From patchwork Fri Dec 1 09:46:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13475553 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 64539C07E97 for ; Fri, 1 Dec 2023 09:47:16 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 854026B0441; Fri, 1 Dec 2023 04:47:13 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 613FB6B0442; Fri, 1 Dec 2023 04:47:13 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3CAB06B0444; Fri, 1 Dec 2023 04:47:13 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 18B826B0442 for ; Fri, 1 Dec 2023 04:47:13 -0500 (EST) Received: from smtpin20.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id E77211C0113 for ; Fri, 1 Dec 2023 09:47:12 +0000 (UTC) X-FDA: 81517771104.20.A534E3C Received: from mail-pg1-f177.google.com (mail-pg1-f177.google.com [209.85.215.177]) by imf02.hostedemail.com (Postfix) with ESMTP id 2AB2980003 for ; Fri, 1 Dec 2023 09:47:10 +0000 (UTC) Authentication-Results: imf02.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=av4YK05l; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf02.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.215.177 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1701424031; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Dess//0c2Lh04XmQ2u56zFtWMuXDgxNkubc5UfyU5ak=; b=hnEFsRn7J2ZuFZKn27DCZ7QjVPnvrToR6atAUaZnaN4hR3WHi8EpZddKBxV/+3PL2CeMfP aO32+3DpbsYQkpGyt+hHOllHyLU9+ay7qlwxsLH2DGnWhHjBc5qUARTtBc5w/kbvdEK1XP WDDVE5gwxfUmcmf12ZCJ8MEs37AK7Ow= ARC-Authentication-Results: i=1; imf02.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=av4YK05l; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf02.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.215.177 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1701424031; a=rsa-sha256; cv=none; b=6CulsxYkbYv3v5yHnl99HaWTgliu3MF3ghuMM9Cr8wZ2PsXVLhWDtfcSv+XbNXZlSNOqMy aw3O1ZjkX5b4qJ60SYFbamcWOm3pPXFpipqiZNUn88qkX7I8zczhEarPRUsN+Y4V09sjn8 jYYf2S1880eZF26NWb0HAVMf1zpisPg= Received: by mail-pg1-f177.google.com with SMTP id 41be03b00d2f7-5bcfc508d14so245712a12.3 for ; Fri, 01 Dec 2023 01:47:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701424030; x=1702028830; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Dess//0c2Lh04XmQ2u56zFtWMuXDgxNkubc5UfyU5ak=; b=av4YK05l0SFOhTSg5tpEks0kmdOQGFgPLElCEw8cyKn/hkdczNH31EKJJtP9P5NqG3 vP5GhMul4pY4b+4IzxPuIRop/Avysu2iAHBgrzizUGN0m5jizJoTtPiGwScaXi1+BLsK qldbyeub+Z/CyUyWAkjEI71pp6QjEaaTXVnmBMdpVjV4u30kXe//ZnisVeOTblzxl3mS us6SzrXfX7l/7WTutJUfZ72aGtfkZ17AMYqTNGIwkPMp0ej16d4rUIifJFvuD4WJVMOM rHNGBO0/mEl+8MERmccsQrkPpjBlTP/zKwlMb/qZQfnv1kxn2zwxRAUcphxWNgODE3f3 