From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-19.1 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,NICE_REPLY_A, SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id D9731C433EF for ; Thu, 16 Sep 2021 12:34:41 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 64CA960F46 for ; Thu, 16 Sep 2021 12:34:41 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 64CA960F46 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=redhat.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=kvack.org Received: by kanga.kvack.org (Postfix) id C14496B0071; Thu, 16 Sep 2021 08:34:40 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id BC3C16B0072; Thu, 16 Sep 2021 08:34:40 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A8BCC900002; Thu, 16 Sep 2021 08:34:40 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0053.hostedemail.com [216.40.44.53]) by kanga.kvack.org (Postfix) with ESMTP id 9C5C66B0071 for ; Thu, 16 Sep 2021 08:34:40 -0400 (EDT) Received: from smtpin19.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay01.hostedemail.com (Postfix) with ESMTP id 624E6181CB2BE for ; Thu, 16 Sep 2021 12:34:40 +0000 (UTC) X-FDA: 78593380320.19.18A390A Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by imf22.hostedemail.com (Postfix) with ESMTP id F26811907 for ; Thu, 16 Sep 2021 12:34:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1631795679; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=QBEXhQstDZeoxkdAnZ7Rzjw92i2hvLl2G4CneC318UI=; b=dkgyXeqfezQdyjaMW0IoxKchlEh8CetnyMOfZ0DCJh+SSc8C6SwtUERwfNJPvmYmkzBX6U aOt8+DupinyaWXCqEpiosV/nWs6JDyIsAd2qbFeWTMAcx1adLXlnO+NuWNG+ImbpCx/HIh JSBsVH+yp/wXZZzoGd8n4LAJ4IoT0QY= Received: from mail-wr1-f72.google.com (mail-wr1-f72.google.com [209.85.221.72]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-304-SBDjxQlnPl-A2jHiVnO8KA-1; Thu, 16 Sep 2021 08:34:38 -0400 X-MC-Unique: SBDjxQlnPl-A2jHiVnO8KA-1 Received: by mail-wr1-f72.google.com with SMTP id r5-20020adfb1c5000000b0015cddb7216fso2383734wra.3 for ; Thu, 16 Sep 2021 05:34:38 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:subject:to:cc:references:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=QBEXhQstDZeoxkdAnZ7Rzjw92i2hvLl2G4CneC318UI=; b=rUeHmeT6hBs2/V5bXU86mL4oluUeUF2GeVbjTmAPTb4hCIw3r6Zuj4LT5VvBqfxC6E qSH+NBGic751LqgPZKYlPMJrchLQZQiPAeG2Z6PNVKtVmC9Awq2SINI5GJDctCtYE721 H9Lfb7WeEl0DkpIkMWPhd2/FSVBpiUAh14emOqmMdf7mY38YG3mhzZMR2nKSu6pE/VWB Oi4KKmPgThWLp0AtD0id2V2Ey+Rjl9fgEjYvNdC48pI0ZbnIDclcuNc2iVjt7sfJ3mmv 5dCVQTvD7dBUdhC5kVAI8fGL3Y2D3qYOrtWJ6c+YBPmfLyO/1LC6tu6uZTWDTNqdGs7f I3iQ== X-Gm-Message-State: AOAM5327G3a8zPmuHe14pBq0Kbvisl36KGRd/QnA0nkSlRDHcDo1qVoB SqebX4ZFsZJb/O3lcCuNy6YHI/3FjvLRaBpW5Y45+URkRyiwrQSz/F2tQbtaV+EW2gq9PWdji7e EW98Wqq66ehc= X-Received: by 2002:a5d:4f06:: with SMTP id c6mr5768922wru.384.1631795677057; Thu, 16 Sep 2021 05:34:37 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyd9qXwCe/AwFnN4AbE+vl3QXTc93BU5KiifDyUbnaB/v+81RmlPDaiWycLEWVg1KVu3RPb1A== X-Received: by 2002:a5d:4f06:: with SMTP id c6mr5768902wru.384.1631795676788; Thu, 16 Sep 2021 05:34:36 -0700 (PDT) Received: from [192.168.3.132] (p4ff23828.dip0.t-ipconnect.de. [79.242.56.40]) by smtp.gmail.com with ESMTPSA id g9sm7901665wmg.21.2021.09.16.05.34.36 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 16 Sep 2021 05:34:36 -0700 (PDT) Subject: Re: [PATCH] mm/vmalloc: Don't allow VM_NO_GUARD on vmap() To: Peter Zijlstra , Andrew Morton , Christoph Hellwig , Will Deacon Cc: andreyknvl@gmail.com, linux-kernel@vger.kernel.org, linux-mm@kvack.org, Mel Gorman , keescook@chromium.org References: From: David Hildenbrand Organization: Red Hat Message-ID: <9fead1ff-868c-bddd-326b-a5b3eeeb9faf@redhat.com> Date: Thu, 16 Sep 2021 14:34:35 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 MIME-Version: 1.0 In-Reply-To: X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Authentication-Results: imf22.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=dkgyXeqf; spf=none (imf22.hostedemail.com: domain of david@redhat.com has no SPF policy when checking 170.10.133.124) smtp.mailfrom=david@redhat.com; dmarc=pass (policy=none) header.from=redhat.com X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: F26811907 X-Stat-Signature: y538nfmo7khkckygaj5xk4z36nwoqt8c X-HE-Tag: 1631795679-81556 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 16.09.21 12:41, Peter Zijlstra wrote: > > The vmalloc guard pages are added on top of each allocation, thereby > isolating any two allocations from one another. The top guard of the > lower allocation is the bottom guard guard of the higher allocation > etc. > > Therefore VM_NO_GUARD is dangerous; it breaks the basic premise of > isolating separate allocations. > > There are only two in-tree users of this flag, neither of which use it > through the exported interface. Ensure it stays this way. > > Signed-off-by: Peter Zijlstra (Intel) > --- > include/linux/vmalloc.h | 2 +- > mm/vmalloc.c | 7 +++++++ > 2 files changed, 8 insertions(+), 1 deletion(-) > > diff --git a/include/linux/vmalloc.h b/include/linux/vmalloc.h > index 671d402c3778..10e9571ff0b2 100644 > --- a/include/linux/vmalloc.h > +++ b/include/linux/vmalloc.h > @@ -22,7 +22,7 @@ struct notifier_block; /* in notifier.h */ > #define VM_USERMAP 0x00000008 /* suitable for remap_vmalloc_range */ > #define VM_DMA_COHERENT 0x00000010 /* dma_alloc_coherent */ > #define VM_UNINITIALIZED 0x00000020 /* vm_struct is not fully initialized */ > -#define VM_NO_GUARD 0x00000040 /* don't add guard page */ > +#define VM_NO_GUARD 0x00000040 /* ***DANGEROUS*** don't add guard page */ > #define VM_KASAN 0x00000080 /* has allocated kasan shadow memory */ > #define VM_FLUSH_RESET_PERMS 0x00000100 /* reset direct map and flush TLB on unmap, can't be freed in atomic context */ > #define VM_MAP_PUT_PAGES 0x00000200 /* put pages and free array in vfree */ > diff --git a/mm/vmalloc.c b/mm/vmalloc.c > index d77830ff604c..01927ebea267 100644 > --- a/mm/vmalloc.c > +++ b/mm/vmalloc.c > @@ -2743,6 +2743,13 @@ void *vmap(struct page **pages, unsigned int count, > > might_sleep(); > > + /* > + * Your top guard is someone else's bottom guard. Not having a top > + * guard compromises someone else's mappings too. > + */ > + if (WARN_ON_ONCE(flags & VM_NO_GUARD)) > + flags &= ~VM_NO_GUARD; > + > if (count > totalram_pages()) > return NULL; > > Reviewed-by: David Hildenbrand -- Thanks, David / dhildenb