[v3,1/3] fs/exec: don't force writing memory access

Message ID	1478142286-18427-4-git-send-email-jann@thejh.net (mailing list archive)
State	New, archived
Headers	show Return-Path: <linux-security-module-owner@kernel.org> From: Jann Horn <jann@thejh.net> To: security@kernel.org, Alexander Viro <viro@zeniv.linux.org.uk>, Paul Moore <paul@paul-moore.com>, Stephen Smalley <sds@tycho.nsa.gov>, Eric Paris <eparis@parisplace.org>, James Morris <james.l.morris@oracle.com>, "Serge E. Hallyn" <serge@hallyn.com>, mchong@google.com, Andy Lutomirski <luto@amacapital.net>, Ingo Molnar <mingo@kernel.org>, Oleg Nesterov <oleg@redhat.com>, Nick Kralevich <nnk@google.com>, Janis Danisevskis <jdanis@google.com> Cc: linux-security-module@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org Subject: [PATCH v3 1/3] fs/exec: don't force writing memory access Date: Thu, 3 Nov 2016 04:04:44 +0100 Message-Id: <1478142286-18427-4-git-send-email-jann@thejh.net> In-Reply-To: <1478142286-18427-1-git-send-email-jann@thejh.net> References: <1478142286-18427-1-git-send-email-jann@thejh.net> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk

Message ID

1478142286-18427-4-git-send-email-jann@thejh.net (mailing list archive)

State

New, archived

Headers

From: Jann Horn <jann@thejh.net>
To: security@kernel.org, Alexander Viro <viro@zeniv.linux.org.uk>,
	Paul Moore <paul@paul-moore.com>, Stephen Smalley <sds@tycho.nsa.gov>,
	Eric Paris <eparis@parisplace.org>,
	James Morris <james.l.morris@oracle.com>,
	"Serge E. Hallyn" <serge@hallyn.com>, mchong@google.com,
	Andy Lutomirski <luto@amacapital.net>, Ingo Molnar <mingo@kernel.org>,
	Oleg Nesterov <oleg@redhat.com>, Nick Kralevich <nnk@google.com>,
	Janis Danisevskis <jdanis@google.com>
Cc: linux-security-module@vger.kernel.org, linux-mm@kvack.org,
	linux-kernel@vger.kernel.org
Subject: [PATCH v3 1/3] fs/exec: don't force writing memory access
Date: Thu,  3 Nov 2016 04:04:44 +0100
Message-Id: <1478142286-18427-4-git-send-email-jann@thejh.net>
In-Reply-To: <1478142286-18427-1-git-send-email-jann@thejh.net>
References: <1478142286-18427-1-git-send-email-jann@thejh.net>
Sender: owner-linux-security-module@vger.kernel.org
Precedence: bulk

Commit Message

Jann Horn Nov. 3, 2016, 3:04 a.m. UTC

This shouldn't change behavior in any way - at this point, there should be
no non-writable mappings, only the initial stack mapping -, but this change
makes it easier to reason about the correctness of the following commits
that place restrictions on forced memory writes.

Signed-off-by: Jann Horn <jann@thejh.net>
Reviewed-by: Janis Danisevskis <jdanis@android.com>
---
 fs/exec.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Oleg Nesterov Nov. 3, 2016, 6:24 p.m. UTC | #1

On 11/03, Jann Horn wrote:
>
> This shouldn't change behavior in any way - at this point, there should be
> no non-writable mappings, only the initial stack mapping -,

So this FOLL_FORCE just adds the unnecessary confusion,

> but this change
> makes it easier to reason about the correctness of the following commits
> that place restrictions on forced memory writes.

and to me it looks like a good cleanup regardless. Exactly because it
is not clear why do we need FOLL_FORCE.

> Signed-off-by: Jann Horn <jann@thejh.net>
> Reviewed-by: Janis Danisevskis <jdanis@android.com>

Acked-by: Oleg Nesterov <oleg@redhat.com>

--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

diff --git a/fs/exec.c b/fs/exec.c
index 4e497b9ee71e..dbc2dd2f0829 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -191,7 +191,7 @@  static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos,
 {
 	struct page *page;
 	int ret;
-	unsigned int gup_flags = FOLL_FORCE;
+	unsigned int gup_flags = 0;
 
 #ifdef CONFIG_STACK_GROWSUP
 	if (write) {

[v3,1/3] fs/exec: don't force writing memory access

Commit Message

Comments

Patch