From: Benjamin Herrenschmidt <benh@kernel.crashing.org>
To: Ingo Molnar <mingo@kernel.org>
Cc: Laurent Dufour <ldufour@linux.vnet.ibm.com>,
Paul Mackerras <paulus@samba.org>,
Michael Ellerman <mpe@ellerman.id.au>,
Jeff Dike <jdike@addtoit.com>,
Richard Weinberger <richard@nod.at>,
Guan Xuetao <gxt@mprc.pku.edu.cn>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
x86@kernel.org, Arnd Bergmann <arnd@arndb.de>,
linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org,
linux-s390@vger.kernel.org,
user-mode-linux-devel@lists.sourceforge.net,
user-mode-linux-user@lists.sourceforge.net,
linux-arch@vger.kernel.org, linux-mm@kvack.org,
cov@codeaurora.org, criu@openvz.org
Subject: Re: [PATCH v3 2/2] powerpc/mm: Tracking vDSO remap
Date: Fri, 27 Mar 2015 10:23:03 +1100 [thread overview]
Message-ID: <1427412183.6468.148.camel@kernel.crashing.org> (raw)
In-Reply-To: <20150326094330.GA15407@gmail.com>
On Thu, 2015-03-26 at 10:43 +0100, Ingo Molnar wrote:
> * Benjamin Herrenschmidt <benh@kernel.crashing.org> wrote:
>
> > On Wed, 2015-03-25 at 19:36 +0100, Ingo Molnar wrote:
> > > * Ingo Molnar <mingo@kernel.org> wrote:
> > >
> > > > > +#define __HAVE_ARCH_REMAP
> > > > > +static inline void arch_remap(struct mm_struct *mm,
> > > > > + unsigned long old_start, unsigned long old_end,
> > > > > + unsigned long new_start, unsigned long new_end)
> > > > > +{
> > > > > + /*
> > > > > + * mremap() doesn't allow moving multiple vmas so we can limit the
> > > > > + * check to old_start == vdso_base.
> > > > > + */
> > > > > + if (old_start == mm->context.vdso_base)
> > > > > + mm->context.vdso_base = new_start;
> > > > > +}
> > > >
> > > > mremap() doesn't allow moving multiple vmas, but it allows the
> > > > movement of multi-page vmas and it also allows partial mremap()s,
> > > > where it will split up a vma.
> > >
> > > I.e. mremap() supports the shrinking (and growing) of vmas. In that
> > > case mremap() will unmap the end of the vma and will shrink the
> > > remaining vDSO vma.
> > >
> > > Doesn't that result in a non-working vDSO that should zero out
> > > vdso_base?
> >
> > Right. Now we can't completely prevent the user from shooting itself
> > in the foot I suppose, though there is a legit usage scenario which
> > is to move the vDSO around which it would be nice to support. I
> > think it's reasonable to put the onus on the user here to do the
> > right thing.
>
> I argue we should use the right condition to clear vdso_base: if the
> vDSO gets at least partially unmapped. Otherwise there's little point
> in the whole patch: either correctly track whether the vDSO is OK, or
> don't ...
Well, if we are going to clear it at all yes, we should probably be a
bit smarter about it. My point however was we probably don't need to be
super robust about dealing with any crazy scenario userspace might
conceive.
> There's also the question of mprotect(): can users mprotect() the vDSO
> on PowerPC?
Nothing prevents it. But here too, I wouldn't bother. The user might be
doing on purpose expecting to catch the resulting signal for example
(though arguably a signal from a sigreturn frame is ... odd).
Cheers,
Ben.
