From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 90196C48260 for ; Mon, 5 Feb 2024 23:34:53 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 0664E6B0082; Mon, 5 Feb 2024 18:34:53 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 016AB6B0087; Mon, 5 Feb 2024 18:34:52 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E20B06B0089; Mon, 5 Feb 2024 18:34:52 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id CAEDD6B0082 for ; Mon, 5 Feb 2024 18:34:52 -0500 (EST) Received: from smtpin16.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id A01A4A1EE5 for ; Mon, 5 Feb 2024 23:34:52 +0000 (UTC) X-FDA: 81759357624.16.CF24A9A Received: from mail-pf1-f177.google.com (mail-pf1-f177.google.com [209.85.210.177]) by imf08.hostedemail.com (Postfix) with ESMTP id AAD78160006 for ; Mon, 5 Feb 2024 23:34:50 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=pass header.d=fromorbit-com.20230601.gappssmtp.com header.s=20230601 header.b=E2Lthh4t; dmarc=pass (policy=quarantine) header.from=fromorbit.com; spf=pass (imf08.hostedemail.com: domain of david@fromorbit.com designates 209.85.210.177 as permitted sender) smtp.mailfrom=david@fromorbit.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1707176090; a=rsa-sha256; cv=none; b=WK6JUJx6f/0ICSDPyKs7Vb7Whx689S+dHw7lmBBwnt8oBDNX7Nsgi411yAJ88D8eWWEyGj UHf0NyG+wzTcx0HPhUGyju3wj6lZ9i5Ga6QseK/fYrFAJ37Ttp4iqP+2f1abbfGKBe1O7g pcg1wgu1We+vRkc9kbRSsu/a8w4ZNtg= ARC-Authentication-Results: i=1; imf08.hostedemail.com; dkim=pass header.d=fromorbit-com.20230601.gappssmtp.com header.s=20230601 header.b=E2Lthh4t; dmarc=pass (policy=quarantine) header.from=fromorbit.com; spf=pass (imf08.hostedemail.com: domain of david@fromorbit.com designates 209.85.210.177 as permitted sender) smtp.mailfrom=david@fromorbit.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1707176090; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=gtL3jvJTvpjem+XLSIljDmdaRNW3JxGajKR4+xmGq/g=; b=YzqeHUy0ER5QKfCRYZBUMJDhk7VzVv++rcKhrNJocykp1A8ITL6HXqGVX2kuunlq96gGxu k+SzBpugF6iNtW/R59nmkCfNudl6O+NK+eLL0ABOpYWtaFs9tnZf/yOjcZFwmy2muO/+5h DRuwmgeQNYZevCcdL6toxI0pfA1AjMY= Received: by mail-pf1-f177.google.com with SMTP id d2e1a72fcca58-6e038bdf6b1so1203221b3a.3 for ; Mon, 05 Feb 2024 15:34:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fromorbit-com.20230601.gappssmtp.com; s=20230601; t=1707176089; x=1707780889; darn=kvack.