From: Peter Xu <peterx@redhat.com>
To: linux-mm@kvack.org, linux-kernel@vger.kernel.org
Cc: peterx@redhat.com, Mike Kravetz <mike.kravetz@oracle.com>,
Andrew Morton <akpm@linux-foundation.org>,
Andrea Arcangeli <aarcange@redhat.com>,
Mike Rapoport <rppt@linux.vnet.ibm.com>,
Axel Rasmussen <axelrasmussen@google.com>,
Nadav Amit <nadav.amit@gmail.com>,
Leonardo Bras Soares Passos <lsoaresp@redhat.com>,
David Hildenbrand <david@redhat.com>,
linux-stable <stable@vger.kernel.org>
Subject: [PATCH 01/29] Revert "userfaultfd: don't fail on unrecognized features"
Date: Thu, 30 Mar 2023 11:56:39 -0400 [thread overview]
Message-ID: <20230330155707.3106228-2-peterx@redhat.com> (raw)
In-Reply-To: <20230330155707.3106228-1-peterx@redhat.com>
This is a proposal to revert commit 914eedcb9ba0ff53c33808.
I found this when writting a simple UFFDIO_API test to be the first unit
test in this set. Two things breaks with the commit:
- UFFDIO_API check was lost and missing. According to man page, the
kernel should reject ioctl(UFFDIO_API) if uffdio_api.api != 0xaa. This
check is needed if the api version will be extended in the future, or
user app won't be able to identify which is a new kernel.
- Feature flags checks were removed, which means UFFDIO_API with a
feature that does not exist will also succeed. According to the man
page, we should (and it makes sense) to reject ioctl(UFFDIO_API) if
unknown features passed in.
Link: https://lore.kernel.org/r/20220722201513.1624158-1-axelrasmussen@google.com
Cc: Axel Rasmussen <axelrasmussen@google.com>
Cc: linux-stable <stable@vger.kernel.org>
Signed-off-by: Peter Xu <peterx@redhat.com>
---
fs/userfaultfd.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/fs/userfaultfd.c b/fs/userfaultfd.c
index 8395605790f6..3b2a41c330e6 100644
--- a/fs/userfaultfd.c
+++ b/fs/userfaultfd.c
@@ -1977,8 +1977,10 @@ static int userfaultfd_api(struct userfaultfd_ctx *ctx,
ret = -EFAULT;
if (copy_from_user(&uffdio_api, buf, sizeof(uffdio_api)))
goto out;
- /* Ignore unsupported features (userspace built against newer kernel) */
- features = uffdio_api.features & UFFD_API_FEATURES;
+ features = uffdio_api.features;
+ ret = -EINVAL;
+ if (uffdio_api.api != UFFD_API || (features & ~UFFD_API_FEATURES))
+ goto err_out;
ret = -EPERM;
if ((features & UFFD_FEATURE_EVENT_FORK) && !capable(CAP_SYS_PTRACE))
goto err_out;
--
2.39.1
next prev parent reply other threads:[~2023-03-30 15:57 UTC|newest]
Thread overview: 97+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-30 15:56 [PATCH 00/29] selftests/mm: Split / Refactor userfault test Peter Xu
2023-03-30 15:56 ` Peter Xu [this message]
2023-03-30 18:31 ` [PATCH 01/29] Revert "userfaultfd: don't fail on unrecognized features" David Hildenbrand
2023-03-30 22:22 ` Peter Xu
2023-03-30 19:04 ` Axel Rasmussen
2023-03-30 22:27 ` Peter Xu
2023-03-31 16:52 ` Axel Rasmussen
2023-03-31 18:08 ` Dmitry Safonov
2023-03-31 20:04 ` Axel Rasmussen
2023-04-03 7:48 ` David Hildenbrand
2023-03-30 16:06 ` [PATCH 02/29] selftests/mm: Update .gitignore with two missing tests Peter Xu
2023-04-03 7:48 ` David Hildenbrand
2023-04-07 9:09 ` Mike Rapoport
2023-03-30 16:06 ` [PATCH 03/29] selftests/mm: Dump a summary in run_vmtests.sh Peter Xu
2023-03-30 19:07 ` Axel Rasmussen
2023-03-30 22:28 ` Peter Xu
2023-04-03 7:49 ` David Hildenbrand
2023-04-07 9:15 ` Mike Rapoport
2023-03-30 16:06 ` [PATCH 04/29] selftests/mm: Merge util.h into vm_util.h Peter Xu
2023-03-30 19:14 ` Axel Rasmussen
2023-04-03 7:50 ` David Hildenbrand
2023-04-07 9:18 ` Mike Rapoport
2023-03-30 16:06 ` [PATCH 05/29] selftests/mm: Use TEST_GEN_PROGS where proper Peter Xu
2023-04-03 7:52 ` David Hildenbrand
2023-04-07 9:22 ` Mike Rapoport
2023-03-30 16:07 ` [PATCH 06/29] selftests/mm: Link vm_util.c always Peter Xu
2023-04-03 7:52 ` David Hildenbrand
2023-04-07 9:23 ` Mike Rapoport
2023-03-30 16:07 ` [PATCH 07/29] selftests/mm: Merge default_huge_page_size() into one Peter Xu
