On Tue, Mar 01, 2016 at 11:41:33AM -0800, Dave Hansen wrote: > > From: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx> > > Andrey Wagin reported that a simple test case was broken by: > > 2b5f7d013fc ("mm/core, x86/mm/pkeys: Add execute-only protection keys support") > > This test case creates an unreadable VMA and my patch assumed > that all writes must be to readable VMAs. > > The simplest fix for this is to remove the pkey-related bits > in access_error(). For execute-only support, I believe the > existing version is sufficient because the permissions we > are trying to enforce are entirely expressed in vma->vm_flags. > We just depend on pkeys to get *an* exception, it does not > matter that PF_PK was set, or even what state PKRU is in. > > I will re-add the necessary bits with the full pkeys > implementation that includes the new syscalls. > > The three cases that matter are: > > 1. If a write to an execute-only VMA occurs, we will see PF_WRITE > set, but !VM_WRITE on the VMA, and return 1. All execute-only > VMAs have VM_WRITE clear by definition. > 2. If a read occurs on a present PTE, we will fall in to the "read, > present" case and return 1. > 3. If a read occurs to a non-present PTE, we will miss the "read, > not present" case, because the execute-only VMA will have > VM_EXEC set, and we will properly return 0 allowing the PTE to > be populated. > > Test program: > > #include <sys/mman.h> > #include <stdlib.h> > > int main() > { > int *p; > p = mmap(NULL, 4096, PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); > p[0] = 1; > > return 0; > } > > Fixes: 62b5f7d013fc ("mm/core, x86/mm/pkeys: Add execute-only protection keys support") > Signed-off-by: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx> > Cc: "Kirill A. Shutemov" <kirill@xxxxxxxxxxxxx> > Cc: Andrey Wagin <avagin@xxxxxxxxx>, > Cc: linux-next@xxxxxxxxxxxxxxx > Cc: linux-mm@xxxxxxxxx > Cc: x86@xxxxxxxxxx Acked-by: Kirill A. Shutemov <kirill.shutemov@xxxxxxxxxxxxxxx> -- Kirill A. Shutemov -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx"> email@xxxxxxxxx </a>