| Message ID | 20230216091656.2045471-2-usama.anjum@collabora.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | [v4,1/2] mm/userfaultfd: Support WP on multiple VMAs | expand |
On 16.02.23 10:16, Muhammad Usama Anjum wrote: > Add VM_WARN_ONCE() to uffd_wp_range() to detect range (start, len) abuse. > > Signed-off-by: Muhammad Usama Anjum <usama.anjum@collabora.com> > --- > mm/userfaultfd.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/mm/userfaultfd.c b/mm/userfaultfd.c > index 77c5839e591c..d89ed44d2668 100644 > --- a/mm/userfaultfd.c > +++ b/mm/userfaultfd.c > @@ -717,6 +717,8 @@ long uffd_wp_range(struct mm_struct *dst_mm, struct vm_area_struct *dst_vma, > struct mmu_gather tlb; > long ret; > > + VM_WARN_ONCE(start < dst_vma->vm_start || start + len > dst_vma->vm_end, > + "The address range exceeds VMA boundary.\n"); VM_WARN_ON_ONCE is sufficient (sorry for spelling out the wrong variant earlier). These kinds of bugs are expected to be found early during testing, still it might make sense to implement a backup path if (WARN_ON_ONCE(...)) return -EINVAL; But we can't use VM_WARN_ON_ONCE here, so we can't compile it out anymore ... so I guess a simple VM_WARN_ON_ONCE() is sufficient.
On 2/16/23 2:24 PM, David Hildenbrand wrote: > On 16.02.23 10:16, Muhammad Usama Anjum wrote: >> Add VM_WARN_ONCE() to uffd_wp_range() to detect range (start, len) abuse. >> >> Signed-off-by: Muhammad Usama Anjum <usama.anjum@collabora.com> >> --- >> mm/userfaultfd.c | 2 ++ >> 1 file changed, 2 insertions(+) >> >> diff --git a/mm/userfaultfd.c b/mm/userfaultfd.c >> index 77c5839e591c..d89ed44d2668 100644 >> --- a/mm/userfaultfd.c >> +++ b/mm/userfaultfd.c >> @@ -717,6 +717,8 @@ long uffd_wp_range(struct mm_struct *dst_mm, struct >> vm_area_struct *dst_vma, >> struct mmu_gather tlb; >> long ret; >> + VM_WARN_ONCE(start < dst_vma->vm_start || start + len > >> dst_vma->vm_end, >> + "The address range exceeds VMA boundary.\n"); > > VM_WARN_ON_ONCE is sufficient (sorry for spelling out the wrong variant > earlier). Will do in the next version. Thanks. > > These kinds of bugs are expected to be found early during testing, still it > might make sense to implement a backup path > > if (WARN_ON_ONCE(...)) > return -EINVAL; > > But we can't use VM_WARN_ON_ONCE here, so we can't compile it out anymore > ... so I guess a simple VM_WARN_ON_ONCE() is sufficient. >
On Thu, Feb 16, 2023 at 02:48:51PM +0500, Muhammad Usama Anjum wrote: > On 2/16/23 2:24 PM, David Hildenbrand wrote: > > On 16.02.23 10:16, Muhammad Usama Anjum wrote: > >> Add VM_WARN_ONCE() to uffd_wp_range() to detect range (start, len) abuse. > >> > >> Signed-off-by: Muhammad Usama Anjum <usama.anjum@collabora.com> > >> --- > >> mm/userfaultfd.c | 2 ++ > >> 1 file changed, 2 insertions(+) > >> > >> diff --git a/mm/userfaultfd.c b/mm/userfaultfd.c > >> index 77c5839e591c..d89ed44d2668 100644 > >> --- a/mm/userfaultfd.c > >> +++ b/mm/userfaultfd.c > >> @@ -717,6 +717,8 @@ long uffd_wp_range(struct mm_struct *dst_mm, struct > >> vm_area_struct *dst_vma, > >> struct mmu_gather tlb; > >> long ret; > >> + VM_WARN_ONCE(start < dst_vma->vm_start || start + len > > >> dst_vma->vm_end, > >> + "The address range exceeds VMA boundary.\n"); > > > > VM_WARN_ON_ONCE is sufficient (sorry for spelling out the wrong variant > > earlier). > Will do in the next version. Thanks. Shall we just squash the two patches?
On 2/17/23 1:26 AM, Peter Xu wrote: > On Thu, Feb 16, 2023 at 02:48:51PM +0500, Muhammad Usama Anjum wrote: >> On 2/16/23 2:24 PM, David Hildenbrand wrote: >>> On 16.02.23 10:16, Muhammad Usama Anjum wrote: >>>> Add VM_WARN_ONCE() to uffd_wp_range() to detect range (start, len) abuse. >>>> >>>> Signed-off-by: Muhammad Usama Anjum <usama.anjum@collabora.com> >>>> --- >>>> mm/userfaultfd.c | 2 ++ >>>> 1 file changed, 2 insertions(+) >>>> >>>> diff --git a/mm/userfaultfd.c b/mm/userfaultfd.c >>>> index 77c5839e591c..d89ed44d2668 100644 >>>> --- a/mm/userfaultfd.c >>>> +++ b/mm/userfaultfd.c >>>> @@ -717,6 +717,8 @@ long uffd_wp_range(struct mm_struct *dst_mm, struct >>>> vm_area_struct *dst_vma, >>>> struct mmu_gather tlb; >>>> long ret; >>>> + VM_WARN_ONCE(start < dst_vma->vm_start || start + len > >>>> dst_vma->vm_end, >>>> + "The address range exceeds VMA boundary.\n"); >>> >>> VM_WARN_ON_ONCE is sufficient (sorry for spelling out the wrong variant >>> earlier). >> Will do in the next version. Thanks. > > Shall we just squash the two patches? Will squash in next version. >
diff --git a/mm/userfaultfd.c b/mm/userfaultfd.c index 77c5839e591c..d89ed44d2668 100644 --- a/mm/userfaultfd.c +++ b/mm/userfaultfd.c @@ -717,6 +717,8 @@ long uffd_wp_range(struct mm_struct *dst_mm, struct vm_area_struct *dst_vma, struct mmu_gather tlb; long ret; + VM_WARN_ONCE(start < dst_vma->vm_start || start + len > dst_vma->vm_end, + "The address range exceeds VMA boundary.\n"); if (enable_wp) mm_cp_flags = MM_CP_UFFD_WP; else
Add VM_WARN_ONCE() to uffd_wp_range() to detect range (start, len) abuse. Signed-off-by: Muhammad Usama Anjum <usama.anjum@collabora.com> --- mm/userfaultfd.c | 2 ++ 1 file changed, 2 insertions(+)