Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> writes: > On Wed, Dec 13, 2017 at 7:54 AM, Peter Zijlstra <peterz@xxxxxxxxxxxxx> wrote: >> >> Which is why get_user_pages() _should_ enforce this. >> >> What use are protection keys if you can trivially circumvent them? > > No, we will *not* worry about protection keys in get_user_pages(). > > They are not "security". They are a debug aid and safety against random mis-use. > > In particular, they are very much *NOT* about "trivially circumvent > them". The user could just change their mapping thing, for chrissake! > > We already allow access to PROT_NONE for gdb and friends, very much on purpose. > Can you clarify this? We recently did fix read access on PROT_NONE via gup here for ppc64 https://lkml.kernel.org/r/20171204021912.25974-2-aneesh.kumar@xxxxxxxxxxxxxxxxxx What is the expected behaviour against gup and get_user_pages for PROT_NONE. Another issue is we end up behaving differently with PROT_NONE mapping based on whether autonuma is enabled or not. For a PROT_NONE mapping we return true with pte_protnone(). -aneesh -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>
