From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 29020C4167B for ; Thu, 7 Dec 2023 22:16:18 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id AD89C6B00CD; Thu, 7 Dec 2023 17:16:17 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id A85C46B00F1; Thu, 7 Dec 2023 17:16:17 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 927BA6B00F0; Thu, 7 Dec 2023 17:16:17 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 7FA886B00CD for ; Thu, 7 Dec 2023 17:16:17 -0500 (EST) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 584601C085B for ; Thu, 7 Dec 2023 22:16:17 +0000 (UTC) X-FDA: 81541431594.24.C08EFC3 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by imf04.hostedemail.com (Postfix) with ESMTP id 86BFB40004 for ; Thu, 7 Dec 2023 22:16:15 +0000 (UTC) Authentication-Results: imf04.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=korg header.b=w1TmOPVt; dmarc=none; spf=pass (imf04.hostedemail.com: domain of akpm@linux-foundation.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=akpm@linux-foundation.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1701987375; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=HfP+Faeg4dTuIwyhA48kC+lPfZX3Rqe0EUe4Rcmak8Y=; b=nP3TOhho+YCMlXi+ijb2xg4KcjG/0IdgNZBtf2bUFRkbqxw9Qtmv6NJXs2dyvzHOn7iGM4 gCgoidyO7YpvtOq14hU3l9tuNMODTQqMVCagvRv8gd4AyZmbYwVqz6EnrSleNNrST2+2NR q08e8xZjMgYFBsWqo1V3HCNSx9JaBQc= ARC-Authentication-Results: i=1; imf04.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=korg header.b=w1TmOPVt; dmarc=none; spf=pass (imf04.hostedemail.com: domain of akpm@linux-foundation.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=akpm@linux-foundation.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1701987375; a=rsa-sha256; cv=none; b=bGlY4FzqGgFUXR6/dHR2zHdot6OqC6gGiIYWxbyIuxDfXjmSawIk1GpYcKiNjRAdG9sAXA SajCaXN2hI2zgb2D+x98Chg4luHGuNIhg/DdFigAeQpNUe2maTfpWlM80Zn7D0rTKM3r5I QLVNOkWwgCChXTXmdjuX6niQBS5XfgA= Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id 9A7B562216; Thu, 7 Dec 2023 22:16:14 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 079EEC433C8; Thu, 7 Dec 2023 22:16:14 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux-foundation.org; s=korg; t=1701987374; bh=x7Msa5KxC6fbX8OfKRbGiVYjEzRJe99UMLXIj//PDWA=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=w1TmOPVtLT1TocjllBEAoMPYQ74MWKK1qNLt8wUzsWr+chGw+wlzMZjEOIUHXoEc2 j0XkFEYhmvPO1hu1MP9vWZxn7dGwnTMMNODANMWDlzio5nbvTdYCrleum567mJqxGT V1mpKJtWGHDB3ZEDkfeCpAzjhxepJHkc1/T1LaPM= Date: Thu, 7 Dec 2023 14:16:13 -0800 From: Andrew Morton To: Kefeng Wang Cc: , , , , , , Ondrej Mosnacek Subject: Re: [PATCH] mm: fix VMA heap bounds checking Message-Id: <20231207141613.1d7d59d8c151729e25be53fa@linux-foundation.org> In-Reply-To: <20231207152525.2607420-1-wangkefeng.wang@huawei.com> References: <20231207152525.2607420-1-wangkefeng.wang@huawei.com> X-Mailer: Sylpheed 3.8.0beta1 (GTK+ 