From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3613CD2FFEE for ; Fri, 18 Oct 2024 10:49:25 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B62566B0082; Fri, 18 Oct 2024 06:49:24 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id B121B6B0083; Fri, 18 Oct 2024 06:49:24 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9B3866B0085; Fri, 18 Oct 2024 06:49:24 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 83B476B0082 for ; Fri, 18 Oct 2024 06:49:24 -0400 (EDT) Received: from smtpin26.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 11B0BA1842 for ; Fri, 18 Oct 2024 10:49:02 +0000 (UTC) X-FDA: 82686401070.26.4D6462D Received: from fout-a5-smtp.messagingengine.com (fout-a5-smtp.messagingengine.com [103.168.172.148]) by imf18.hostedemail.com (Postfix) with ESMTP id 46F711C000F for ; Fri, 18 Oct 2024 10:49:17 +0000 (UTC) Authentication-Results: imf18.hostedemail.com; dkim=pass header.d=shutemov.name header.s=fm1 header.b="i /xJbZr"; dkim=pass header.d=messagingengine.com header.s=fm2 header.b=TS8cyIt8; dmarc=none; spf=pass (imf18.hostedemail.com: domain of kirill@shutemov.name designates 103.168.172.148 as permitted sender) smtp.mailfrom=kirill@shutemov.name ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1729248454; a=rsa-sha256; cv=none; b=RyF1nEwMEOrVC2m8bJST/y+G/Ur6ldd5xAk5cUfwCrmc4VsY9BCox5CvOKmv0BAXGqO+BN AuCgardCg01fherDgZ23TVGZ1mpXPdTbiI2Ai12uSI2d6kik8Sl/8wU0acxPxyy+Kh4h4n caB0G8Xel7f7BaU74fuI+2ugWC/OuhA= ARC-Authentication-Results: i=1; imf18.hostedemail.com; dkim=pass header.d=shutemov.name header.s=fm1 header.b="i /xJbZr"; dkim=pass header.d=messagingengine.com header.s=fm2 header.b=TS8cyIt8; dmarc=none; spf=pass (imf18.hostedemail.com: domain of kirill@shutemov.name designates 103.168.172.148 as permitted sender) smtp.mailfrom=kirill@shutemov.name ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1729248454; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=mvvVjoh3e6ihasKm0bBvrghicZuE833642Mybcjr34U=; b=jNGmnPetGGyrH/KkCIV2CLpZ2hqmjePwiKt1Pf4uJAGX5fbXxzw8PQRANW4U9kv7QYJva5 7E1HWTmF+8IFD981mtaQMaXdDOvviZU5Z+Z9y5/8/qfO9nA9AYujy8br28GQKPJuby9l2g NuzGC9LdLifSW61w9CbrIHXBi/RSvp0= Received: from phl-compute-03.internal (phl-compute-03.phl.internal [10.202.2.43]) by mailfout.phl.internal (Postfix) with ESMTP id 1D8BB1380499; Fri, 18 Oct 2024 06:49:21 -0400 (EDT) Received: from phl-mailfrontend-02 ([10.202.2.163]) by phl-compute-03.internal (MEProxy); Fri, 18 Oct 2024 06:49:21 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov.name; h=cc:cc:content-type:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm1; t=1729248561; x= 1729334961; bh=mvvVjoh3e6ihasKm0bBvrghicZuE833642Mybcjr34U=; b=i /xJbZrgcdFQZSmjOWvK/cUQ+9Bhug/+Jr0N7UXHpOQSUZg191jpCnxxa+VgDRtOi ippa4VUGV4jIYKRcMrhUnauix2a6TX4jBdEXgfFK7pNRjuKgIt5U9POgYGiAbwU1 b6z4V982jZZZIKzbmbOPz5SskZTZQfWl/3SCEIm7xiwiv8HhbThejeQiNOHXaRlc S+xZtwFCPisqUf7YNqwO3ODL0WmnHeE24KsjPpqITI4kMEaUi5GAUd/SZkYJXwdu /LgULR8RP5ECvGyubNfP7HitfaniaCgDg5wEkON8XweHw0nnJHKT7AyKYHVYCNZF