From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 451C3ECAAD8
	for <linux-mm@archiver.kernel.org>; Fri, 16 Sep 2022 14:42:11 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id A360A940007; Fri, 16 Sep 2022 10:42:10 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 9E57E8D0002; Fri, 16 Sep 2022 10:42:10 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 8861D940007; Fri, 16 Sep 2022 10:42:10 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15])
	by kanga.kvack.org (Postfix) with ESMTP id 75F9E8D0002
	for <linux-mm@kvack.org>; Fri, 16 Sep 2022 10:42:10 -0400 (EDT)
Received: from smtpin12.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay03.hostedemail.com (Postfix) with ESMTP id 51201A0F49
	for <linux-mm@kvack.org>; Fri, 16 Sep 2022 14:42:10 +0000 (UTC)
X-FDA: 79918213620.12.6DCF851
Received: from mail-pg1-f177.google.com (mail-pg1-f177.google.com [209.85.215.177])
	by imf14.hostedemail.com (Postfix) with ESMTP id 09FC81000B7
	for <linux-mm@kvack.org>; Fri, 16 Sep 2022 14:42:09 +0000 (UTC)
Received: by mail-pg1-f177.google.com with SMTP id c24so20539709pgg.11
        for <linux-mm@kvack.org>; Fri, 16 Sep 2022 07:42:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=chromium.org; s=google;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:from:to:cc:subject:date;
        bh=3MwE9yy+xvQ6YMifVFw1MxrFUktO0vkQ21u8qv9Eixs=;
        b=Q4DwCSVWYGFmJ0ItKAwAYy9VKUsjGSIwR5niR3FOB9JjkFNN0Iue/YuAP3yGjViHUt
         1Zk+zqitOyggeaKPzwRCSKPiyuEy4Y9WFHAGFAG+y28LOrVUE5clSpoBtSj6EG58OgbZ
         WUV0nCZl4XXRDOy8X1A37Pyw8ZILhB8p4o1kQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date;
        bh=3MwE9yy+xvQ6YMifVFw1MxrFUktO0vkQ21u8qv9Eixs=;
        b=iotVrV3geXOMToKJsEKjoqr1vIQz8pekIxikaCIDSZLxV+o0FIsbBIAiozTm9Yfdf6
         D6JAE8FZLypSS+EDMYSn71hA4rID0TUW+vaPy5T74Cu9M6phAV5QA8YHDi3qD5VRZAgr
         WIW0Zo0FXJbuiuJGNH5oaYU96yJ2CanIoGM3c0KjeVl6EjIu0nfeV1p4mkQf0Terj8m0
         OxpNRdjQZjRcfz9uKRvzh8DA2UjL1PRw6kaj39B/r+y/j1jUNRIxaLp1wZZSgBz/oVhh
         53Wcj/XhedixhBy2maokEb8ySHehMHX3eHn3pCo/Pb+uBGRmR1kIyhjQIxTuDKoH4ikW
         HcvQ==
X-Gm-Message-State: ACrzQf37WcB9nweTrxdH50Cs1TzPoPbgLDHVj2umSHG0G6ns7e3bJv7V
	w5CobwdkEr0qdf008WftwVC/gA==
X-Google-Smtp-Source: AMsMyM4QP+rirUQwvr6OtppnyGLUtJRegu5oUbnCRc+IbXROCC/lOZMejjBaQC/kld+F5Hiy3CGRFw==
X-Received: by 2002:a65:42c8:0:b0:41a:8138:f47f with SMTP id l8-20020a6542c8000000b0041a8138f47fmr4902124pgp.476.1663339329022;
        Fri, 16 Sep 2022 07:42:09 -0700 (PDT)
Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163])
        by smtp.gmail.com with ESMTPSA id c200-20020a621cd1000000b00541469775fesm14384322pfc.138.2022.09.16.07.42.08
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 16 Sep 2022 07:42:08 -0700 (PDT)
Date: Fri, 16 Sep 2022 07:42:07 -0700
From: Kees Cook <keescook@chromium.org>
To: Matthew Wilcox <willy@infradead.org>