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=gtL3jvJTvpjem+XLSIljDmdaRNW3JxGajKR4+xmGq/g=; b=E2Lthh4thT13Jc9lkhBUcx5fYqM9zOZIe4ZhOudOgMeqyiEHcOqPgBavDt7L0cqhWW ei2gW8jWFS8Qo9vqLyZhdpn1qs44L3TEr+8lVAOTpD4Trir5M12EJUMsPOwd+yxDJKlJ cAQDb0Oi3SjKryKjktD/wU+72gV/dehYfI1U8Ve2XMdV0MmoYiyqJQTfv6UlyoQZdIwQ mN8s56yw1RzjFWpPzTAzokYxwXMWZuSfyxrbMaoMzaW9M8Zt2TSAHyTQU9TNp456G+1y 5zepr2VJ9NwE+gCzn+vCaIegOlxAQ8yP+3jlGx6J7ejPNg9RGUCn1x/pEgz58J173doU hAhw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707176089; x=1707780889; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=gtL3jvJTvpjem+XLSIljDmdaRNW3JxGajKR4+xmGq/g=; b=XXVlXUMBXdUV93rJnlhUVBip96/+9oamlVVZySuNdO9MlNvT6w9h7/PWGi1UhxgZj+ MfxatjnfpNv6IZbsMQGc1goJ5h+k9ehUCsq3y05zsPNhsMRoIrLPhtfk2px29+qSZLp/ upNgM8+TyEl/2nhKXerQ26iMFfe08+rbAEPowc5fYYSLbKs92KKy6raPJQZVEjMpyats KiyvAlBDK8cQUzXMXx74vU9yTM2OQW1RbCQUfq7KTv8zJSXNrSq08nIQ17pLUpQ/Fsqd 0HdKJgDLGrjTw9ziE/+F3oyYQpLuhAZurSUA7gSCbsxCvlPRfDgFPU+g9llTo/XSCfB9 O15w== X-Gm-Message-State: AOJu0Yycg1h1r6fkpS/PyvSB71ZZbDfg97V1zIn1C0WkuEJJnT2HRbGk sdlAkdWm3+FNBVYElzIzQhARrSCEyBMMDm0YoqjHfi8JP0PPHpQdtMCJ25HE5Eg= X-Google-Smtp-Source: AGHT+IERWsgnVzcArUkK0ONx3MiZk4r16tHisF/C0B+IjOUSmMRlRCaxDntU0A4X2gmwb0jbKeI/4g== X-Received: by 2002:a05:6a20:5a23:b0:19c:6994:8913 with SMTP id jz35-20020a056a205a2300b0019c69948913mr18604pzb.7.1707176089472; Mon, 05 Feb 2024 15:34:49 -0800 (PST) X-Forwarded-Encrypted: i=0; AJvYcCV0CEkV2IfB4OmDyzaC+v8m2BH8FR7RhAj08DN4ZCHOpokDj9NS3wCXNVRfk7DG1CgufYqK8wHCWHs/PTSMiUjOuQSYNN6ZB+aTscx7+cznoZDT8F2Z+x8Fq3mxFfB9Q2jg/LH2Xu5A+NenLIQoUHD99PduRSLqa/iSmtJqGUFocP6eazRhZvFPA9oDPPOrGfymNqdHw0h/nxszHDIMLLBz29NGLa3hIDKXa0S4z53eR2lqqcuHECKUht7VhUHfbFimSw7QRk7cn4BKB3os4xsrqwiVMkY7NRCwcGUSArF2DNAxABXpngViCgO/vzS6NOCH8aVzjxa+p7AcjKWz6oTuWjyOTrBZ8G63OPDI6g9B3Y9ih4iHTfBED1X+kcrAoyJpINXQ5q4bBt5dYYppH+8WNNuWMz2CNZCklGzQk9dJuoE2ItM4zSqmfovYw3ID101Lnd3kUjofr8ibkxgD8K3q6WDRUDbueTuqDCvzRQDSW98rcWllaXDIoFd2YDIC4WD/pL8BWmhBnN8pJ6k6aTgCMvz90BDChV469mYLup57WhnQyVmsE3Qc8hAeKEEGLeNjV2ax1UH2rK7sI8BbI4uqpLjJUj6kEP6G3Awmmm0ngNCcknaIUFOysIxxB9aT2a3JhYMHnRxYt1Ck/1I805Fl85lKwmRr4/1P9deiddme4xe2eCvJLYL3JVcbTYiI3Vs+wFW6KG3VQaHK+PxspiH1JWWW2QHFdaRaiqgAgi3xQs8I Received: from dread.disaster.area (pa49-181-38-249.pa.nsw.optusnet.com.au. [49.181.38.249]) by smtp.gmail.com with ESMTPSA id k18-20020a170902c41200b001d8f12b0009sm423859plk.293.2024.02.05.15.34.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 05 Feb 2024 15:34:48 -0800 (PST) Received: from dave by dread.disaster.area with local (Exim 4.96) (envelope-from ) id 1rX8UA-002agH-2H; Tue, 06 Feb 2024 10:34:46 +1100 Date: Tue, 6 Feb 2024 10:34:46 +1100 From: Dave Chinner To: James Gowans Cc: linux-kernel@vger.kernel.org, Eric Biederman , kexec@lists.infradead.org, Joerg Roedel , Will Deacon , iommu@lists.linux.dev, Alexander Viro , Christian Brauner , linux-fsdevel@vger.kernel.org, Paolo Bonzini , Sean Christopherson , kvm@vger.kernel.org, Andrew Morton , linux-mm@kvack.org, Alexander Graf , David Woodhouse , "Jan H . Schoenherr" , Usama Arif , Anthony Yznaga , Stanislav Kinsburskii , madvenka@linux.microsoft.com, steven.sistare@oracle.com, yuleixzhang@tencent.com Subject: Re: [RFC 05/18] pkernfs: add file mmap callback Message-ID: References: <20240205120203.60312-1-jgowans@amazon.com> <20240205120203.60312-6-jgowans@amazon.