mm: enable ARCH_HAS_SET_DIRECT_MAP"). > if (!IS_ERR(r->folio)) > folio_put(r->folio); > r->folio = NULL;