From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 409C4C3DA4A for ; Thu, 8 Aug 2024 20:41:11 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9A2546B0089; Thu, 8 Aug 2024 16:41:10 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 952116B008A; Thu, 8 Aug 2024 16:41:10 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 819376B008C; Thu, 8 Aug 2024 16:41:10 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 625AE6B0089 for ; Thu, 8 Aug 2024 16:41:10 -0400 (EDT) Received: from smtpin05.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id F41C71216B3 for ; Thu, 8 Aug 2024 20:41:09 +0000 (UTC) X-FDA: 82430247900.05.A7B7B2A Received: from mail-yb1-f176.google.com (mail-yb1-f176.google.com [209.85.219.176]) by imf27.hostedemail.com (Postfix) with ESMTP id 3155540005 for ; Thu, 8 Aug 2024 20:41:07 +0000 (UTC) Authentication-Results: imf27.hostedemail.com; dkim=pass header.d=paul-moore.com header.s=google header.b=S6qmWY2K; spf=pass (imf27.hostedemail.com: domain of paul@paul-moore.com designates 209.85.219.176 as permitted sender) smtp.mailfrom=paul@paul-moore.com; dmarc=pass (policy=none) header.from=paul-moore.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1723149636; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=47GICyzC2wsg72IYW9hbDwZbOSRLvptGet3pY/U01PA=; b=1mjFRhjj/CuJlTq7KPRqSt9tyWSYgOguMDlFCRuDdUY6v+cJ/q+SIbUiPmYBwd1ebxTOIh bmR3O9yRRq9jxXxrNcCWk1ROInT8O6rXb+KJrTjdccl9WgaO/YZ643V/6uru+szYCD43pS 3INUSrhO3TYlwcsp36zVI4SKp2kjzjY= ARC-Authentication-Results: i=1; imf27.hostedemail.com; dkim=pass header.d=paul-moore.com header.s=google header.b=S6qmWY2K; spf=pass (imf27.hostedemail.com: domain of paul@paul-moore.com designates 209.85.219.176 as permitted sender) smtp.mailfrom=paul@paul-moore.com; dmarc=pass (policy=none) header.from=paul-moore.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1723149636; a=rsa-sha256; cv=none; b=4KqSxzEGEhDygBxgNFLaq2FVdddpI2j9cCy+cu46TD5uxfKcgpHWZ40xdG2ReXMLz+W8sg zHla3izz6lPBeuHea/7iG0Iqs7O4O4aEO+5ImuvKBI6jzeXs2Yz/ZaL9yWw2C4iozxxnMJ 2bRChOJ1W75SN7/BjguFHsgKsOvvliM= Received: by mail-yb1-f176.google.com with SMTP id 3f1490d57ef6-e0857a11862so1368337276.1 for ; Thu, 08 Aug 2024 13:41:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore.com; s=google; t=1723149667; x=1723754467; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=47GICyzC2wsg72IYW9hbDwZbOSRLvptGet3pY/U01PA=; b=S6qmWY2KF9c6IkGHOMgOgYlK5gDqfaOvqrFEnhT9fNRFSa33COHRm0UzyBXfeGsoZE Zn9lZdQiSY2Zue9a2+ao7N2/5ZbcpazlmZYx1ExKxmPMS0jFJgGeHdFHJLQ4npAljdqD roK8Z7oBLtsrvkzUG+JTCzQDGiehcA38cvjvzCH44b2zYvTOO5OoWJ6npzV+G5z05Wb0 3FDLlgULnFZRtFOJSq0VB3MXZRSkLBvSSqn7WPy+SxPOP7Jy1qROl4migpvqvsxbW9bU