2023-03-30 20:30 ` Axel Rasmussen
2023-03-31 18:15 ` Mike Kravetz
2023-04-03 15:16 ` Peter Xu
2023-04-03 7:53 ` David Hildenbrand
2023-04-07 9:24 ` Mike Rapoport
2023-03-30 16:07 ` [PATCH 08/29] selftests/mm: Use PM_* macros in vm_utils.h Peter Xu
2023-03-31 18:24 ` Mike Kravetz
2023-04-03 7:53 ` David Hildenbrand
2023-04-07 9:28 ` Mike Rapoport
2023-03-30 16:07 ` [PATCH 09/29] selftests/mm: Reuse pagemap_get_entry() in vm_util.h Peter Xu
2023-03-30 21:08 ` Axel Rasmussen
2023-03-31 18:27 ` Mike Kravetz
2023-04-03 7:54 ` David Hildenbrand
2023-04-07 9:32 ` Mike Rapoport
2023-03-30 16:07 ` [PATCH 10/29] selftests/mm: Test UFFDIO_ZEROPAGE only when !hugetlb Peter Xu
2023-03-31 18:37 ` Mike Kravetz
2023-04-01 1:57 ` Axel Rasmussen
2023-04-03 7:55 ` David Hildenbrand
2023-04-03 16:10 ` Peter Xu
2023-04-07 9:42 ` Mike Rapoport
2023-04-11 19:03 ` Peter Xu
2023-03-30 16:07 ` [PATCH 11/29] selftests/mm: Drop test_uffdio_zeropage_eexist Peter Xu
2023-04-01 0:03 ` Mike Kravetz
2023-04-03 16:16 ` Peter Xu
2023-04-03 7:56 ` David Hildenbrand
2023-04-07 9:48 ` Mike Rapoport
2023-03-30 16:07 ` [PATCH 12/29] selftests/mm: Create uffd-common.[ch] Peter Xu
2023-04-07 10:10 ` Mike Rapoport
2023-03-30 16:07 ` [PATCH 13/29] selftests/mm: Split uffd tests into uffd-stress and uffd-unit-tests Peter Xu
2023-04-07 11:02 ` Mike Rapoport
2023-03-30 16:07 ` [PATCH 14/29] selftests/mm: uffd_[un]register() Peter Xu
2023-04-05 19:12 ` Peter Xu
2023-04-07 11:08 ` Mike Rapoport
2023-04-11 19:13 ` Peter Xu
2023-04-12 16:42 ` Mike Rapoport
2023-03-30 16:07 ` [PATCH 15/29] selftests/mm: uffd_open_{dev|sys}() Peter Xu
2023-04-03 8:00 ` David Hildenbrand
2023-04-07 11:11 ` Mike Rapoport
2023-03-30 16:07 ` [PATCH 16/29] selftests/mm: UFFDIO_API test Peter Xu
2023-04-03 7:59 ` David Hildenbrand
2023-04-03 16:43 ` Peter Xu
2023-04-03 19:06 ` David Hildenbrand
2023-04-03 20:24 ` Peter Xu
2023-04-04 12:48 ` David Hildenbrand
2023-04-05 16:21 ` Peter Xu
2023-03-30 16:08 ` [PATCH 17/29] selftests/mm: Drop global mem_fd in uffd tests Peter Xu
2023-04-11 10:39 ` Mike Rapoport
2023-03-30 16:08 ` [PATCH 18/29] selftests/mm: Drop global hpage_size " Peter Xu
2023-04-11 10:41 ` Mike Rapoport
2023-03-30 16:08 ` [PATCH 19/29] selftests/mm: Let uffd_handle_page_fault() takes wp parameter Peter Xu
2023-04-11 10:52 ` Mike Rapoport
2023-04-11 19:36 ` Peter Xu
2023-03-30 16:08 ` [PATCH 20/29] selftests/mm: Allow allocate_area() to fail properly Peter Xu
2023-04-11 11:02 ` Mike Rapoport
2023-04-11 19:42 ` Peter Xu
2023-03-30 16:08 ` [PATCH 21/29] selftests/mm: Add framework for uffd-unit-test Peter Xu
2023-04-11 11:09 ` Mike Rapoport
2023-04-11 20:09 ` Peter Xu
2023-03-30 16:08 ` [PATCH 22/29] selftests/mm: Move uffd pagemap test to unit test Peter Xu
2023-04-11 12:41 ` Mike Rapoport
2023-03-30 16:08 ` [PATCH 23/29] selftests/mm: Move uffd minor " Peter Xu
2023-03-30 16:08 ` [PATCH 24/29] selftests/mm: Move uffd sig/events tests into uffd unit tests Peter Xu
2023-03-30 16:08 ` [PATCH 25/29] selftests/mm: Move zeropage test " Peter Xu
2023-03-30 16:08 ` [PATCH 26/29] selftests/mm: Workaround no way to detect uffd-minor + wp Peter Xu
2023-03-30 16:08 ` [PATCH 27/29] selftests/mm: Allow uffd test to skip properly with no privilege Peter Xu
2023-03-30 16:08 ` [PATCH 28/29] selftests/mm: Drop sys/dev test in uffd-stress test Peter Xu
2023-03-30 16:08 ` [PATCH 29/29] selftests/mm: Add shmem-private test to uffd-stress Peter Xu
2023-03-31 16:47 ` [PATCH 00/29] selftests/mm: Split / Refactor userfault test Peter Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230330155707.3106228-2-peterx@redhat.com \
--to=peterx@redhat.com \
--cc=aarcange@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=axelrasmussen@google.com \
--cc=david@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=lsoaresp@redhat.com \
--cc=mike.kravetz@oracle.com \
--cc=nadav.amit@gmail.com \
--cc=rppt@linux.vnet.ibm.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox