From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6FCADC77B75 for ; Mon, 15 May 2023 16:36:40 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id EE440900003; Mon, 15 May 2023 12:36:39 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id E93B7900002; Mon, 15 May 2023 12:36:39 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D5AEB900003; Mon, 15 May 2023 12:36:39 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id C4E84900002 for ; Mon, 15 May 2023 12:36:39 -0400 (EDT) Received: from smtpin06.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 87111A0F8C for ; Mon, 15 May 2023 16:36:39 +0000 (UTC) X-FDA: 80793042918.06.11D924C Received: from mail-qt1-f175.google.com (mail-qt1-f175.google.com [209.85.160.175]) by imf25.hostedemail.com (Postfix) with ESMTP id C63BEA0018 for ; Mon, 15 May 2023 16:36:37 +0000 (UTC) Authentication-Results: imf25.hostedemail.com; dkim=pass header.d=soleen.com header.s=google header.b=cq9cTG3q; dmarc=none; spf=pass (imf25.hostedemail.com: domain of pasha.tatashin@soleen.com designates 209.85.160.175 as permitted sender) smtp.mailfrom=pasha.tatashin@soleen.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1684168597; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=jaWs609h278hxFtHrMxQjhQdyGWOwBk4bpNIGwrfmdg=; b=uY/wFe+c6j1CQAVVxRdYOA7MHeY/jUwN+Khr3ND7ltH5gePVwr5+JHA478OccdyF1DJxPi eDqWKa1qDgumDBI8NX1gWX0Sy2TVaLEJhoT6d1fKovbKOIr7AyL2JjQkJPecKwz5aaUHJ4 h5cIwMvmTN9fLpG9ThD54tEbP6njqWQ= ARC-Authentication-Results: i=1; imf25.hostedemail.com; dkim=pass header.d=soleen.com header.s=google header.b=cq9cTG3q; dmarc=none; spf=pass (imf25.hostedemail.com: domain of pasha.tatashin@soleen.com designates 209.85.160.175 as permitted sender) smtp.mailfrom=pasha.tatashin@soleen.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1684168597; a=rsa-sha256; cv=none; b=LY2b0Cp+njDiPrcwLFFTsQkm63ox856t7KE0YYH49aXWTKAxmmEhACQ2x8OHA7vvNIiPYk Mt8ZC14xnZhMLuUwvv9f9J6D3egXaMoPmBQOIMobu/FY32QbGbXij4epa4b6JUH+UgvLAf l8xcKISrRW3Dc1VOn6QPaofMBjs9O3A= Received: by mail-qt1-f175.google.com with SMTP id d75a77b69052e-3f475746ae0so34830761cf.0 for ; Mon, 15 May 2023 09:36:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=soleen.com; s=google; t=1684168597; x=1686760597; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=jaWs609h278hxFtHrMxQjhQdyGWOwBk4bpNIGwrfmdg=; b=cq9cTG3qyLQFvczSvJoUBw6AY3gAFHjaTW0KAzeml6qS0sd8nd4pDZ4JJtAfL8JlDw mDWuujb/eLtEToJsmgkuXqNWPr2HCnn3oLQn1oub1ctbPMSmfJMCAtSk9mqZJFt2vubd iMDL93B6bECyWjC9QgrOriWkYIIEVeUnKyG8qNwt8alajFy360nFXrHhmns5GLzJPkCC eynKnsQ3C35PwTGlrWyO2ZUgF7a/MMACBlMWErQA6Mi5B+Yc0VrleVV6HRYWsrbZM3PU YjqaxKBwux6gFVH1IcpGscqIqy0mu0GetnkqdTRtEPWm0W5HptZhkcxfVH4K2iUvz6MG 6b6Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1684168597; x=1686760597; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=jaWs609h278hxFtHrMxQjhQdyGWOwBk4bpNIGwrfmdg=; b=irnf4VnOPJ7PXE8cCapLywGLNRQWhKwc7OBh+PUFXdWHnFUuZeIlUPp9j75tQwtBsZ ECSekwzaxke55Jji/7oG+laEy+yZfIUwRiKh7DItQf4pcFwEsmutQSKJTmQmaMMXVRvC 770TKj5OnvcigMXlGzi35peN2+GCPnjm9nkNGfuaVe0dovlJWHDVMuTYM3h4ImLFXUCj 1CEtoWgsBe44vh2Hd2L0h1Pmt+ANBMwFdQcJzqTAP3ratAVfX6dTEGyrJpTUidtpTauL bs2TPrfZeEY1V0BGIOrVvEpUiNCUq9ww3hdHh3OEprKsYbNVPdreusGOaubx+0xglwSJ flQw== X-Gm-Message-State: AC+VfDxBG3mg2pEULbTNTOk4Eg+gGRr+Iu/XM5Iiar6LU8LDavG7n4Iz 43sCBir5CpsBFMraxfGhHMTDKBy9XXnNt0P8o8ZXW//Ml5bwn0qfDPY= X-Google-Smtp-Source: ACHHUZ73aTS7DD+7SikId1FQqfx11mLr5Cl6ZQGecy1x2/k3sl+BocACmnJrZ3gvB7JW68/QoP/OA6pO7ouozzgG3Ys= X-Received: by 2002:a05:622a:15c4:b0:3f2:34e:4ccf with SMTP id d4-20020a05622a15c400b003f2034e4ccfmr54604057qty.15.1684168596782; Mon, 15 May 2023 09:36:36 -0700 (PDT) MIME-Version: 1.0 References: <20230515130958.32471-1-lrh2000@pku.edu.cn> <20230515130958.32471-4-lrh2000@pku.edu.cn> In-Reply-To: <20230515130958.32471-4-lrh2000@pku.edu.cn> From: Pasha Tatashin Date: Mon, 15 May 2023 12:36:00 -0400 Message-ID: Subject: Re: [PATCH v2 3/4] mm: page_table_check: Make it dependent on EXCLUSIVE_SYSTEM_RAM To: Ruihan Li Cc: linux-mm@kvack.org, linux-usb@vger.kernel.org, linux-kernel@vger.kernel.org, David Hildenbrand , Matthew Wilcox , Andrew Morton , Christoph Hellwig , Alan Stern , Greg Kroah-Hartman , stable@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Stat-Signature: pr3csiikctiy4iep87ts439jdr64cqzg X-Rspam-User: X-Rspamd-Queue-Id: C63BEA0018 X-Rspamd-Server: rspam07 X-HE-Tag: 1684168597-266795 X-HE-Meta: U2FsdGVkX1/9X8lX2qyovTZsv/k+esQn/NDYoBNFN0r63UdLKgmr+GVlKhOuzpRLnO3SvqAHfIYl8BPDBedF0WhNeEAbiVwf9y+Z1A3IZ6ihQq69dJJWC0i1VLvpUEfzhqm3CVSpQbDJSpNBaBsbnh0bcAm8IQpDdsvPivTBn48hRT/m/e2Hm689goVnjnwhbn86+Ev6b3txIm900iUNa39ZMTCMsuNqYHBDhn062VPSnlwE6KRMB6eSDtakhSo8a3fBI2ABLcBa77WqNdblQxkx9L4v08qPfTliF2NMzED1/1ZupY38P5ssSJ6RV0V6n+GkmcvOJ7VRTsMuGixIpzjw9g9t+t9YprDxxxr6P6Q9BfJC8smltgW/Lhs4DA5yX9tPaB2wrNBZUtAIo/3VHdTmU37ki9Y7HBf+Oxk2nRyRkuVhTdLwDg+aU7VjP9jeqEnRLHc2QfqyghLgIROmBIw4OPVyisLEcs5bFuHpVeC1xQNXJ3aykBmYh25V7r6yv9Q4SjVSv4z7gzNYwmt2ObjDGxiqjKvVKod5ELCyVx1JpYekdYpdd08E81PGjakPRcmL6hZlGXmxnlUZOlH5gHXW96xMYLHTe4xVFioske8rpZDI85MlZZwv0ebzWTsv8RnvwBwpMuwsiKsXMf3PLVUIYt2sp/wXsQQr1wjFkTy8vSe0u2s8uIakT7mUACsFIu/fISgTaLKghpD7xECJkzVVwk79QbmjwFAq4zHaribd5c4bcYVZx7G1oyz4Xx7VtI9qUUi7pKWUVXxifSRppRwIlb8PEg5hnRj1sGGFsjVgloLoxvaWwje33CMDxrw7Lcrxvj7bvN87JmTTEl9mQcFBHFz2zmoafkxaWRNn6Yo+NX3Z+i4+cRQ8y+eGePHMyD8R52L2IS/Ayt0PlNbGEKMLUpu0gfAhz98N+Y4+hzwFUOXr6EHafdpNhUnnGg9lS/w13dxKOy1OrRTKsl3 x9KH8hvk /FCT+fAnBGQA82oB9N0Nd6hmu8whxeslJRQj1oii9H4PQQHr++Xn+ZtURIO2kiM+MzxFoovxu9lMaiJ9ORwe56GQqE9NfOe62GuASnZI5xw6cn1rTyHg+WINJ4MhvHiCK3CnxDthsbTb6vRHNpZeFIbG+kKcvAT1KAStwk3ubV2gyU4wPFAPwTqcFCaP8ZP30/bCIE74Eye8lYbBdgiW+6R181mrFopDH/CIc+usPiYoTLOt2VYPTmyrVpnX8xVQguGT2UX0yDhGOZTBybvuw6f87FOJJkBuankZX2JZdNydK7oYUvlJa6JzjF3acwmKPgblaPGbUrp7uWMsTmiwCTtwn77cm3ZKlakZ8ITDRuHDGpBA= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000003, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Mon, May 15, 2023 at 9:10=E2=80=AFAM Ruihan Li wrot= e: > > Without EXCLUSIVE_SYSTEM_RAM, users are allowed to map arbitrary > physical memory regions into the userspace via /dev/mem. At the same > time, pages may change their properties (e.g., from anonymous pages to > named pages) while they are still being mapped in the userspace, leading > to "corruption" detected by the page table check. > > To avoid these false positives, this patch makes PAGE_TABLE_CHECK > depends on EXCLUSIVE_SYSTEM_RAM. This dependency is understandable > because PAGE_TABLE_CHECK is a hardening technique but /dev/mem without > STRICT_DEVMEM (i.e., !EXCLUSIVE_SYSTEM_RAM) is itself a security > problem. > > Even with EXCLUSIVE_SYSTEM_RAM, I/O pages may be still allowed to be > mapped via /dev/mem. However, these pages are always considered as named > pages, so they won't break the logic used in the page table check. > > Cc: # 5.17 > Signed-off-by: Ruihan Li Acked-by: Pasha Tatashin Thank you, Pasha