From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 362F4C3064D for ; Wed, 26 Jun 2024 16:32:09 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 89DB56B0098; Wed, 26 Jun 2024 12:32:08 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 8273F6B009A; Wed, 26 Jun 2024 12:32:08 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6A0876B009B; Wed, 26 Jun 2024 12:32:08 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 4C1286B0098 for ; Wed, 26 Jun 2024 12:32:08 -0400 (EDT) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id AC60B16146A for ; Wed, 26 Jun 2024 16:32:07 +0000 (UTC) X-FDA: 82273581894.24.4DCA47D Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by imf03.hostedemail.com (Postfix) with ESMTP id EBC2B20021 for ; Wed, 26 Jun 2024 16:32:04 +0000 (UTC) Authentication-Results: imf03.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=YHOnDj9k; spf=pass (imf03.hostedemail.com: domain of kees@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=kees@kernel.org; dmarc=pass (policy=none) header.from=kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1719419509; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=q3tSeDciB52liEj2FCFHn54LMQUmZXGbpOsAPtsxq00=; b=XyBC1PQ/Fy2V5OeqCWUcZ2AKcwofqdXX5S8JgHmkchw7Kyz0TjP82TPcvEdyNiRPhpNsfA l2tXE9Zm8ft0gZzoC+dRKU18PU3PikgB1Y2DrRhzceaqZbpofRoqF6kWxt79Ru4QYnUVkt 4KV++KQSUOJPdKuY5BqAJrbtduih2oo= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1719419509; a=rsa-sha256; cv=none; b=O7VRG5x0rdcBf1owwkxhkIJF4TKGiRwTI5teVVW2OtMh7ReXllEXqtzTBS3YrGWnV4HWhl 5jw750/DERL4FanMvWZgJE16qi3oGwZ8TZUPzagV6tAWZw6GrxjiyBKrZqA9fK2nhSe1Lr sq32zjGOrG2OW/Ge03RjMLtjwGCJZpo= ARC-Authentication-Results: i=1; imf03.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=YHOnDj9k; spf=pass (imf03.hostedemail.com: domain of kees@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=kees@kernel.org; dmarc=pass (policy=none) header.from=kernel.org Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id E063361B91; Wed, 26 Jun 2024 16:32:03 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 8C282C4AF07; Wed, 26 Jun 2024 16:32:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1719419523; bh=e9dSnv3gyT34jzaS7x7FRrYEJhqW/t6Y7NYnXnixKpI=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=YHOnDj9k+pgnfO2kP4/XKtim/z8o0crNuvjU7e6zj7GX7gF5jFNOfpqwP7SYDSGrC 10abPZkrlTFw2qz9KwUcBdBx2/bMwOk4JeidOljZllSG6UMNq257tJ/XB2GBDyHjRr MVyBz4z8vkIw26bJpv6N586B2oBVr9yFIXQ7evsa2X2YCaPqYaRwXPmVEfYWlcpBo9 5THqD01Odjl/DGLUNeVYXIjxs3vWcqcI7gzOaon8tfEJnKD+Qc5w9EeiZ9kOSSngfy 9hyNIAAXa2H9XSW0gZSx/f9wc57GW2ur4+gO8pQV0+Vlwio1uviqWlvyZsQpaTq2XQ ZyPI4msuZ1SFg== Date: Wed, 26 Jun 2024 09:32:03 -0700 From: Kees Cook To: "Liam R. Howlett" Cc: linux-mm@kvack.org, Andrew Morton , Suren Baghdasaryan , Vlastimil Babka , Lorenzo Stoakes , Matthew Wilcox , sidhartha.kumar@oracle.com, "Paul E . McKenney" , Bert Karwatzki , Jiri Olsa , linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org Subject: Re: [PATCH v2 14/15] mm/mmap: Use vms accounted pages in mmap_region() Message-ID: <202406260928.0A22BB0F0@keescook> References: <20240625191145.3382793-1-Liam.Howlett@oracle.com> <20240625191145.3382793-15-Liam.Howlett@oracle.