From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2399AD2F7D2 for ; Wed, 16 Oct 2024 22:21:51 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A76EC6B0088; Wed, 16 Oct 2024 18:21:50 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id A00E66B008A; Wed, 16 Oct 2024 18:21:50 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8A06E6B008C; Wed, 16 Oct 2024 18:21:50 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 6326D6B0088 for ; Wed, 16 Oct 2024 18:21:50 -0400 (EDT) Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 6C3E31C6387 for ; Wed, 16 Oct 2024 22:21:38 +0000 (UTC) X-FDA: 82680888528.15.BD7339E Received: from mail-ej1-f45.google.com (mail-ej1-f45.google.com [209.85.218.45]) by imf24.hostedemail.com (Postfix) with ESMTP id 310B6180008 for ; Wed, 16 Oct 2024 22:21:45 +0000 (UTC) Authentication-Results: imf24.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=3inMYb6q; spf=pass (imf24.hostedemail.com: domain of yosryahmed@google.com designates 209.85.218.45 as permitted sender) smtp.mailfrom=yosryahmed@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1729117163; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=brWM2G6t2emt3c4j9EVo7ifDZXhOJXvFytTyLfgg90Q=; b=EtUEYYPu43f+jei3P57f2DLcnrVLSFNGbZl//HLino2lkh0aDyS5a2idJqlBo/6LU/DKha nsY9K+H4KtB6HsudVjbSwPhgZ/VRxx8W1AvSjaN+6B6+Ia3/9Ld9ADaQzr234piK2Pbv8G 8o2/PIbr3Efm5CinvVhAE3yT8fYjy9M= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1729117163; a=rsa-sha256; cv=none; b=Os9BrVWQM9V9icqGMYky53GgKIDxY3ZSB49ubiArMubITS59i3uLuHkPhbQtvPT1CwEPyp 7QBNzXc/KspQD0LkFQgZ47pEjH6KgcgtXbXRtYte/tiiZqSsLmQVfjpdu9w6bRbSdstDra pHmj75++jdRIhq0m2Gq7zm0q98MQn5s= ARC-Authentication-Results: i=1; imf24.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=3inMYb6q; spf=pass (imf24.hostedemail.com: domain of yosryahmed@google.com designates 209.85.218.45 as permitted sender) smtp.mailfrom=yosryahmed@google.com; dmarc=pass (policy=reject) header.from=google.com Received: by mail-ej1-f45.google.com with SMTP id a640c23a62f3a-a99650da839so44276066b.2 for ; Wed, 16 Oct 2024 15:21:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1729117306; x=1729722106; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=brWM2G6t2emt3c4j9EVo7ifDZXhOJXvFytTyLfgg90Q=; b=3inMYb6qUNnEgM18ijpvZrNwp2ScIfgNayt4dYUPR4kZZrVkiDhuOuL4vDouaiESdz Zf2TvRPmBc/qT3uSIIN7/OFwoopFZKZ2AvI+U/kk5pXBPziqqyqbk2ziJJzSzrP1DL1m YScZMWAv3VlLdU1Seg261lbaHQ7Yhfv7rJZSrAA3ZZOMGC7gY+aze5ZF1x8gtCs7zwrH XqEHzwHevUAeHieiUK/ASDQl3FHkFXWzOxZM5dpwW/K6Gvrp/7uuUpvgg5TINX9gbttk sHPutpn9Ypvy46y73B+VPrlksE+33+q624w5Yav0q42zkK3Uqpsgbpy0cK4ShuypDZbV