From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5329BCDD0EA for ; Tue, 22 Oct 2024 21:15:41 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 913C96B00A7; Tue, 22 Oct 2024 17:15:40 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 8C3EC6B00AA; Tue, 22 Oct 2024 17:15:40 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 73D096B00AE; Tue, 22 Oct 2024 17:15:40 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 526326B00A7 for ; Tue, 22 Oct 2024 17:15:40 -0400 (EDT) Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 1512EC0560 for ; Tue, 22 Oct 2024 21:15:22 +0000 (UTC) X-FDA: 82702494042.13.393F284 Received: from mail-wm1-f45.google.com (mail-wm1-f45.google.com [209.85.128.45]) by imf08.hostedemail.com (Postfix) with ESMTP id 1AC8E160005 for ; Tue, 22 Oct 2024 21:15:26 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=dOFV8yl+; spf=pass (imf08.hostedemail.com: domain of jannh@google.com designates 209.85.128.45 as permitted sender) smtp.mailfrom=jannh@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1729631661; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=0rUMb9s0Swo9BEmB7UBEcgRnDzC0gwsdWpcAfzDYUoI=; b=Y/IEs3+7Q4M1dpnVd4d6G0SzZqn6jd5fxHyyYFPAnhqUDzxqHmA9J/fIKfn+S8Mxj78rSG mvkpqOaNSLOQKAI8p4RJO7lsx7ybqBUvxkHu7M60hwLKsmY/QMBDsp0Z1pN20u2HWftIXn Vy89rrzmUuFsfsiI6bqIDWU+TQHQ0ZY= ARC-Authentication-Results: i=1; imf08.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=dOFV8yl+; spf=pass (imf08.hostedemail.com: domain of jannh@google.com designates 209.85.128.45 as permitted sender) smtp.mailfrom=jannh@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1729631661; a=rsa-sha256; cv=none; b=CEk9RrUtzyznwuoDlorOxUPAHaD+sQvwXUj7PZFbyEZn+hm/MP04M0+V5UO3I69ZhGgR23 TUCJq0/MePy7NGyco/ZWgcf1HoEfoBAqsbVchWJaL+Hivxqx+bGXpvzjxQt+BV/bfCAAHe JyhGXrlKVe3f4xqaw6PiY3kmBleRmaY= Received: by mail-wm1-f45.google.com with SMTP id 5b1f17b1804b1-4315a8cff85so82785e9.0 for ; Tue, 22 Oct 2024 14:15:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1729631736; x=1730236536; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=0rUMb9s0Swo9BEmB7UBEcgRnDzC0gwsdWpcAfzDYUoI=; b=dOFV8yl+AIdH1EUMjux1H6iwxcbBqAeg0rUYvTSd58MoJQLy/7+eyGyqWE2Ty6z1FA gzplxYo50IOO8rPYx58LHEzLWi2Fq86hnPkQ7AdbMPjKmqWheUlHHrs115WCYnOJTQdQ 5rtnPS+f1qwvA/pTPVjgkdieLJjTIYhh9T74qIGmWB03f8wRC72IPYQhXIr/jsLhg3a/ w4G4b1oQf4MNHzNod/aZ3xGIky3KbfMGDZxw+vDP3uxblQhTlioyLYOCwl50gxaGTbIb gPFdXYb/BDVgh9PphARH6iuyex5YiYxSeGmqttxt37UwiF5FBQIZs2BKgUdTUE1BfIC1 EUOw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1729631736; x=1730236536; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0rUMb9s0Swo9BEmB7UBEcgRnDzC0gwsdWpcAfzDYUoI=; b=RQRvbJmbI7kpCRZd08cBY5Yftt9de+ilbyMxB50IPyaAF5eTqvNgd+GoaT0xhg3DBF 3iM+mptwp37TwQJjjgtYK06JXqBZ1gXNjU09aXvXA9AUWf0snAKHPg0mByDM+V1pxay7 kUngEOpDp6naDVwqUjTBu7ou387lAHSH/+s11VC8cFlAkNOIXZ5zQUl70QqMs8XZyMAj F1yk5SdOO+unCiK7bpqTFXAb/YkJF5cU9YSNrm9YkslKbeAvM4rCyI7X4rZv/FhmwpSu lRrjWiJMK1U9gejL6B0WppwLTWX4lF3ph23gPH9gGrVkITSvWvjrYwjeYZdoTCuxK3oS zvgA== X-Forwarded-Encrypted: i=1; AJvYcCW8AaPSjWU/3JSxV/33AJ42yiOMXoi6gh0ppEooyOyIjWeaz0gVk3vi6/IowlLX6UFZycBroPn3mA==@kvack.org X-Gm-Message-State: AOJu0YznAnICY6+2oJZA5adGGCL9vst4fECuMe/8c3FNJ0Zz9Q+AwmG8 IR03kVOZmNDps8ifbNmckLfkhiFhbedgiOdVtvaCWvgLvlYI51QMyR9PnJHVTQJQGxN31tlbIZR iPs5MRdreKPqKeLp1nHeIoMAO1RYQd0zWAbiTbYFHiTYYdrvnQCyJ X-Google-Smtp-Source: AGHT+IGhSlsgW6MGl5W6fBPRAtDoC93WpnDCJzh2qK5H7Wd9cz2SAe/vsJFE5YFEPhrG10mwkI59xYzNVMZlvnWnVNs= X-Received: by 2002:a05:600c:3d95:b0:428:e6eb:1340 with SMTP id 5b1f17b1804b1-431851f9c76mr96625e9.4.1729631736341; Tue, 22 Oct 2024 14:15:36 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Jann Horn Date: Tue, 22 Oct 2024 23:14:58 +0200 Message-ID: Subject: Re: [PATCH hotfix 6.12 1/8] mm: avoid unsafe VMA hook invocation when error arises on mmap hook To: Lorenzo Stoakes Cc: Andrew Morton , "Liam R . Howlett" , Vlastimil Babka , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Linus Torvalds , Peter Xu Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Server: rspam03 X-Rspam-User: X-Rspamd-Queue-Id: 1AC8E160005 X-Stat-Signature: qq1xsoxyqr6ohaabgpg8kff5pcnynyxi X-HE-Tag: 1729631726-600955 X-HE-Meta: U2FsdGVkX1+YC+nObo+CA+I2/QJDxTEwIb2Dxy/v9lQuwtRzYioYik0ogSh+WCl0HLGVs1XMIucevI4tZV1/5Y4BxJC8R9FANDQBh3/hl3GE3Yqf15Zaa3z2slnmIECpOVxOPq99ANHDyB3QrV18OTV9c7OM88s3kooFk6YVWvMjYGj2fsF35ytbGzOUtBEjJdfnItLVV38QF3U3ukBDg8lLC/+yly8N2JkTUDUnsICvpyhLuJ8tYJHuo2rp8B15zkN2kDGT9hM5U7l4kLcQeZES3RWKKQytLOpaUvFpmNkx1xP66Au7b1CP5BJV2Hd8UkcgnGcUpNmTD4IJlCLrVdNT2Ww0kYOz2rqXAxjYXwZHsUhwvffRmkKWJUHYKBmlX8nS7uduUqcNTCO0nsY+gwUrQTF11QfYItvZ1G1LAX47fUfGxVwQJm97uwNYSMe5D1NUKmvIxNqZHNkNTEXv4zI0hLgJ517ThWQR8zj5QOQElLBzmzonGGeTFutdqAs3YyaD+PCdNao2w/IMz3ru8it4UEvn0pcP1UCKyeU0K1oAsr+VY7FvFcdEKmsjEiGb7CNwN7EOC1CT12/lEYxgChluLYCvCMQnPWybLmQtyVnrNr57K3IylHUxdvKTbDQ5TsrXF/SPejZH7tij28FijHsVfs2CuIsGQnMKc0EDZoidns9XrXdWL2aNA/AYKOHeEFsPxh3TL/6BP+VzA7ZcrO4ltSRBtkxME7KRbNdMYuwrgUoEzjw+sbyLP6ML0w0WXzsUuU9iyV3fRQ7cpzm5nBBVCOQA8wImL12Sn8/pBOMqG8nIqmTtSPzNAYuIxl7Uyy/1wcsRBzwjJivZkxBmCAWZ1NEhs1gHHp9loOMuHHtbpHPBPkTGelWXCAva/+LNAdLJ6SqGiuAJGpN0O1ZN5UUJziv0ptpBi+d50FjhDUOIi60jQQvLbVIh9OGE3r57nitJMThsnJa9PyIZDs9 0KoJqdIz nZsYwLiiEXnQW9jCwAie6fNYsb79zNemLDKcwD2+09TeSR2U7NvM2EBwZ+AO+uqDwwJw7DcxqRn5jvch3an1E9ind7k0oLbNM1qb4+QIzIP5LltswmbjEwOz3PMdmDOrbboq6TyWwXqzYJqmS/a6ib1SxegNi3+wS9pcsOK5SSt/lhZXF+UqyCJxcTEQ+yO3siVOPyTm/LAQn6dZEZCtSShhvrd5KwnVP5ktugJGGO64t4zB0cO2ziB8fGi5BbtpZtpXZu/1ueFI+VQQ= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000005, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, Oct 22, 2024 at 10:41=E2=80=AFPM Lorenzo Stoakes wrote: > After an attempted mmap() fails, we are no longer in a situation where we > can safely interact with VMA hooks. This is currently not enforced, meani= ng > that we need complicated handling to ensure we do not incorrectly call > these hooks. > > We can avoid the whole issue by treating the VMA as suspect the moment th= at > the file->f_ops->mmap() function reports an error by replacing whatever V= MA > operations were installed with a dummy empty set of VMA operations. > > We do so through a new helper function internal to mm - mmap_file() - whi= ch > is both more logically named than the existing call_mmap() function and > correctly isolates handling of the vm_op reassignment to mm. > > All the existing invocations of call_mmap() outside of mm are ultimately > nested within the call_mmap() from mm, which we now replace. > > It is therefore safe to leave call_mmap() in place as a convenience > function (and to avoid churn). The invokers are: > > ovl_file_operations -> mmap -> ovl_mmap() -> backing_file_mmap() > coda_file_operations -> mmap -> coda_file_mmap() > shm_file_operations -> shm_mmap() > shm_file_operations_huge -> shm_mmap() > dma_buf_fops -> dma_buf_mmap_internal -> i915_dmabuf_ops > -> i915_gem_dmabuf_mmap() > > None of these callers interact with vm_ops or mappings in a problematic w= ay > on error, quickly exiting out. > > Reported-by: Jann Horn > Fixes: deb0f6562884 ("mm/mmap: undo ->mmap() when arch_validate_flags() f= ails") (I guess the "Fixes" tag here is a little unconventional in that it doesn't actually point at the commit introducing the issue that this commit describes, but it does mark to where the fix should be backported, so I guess it makes sense and I don't have any better suggestion.) > Cc: stable > Signed-off-by: Lorenzo Stoakes Reviewed-by: Jann Horn