Cc: Yu Zhao <yuzhao@google.com>, Andrew Morton <akpm@linux-foundation.org>,
	dev@der-flo.net, Linux-MM <linux-mm@kvack.org>,
	Uladzislau Rezki <urezki@gmail.com>, bugzilla-daemon@kernel.org
Subject: Re: [Bug 216489] New: Machine freezes due to memory lock
Message-ID: <202209160739.ADFB98C3@keescook>
References: <bug-216489-27@https.bugzilla.kernel.org/>
 <20220915133931.ee0a6c8a86c59a144828eb60@linux-foundation.org>
 <YyOqSWAmAFxx8RCt@casper.infradead.org>
 <CAOUHufZMpiuzWH7EqqDkr07iP+f80w99fQVRgiuZfc6jtsUJzA@mail.gmail.com>
 <YyQ2CSdIJdvQPSPO@casper.infradead.org>
 <202209160230.CE9E0E51@keescook>
 <YySE6VV23JkwonyQ@casper.infradead.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <YySE6VV23JkwonyQ@casper.infradead.org>
ARC-Authentication-Results: i=1;
	imf14.hostedemail.com;
	dkim=pass header.d=chromium.org header.s=google header.b=Q4DwCSVW;
	spf=pass (imf14.hostedemail.com: domain of keescook@chromium.org designates 209.85.215.177 as permitted sender) smtp.mailfrom=keescook@chromium.org;
	dmarc=pass (policy=none) header.from=chromium.org
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1663339330; a=rsa-sha256;
	cv=none;
	b=k5qXAieNUlM+bs5xTZEBkZKWHSsKc79CJK0oxUHWYAORAhMQXuz3pLa2M9GUD/PoOWhS6u
	kPikIXmeijMLs6HNS+1DPyOk5o46GegXM52Uvh7UVAgLgnvD2GcWL4i+cEoQ9UjRV/+Vnn
	ueXDZ73X4WiUoCbOo28luB/xLbCXvA0=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1663339330;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=3MwE9yy+xvQ6YMifVFw1MxrFUktO0vkQ21u8qv9Eixs=;
	b=HvNqsrvEPAk7NqJgDlEVno16Wxo5wA+eE8LuvurLm7omRWq6+V+Je9G5Dx8LmB4N/Ir3YF
	0Z/efPhAp02f+Dih/Ks1i51/5BHtcr8bdQBB0U97AyCO0KPlvQCWO0i6+agPFFEewV+/1L
	EGQPLm66qpntIaw6LFiutISqHbk1Yac=
Authentication-Results: imf14.hostedemail.com;
	dkim=pass header.d=chromium.org header.s=google header.b=Q4DwCSVW;
	spf=pass (imf14.hostedemail.com: domain of keescook@chromium.org designates 209.85.215.177 as permitted sender) smtp.mailfrom=keescook@chromium.org;
	dmarc=pass (policy=none) header.from=chromium.org
X-Rspamd-Server: rspam05
X-Rspamd-Queue-Id: 09FC81000B7
X-Stat-Signature: 5o5h48jiry7qcfy5cmpezonxexyi6hp7
X-Rspam-User: 
X-HE-Tag: 1663339329-834129
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Fri, Sep 16, 2022 at 03:15:05PM +0100, Matthew Wilcox wrote:
> Right, and Ulad is right about it beig callable from any context.  I think
> the longterm solution is to make the vmap_area_root tree walkable under
> RCU protection.

Agreed, I've updated my proposed patch.

> For now, let's have a distinct return code (ERR_PTR(-EAGAIN), perhaps?) to
> indicate that we've hit contention.  It generally won't matter if we
> hit it in process context because hardening doesn't have to be 100%
> reliable to be useful.

Right, as I note in the series[1], hardening shouldn't be getting called
_at all_ in this path. :P

-Kees

[1] https://lore.kernel.org/linux-hardening/20220916135953.1320601-1-keescook@chromium.org/

-- 
Kees Cook