From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.3 required=3.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_IN_DEF_DKIM_WL autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id CB43FC2BB55 for ; Thu, 16 Apr 2020 13:22:54 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 8A75721BE5 for ; Thu, 16 Apr 2020 13:22:54 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="wL7Q0gPf" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 8A75721BE5 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 162428E00AD; Thu, 16 Apr 2020 09:22:54 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 114E08E0001; Thu, 16 Apr 2020 09:22:54 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 029C08E00AD; Thu, 16 Apr 2020 09:22:53 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0088.hostedemail.com [216.40.44.88]) by kanga.kvack.org (Postfix) with ESMTP id DE3D08E0001 for ; Thu, 16 Apr 2020 09:22:53 -0400 (EDT) Received: from smtpin22.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay04.hostedemail.com (Postfix) with ESMTP id 9AEAC348D for ; Thu, 16 Apr 2020 13:22:53 +0000 (UTC) X-FDA: 76713783426.22.mass45_3652928ce6920 X-HE-Tag: mass45_3652928ce6920 X-Filterd-Recvd-Size: 3756 Received: from mail-lf1-f68.google.com (mail-lf1-f68.google.com [209.85.167.68]) by imf23.hostedemail.com (Postfix) with ESMTP for ; Thu, 16 Apr 2020 13:22:53 +0000 (UTC) Received: by mail-lf1-f68.google.com with SMTP id x23so5583400lfq.1 for ; Thu, 16 Apr 2020 06:22:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=5ghI5WBqdl870WOE8SE5UO5Yl3nEjaDEWsi+NZM23pY=; b=wL7Q0gPf1pOG5mpwohfKkO+zHQJzeFIgDMOlXgthXC9kCDgo3A7DD5pysOL3BHoeod 9XSu8hDaxyyuh7eoujNL7pHKDV5/1LuFvn2pDWwWZ4jc6neNJ8uKftpodRcTX67KUlsx fexJIz75CoqVryD54Bsk8MrFrBwykj61Qb8mG4kNMDVQ6FRzkxckoxDdAu/ami5maQeV c5Uba+Lu/rQG7nrGTdwIukGU4NevTWa2wQxjDbrZBOeeWlug+8NVsPwTpTRyofKSwXoY qpK1Bzc6r7+rQqoSa1wuwKVOL3bQXczAy72GWXvV5vrM16D2iGMDg7xTX41johkrwoo/ JeHg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=5ghI5WBqdl870WOE8SE5UO5Yl3nEjaDEWsi+NZM23pY=; b=sILzFUcsJMZQif+l1maJP5vv6/YJ2/zP+JJKvYYHF/K/wwimg5w+ERTjw3flwpSshk 3LvP2UAxvBSHOXfcfsOh/uopZewu48xcHV/3yMyRfMDvUWi3CN2oblzqRh9RG7eLklzQ pO46mObxWRP0I8J3Ii2zrLSKKkWnDLbFwkOHJpUDWB+SBXElGIDh4rXZXye+jthBEl0e lNOZkH2hSY7eZumKMDINmjF6StGcsGEDEPfEzXvWil+13YYGIeivWXJo0xll79Gpg8iy onTRYzBJ9GiyNPkTzE7MNfd1gGOIl6ro9rCCOM363u1vEIDi/7AVLZq1HWOppCk05FAJ Ov5Q== X-Gm-Message-State: AGi0Puah82ouB9PCc1JEB6niRjAkiL6k0F/z0Rg91kb5Sgz+u6oN8Evy fpYas9eDYT2uE0TqVzBIdw1X0pXyIWmKiP3I2crMEg== X-Google-Smtp-Source: APiQypI8lGR85RQI+rU+pCf9V2Sn5n7Mvg4Ykbb7nhe56xJbWhdmIJaMewqk1OlOrMbaRXyV8387wTS3UaZFas2e/P8= X-Received: by 2002:ac2:5dc6:: with SMTP id x6mr6011166lfq.108.1587043371445; Thu, 16 Apr 2020 06:22:51 -0700 (PDT) MIME-Version: 1.0 References: <20200415222312.236431-1-jannh@google.com> <20200416030232.15680-1-hdanton@sina.com> In-Reply-To: <20200416030232.15680-1-hdanton@sina.com> From: Jann Horn Date: Thu, 16 Apr 2020 15:22:24 +0200 Message-ID: Subject: Re: [PATCH] vmalloc: Fix remap_vmalloc_range() bounds checks To: Hillf Danton Cc: Andrew Morton , Linux-MM , kernel list , Alexei Starovoitov , Daniel Borkmann , Martin KaFai Lau , Song Liu , Yonghong Song , Andrii Nakryiko , John Fastabend , KP Singh , bpf Content-Type: text/plain; charset="UTF-8" X-Bogosity: Ham, tests=bogofilter, spamicity=0.053282, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Thu, Apr 16, 2020 at 7:02 AM Hillf Danton wrote: > On Thu, 16 Apr 2020 00:23:12 +0200 Jann Horn wrote: > > remap_vmalloc_range() has had various issues with the bounds checks it > > promises to perform ("This function checks that addr is a valid vmalloc'ed > > area, and that it is big enough to cover the vma") over time, e.g.: [...] > > @@ -3082,8 +3090,10 @@ int remap_vmalloc_range_partial(struct vm_area_struct *vma, unsigned long uaddr, > > if (!(area->flags & (VM_USERMAP | VM_DMA_COHERENT))) > > return -EINVAL; > > > The current kaddr is checked valid by finding area with it despite > there is room for adding change in checking its boundary in a valid > area. I have no idea what you're trying to say. Could you rephrase, please?