From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 09937ECAAD3 for ; Tue, 6 Sep 2022 00:39:17 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 8A28B8023A; Mon, 5 Sep 2022 20:39:16 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 8527180224; Mon, 5 Sep 2022 20:39:16 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 71AC68023A; Mon, 5 Sep 2022 20:39:16 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 61E8680224 for ; Mon, 5 Sep 2022 20:39:16 -0400 (EDT) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 3A13AAB9E8 for ; Tue, 6 Sep 2022 00:39:16 +0000 (UTC) X-FDA: 79879801512.10.88E1156 Received: from mail-ej1-f47.google.com (mail-ej1-f47.google.com [209.85.218.47]) by imf10.hostedemail.com (Postfix) with ESMTP id F1B47C0065 for ; Tue, 6 Sep 2022 00:39:15 +0000 (UTC) Received: by mail-ej1-f47.google.com with SMTP id qh18so19852251ejb.7 for ; Mon, 05 Sep 2022 17:39:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=soleen.com; s=google; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date; bh=ivEohVEMDuEFcckLs8OQpxO/9FHYT4jYn/AxNYf6vu8=; b=pIzXrZU+X+7HUd3iBNZXN4JqOOw/UtMz3hgaS95jmVNeDgF3/aJQyPI5k0oSUfmRQF T9ZwB9eTGWcRPaNpQWRtsjwo/AuVygUK+scRpSNNRHIp/oviZ6VYmH4xqodVfP/h6vXr IXrGcwTpW/OrOi64N1IyzISHmH2mEeFESg0dEY1YePgniQw6GhpGq/mj3k8+/3dAbL0Y 2ZpMoMZoBsTfc9enxKhFqwOZtIs7epU2MIKwmHfaJCTk6YGQuw8XtfD+7Ob7XzP2NP83 +4Hq8iamXbb/AHlpuzrAbxaZm6ah+gD81uF1JSFeXGv3JTmbX/o9zoE01Ez49OqfwFBL mljw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date; bh=ivEohVEMDuEFcckLs8OQpxO/9FHYT4jYn/AxNYf6vu8=; b=okzI72FvLENF/la1BP7sLUZCdoRLnifbelr3PBp2DjBrSxd5gXYykd+YxcGd1xImLD bk+5sdmItqDaqqjmcHNgYfyUoHVIM4y87efWs2iUcM6zAZn/3/tHRD44KvAKWZfgbLgw YqmFPyJk06GgYo5VBIEcbhT3iirM/iaE50NDhL4/loJEU+0qkQsLmFFmoaGPX/ctYQXt WV/ZW7SWW0aUC3Oulpiv/nrhgucCFOENpwcBfGAZrtSDzPgbaRU7C7scL0tREjPjOn1C 1SguHQKOjUEKz3ZGuaStglJ+X9R198HuIZWBZvFAKM0H/xrHiugpnqoIptAE+GL8z4Yo xOAA== X-Gm-Message-State: ACgBeo1kYPELPL+UylPVOBCBjxtS8iHCu/nUVB0xP98foY8G23EfsttW scUym9OOc04V2nCLg9EwHHp66wo8SRFoxbFQb5kl+ZadBI/i6g== X-Google-Smtp-Source: AA6agR7mqkEH8/Rmie4pmWbrKTZEE91yNr9whESntX3R7t4nnIlExrBMlCN8WkYqqBVKM9XZS1qTK/srt6yxDNIa/rA= X-Received: by 2002:a17:907:9627:b0:741:8d57:f335 with SMTP id gb39-20020a170907962700b007418d57f335mr27592422ejc.7.1662424754810; Mon, 05 Sep 2022 17:39:14 -0700 (PDT) MIME-Version: 1.0 References: <20220902232732.12358-1-rick.p.edgecombe@intel.com> In-Reply-To: <20220902232732.12358-1-rick.p.edgecombe@intel.com> From: Pasha Tatashin Date: Mon, 5 Sep 2022 20:38:37 -0400 Message-ID: Subject: Re: [PATCH] mm: Check writable zero page in page table check To: Rick Edgecombe Cc: Andrew Morton , linux-mm , LKML Content-Type: text/plain; charset="UTF-8" ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1662424756; a=rsa-sha256; cv=none; b=B755anULAXhcZIN8szlOCImDOo+CPXqszVIcQof+EyWiHHw6RsiwlC0QCWihqGxGe6u34R Pyhwz+J1PtKfd3ZmZ3TkThDOb8XCjl4JbmIMu+ZgLIsa7FxiqENrhPrYrwbPwNL9TkenKS QRBLEpKdcpu9KpJ/M46Z3YSlE+l6LtA= ARC-Authentication-Results: i=1; imf10.hostedemail.com; dkim=pass header.d=soleen.com header.s=google header.b=pIzXrZU+; spf=pass (imf10.hostedemail.com: domain of pasha.tatashin@soleen.com designates 209.85.218.47 as permitted sender) smtp.mailfrom=pasha.tatashin@soleen.com; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1662424756; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=ivEohVEMDuEFcckLs8OQpxO/9FHYT4jYn/AxNYf6vu8=; b=8K2r7bWOOfmlDVb/4UiusSCimbSRR6+SoYGsIsuZutCjhBJpQIh2tUZAPmzt9taYPWCSCP VOvnPAHViW1ilSUe8qTeo2Cmi25H6OzrvTd70oP+uuHWXfTjQXM3Ssuk2RxNd3lVQJlUNO d0bqsC0TRD20R4X7Cb2AWfb4nw6sVWs= Authentication-Results: imf10.hostedemail.com; dkim=pass header.d=soleen.com header.s=google header.b=pIzXrZU+; spf=pass (imf10.hostedemail.com: domain of pasha.tatashin@soleen.com designates 209.85.218.47 as permitted sender) smtp.mailfrom=pasha.tatashin@soleen.com; dmarc=none X-Rspamd-Server: rspam01 X-Rspam-User: X-Stat-Signature: dad56cp194tanku7urt3m3fjibznj9e3 X-Rspamd-Queue-Id: F1B47C0065 X-HE-Tag: 1662424755-6772 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Hi Rock, Good idea to add a check for write access to zero page. Can you please also update Documentation/mm/page_table_check.rst ? Thank you, Pasha On Fri, Sep 2, 2022 at 7:31 PM Rick Edgecombe wrote: > > The zero page should remain all zero, so that it can be mapped as > read-only for read faults of memory that should be zeroed. If it is ever > mapped writable to userspace, it could become non-zero and so other apps > would unexpectedly get non-zero data. So the zero page should never be > mapped writable to userspace. Check for this condition in > page_table_check_set(). > > Signed-off-by: Rick Edgecombe > > --- > > Hi, > > CONFIG_PAGE_TABLE_CHECK is pretty explicit about what it checks (and > doesn't mention the zero page), but this condition seems to fit with the > general category of "pages mapped wrongly to userspace". I added it > locally to help me debug something. Maybe it's more widely useful. > > mm/page_table_check.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/mm/page_table_check.c b/mm/page_table_check.c > index e2062748791a..665ece0d55d4 100644 > --- a/mm/page_table_check.c > +++ b/mm/page_table_check.c > @@ -102,6 +102,8 @@ static void page_table_check_set(struct mm_struct *mm, unsigned long addr, > if (!pfn_valid(pfn)) > return; > > + BUG_ON(is_zero_pfn(pfn) && rw); > + > page = pfn_to_page(pfn); > page_ext = lookup_page_ext(page); > anon = PageAnon(page); > > base-commit: b90cb1053190353cc30f0fef0ef1f378ccc063c5 > -- > 2.17.1 >