2.24.33; x86_64-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: 86BFB40004 X-Stat-Signature: meyi94scnum31x4k3enjg8iyfycsh9x4 X-Rspam-User: X-HE-Tag: 1701987375-136359 X-HE-Meta: U2FsdGVkX19tDzrjBEO3XW/YrCkHxpCfTynX5oWIZdBtGF8mwrUuSb/a2fhNDor4ynKSqfgCaJiOfftx3zwUSw+owuuFa/iL3h8s6fknTla1+/fDsnpa8IGMe8oMnCEHrDrmG+qweKTB0MCr1yhuCgGFXW4Db+jl943sxtCe7rUPCGU+X+Sr5nhuvkl8cbsIUiLVJvSQi9UjwrllCgzOJBoKNGQe/s/pgjsgrktOECNJQsZ82fGr/Ybb882QWDXqPyDtABFhHGiVpQbB6QLDZzGSCsM/WFqwAjBnC5XN3ATzbKddN4WtINNRGbjhLP8j8tN2XI73HZo2+Z3Zh1UwrnvUcWXuTZ8pqrf02h/qcRm2Y3cJFn/MAz3wvZPKVR2CjxFsxpq/giR0ElGcmfLP+vfcaXuSgmPb21Dv1B2+zu+qgCJfCBEbvkuAFm+zK/aamwhR11coNHXUqtYzlPL3pzLEGFYdB7/JaIIUB80W9cPpyqin1hv+PYXx7XFyyuK3DfjKQ2QNt6pdweMzIC5ldTPS5biKk3ZdrL+tfNBjawDTSv6pEeiwLDgVevp4P9blLoF0Php4iiEdViRVgyLHyAPW8xfGpWifi3Uwig9hHvFMjs3cg2E/S6KjotdySwNKtkw3CpXPUzD87CnC90q5soSqHMsVpzA6FKxwP1qpuCZnbC3yvg+OYgxIOAFpX3QeGVIVnbd42YUpk90pK/QYHlHfoWcEeL7uk9M98PokBXeFNbDgi1hRqg37VkD1z3f1tqD8VSxsXzphHGcA0exgnGKAOstBsAPMH/ksDBeLbEoenarYXGhG4Fq2hkZVMe+un7jJQRASgy1qoIWU67KraNC5/1fxpWlmwvoVOsHXq/AEghLuYEAWQOjcR0N6v45Y89wtcYoJBt3qRFQkLn26ik4c3cvatS7tfWoDn195E+OxM31oMqgReY7whbIFUZFqdJtDNEWxlU8FB3UU/Mj SOVrLYDm 3G2NRKZrLSiB3eDbXnEoqVgtNTUkyJ2j26Y0gV0xRx6L3Qb6yo/Zp5G/WjVbpTIcX0TCsLyn/91chANMxSaiafJ6rgIZz8UEmL0p9ELD9h+Ms2MgqD5QnZYtO9PohyvL4CVwDAQz1O2Pk7y7OfhSjtsZSSfgHq8cMWzOH58W19KLH6xK2Njb8BCdH9/+dFfDaJg4DPCKaLauQSdlWMyU8YEBmQ9gf1xbMOKXc53CH78a8dn9pFFU8Vsfso4jPJHHOQE9HrOTCrgJ2G+lYefSX2dc/I6erlC3UZE4D+3oXXmBcVHUY1h/cxAAdmsufy+HqfJ1oA9dsF95sVoazMWS481qgBgJXdtxiD6UePLsGYwC3Hxgr7tjwEiz0O3OiD4ywYP+u756vTc0QPz1lVAVLknl/dCmVUWbVyupZWEEHe/KH6iI= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Thu, 7 Dec 2023 23:25:25 +0800 Kefeng Wang wrote: > After selinux converting to VMA heap check helper, the gcl triggers > an execheap SELinux denial, which caused by different check logical. > > The old from selinux only check VMA range within VMA heap range, and > the new will check the intersects between the two ranges, but the corner > cases(vm_end=start_brk, brk=vm_start) doesn't be handled correctly. > > Since commit 11250fd12eb8 ("mm: factor out VMA stack and heap checks") > only a function extraction, it seems that the issue introduced from > commit 0db0c01b53a1 ("procfs: fix /proc//maps heap check"), let's > fix above corner cases, meanwhile, corrent the wrong indentation of the > stack and heap check helpers. > > Reported-and-tested-by: Ondrej Mosnacek > Closes: https://lore.kernel.org/selinux/CAFqZXNv0SVT0fkOK6neP9AXbj3nxJ61JAY4+zJzvxqJaeuhbFw@mail.gmail.com/ > Fixes: 0db0c01b53a1 ("procfs: fix /proc//maps heap check") I suggest this should be Fixes: 11250fd12eb8 ("mm: factor out VMA stack and heap checks"). Sure, 0db0c01b53a1 may have been wrong, but is there any point in suggesting to people that they backport this fix over 12 years worth of kernels? Or is it the case that only kernels which contain 11250fd12eb8 need this change?