xDkowZktUE5ZtzoBUzfaoRiCmuuCBwiecn70+HavycaV186WbJ35py55SYBgfhtoG/+/ 5+fA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723149667; x=1723754467; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=47GICyzC2wsg72IYW9hbDwZbOSRLvptGet3pY/U01PA=; b=HeF1g0kZjP3DKfK9vNRtt+Ga5gasswUzNhH7gnOqRVLvfGtjdad9n0iasV4z+2p8H6 I1wLWvZlerjGyO5PbnQIOZeq+NppUM/0C+Mh++GaIK+xFIxcJyZamEbHdu4zOV9q5jLn 0Pu4ooDcxhwB+GqWhDxp2E2yBFvmmA5DQ79HEaX/4LRccPbjnaOC/aTPnEfhaOxbKglj p4EEy3Zm4Hr39cBHSXz26BgUyd7D0lSSJeCeiUVe+HVEMv6hvNE8KEDx9Veq9A0u7jzS TlrrSi9NhtEbpnZhn6V+tThQCNhzohGqd4Ak/qsdZH23QNknWUy/WzU4ZiFxe2Rmclo2 sfgA== X-Forwarded-Encrypted: i=1; AJvYcCXFmXFxwx2EKAsyhdyadzfr/jC3NwKpLGIBN7nZ9j+NWtyd46UCIr2Ur72rdvdy0xUl+WyPkdD4ah1pFNyFhVu4hP4= X-Gm-Message-State: AOJu0Yyai3ertITQtfqxpilgyf+k8S38TYvFDf2pucJUfK6WHEYCtihh Orovw76AWu0bahbkXjOEtq9fvnvw8ub3sRnaMdL+GoGIc9Yju2WUvGVqbOxVkbxMnezzTYOocT+ b28aqAdlMVF3RbHkB0sp90/RC9XEoD3GNZ8Cx X-Google-Smtp-Source: AGHT+IHoVkNERNU07XQScwT0BUcd8pt6tw/nehsU6Jtn5wJK8NwgmGYtb18Q9QxjOFECkVSI6YxnqRBaByC2KT58+y8= X-Received: by 2002:a05:6902:2e0f:b0:e0b:f69b:da19 with SMTP id 3f1490d57ef6-e0e9dbb268bmr3874613276.40.1723149667133; Thu, 08 Aug 2024 13:41:07 -0700 (PDT) MIME-Version: 1.0 References: <7fb19e0a-118d-46a1-8d1b-ab71c545d7ed@huawei.com> <0806d149-905c-49b2-930f-5d6d0f8890c9@huawei.com> <4d2e1d4f-659a-428f-a167-faaaa4eca18a@huawei.com> In-Reply-To: From: Paul Moore Date: Thu, 8 Aug 2024 16:40:55 -0400 Message-ID: Subject: Re: [PATCH v3 3/4] selinux: use vma_is_initial_stack() and vma_is_initial_heap() To: Marc Reisner Cc: "Liam R. Howlett" , Kefeng Wang , akpm@linux-foundation.org, david@redhat.com, linux-mm@kvack.org, omosnace@redhat.com, peterz@infradead.org, selinux@vger.kernel.org, Vlastimil Babka , Lorenzo Stoakes Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Server: rspam03 X-Rspam-User: X-Rspamd-Queue-Id: 3155540005 X-Stat-Signature: 71ox9ununcgaztge6sm4hnga9ks1kc36 X-HE-Tag: 1723149667-473390 X-HE-Meta: U2FsdGVkX1/q+mZicLUWd40HagOYbqX+XqmfJcvoITvWZ4hQc+/5x0iiur8Hk7tFRKaJmx9Y1Y7N/5bXUxptY6acDUux6JDSL+ZzrADM9HAuyOAEHJdLSKSQ1xif1GyXzZfmU0LCqwNISqGaANsqVACIl1xSFesczZ2y6FHNtxWRpupV6+Yt1eyMHrdwB4QIhFZNR+ZE0bQ3GG47MjIpztyUAeS676j6OM8f2o1J8QWrLFbErEQO3FxLS7KTNQHvDRxcNe3ZTwDgZ++P6ZjwZFkHmkp24c3luvBow1ciKRSQ+bk0SHcfaMWkreU2LnUhjVCpp15+YoJrv3JiEdfhG6H1s6Ov8Ry0CCY10CyFz3aIiyc/yluuG3iDooDyxVclT+gVe7BpYn4e5jRS9AgvNB5/MWhsw68f/OCqc9LZs13ioMtUgAvF4YXVJ2VZEIYwtt5me1X5rXMayWRmQsTZOACkCAz1Xja0BmATx/CwUeJ3kCV1eHcDhF/6FDZJj25qsFW1DzgT/BeOd16BF4u+UYeg6lwSCfVsHGgxovqO1/hzAk/BVEiRSt6yy/V0U/fRCo5kkH6reVXDqL5ixCpsOj+riZX+eTWRo+CBC9WQuHMCZzkcgXu7tPGGJ2wC4Bi64cdSZi9otck54q0IGgGhBalMomByJ0esKQsOkdCT5KcjpMd+aCQvWsxV9HjdQ5vABmDQQ8TeVj+4w8VZDAQev70g/yEvsUfSWM2jRlBsgZBGDMynT9C6STWYHdzOXKO8d3wFLxxsMqFmpg5BYkN4uiiDKDIyZFiIo8wYyou3NFQh2HGIhTPNLKYV5lG8je/Rc61S16Hv04jqC5+uhl6b3LPWkDdKqakg8IVc9K1+oXf5ouvVL+EmlgkLc/wK4AwUg30P6QiHRv+kpRvCbwDB8RN9k/TNXhOJcT9xS+08Cf5nqMvjlACu1cAK0F0AcDdl3vHSh7eM0RV5jivW1a8 