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240205120203.60312-6-jgowans@amazon.com> X-Rspam-User: X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: AAD78160006 X-Stat-Signature: z1tptxyf3zgpyk4oazdt7gjejbzny13e X-HE-Tag: 1707176090-770791 X-HE-Meta: U2FsdGVkX19S4aS6t04WRxnpFxDOFHumL45lM2fhD8V9Imil1eH5oY1B914y6ebVAX8rCJR6SwJMXu2iYxun0ZLt6p7ZF+3dVdbnTpWBirvQ4U38h8GMOBQAvXutAVYzuyz92noDWTKg0CD04ii3orU6UY/yu0odM4w6ssGTc5C64O/FV+2b5MBog4LUYZTnYeC2Xz8vYx98TASEXoAXS5n97MUAZdRO22f9V5VSu56uGFbdJNPS+Qseiyvv9gcJYyXHw9AUqg0s07p9t7E88Dw0pW67kt59Y/sKbhnj4LWnmXebd7wdQAUytShxz1Ql9Yxn8CkiogTu9YNyS9LHYVZoBrDvQHRm+lSYVar4A8ftc3ve+mV07uHq4coOw0To6HpEXFnfEF4k7QHzCRbQizRxBWBFGtuCThPM8oDJQT1YHJ4fqe/QLGiecMdFDGTk50mb4gNGuoDOXqLTYUFy2ExoQvBGJX7O4hySF7tg4cXFw7gtoRiiTKFyouVSMPrdF62K8bXVwSWQ9XWFGHyTZD+r40poZXkutvO3yh94EB9e/cke/IV0V8gJqx+ke6O6ExmCcTDYhLpVJ0dnhhcAiAXlQ1gNxiXId8NOT4j4wuxPVib3k5+S7aNhoDobA6JZkPU2FOJe+1xqJ5xeae/1AFOy0AXvq7uQq5D+00qwLA0SrP1cJx9z8eDDAeQK4+RH/aDWxPONj11GnkwgMGXzD6h0iGuur++Uo1r/PQIHHUAnM8yBwWvn/JJUO/zj4UvAMPt6jKoi6xQt8Tga/ShCwFhL8HSBPAJJCOAT+HrD5fr0c2wqInjthsB0H/sM/id+KHGeRPSMjFzo4sTdSCouwvT3E2BT9PUwbVnPdpn8Y9L1r+AdR9kZBTnxxieHvsesEB9KHJZbRCdDPMg1qCQdekyQjYabIHixe12HAzQ5fDwkCgFA6rdVUv83BW0p/uLG/gHjc/jwinbhaq+6UeZ 1eoWZsiZ +hSqcyrH9F1zL9eBAZ0H9TC4C8N4Q5FQETE8mx2BRy3UhG2FjmqGXLivILj+EXfxRconClswmdxnZo/kCriHOmT2PMMier/J2tJaVZ7KshWlVY00WTeKg9jgsVr9vYOYSYf1qrWkIuj2ZBtjz1UWU6Cl3AZdK2++TEiRCawNz0XYNXcNnN6S7QswUMykoY8M68+NOEbyWhevw4QGp346woW8lTsK77WME95zvlcb4Rimkt+aTCY4zJLT5twrsRXlFvC7Mr3WuxDF6ipNW1ddFVtwkanZbagKH3hebagCgFob8OSdv6sdC/USXgzadSLFJnulSFLFlqYc5kknFE/8pPBNd0dS4qRstA0GM+Bsxrm96fwbi/97M4UG3maB7Vss1TPcqAcDogi6ZdWJm4Sz2V0WC1Up2C5WP8L9XMHjpKQHkNVW0MQYDr/LPh5YUUB6fA6i5 X-Bogosity: Ham, tests=bogofilter, spamicity=0.010436, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, Feb 05, 2024 at 12:01:50PM +0000, James Gowans wrote: > Make the file data useable to userspace by adding mmap. That's all that > QEMU needs for guest RAM, so that's all be bother implementing for now. > > When mmaping the file the VMA is marked as PFNMAP to indicate that there > are no struct pages for the memory in this VMA. Remap_pfn_range() is > used to actually populate the page tables. All PTEs are pre-faulted into > the pgtables at mmap time so that the pgtables are useable when this > virtual address range is given to VFIO's MAP_DMA. And so what happens when this file is truncated whilst it is mmap()d by an application? Ain't that just a great big UAF waiting to be exploited? -Dave. -- Dave Chinner david@fromorbit.com