8eSw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701424030; x=1702028830; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Dess//0c2Lh04XmQ2u56zFtWMuXDgxNkubc5UfyU5ak=; b=RAg8DrB/SfZIhCcCWWkxzKMAxsZ45VBF23pWE+muvIbPA6EAK4PmNZHrjedLTr2ZUl tZht0vQ2IVLOkxqBETYwPBP1YRJZ6WEBsIVo8Ru4nGjDJhoZqdYqwHS9KZK/WZO5Lh6k ad7eryiXP74WTtjmIRRYIBcU9PtAANDdS317nw0BjrrXp8Uayr+6a522KXHFOjXSD6Jl MTuGVK29jU6bC3D87j8TmlGILPM31IyeCQdX7jcKWMRK7ru09rakip32VrkZH2qz98ty WKCLJ05yPT5rTaDD5LvvzSyH6K8l4eSn4niRCOyT175SdlZRTuWPi6Y5y5koEJMEQgRl DHpg== X-Gm-Message-State: AOJu0YyYlPF97p+3KJcDjpI9zU/bZPxoZJOYXcaqNOpxsGKJrf0THLcX z1R6rvVAsqk3vK9x59IpJKg= X-Google-Smtp-Source: AGHT+IFKEK9U8bDFol/OVizJQvuY/KulkxmLfMUD7mG6RF1mpjVP4Jnt4qHJlMEuVuE8HB+QA/XgNw== X-Received: by 2002:a05:6a20:9154:b0:18b:5a66:3f70 with SMTP id x20-20020a056a20915400b0018b5a663f70mr30186543pzc.2.1701424030179; Fri, 01 Dec 2023 01:47:10 -0800 (PST) Received: from vultr.guest ([149.28.194.201]) by smtp.gmail.com with ESMTPSA id e6-20020a170902b78600b001bdd7579b5dsm2875534pls.240.2023.12.01.01.47.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 01 Dec 2023 01:47:09 -0800 (PST) From: Yafang Shao To: akpm@linux-foundation.org, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, omosnace@redhat.com, mhocko@suse.com, ying.huang@intel.com Cc: linux-mm@kvack.org, linux-security-module@vger.kernel.org, bpf@vger.kernel.org, ligang.bdlg@bytedance.com, Yafang Shao Subject: [PATCH v3 3/7] mm, security: Fix missed security_task_movememory() Date: Fri, 1 Dec 2023 09:46:32 +0000 Message-Id: <20231201094636.19770-4-laoar.shao@gmail.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231201094636.19770-1-laoar.shao@gmail.com> References: <20231201094636.19770-1-laoar.shao@gmail.com> MIME-Version: 1.0 X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: 2AB2980003 X-Stat-Signature: t1uoh9j4xzgjtrgmadpmg4u35ageb1ak X-Rspam-User: X-HE-Tag: 1701424030-736636 X-HE-Meta: U2FsdGVkX1+Kq4TBoFLx134XPLYgkBFJHsOxA5kWjEHn/rcvj1jT7+byja90iMpPS1eTbO6hOqtnHSzl1yBoCXVDRydKBTOkSvEE78to8GOAjenrJBsXZQWR46w0NnbFeXWIHgwRHDPDzzdhk6G8d3p1mZxY+ZI9Mjki5BZQIav+Q33bHsK6Q6GOf4d/458uLqmJLmEr8Kr5gPmt5R19cAvSnsZGets22TYr3DwEjc7oMtrHOOlFqgcynMcsmLKSAjBd2E9BB+rzYVqmcgeUheLt3sdajxebyd57xN6dX8b8XJawETwPwDPrj2lQbggS+NdCpccSXEEEK+TZalWDZi+KBfhww+X6JKFV53JQUfK6rokwHosbYgeX202ps2aa9X/azJUU5TBxOh12yyEGEyfMMCU2v3QRrGV27SVP+OwNm2Y265KmBwKHVt2cR22IMf8VF1JhsCAyM7Lu/ciFwvGUqudNHvJbKYUYBsADjdnOVcrLT65MXBrQPcOdWe57jXcimDmVhl7A7uHTVX2KKOmpVDUpwrzOPYLTjmU96eRwQr14N8eWiTqyWSvYnPnLbyCHPEjDNmU6F+y5OZjpYeHXL65Uc5VqfOtZCnazXY9OZdmZJVolCqkmrKWla8X9gJNlP7fTR/L9KWb3EMs9NWtKEdQPUPr3v+Lt2kbgnztqgQX/cDBLGN8Ep3KNgHgyWJRrq8zuk/n/WIsSJTxBtGaQ1F+ttuULYgvai0wrZ7AAf2AD5uS6j5pRjJqxRp+DAzYjn58u+SCUNK5E7rg0jSSvDnQasgDLhraEWsf9CKRndiVmCHlcr/e93yjEdVbOJp6F3kwzgdtD+bdVqpDbbiTI2hQlIUopG9jJVFiXepfBjVCe0KVJrL/dTnP6PRqLtfad7eboCxkyflHImhjvadwuWK8oToEH+oeQL9R2tOyze0UBh1iwTL90nJnYYx69H+LmFUpuvkFZc7W2dRP