From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 37BE9C38147 for ; Wed, 18 Jan 2023 02:17:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Cc:To:Subject:Message-ID:Date:From: In-Reply-To:References:MIME-Version:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=NFXBPrVND8Io6T1yWpj8hQo2iY5GmYH/pKERjnSwGzQ=; b=NxT/hIlS7qag3c FarMyrku4Xr4a9qEHgRYXNzJtBTkGQ+2lOzWOMBTwVUNLrurUG1EaPZHn9EGB7gbVgkQHEXonU61+ 82tESo/gupAjnNTFjtYysywmLBaN1ohRm+xoYVf8bmc5c8jfAQOAnHUOG7Pn06CkbbAKq143yFiGQ CBa9TwyVr6qOQmxUzGp1lIQA5VuUyjQXpQ3s39ECxGIZj1VP3c9x5gV/OaAZgoyZN7Pp5cpTYUAXp vskcdPYeRHE9cV9w5yAg/mIycRacNp3mq+TR8XMAeZgM4KZ2gDsc5od/ddlz5M44GhFKRcp9O0nXP zep05BnP7HgSadbBV+Ig==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pHxzw-00GYyh-Ag; Wed, 18 Jan 2023 02:16:20 +0000 Received: from mail-yw1-x112c.google.com ([2607:f8b0:4864:20::112c]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pHxzt-00GYxd-JV for linux-arm-kernel@lists.infradead.org; Wed, 18 Jan 2023 02:16:18 +0000 Received: by mail-yw1-x112c.google.com with SMTP id 00721157ae682-4a2f8ad29d5so448916067b3.8 for ; Tue, 17 Jan 2023 18:16:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=plQIjN2wQ9XQXBQ5PSme4vUCmLrYkEIK9If4doKFLBI=; b=LEYLSbN+VJha9Y8r6nX3W37X12OGy8n862kizG4i1KEMLBQvAcrAa7awSx1mGj6i1M UZO5TbjxfJVrwATY1r5dwUg8ulM2yFaaEytzlAWSqp+tigueh/wVI7At443/LMXGGcdV 02aU2qgTw4KyyW2cVar/Q+JPbd/GajrGO3fhydG8cNxnsGEj2DNXX1lHjQcNta+ndKLq VlrCSw29Fmnei5ErjNjvLZbBUUKgepCwNTFqoqk9hXLiOqQJA6NxpzwZj5tNijHCrCY0 zNFBA/nJjj38TAHajL1bHQYqy86Qx8fnD261/akARVMdMAHEV4rhTf3wbpcFOTD1vzhT StSw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=plQIjN2wQ9XQXBQ5PSme4vUCmLrYkEIK9If4doKFLBI=; b=eLlx1UoohhT3FHTDttkTz7Ewbu9sKuFdcbv9EBJLwpybEvXeK1/CurjrRzkmC0oFTV B7KnkcC4zuccxOr+cgQzl25sgEm97Q6Gyjq6EId3Foi9+kUarcMpWTdpyB91+wnU75K6 7X1X6DjyXKAg33WZVXg1cIVp194eXz3zGejGmuPeUpnjfTXIQ1L/hS4VWhlJUMJ1s5af VVEH4/L3vfMhqjD79HsBfEXZghjjw7eP5a/N84H+EuhKkcZrQiETVOatEX+Er0uVdBKY 2I14wHbvlPZUAReLyS0l1rwfORsFKjZt5Ox1Vto9i3/qxMrbSW1ModjPhD9IO9bRfDlN 5eJw== X-Gm-Message-State: AFqh2kqDLYte0pCDOA2aBXVvNY/y4Gk6+0pztD+Qu77H3TXhIpJSIt9i nnphSHCGK5e/GY5zpJyAZ7+rlTDlUP4KdPTX8pKsTw== X-Google-Smtp-Source: AMrXdXu0PzeQzUrtMPh6Q6gmLxuEYbH19qaRWq6JHAbxojJ61ekKXs60PExdWQAgVi5xOUd0vb27BXUobHRewBc0eVw= X-Received: by 2002:a81:9105:0:b0:3dc:fd91:ef89 with SMTP id i5-20020a819105000000b003dcfd91ef89mr584557ywg.347.1674008176468; Tue, 17 Jan 2023 18:16:16 -0800 (PST) MIME-Version: 1.0 References: <20230109205336.3665937-1-surenb@google.com> <20230109205336.3665937-10-surenb@google.com> In-Reply-To: From: Suren Baghdasaryan Date: Tue, 17 Jan 2023 18:16:05 -0800 Message-ID: Subject: Re: [PATCH 09/41] mm: rcu safe VMA freeing To: Michal Hocko Cc: akpm@linux-foundation.org, michel@lespinasse.org, jglisse@google.com, vbabka@suse.cz, hannes@cmpxchg.org, mgorman@techsingularity.net, dave@stgolabs.net, willy@infradead.org, liam.howlett@oracle.com, peterz@infradead.org, ldufour@linux.ibm.com, laurent.dufour@fr.ibm.com, paulmck@kernel.org, luto@kernel.org, songliubraving@fb.com, peterx@redhat.com, david@redhat.com, dhowells@redhat.com, hughd@google.com, bigeasy@linutronix.de, kent.overstreet@linux.dev, punit.agrawal@bytedance.com, lstoakes@gmail.com, peterjung1337@gmail.com, rientjes@google.com, axelrasmussen@google.com, joelaf@google.com, minchan@google.com, jannh@google.com, shakeelb@google.com, tatashin@google.com, edumazet@google.com, gthelen@google.com, gurua@google.com, arjunroy@google.com, soheil@google.com, hughlynch@google.com, leewalsh@google.com, posk@google.com, linux-mm@kvack.org, linux-arm-kernel@lists.infradead.org, linuxppc-dev@lists.ozlabs.org, x86@kernel.org, linux-kernel@vger.kernel.org, kernel-team@android.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230117_181617_685399_C46820BE X-CRM114-Status: GOOD ( 14.01 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Tue, Jan 17, 2023 at 6:25 AM Michal Hocko wrote: > > On Mon 09-01-23 12:53:04, Suren Baghdasaryan wrote: > [...] > > void vm_area_free(struct vm_area_struct *vma) > > { > > free_anon_vma_name(vma); > > +#ifdef CONFIG_PER_VMA_LOCK > > + call_rcu(&vma->vm_rcu, __vm_area_free); > > +#else > > kmem_cache_free(vm_area_cachep, vma); > > +#endif > > Is it safe to have vma with already freed vma_name? I suspect this is > safe because of mmap_lock but is there any reason to split the freeing > process and have this potential UAF lurking? It should be safe because VMA is either locked or has been isolated while locked, so no page fault handlers should have access to it. But you are right, moving free_anon_vma_name() into __vm_area_free() does seem safer. Will make the change in the next rev. > > > } > > > > static void account_kernel_stack(struct task_struct *tsk, int account) > > -- > > 2.39.0 > > -- > Michal Hocko > SUSE Labs _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel