From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8A8B7D2F7D8 for ; Wed, 16 Oct 2024 23:57:20 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 1E8526B0083; Wed, 16 Oct 2024 19:57:20 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 199436B0088; Wed, 16 Oct 2024 19:57:20 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 087E06B0089; Wed, 16 Oct 2024 19:57:20 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id DAB196B0083 for ; Wed, 16 Oct 2024 19:57:19 -0400 (EDT) Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 65B77C0433 for ; Wed, 16 Oct 2024 23:57:08 +0000 (UTC) X-FDA: 82681129188.15.D365E13 Received: from out-178.mta0.migadu.com (out-178.mta0.migadu.com [91.218.175.178]) by imf07.hostedemail.com (Postfix) with ESMTP id C07B14000C for ; Wed, 16 Oct 2024 23:57:04 +0000 (UTC) Authentication-Results: imf07.hostedemail.com; dkim=pass header.d=linux.dev header.s=key1 header.b=M7Htt7as; spf=pass (imf07.hostedemail.com: domain of shakeel.butt@linux.dev designates 91.218.175.178 as permitted sender) smtp.mailfrom=shakeel.butt@linux.dev; dmarc=pass (policy=none) header.from=linux.dev ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1729122845; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=0quICheMGqqTTZPr/l7yyzcjrUta9SY0tjGFEid3K14=; b=OzrE21TI2mgnR4D30v0uPkLQA7zQSt0LLgno82wUR6l7C+Jh3EDaMdTQqwpi9rol2MLLGd zYGOUUCSwjBPT0l0DHbqePuVLaxhafnbCXBEt4V+AXyE6Qteo/11s1lHC+Z/RF/gtBwU8C 6Flr79dgH0M1cEM/ib0I6c37lPZc31k= ARC-Authentication-Results: i=1; imf07.hostedemail.com; dkim=pass header.d=linux.dev header.s=key1 header.b=M7Htt7as; spf=pass (imf07.hostedemail.com: domain of shakeel.butt@linux.dev designates 91.218.175.178 as permitted sender) smtp.mailfrom=shakeel.butt@linux.dev; dmarc=pass (policy=none) header.from=linux.dev ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1729122845; a=rsa-sha256; cv=none; b=0jIXKSPFITD7LGgH3FiIEwd4IIHBnYjX/p0ILkfg0NSCyU3H8NhZmqSEObp9zjaF+lv5W0 gJLT3J301d/4WTs+LsO7CWx1UBWdx46avpOhEBfdeqvR2aCUzuyDewfzByURRkWoY1eb8u N22RW9JHehk5EmDcMuhNpgqdYI8sxsc= Date: Wed, 16 Oct 2024 16:57:09 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1729123035; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=0quICheMGqqTTZPr/l7yyzcjrUta9SY0tjGFEid3K14=; b=M7Htt7asSO+L9B+lbivHqkLsXi2fjqqUGUrtusfPpH1djNIt2CcX9E1STHXaukEqiDPMhG o3b0Jov1Q0ulbPV7VPFlpL3TEMCs9MkK0Z07E+vrIyC+cOE9/jVw3yanXBjp5mq3ExllX8 zm9kZtA2XD5HcCGMRo/rqWekunCI87o= X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Shakeel Butt To: Andrii Nakryiko Cc: bpf@vger.kernel.org, ast@kernel.org, daniel@iogearbox.net, martin.lau@kernel.org, linux-mm@kvack.org, linux-perf-users@vger.kernel.org, linux-fsdevel@vger.kernel.org, rppt@kernel.org, david@redhat.com, yosryahmed@google.com, Yi Lai Subject: Re: [PATCH v2 bpf] lib/buildid: handle memfd_secret() files in build_id_parse() Message-ID: References: <20241016221629.1043883-1-andrii@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20241016221629.1043883-1-andrii@kernel.org> X-Migadu-Flow: FLOW_OUT X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: C07B14000C X-Stat-Signature: sb8ik7x51du81h4b844kui7nka9cogiu X-Rspam-User: X-HE-Tag: 1729123024-83590 X-HE-Meta: U2FsdGVkX1/QSAm/4bQE9CWk7+mQ9pTGA1YXM+XV4vsNMPJUtEyefVnSCfoH5m1PsGAIg3ElTQrzdW1yfRrJVpztTv4QYV/p0Npfb7dAj4zgs8bSENAsclpvm73N0pYS68r4+w1VBqOpLoxQXlQLAnqz79JLkSm2YelzCVlejRRDJgt13+F000sUkrCjfdCWULuFTQygos0QCITvJvgcISVLlZ3VoluyTxG4r/Jf/FnQeQyRrv2jIygx1r3JS6vq3Urcs5EgVz921m5MrIDjIicFZU3HhiufEZ/44SlOcnIidCRKs5Fa/KXzWrRkxPAczVxqW6dJEN4LxH+dR6/RFQcIorLdJIFfBKzNPy2uPiDrAP5LKnF6J+i0r2eh+rU+HPrzWhK2lp1T20ftQzOJ4kp7SLc7PeGEnvQyn09CBB/LsVz+eRLUb6/V1SXutHGrmx+Oh6NRF9HZPbMAN22bocoS3dq0H+cEhZyLgRWKhWNU3eu/As0t9kResZDY8VBUIB8ShdNM8tLpIbnUogmNWzFVUMJ6V4Lho1LHRjIRi+4/a6zDYYJTyEG1hHUihVcrzB+/LuR52AKYn+vdxQTmscJGttFUmDWujIxxqq69xdjRjg5ymfuV04eSwD0vb8WgwjFiD9m4cnSxFCTczfk9Dg9TeY75EJnfpHNLEv/R7YPp3075bjCYJtujOdGCwp0jyKl8lYOaJAONnDqOYdZZqyHHEcMNRBjYAKLHrSNm9al16RUPihe73gTsJLV1rVu7QE6YL9ctRyXBjIeATjyFRlMa6D9M/gmJw7jHiRlis178IXTYOwkXEhkTu09iWhQNFzcF9ZRt2fIRkdlwagrjRdbFjnMhznKm1ZmHtPRpv7lqWU4DKdFLarMVEMS5CWbjMCrhHHdPmzmr8J2a+NrmdeE0qGSWo/js0js0Su4+AU7r7s3pe5n44z3QUBt5yp/Ic1mfJYfzEckMjixW3BI 6U78TCff vCUtsOpyFLQg3ExeTrf6Biv0cBrbtVTaAsI2gxsi5I6bh5I4lVraJTCwjzVjCFVWsGtQw97Rg3tMkurejbrfEgn0PCRcTPHwaBtHEz1P0976NwiVA2wGWR1m+32JPHB8mnbyrW/IcHE3jIixXJ7Fzsy3EC+RR50DF0FOZZ8J+Bm7DLKvT+eu6H9jNo/NO3lJbSBg9KGxQcZuAZchEKOggWTGpJ0RaBTmM0V0SAJxkx2XWRd83h45JIy1dTy5ed9MDMssBt6TAz9MK9VQl8t/xB8KG4hpmc0a/t/Bc X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Wed, Oct 16, 2024 at 03:16:29PM GMT, Andrii Nakryiko wrote: > From memfd_secret(2) manpage: > > The memory areas backing the file created with memfd_secret(2) are > visible only to the processes that have access to the file descriptor. > The memory region is removed from the kernel page tables and only the > page tables of the processes holding the file descriptor map the > corresponding physical memory. (Thus, the pages in the region can't be > accessed by the kernel itself, so that, for example, pointers to the > region can't be passed to system calls.) > > So folios backed by such secretmem files are not mapped into kernel > address space and shouldn't be accessed, in general. > > To make this a bit more generic of a fix and prevent regression in the > future for similar special mappings, do a generic check of whether the > folio we got is mapped with kernel_page_present(), as suggested in [1]. > This will handle secretmem, and any future special cases that use > a similar approach. > > Original report and repro can be found in [0]. > > [0] https://lore.kernel.org/bpf/ZwyG8Uro%2FSyTXAni@ly-workstation/ > [1] https://lore.kernel.org/bpf/CAJD7tkbpEMx-eC4A-z8Jm1ikrY_KJVjWO+mhhz1_fni4x+COKw@mail.gmail.com/ > > Reported-by: Yi Lai > Suggested-by: Yosry Ahmed > Fixes: de3ec364c3c3 ("lib/buildid: add single folio-based file reader abstraction") > Signed-off-by: Andrii Nakryiko Acked-by: Shakeel Butt