QIXA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1729117306; x=1729722106; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=brWM2G6t2emt3c4j9EVo7ifDZXhOJXvFytTyLfgg90Q=; b=S32l6qicCpJoOW41YyDGbI9q1QeSEFoPozpXzJTm8iXlOsCWYBtZi6m0imMNYlV7Hc Gr6cuqAv0UB2WHx3O3/qDv+pGtJuoH2vmUVXbWHY1pcJHVUsnEq4YZIrQerfXuIFZmmQ gym1XBLOiNSqZMq8Rsm+mtVvpU7ECoK6NsPVEYJVJmIdYnnFI6VwSrL48kpzZzNPL6LM cuu12rgSroYpxGwPl3i0ebe5hzUxxzn2wP+K2NqVKplK+vu2+e81pHWdSl7ChAmJKs0r ibYcqQ700JzJIZ9xVWPSywCOE4Wdijft91AvrMhPVzAYK6itmJsv6q25YN38QQIVp0ko oqUA== X-Forwarded-Encrypted: i=1; AJvYcCXz0sdI5kJ039MP8PHH8YTxy0z28/rJ0cimWtJ7NIR8QU8cNFKWczAuClaYJjw4WXeFNqYq49Gv6A==@kvack.org X-Gm-Message-State: AOJu0YzZnJav2tOj/Z0R7iNbf34ghWRkbK4MjIjMWGgmV70COPyjKKD1 RuIYU6OenL1BsfBcPKeGXvmVip95QzYBNli1IHIb/fOVvHnmlDX4DrWCEsxLLq1CdnGOfEhv9z7 WPNCaaCxQ3eGeS1d0q/nUZIkQmuFV+OypbnQK X-Google-Smtp-Source: AGHT+IF07Z3g6o1w4z/AIMrQc+IqyySmDc7fz9ahOcksvgrfvFQRgMCGsZu1SdjfEi+cXeR9yZ4s1v+3VJ01Rrmazho= X-Received: by 2002:a17:907:7ea0:b0:a77:c95e:9b1c with SMTP id a640c23a62f3a-a99e3b700b8mr1638007066b.27.1729117306331; Wed, 16 Oct 2024 15:21:46 -0700 (PDT) MIME-Version: 1.0 References: <20241016221629.1043883-1-andrii@kernel.org> In-Reply-To: <20241016221629.1043883-1-andrii@kernel.org> From: Yosry Ahmed Date: Wed, 16 Oct 2024 15:21:08 -0700 Message-ID: Subject: Re: [PATCH v2 bpf] lib/buildid: handle memfd_secret() files in build_id_parse() To: Andrii Nakryiko Cc: bpf@vger.kernel.org, ast@kernel.org, daniel@iogearbox.net, martin.lau@kernel.org, linux-mm@kvack.org, linux-perf-users@vger.kernel.org, linux-fsdevel@vger.kernel.org, rppt@kernel.org, david@redhat.com, shakeel.butt@linux.dev, Yi Lai Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Stat-Signature: 69i3knchmm8hhk7dgceetdx6t4bwoi6w X-Rspamd-Queue-Id: 310B6180008 X-Rspam-User: X-Rspamd-Server: rspam08 X-HE-Tag: 1729117305-375997 X-HE-Meta: U2FsdGVkX1/Dm0XjHTuHiLBeaRF0LY9LG20ZutpzRIN4YXoPRt9albT/ZFW4dg7aTLeNHueU6ugc0hrLQ+51zumgVJ0Ek8NLKNGZ4RnAMzz3sSTMB9859HCkPaDTUG59AFEco9TzTO//9VF4P72skwAzNsGiIcLoQl/NXipPiJO0UYBuszogoXfiWNqh/zUOC35h8hYasR9Wyjifg0x0L5/OweuFHSxJjE4IItWt+5psfzwauPkJGl9NIbE3G6XcduQWKEyYEed3yL6GE8J92a8+yvUTRlL+dGOdynwz1B5/aQhVGOsgpRekVqHDfTI0fb3ZysA8Fk4Q+K+jnDIs92thxixA6MSCEp5PRGM/9nZKI/vinc6weplYVdvVayw5QEPDiAARIjBEX2boF2LNAnjBJ3Y5BH9bYxFLxJ3nnyZN/Cp9fItfuC+KRfVcdAApTXbrrkVGM2/0THW6mSShbUuUCiVPnrb3/7Ew8LI+XSksbo0H2vZrcSKwGTgIqDFJXH3AGb3DBcVacG/IYYx151LbdBzzai7osM7C5bqeVva009yR/ICG3L8gzbNAZnaXVfeYehYu6vUqh3G4bvuIbT24S9fWj9daCKMwTp6rJXdk5POMKj/mbc7KMJVHHstBeRx12S8x3HF6RpJmMD/6kQ1ISSOX2wltEfUEx4kim/ooi9PIbxKHdouLhvt4PDvGWMQOXx5eSi40jVgeufEJ4R8XpXaUezNAufpd/o0BVYtdqTweI386m2S8nfHN29HM4hnrTjKNdwbVfydDza+IEKE2bHJXqy3twfpP7AvKmgmSYeBmlouZ+jzyoPmHNMFWzenP7N6Uo3WZWzBJ9e5b9yLzOf546N39+Y9dDBX+3+ybKoLObuRPQJCDs454giwXdkVzM7+ua1CBYmGOnAeja+ffXnzahOuF93pRbDcI2jn9GeiDx+JdCTMBB+ceMDheZMVs/gQeLlC342fD3vF