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
WARNING: multiple messages have this Message-ID (diff)
From: Benjamin Herrenschmidt <benh@kernel.crashing.org>
To: Ingo Molnar <mingo@kernel.org>
Cc: Laurent Dufour <ldufour@linux.vnet.ibm.com>,
Paul Mackerras <paulus@samba.org>,
Michael Ellerman <mpe@ellerman.id.au>,
Jeff Dike <jdike@addtoit.com>,
Richard Weinberger <richard@nod.at>,
Guan Xuetao <gxt@mprc.pku.edu.cn>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
x86@kernel.org, Arnd Bergmann <arnd@arndb.de>,
linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org,
linux-s390@vger.kernel.org,
user-mode-linux-devel@lists.sourceforge.net,
user-mode-linux-user@lists.sourceforge.net,
linux-arch@vger.kernel.org, linux-mm@kvack.org,
cov@codeaurora.org, criu@openvz.org
Subject: Re: [PATCH v3 2/2] powerpc/mm: Tracking vDSO remap
Date: Fri, 27 Mar 2015 10:23:03 +1100 [thread overview]
Message-ID: <1427412183.6468.148.camel@kernel.crashing.org> (raw)
Message-ID: <20150326232303.XYEFCHQtNz1FUf33nfKxJtUN9_Jb0Y_imb5EDjknMmI@z> (raw)
In-Reply-To: <20150326094330.GA15407@gmail.com>
On Thu, 2015-03-26 at 10:43 +0100, Ingo Molnar wrote:
> * Benjamin Herrenschmidt <benh@kernel.crashing.org> wrote:
>
> > On Wed, 2015-03-25 at 19:36 +0100, Ingo Molnar wrote:
> > > * Ingo Molnar <mingo@kernel.org> wrote:
> > >
> > > > > +#define __HAVE_ARCH_REMAP
> > > > > +static inline void arch_remap(struct mm_struct *mm,
> > > > > + unsigned long old_start, unsigned long old_end,
> > > > > + unsigned long new_start, unsigned long new_end)
> > > > > +{
> > > > > + /*
> > > > > + * mremap() doesn't allow moving multiple vmas so we can limit the
> > > > > + * check to old_start == vdso_base.
> > > > > + */
> > > > > + if (old_start == mm->context.vdso_base)
> > > > > + mm->context.vdso_base = new_start;
> > > > > +}
> > > >
> > > > mremap() doesn't allow moving multiple vmas, but it allows the
> > > > movement of multi-page vmas and it also allows partial mremap()s,
> > > > where it will split up a vma.
> > >
> > > I.e. mremap() supports the shrinking (and growing) of vmas. In that
> > > case mremap() will unmap the end of the vma and will shrink the
> > > remaining vDSO vma.
> > >
> > > Doesn't that result in a non-working vDSO that should zero out
> > > vdso_base?
> >
> > Right. Now we can't completely prevent the user from shooting itself
> > in the foot I suppose, though there is a legit usage scenario which
> > is to move the vDSO around which it would be nice to support. I
> > think it's reasonable to put the onus on the user here to do the
> > right thing.
>
> I argue we should use the right condition to clear vdso_base: if the
> vDSO gets at least partially unmapped. Otherwise there's little point
> in the whole patch: either correctly track whether the vDSO is OK, or
> don't ...
Well, if we are going to clear it at all yes, we should probably be a
bit smarter about it. My point however was we probably don't need to be
super robust about dealing with any crazy scenario userspace might
conceive.
> There's also the question of mprotect(): can users mprotect() the vDSO
> on PowerPC?
Nothing prevents it. But here too, I wouldn't bother. The user might be
doing on purpose expecting to catch the resulting signal for example
(though arguably a signal from a sigreturn frame is ... odd).
Cheers,
Ben.