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240625191145.3382793-15-Liam.Howlett@oracle.com> X-Rspamd-Queue-Id: EBC2B20021 X-Stat-Signature: puxcpp6c8z7i854bkpcctit9efu1zrwy X-Rspamd-Server: rspam09 X-Rspam-User: X-HE-Tag: 1719419524-437619 X-HE-Meta: U2FsdGVkX19ZPbDXhNZ34GyqK6S3kxskllOHELePjeSGBZ1rG2gu2ci64pb+zMeRmp8ktJ0ICkII5tXdLxVTlvqprHUjzFfkb3yteXfY5sZeV5RelPL27KXerAXt8ArBWYtEBA+zpWss/RDqA3P+rVzm+Y4Tk91t7vClyboYvLiBeNdVpuvE6Nj4ZBvJG/qS7R7ZpvwskrmDZo8WXM1HFHb/8YhEtKt8NbNWv7uzgQgbtDaGZ6ECtX1HmAe0MWBApwcZoBdKnYqFGhwrfp+Xoik8OhY54GvL3x+AUXDlvuVRpZgO2FKwhdXKnDRgblPC6kx6TgbCofVyZHnv8PKT3u8gxLJMdAcEB+ib7vkO4JRJ/evGTNdd5prGNleVoUc/HCGPBZ7/1nMBgkuRTkeWPcDfSLEPQQfY2Xm1m2F1V+DeqpODaC3NiPKeyIDmdj1YjfjKBHPg0zonr7qgBoII7NFOr+yjj3Iu9Lij4MgTw8Wh6KBsLWBMxcoJ/70RdFVjNy671Atq27CEIjD+sv3TWb1LoEbg0JcqJ+ivUFcbiqL5VugynEkjWlAEt+g4fRnhxJS1y6LCRogRh6i3jf2RbAPp2I11104KoPfKFRlXPucxXZMHxcxC89H7yXcwZhR8Ht2XGCGGNyXleG9S+u7QvDvzmd1E2CESqx4Hn4iUeF7gFisdDLPTk/0OH7lmZRE2TUuJxoiMpOungdEsBFFvxvZUKhlu06XuGJdy5hB80hwU8V0oHylqMu4D9tk+zAuWMO4wCnPeTG6D6w088eVotWlkx/HRzRdIkKWZwBPmoOwGuxQph/YJa2OdVMkS7q1RokjrCM6WkzzYtQ4pYuHUaczQV4V8AcmoPFAny3+r4SjznP64obNd7/sZwp8g6Bsp9FLyJltU20w0BzpABcgK8L5r1EZfXqfG33G7BG1+NXnQAZqdoX0F/UP2UQiurgCk+9wq4p2A/mm+rx2A2n4 iL9+QGSD iji7i/jlMa3/h5D3zCm15gP6vlKiyEyUoaVeYrnlhQ2ScWyklV41/KYuMCMfNtZHoKV4P66nEhiOOQ7SkZTVJWjs020RU6zaGLcpWgog7dfvWEFzIy9FTX8mf5u3ofbqV1owNI6ixOc+4+R+6fvSDHWa/Nxew6261RpNSjmAQRi7CMibJMyqIeny91JpBa4iaOaTRST+ZcxyarTtyJClB0EAhWk7XCLFMiOsB5dMb6mNs+p0639Bcqh+bJrjgFjiLK9PRsA1Jtvw90rN9PqSh+bkoyaFjlWYSB7mF1NnAa+v4vdqbQeNrNqVgj0KNFleeEz6ygCJq/fJ+Gr/mW1H4UUooxNBeTe4+tDDK X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, Jun 25, 2024 at 03:11:44PM -0400, Liam R. Howlett wrote: > From: "Liam R. Howlett" > > Change from nr_pages variable to vms.nr_accounted for the charged pages > calculation. This is necessary for a future patch. > > This also avoids checking security_vm_enough_memory_mm() if the amount > of memory won't change. Is there a reason for making this change? (I.e. why not leave off the "charged" test?) Looking at the callbacks in the LSM, only capabilities and SELinux are hooking this, and both are checking whether a process has elevated privs and are ignoring the "pages" argument entirely, so I'm not sure it's safe to change the logic for whether to make the call based on an unused argument (i.e. the LSM may want to _always_ know about this). On the other hand, it looks like it's purely an accounting issue, and if the page count didn't change, there's no reason to bother calling into all this to make no changes to the accounting. I've added the LSM list to CC... -Kees > > Signed-off-by: Liam R. Howlett > Cc: Kees Cook > --- > mm/mmap.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git a/mm/mmap.c b/mm/mmap.c > index f3edabf83975..adb0bb5ea344 100644 > --- a/mm/mmap.c > +++ b/mm/mmap.c > @@ -2970,6 +2970,7 @@ unsigned long mmap_region(struct file *file, unsigned long addr, > } else { > /* Minimal setup of vms */ > vms.nr_pages = 0; > + vms.nr_accounted = 0; > next = vma_next(&vmi); > prev = vma_prev(&vmi); > if (prev) > @@ -2981,9 +2982,10 @@ unsigned long mmap_region(struct file *file, unsigned long addr, > */ > if (accountable_mapping(file, vm_flags)) { > charged = pglen; > - charged -= nr_accounted; > - if (security_vm_enough_memory_mm(mm, charged)) > + charged -= vms.nr_accounted; > + if (charged && security_vm_enough_memory_mm(mm, charged)) > goto abort_munmap; > + > vms.nr_accounted = 0; > vm_flags |= VM_ACCOUNT; > } > -- > 2.43.0 > -- Kees Cook