PP3VnYDr aXxs8gHYsMYhnO5bmSj5ramJluMBE+/n75WeH62vzEhjSrB9kg4Eu+xmFAsKQYWhRe4yujtC7OLE5Gbi3m60lsQR6E60ZExkie6EsA46hJrD2SxoSqEP5SgQdirZ3UYfwZHxxlSM0dzlribtbryg5z9IBtYBb8Nt++03y2CqJrva2CjDdG5ff2Fa6nkFQb9PFkjM00NtPNtwGmCE2t82I9hnwSCp18tzoyLXtOGWke88fDiT6LfyseP2iRdBwswpMlb6TUNhT+k56UdpV8WwXL8w2La3Cptvf2yUlrkEoZRy13H16SAPLXA3E5aIFzfO0hxXFrDo6XL6Eg+ICcEQcuGQofQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Wed, Oct 16, 2024 at 3:16=E2=80=AFPM Andrii Nakryiko = wrote: > > From memfd_secret(2) manpage: > > The memory areas backing the file created with memfd_secret(2) are > visible only to the processes that have access to the file descriptor. > The memory region is removed from the kernel page tables and only the > page tables of the processes holding the file descriptor map the > corresponding physical memory. (Thus, the pages in the region can't be > accessed by the kernel itself, so that, for example, pointers to the > region can't be passed to system calls.) > > So folios backed by such secretmem files are not mapped into kernel > address space and shouldn't be accessed, in general. > > To make this a bit more generic of a fix and prevent regression in the > future for similar special mappings, do a generic check of whether the > folio we got is mapped with kernel_page_present(), as suggested in [1]. > This will handle secretmem, and any future special cases that use > a similar approach. > > Original report and repro can be found in [0]. > > [0] https://lore.kernel.org/bpf/ZwyG8Uro%2FSyTXAni@ly-workstation/ > [1] https://lore.kernel.org/bpf/CAJD7tkbpEMx-eC4A-z8Jm1ikrY_KJVjWO+mhhz= 1_fni4x+COKw@mail.gmail.com/ > > Reported-by: Yi Lai > Suggested-by: Yosry Ahmed > Fixes: de3ec364c3c3 ("lib/buildid: add single folio-based file reader abs= traction") > Signed-off-by: Andrii Nakryiko > --- > lib/buildid.c | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/lib/buildid.c b/lib/buildid.c > index 290641d92ac1..90df64fd64c1 100644 > --- a/lib/buildid.c > +++ b/lib/buildid.c > @@ -5,6 +5,7 @@ > #include > #include > #include > +#include > > #define BUILD_ID 3 > > @@ -74,7 +75,9 @@ static int freader_get_folio(struct freader *r, loff_t = file_off) > filemap_invalidate_unlock_shared(r->file->f_mapping); > } > > - if (IS_ERR(r->folio) || !folio_test_uptodate(r->folio)) { > + if (IS_ERR(r->folio) || > + !kernel_page_present(&r->folio->page) || > + !folio_test_uptodate(r->folio)) { Do we need a comment here about the kernel_page_present() check to make it clear that it is handling things like secretmem? > if (!IS_ERR(r->folio)) > folio_put(r->folio); > r->folio =3D NULL; > -- > 2.43.5 >