z94Bsed1AgXl7JomIflLA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; t=1729248561; x=1729334961; bh=mvvVjoh3e6ihasKm0bBvrghicZuE 833642Mybcjr34U=; b=TS8cyIt8RghdTeQHg9i1O2IWahrzy7CN5Xyj6eVTFOn8 ZXWcdjQR3+YQQvwLxnakVlTXbxY951v8YAfGHnGFggZECp3m5oOS101Si1RUwsrU J88O8MDBPz9Da7HIlzLb2OGNlhDc+kNHqtW/bbJ+GRA5ush94ZBu3ZKyTFetRPPW /rEDWjFpFG13xaNf1NfFK64WauuqHo0o2XBJnNA6HQAS+PvaTlq100by+SnQciaA ajrztvBkApxEVKqbGDVlEws4sWTzLxF/lqHr/a10xjU516RP2WLpO1c4zII1hzKx gedYKa8x0jKYCDLHATkSIk++kQT7uMRR84Hy/v8UiA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrvdehfedgfedtucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggvpdfu rfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnh htshculddquddttddmnecujfgurhepfffhvfevuffkfhggtggujgesthdtsfdttddtvden ucfhrhhomhepfdfmihhrihhllhcutedrucfuhhhuthgvmhhovhdfuceokhhirhhilhhlse hshhhuthgvmhhovhdrnhgrmhgvqeenucggtffrrghtthgvrhhnpeffvdevueetudfhhfff veelhfetfeevveekleevjeduudevvdduvdelteduvefhkeenucevlhhushhtvghrufhiii gvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehkihhrihhllhesshhhuhhtvghmohhv rdhnrghmvgdpnhgspghrtghpthhtohepudelpdhmohguvgepshhmthhpohhuthdprhgtph htthhopehrohgsvghrthhordhsrghsshhusehhuhgrfigvihgtlhhouhgurdgtohhmpdhr tghpthhtohepphgruhhlsehprghulhdqmhhoohhrvgdrtghomhdprhgtphhtthhopegvsg hpqhifvghrthihgeejvdduvdefsehgmhgrihhlrdgtohhmpdhrtghpthhtohepkhhirhhi lhhlrdhshhhuthgvmhhovheslhhinhhugidrihhnthgvlhdrtghomhdprhgtphhtthhope iiohhhrghrsehlihhnuhigrdhisghmrdgtohhmpdhrtghpthhtohepughmihhtrhihrdhk rghsrghtkhhinhesghhmrghilhdrtghomhdprhgtphhtthhopegvrhhitgdrshhnohifsg gvrhhgsehorhgrtghlvgdrtghomhdprhgtphhtthhopehjmhhorhhrihhssehnrghmvghi rdhorhhgpdhrtghpthhtohepshgvrhhgvgeshhgrlhhlhihnrdgtohhm X-ME-Proxy: Feedback-ID: ie3994620:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri, 18 Oct 2024 06:49:11 -0400 (EDT) Date: Fri, 18 Oct 2024 13:49:06 +0300 From: "Kirill A. Shutemov" To: Roberto Sassu Cc: Paul Moore , ebpqwerty472123@gmail.com, kirill.shutemov@linux.intel.com, zohar@linux.ibm.com, dmitry.kasatkin@gmail.com, eric.snowberg@oracle.com, jmorris@namei.org, serge@hallyn.com, linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, bpf@vger.kernel.org, Roberto Sassu , linux-mm@kvack.org, akpm@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, linux-fsdevel@vger.kernel.org Subject: Re: [PATCH 1/3] ima: Remove inode lock Message-ID: References: <20241008165732.2603647-1-roberto.sassu@huaweicloud.com> <7358f12d852964d9209492e337d33b8880234b74.camel@huaweicloud.com> <593282dbc9f48673c8f3b8e0f28e100f34141115.camel@huaweicloud.com> <15bb94a306d3432de55c0a12f29e7ed2b5fa3ba1.camel@huaweicloud.