next prev parent reply other threads:[~2015-03-26 23:23 UTC|newest]
Thread overview: 55+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-20 15:53 [PATCH 0/2] Tracking user space vDSO remaping Laurent Dufour
2015-03-20 15:53 ` Laurent Dufour
2015-03-20 15:53 ` [PATCH 1/2] mm: Introducing arch_remap hook Laurent Dufour
2015-03-20 15:53 ` Laurent Dufour
2015-03-20 23:19 ` Richard Weinberger
2015-03-20 23:19 ` Richard Weinberger
2015-03-23 8:52 ` Ingo Molnar
2015-03-23 9:11 ` Laurent Dufour
2015-03-23 9:11 ` Laurent Dufour
2015-03-25 11:06 ` [PATCH v2 0/2] Tracking user space vDSO remaping Laurent Dufour
2015-03-25 11:06 ` Laurent Dufour
2015-03-25 11:06 ` [PATCH v2 1/2] mm: Introducing arch_remap hook Laurent Dufour
2015-03-25 11:06 ` Laurent Dufour
2015-03-25 11:06 ` [PATCH v2 2/2] powerpc/mm: Tracking vDSO remap Laurent Dufour
2015-03-25 11:06 ` Laurent Dufour
2015-03-25 12:11 ` Ingo Molnar
2015-03-25 12:11 ` Ingo Molnar
2015-03-25 13:25 ` Laurent Dufour
2015-03-25 13:25 ` Laurent Dufour
2015-03-25 13:53 ` [PATCH v3 0/2] Tracking user space vDSO remaping Laurent Dufour
2015-03-25 13:53 ` Laurent Dufour
2015-03-25 13:53 ` [PATCH v3 1/2] mm: Introducing arch_remap hook Laurent Dufour
2015-03-25 13:53 ` [PATCH v3 2/2] powerpc/mm: Tracking vDSO remap Laurent Dufour
2015-03-25 13:53 ` Laurent Dufour
2015-03-25 18:33 ` Ingo Molnar
2015-03-25 18:36 ` Ingo Molnar
2015-03-25 21:11 ` Benjamin Herrenschmidt
2015-03-25 21:11 ` Benjamin Herrenschmidt
2015-03-26 9:43 ` Ingo Molnar
2015-03-26 9:43 ` Ingo Molnar
2015-03-26 10:37 ` Laurent Dufour
2015-03-26 10:37 ` Laurent Dufour
2015-03-26 14:17 ` Ingo Molnar
2015-03-26 14:32 ` Laurent Dufour
2015-03-26 14:32 ` Laurent Dufour
2015-03-26 17:37 ` [PATCH v4 0/2] Tracking user space vDSO remaping Laurent Dufour
2015-03-26 17:37 ` Laurent Dufour
2015-03-26 17:37 ` [PATCH v4 1/2] mm: Introducing arch_remap hook Laurent Dufour
2015-03-26 17:37 ` Laurent Dufour
2015-03-26 17:37 ` [PATCH v4 2/2] powerpc/mm: Tracking vDSO remap Laurent Dufour
2015-03-26 17:37 ` Laurent Dufour
2015-03-26 18:55 ` Ingo Molnar
2015-03-26 18:55 ` Ingo Molnar
2015-03-27 11:02 ` Laurent Dufour
2015-03-26 23:23 ` Benjamin Herrenschmidt [this message]
2015-03-26 23:23 ` [PATCH v3 " Benjamin Herrenschmidt
2015-03-25 21:09 ` Benjamin Herrenschmidt
2015-03-25 21:09 ` Benjamin Herrenschmidt
2015-03-26 9:48 ` Ingo Molnar
2015-03-26 9:48 ` Ingo Molnar
2015-03-26 10:13 ` Laurent Dufour
2015-03-20 15:53 ` [PATCH " Laurent Dufour
2015-03-20 15:53 ` Laurent Dufour
2016-03-02 12:13 ` [PATCH 0/2] Tracking user space vDSO remaping Christopher Covington
2016-03-02 12:13 ` Christopher Covington
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1427412183.6468.148.camel@kernel.crashing.org \
--to=benh@kernel.crashing.org \
--cc=arnd@arndb.de \
--cc=cov@codeaurora.org \
--cc=criu@openvz.org \
--cc=gxt@mprc.pku.edu.cn \
--cc=hpa@zytor.com \
--cc=jdike@addtoit.com \
--cc=ldufour@linux.vnet.ibm.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-s390@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=mingo@kernel.org \
--cc=mingo@redhat.com \
--cc=mpe@ellerman.id.au \
--cc=paulus@samba.org \
--cc=richard@nod.at \
--cc=tglx@linutronix.de \
--cc=user-mode-linux-devel@lists.sourceforge.net \
--cc=user-mode-linux-user@lists.sourceforge.net \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).