From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from gate.crashing.org (gate.crashing.org [63.228.1.57]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 5E6361A04A3 for ; Fri, 27 Mar 2015 10:42:14 +1100 (AEDT) Message-ID: <1427412183.6468.148.camel@kernel.crashing.org> Subject: Re: [PATCH v3 2/2] powerpc/mm: Tracking vDSO remap From: Benjamin Herrenschmidt To: Ingo Molnar Date: Fri, 27 Mar 2015 10:23:03 +1100 In-Reply-To: <20150326094330.GA15407@gmail.com> References: <20150325121118.GA2542@gmail.com> <20150325183316.GA9090@gmail.com> <20150325183647.GA9331@gmail.com> <1427317867.6468.87.camel@kernel.crashing.org> <20150326094330.GA15407@gmail.com> Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Cc: linux-arch@vger.kernel.org, linux-s390@vger.kernel.org, Laurent Dufour , user-mode-linux-devel@lists.sourceforge.net, Arnd Bergmann , Jeff Dike , "H. Peter Anvin" , x86@kernel.org, linux-kernel@vger.kernel.org, criu@openvz.org, linux-mm@kvack.org, Ingo Molnar , Paul Mackerras , cov@codeaurora.org, user-mode-linux-user@lists.sourceforge.net, Richard Weinberger , Thomas Gleixner , Guan Xuetao , linuxppc-dev@lists.ozlabs.org List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , On Thu, 2015-03-26 at 10:43 +0100, Ingo Molnar wrote: > * Benjamin Herrenschmidt wrote: > > > On Wed, 2015-03-25 at 19:36 +0100, Ingo Molnar wrote: > > > * Ingo Molnar wrote: > > > > > > > > +#define __HAVE_ARCH_REMAP > > > > > +static inline void arch_remap(struct mm_struct *mm, > > > > > + unsigned long old_start, unsigned long old_end, > > > > > + unsigned long new_start, unsigned long new_end) > > > > > +{ > > > > > + /* > > > > > + * mremap() doesn't allow moving multiple vmas so we can limit the > > > > > + * check to old_start == vdso_base. > > > > > + */ > > > > > + if (old_start == mm->context.vdso_base) > > > > > + mm->context.vdso_base = new_start; > > > > > +} > > > > > > > > mremap() doesn't allow moving multiple vmas, but it allows the > > > > movement of multi-page vmas and it also allows partial mremap()s, > > > > where it will split up a vma. > > > > > > I.e. mremap() supports the shrinking (and growing) of vmas. In that > > > case mremap() will unmap the end of the vma and will shrink the > > > remaining vDSO vma. > > > > > > Doesn't that result in a non-working vDSO that should zero out > > > vdso_base? > > > > Right. Now we can't completely prevent the user from shooting itself > > in the foot I suppose, though there is a legit usage scenario which > > is to move the vDSO around which it would be nice to support. I > > think it's reasonable to put the onus on the user here to do the > > right thing. > > I argue we should use the right condition to clear vdso_base: if the > vDSO gets at least partially unmapped. Otherwise there's little point > in the whole patch: either correctly track whether the vDSO is OK, or > don't ... Well, if we are going to clear it at all yes, we should probably be a bit smarter about it. My point however was we probably don't need to be super robust about dealing with any crazy scenario userspace might conceive. > There's also the question of mprotect(): can users mprotect() the vDSO > on PowerPC? Nothing prevents it. But here too, I wouldn't bother. The user might be doing on purpose expecting to catch the resulting signal for example (though arguably a signal from a sigreturn frame is ... odd). Cheers, Ben.