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Rspamd-Queue-Id: 46F711C000F X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: j5z393c5trbykag8ogywhbcoct5p6ynb X-HE-Tag: 1729248557-962625 X-HE-Meta: U2FsdGVkX1+yChMwu9HzZhrkOGagKjj17B8rtG3pOB5aFS+deODJ44v5rAzj5sFvE3oZyM5RpGGKCxiuWAlx+qlfUo8UsNZdT8sciiDma2znXGboH50AzxC7XvkBBgqIcK9b0kn+oDg+TnFAASerFLPZ+7uBWVfjn/EYASYstREfCMW2H+9Q9dsNtubx422AoppMCO9yzJXQtO2hkRrygGqJdy+fbIHF12l8WxAYABwG2HXFFd+Qtt8JANSO0dDdvSTRlWnwpKeoQ78QElUcvbeEktRxRM6WaNGH40tgCHmYAdPFf2VYGwLi/J9A+exNcEVCSFhgl2dBdRDwkqIu/1E+onq3awtBeQrkhlwF6S1mwj6v4VGWuDcAUxCHGKS4M4hsLv1apjKvbMW8VzeHqVOUtJdZfe0iXXVDpsEv76ue3AxfaXYqYLEqBFbFV8vowS/Ovuexn2f/BQdBfCplv2evUEc2lhfOForWi+VTEZobcB7RNHslRyfDcsJLTwmmyXUQGwXXdBUL+tBbUNDbhbv/GFas1OQgVdWfi4eu1TMgfO85s6oejpbo6zJD+8nUSYlbggqVjTegyASTWR+fkl9a3n4i8HK5kuYlH8lXcx9s3oxtD/6V39oaoAOcqwosAOylZppyLQ5xm3GSxlvHTuCeYFas67o/k9VzGxJqL4JtIdoAaoQtBviwuIAi/BWM4Y9mNSQCCtbCHMhRja7qaSjJxNpxRB9bVpvMTA2+dwurpbfWCFcK1MU0T0prtke5zjdSVnJpcBU9YdB93obL/FYWyX86rMYfbg2TNbIMJLnCj2s2USMNfGIzOJO4Va/Hqti0BWHP8jfIdymUrXTx2AXBNe5zdhoofDEZrKxsMGkPGGYZH+X+EFV+CGx+u7JujnC7Oy2oW9H9FeMux1jt8/G4h6khgzvXJ3ig6I+sb+28HNKYbZh5Bk2htiYtqLWKqHeGeJFc+dOMtZjEGKg 9ivgQH0b 23UqVm3Fgx7itKUFXDt4WDTDjwAnW/QU0phgN655MmuSE6j2EU0VZVdLLz+Jyd+FuoEokjZUbw6O85oBZPXwhFt2cy/dIA1h7FsVxI8YI2R9E0rpcwuRQvm/E/Tv2HXi2RkKEZS6J/YFV82mIgMF+nbCMYOoXMarwJAhinqwBXlqLPJ3+xk3yBO9+kE5c/LFmxg1TyGoKORsKMB7XZP41mvriaHVS8Y4nLzyKykCr2aCzIJ79/ce/bmeGELWDZOFZ6I4cd4r6sfv+AUFdQMV+4dtREitsMLRXMAso3Rn79346FuUS+rS9i0NSnc9gumEixC23NvmpB8hJxaKPPq9QuPp31F8MRMnUPYM02BjU/R8wxkg8KVcWQ5G3lZMlSUaYwbbqjtj4PLJIkswPsRph1Yuxf6iI+/rjzKv6fdZrqgnfR6Rd8evd8n4roA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Fri, Oct 18, 2024 at 11:24:06AM +0200, Roberto Sassu wrote: > Probably it is hard, @Kirill would there be any way to safely move > security_mmap_file() out of the mmap_lock lock? What about something like this (untested): diff --git a/mm/mmap.c b/mm/mmap.c index dd4b35a25aeb..03473e77d356 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -1646,6 +1646,26 @@ SYSCALL_DEFINE5(remap_file_pages, unsigned long, start, unsigned long, size, if (pgoff + (size >> PAGE_SHIFT) < pgoff) return ret; + if (mmap_read_lock_killable(mm)) + return -EINTR; + + vma = vma_lookup(mm, start); + + if (!vma || !(vma->vm_flags & VM_SHARED)) { + mmap_read_unlock(mm); + return -EINVAL; + } + + file = get_file(vma->vm_file); + + mmap_read_unlock(mm); + + ret = security_mmap_file(vma->vm_file, prot, flags); + if (ret) { + fput(file); + return ret; + } + if (mmap_write_lock_killable(mm)) return -EINTR; @@ -1654,6 +1674,9 @@ SYSCALL_DEFINE5(remap_file_pages, unsigned long, start, unsigned long, size, if (!vma || !(vma->vm_flags & VM_SHARED)) goto out; + if (vma->vm_file != file) + goto out; + if (start + size > vma->vm_end) { VMA_ITERATOR(vmi, mm, vma->vm_end); struct vm_area_struct *next, *prev = vma; @@ -1688,16 +1711,11 @@ SYSCALL_DEFINE5(remap_file_pages, unsigned long, start, unsigned long, size, if (vma->vm_flags & VM_LOCKED) flags |= MAP_LOCKED; - file = get_file(vma->vm_file); - ret = security_mmap_file(vma->vm_file, prot, flags); - if (ret) - goto out_fput; ret = do_mmap(vma->vm_file, start, size, prot, flags, 0, pgoff, &populate, NULL); -out_fput: - fput(file); out: mmap_write_unlock(mm); + fput(file); if (populate) mm_populate(ret, populate); if (!IS_ERR_VALUE(ret)) -- Kiryl Shutsemau / Kirill A. Shutemov