bcyoLXoG 6KFR3QECrUOcKtNNlcgIjrap3Nps3Pifog+LbnoZJrprwe8EV3r7+Ldpbt7Q52CEaPds+5WynAYELhY5WKg+HeLqHbT5v+JwZzN0V4b3WvIcLUxTlMviR1DR+HDpU4IjaaNUuP4UEHpPQMj+6HlpZ9O6ynS4XZ57UmrJludpjn0WmVJaEdSuaabnO3MITmb1k+E5vyzEEEwyyyCCoGJWxybQLvpBoBl+4US1WV9l4Ct3QP1eoPc7LeT/PfhgoCu4aUD6lnmPASHyt78cLs2FGCskjoZTo0CYpdPM2HPca8Xe2zdi30SLQO8taQr48qf4zlRbAB0DYDvNRbO6oQg83VwMxluqc8VXjhVjR0Rxmd/163VMZBOhTqTYrEer5hKDEnTWC7iCOSZ7LVY8UFVFVVCTwkfgEXIW3qFIycGUEZnRGJfKyU1HR8C4qfifwIWqgUL3f41LIeof/hJVwuCJ8kemMuGqgftJ1FY4dpZ/dY/X0XxxTSVBm39zzx8RvxrwiwRIqyjqr2/wbE+gsXDI/4i1YwUMHS6ZV9sb0kWFb7DxDbftQLivTYFmMelaqXf5mwP93qLxKFQGpbyVjUeDh4LJfrA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000108, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Considering that MPOL_F_NUMA_BALANCING or mbind(2) using either MPOL_MF_MOVE or MPOL_MF_MOVE_ALL are capable of memory movement, it's essential to include security_task_movememory() to cover this functionality as well. It was identified during a code review. Signed-off-by: Yafang Shao --- mm/mempolicy.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/mm/mempolicy.c b/mm/mempolicy.c index 10a590ee1c89..1eafe81d782e 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -1259,8 +1259,15 @@ static long do_mbind(unsigned long start, unsigned long len, if (!new) flags |= MPOL_MF_DISCONTIG_OK; - if (flags & (MPOL_MF_MOVE | MPOL_MF_MOVE_ALL)) + if (flags & (MPOL_MF_MOVE | MPOL_MF_MOVE_ALL)) { + err = security_task_movememory(current); + if (err) { + mpol_put(new); + return err; + } lru_cache_disable(); + } + { NODEMASK_SCRATCH(scratch); if (scratch) { @@ -1450,6 +1457,8 @@ static int copy_nodes_to_user(unsigned long __user *mask, unsigned long maxnode, /* Basic parameter sanity check used by both mbind() and set_mempolicy() */ static inline int sanitize_mpol_flags(int *mode, unsigned short *flags) { + int err; + *flags = *mode & MPOL_MODE_FLAGS; *mode &= ~MPOL_MODE_FLAGS; @@ -1460,6 +1469,9 @@ static inline int sanitize_mpol_flags(int *mode, unsigned short *flags) if (*flags & MPOL_F_NUMA_BALANCING) { if (*mode != MPOL_BIND) return -EINVAL; + err = security_task_movememory(current); + if (err) + return err; *flags |= (MPOL_F_MOF | MPOL_F_MORON); } return 0;