oqVDQTkR lckc6csFy80ZZAFIfa9g3ys3TfAio4JrAswjnH5TaiyEmcOeLGLs7bfdS+7VPekayHj4d7TJdN+HEkRFZXObwvVwuR3R22aReeNkiGy304AiuxcAifE/66pR/o2Fxap2Qhk8T6ZWmzMoVKCEZKPpu40k5bWok8kGsqaVWFwLSKAxjp5kCBRCOs4clIwSJKTxV1ZSTuTveMYrbG1REd1h3wyxRwBBX+mAZbAvM6oRyMm4dMm33CcB442l0J0qWAwWut5R0swiqWcpsTB0QpYq4OzQb3ZwHVx6b4T1Xj3NgfTOSuyNR9b2Q1Y1nSUou7aO/lB63YpvrKaF/V04GfqrFwDjIeWpQtwzE2zp07CVECPfHMMLH5YicJopgX0oes5xFUU9Ef9Ol0y0TiRnbDazL6RMg1z1V349AcOCUNnMsdparEme6Ju4VXqPkQbPd1gLnsS5K9+rMHM078soWn4af/PdErA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000014, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Thu, Aug 8, 2024 at 3:35=E2=80=AFPM Marc Reisner wrote: > On Thu, Aug 08, 2024 at 02:00:09PM -0400, Liam R. Howlett wrote: > > Have a look at the mmapstress 3 test in ltp [1]. The tests pokes holes > > and mmaps into those holes throughout the brk range. > > > > [1]. https://github.com/linux-test-project/ltp/blob/master/testcases/ke= rnel/mem/mmapstress/mmapstress03.c > > In investigating this further, with additional reproducers, I believe > that the whole bug is in vma_is_initial_heap(). That's my feeling at this point too. Unfortunately, there are a few callers other than SELinux so I don't want to change the helper function without an explicit ACK from the mm folks and I think now that we understand the problem we want to get this fixed ASAP in Linus' tree (and get it marked for -stable). I just posted a patch that reverts just our use of vma_is_initial_heap() in favor of our old logic and adds a few lines of comments about the problem with vma_is_initial_heap(). I'm okay with moving back to vma_is_initial_heap() when it's fixed, but I'd prefer it to be fixed for a while before we transition back to it. We've gotten burned twice now with vma_is_initial_heap() so I'm going to be a little extra cautious here. https://lore.kernel.org/selinux/20240808203353.202352-2-paul@paul-moore.com > What do you all think about this patch? If it doesn't have any obvious > flaws I can submit it (along with a revert for the revert). I'll leave the mm folks to weigh in on the fix to vma_is_initial_heap(), but as I said above, please don't submit a patch to SELinux right now, I want the fixed version of vma_is_initial_heap() to "soak" for a bit before we go back to it. --=20 paul-moore.com