From patchwork Mon Oct 14 23:56:31 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrii Nakryiko X-Patchwork-Id: 13835559 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id EFDA8D18157 for ; Mon, 14 Oct 2024 23:56:40 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 7F4816B0082; Mon, 14 Oct 2024 19:56:40 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 7A4366B0088; Mon, 14 Oct 2024 19:56:40 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 693576B0089; Mon, 14 Oct 2024 19:56:40 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 4A9856B0082 for ; Mon, 14 Oct 2024 19:56:40 -0400 (EDT) Received: from smtpin20.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id DA41B1C6B4C for ; Mon, 14 Oct 2024 23:56:30 +0000 (UTC) X-FDA: 82673869782.20.105A8A3 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by imf20.hostedemail.com (Postfix) with ESMTP id 791CA1C0012 for ; Mon, 14 Oct 2024 23:56:30 +0000 (UTC) Authentication-Results: imf20.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=KM5lsxX0; dmarc=pass (policy=quarantine) header.from=kernel.org; spf=pass (imf20.hostedemail.com: domain of andrii@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=andrii@kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1728950041; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:references:dkim-signature; bh=P8l+PsvhRdT31LAlviORTbtEEmbBTtFoEQ0857w3yTg=; b=PHRC+LEh5CsGj1DYOqxfpRFVAgpsIfASQHLjisSofB+/dloUruqSBt6RoLEUnL/n1OWdLt M6fgX2koBAKWTBSOXSHjf3P0ks/UVv1ZlucO3nFGVpid/6rU8UCzY1raZS3v5W1iShwJ9D NttoLtyhpCn2ZxgOiDqBYUjoDRIo/1s= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1728950041; a=rsa-sha256; cv=none; b=y15t+ULpsxHTtd+O8dpW3K5DCByjM9aa6B8ERU4o3Q8kHp7BwoTwiC2z/oxLQTmCDvqlLl wj+3PJzsTNHbpo88TZeU40Wa2c4A3He+SaoN01eqAbS4hy7XaEIX5dySOlAC4EDPPRT4ns 7RUP0WGOenjw/5yk7FMBJKPQloCiYkk= ARC-Authentication-Results: i=1; imf20.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=KM5lsxX0; dmarc=pass (policy=quarantine) header.from=kernel.org; spf=pass (imf20.hostedemail.com: domain of andrii@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=andrii@kernel.org Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id 5B20E5C5C38; Mon, 14 Oct 2024 23:56:33 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 4D559C4CEC3; Mon, 14 Oct 2024 23:56:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1728950197; bh=U4KipJqaa21PVWg2nkw8vmlBA7OYh1syNZ+kKe89Pzw=; h=From:To:Cc:Subject:Date:From; b=KM5lsxX0MbEXefew/Zg2IZ/hMNXTfetmmW13O8z74ZB2Yjaw1RXzFLJJuwZN0HZTp skB147giKv7NJ5duoo67OmQKRvNbdSmmA0R/9m+Iskv3htihzZDpHSv+Z+051+rjUr ojqz3qJ7qcsOzo5QyTYuhCzUK1H7bTMWLynW48pS9XUIz0bbxd8T8tH9dabr7o8Mo/ 1Hn+0rkIgd6HpcocshWUJM/xEEzeeX1DtWMEi5TbHmMjq0qklH+3dOGjuVcpn92zeE xUDAHfV0hRp98RCf6icFYUhi9yh/lOUFbhEGTHSGZWqCvkhjZ25g8+rEROaxsawmr3 SjgJH9YBYv7PQ== From: Andrii Nakryiko To: bpf@vger.kernel.org, ast@kernel.org, daniel@iogearbox.net, martin.lau@kernel.org Cc: linux-mm@kvack.org, linux-perf-users@vger.kernel.org, linux-fsdevel@vger.kernel.org, Andrii Nakryiko , Yi Lai , Shakeel Butt Subject: [PATCH bpf] lib/buildid: handle memfd_secret() files in build_id_parse() Date: Mon, 14 Oct 2024 16:56:31 -0700 Message-ID: <20241014235631.1229438-1-andrii@kernel.org> X-Mailer: git-send-email 2.43.5 MIME-Version: 1.0 X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: 791CA1C0012 X-Stat-Signature: dx6stndjzzyw9j6ckaugj6zjp5fo35xu X-Rspam-User: X-HE-Tag: 1728950190-568631 X-HE-Meta: U2FsdGVkX18w8ROc6keYO2nt4y47NYjzeJw8o0vtLAZ6jFTFFczNb6jtad1C6MAkRMmkdIk14bGyBh998cL7VRvjhtJMTUfFZVco7doj2UDehYK9zgneeyZJ1UeP/b379yvc5jnXe9KvSFW8EFutwkWOAoRdTJFPnTMIjaCyMYfbbfYWfJTUSSvOsZKbZ2HMYwOFn6rDyV2QZm+VFja3fEd/B0SxKmj7OA5Aoer68+Np0+Q/Jd5hNhy13cj7aBpXb/TKJ35tUydHF+p32EOVHb4K0kqN5uPh6arvjtmboO2hCtTq1Yn5V2A1wXcNXfMAAUIpX5f+Hkx6M9e0lvfWdqgOyV2EJPy3Lq7pC8lWCctuwlZFWKponiXoRlln9XyyUAbDeae90NY1SVEgTGXl2C+YvS+MbtoJ1GJExoaNHQ9N8/oVuk0drEslUnSRJZZDz0DaE9NW+Tjy+l117vkPNsDuZyCkywd+f69cqq1ErpDwBZlS62RbuudSff7zROYpt5sGhn2FB1DNjxVu+6xbu1ona2tUn/WeHFxy/JQMwYkFMuHvRsAo/eTheDfEfmSEtBKeDmCTetciKfwSm2aAD3ZnEvlDyplLOS2/faeu6OOOQ/lzUelitQMa6t5XqsJ7iLjiGCuJqYqEprAnRgPIdsl0aYddLmwL497HUGGbTyPvir2JKIXCJE0VbvlZRm5PIcUySJGvepbxo2TZTzjncg3JtJ5GSgi3RdhuzbUifQAQR2EvaKFB/E6I3COFOrinKa0KgOLoBLGESr9CdrpihfGI18zG6Kkq99p2fun1sGDWEsIykCQfBoZcXXz8r6k4ppdxLjIuLtDk05s0AIanUD4Qe61pQEqMxtesvd5xhGxDcH5XJsdvyZMz04Zs/oQ6ui4A0u5bWc8LP9H2hUqDyZOvKECIIEq1gK18zDAs3f4ngYdd+2gFVqSlWziSdJKDYlI9jdbRThdLq3DeJGL 8c/Ky8e7 RXPM26fCyxgDNtskdUIVGoog9+I5wIoPToSl+a+k24jRPYWfRk/xz2mRapbDg7tMlriWLiHL0hsXS58liI/3reBu0knTOLJkg7g44kBHkkVP6cCgm+j/+vIiRsybajdq1sGYdRxbkd5XDdAR0427lTPstiayEQoIAXPZhwu5H7bbGsWIzvHgMYij2cK6r2wcee4sCS2qu4zxEJKeXkFAp3dk5+zeGBl7AcXKJH+efV2skzinDQFD893ZYYFBv+EjEZuph/MYswV9fBPrQxjndO/QUY69ZYJBxIc49HRwK974DjPyorYgf0gU6cw== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From memfd_secret(2) manpage: The memory areas backing the file created with memfd_secret(2) are visible only to the processes that have access to the file descriptor. The memory region is removed from the kernel page tables and only the page tables of the processes holding the file descriptor map the corresponding physical memory. (Thus, the pages in the region can't be accessed by the kernel itself, so that, for example, pointers to the region can't be passed to system calls.) We need to handle this special case gracefully in build ID fetching code. Return -EACCESS whenever secretmem file is passed to build_id_parse() family of APIs. Original report and repro can be found in [0]. [0] https://lore.kernel.org/bpf/ZwyG8Uro%2FSyTXAni@ly-workstation/ Reported-by: Yi Lai Suggested-by: Shakeel Butt Fixes: de3ec364c3c3 ("lib/buildid: add single folio-based file reader abstraction") Signed-off-by: Andrii Nakryiko Acked-by: Shakeel Butt --- lib/buildid.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/lib/buildid.c b/lib/buildid.c index 290641d92ac1..f0e6facf61c5 100644 --- a/lib/buildid.c +++ b/lib/buildid.c @@ -5,6 +5,7 @@ #include #include #include +#include #define BUILD_ID 3 @@ -64,6 +65,10 @@ static int freader_get_folio(struct freader *r, loff_t file_off) freader_put_folio(r); + /* reject secretmem folios created with memfd_secret() */ + if (secretmem_mapping(r->file->f_mapping)) + return -EACCES; + r->folio = filemap_get_folio(r->file->f_mapping, file_off >> PAGE_SHIFT); /* if sleeping is allowed, wait for the page, if necessary */