Re: [PATCH v7 3/3] mm: add a field to store names for private anonymous memory

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Matthew Wilcox <willy@xxxxxxxxxxxxx>
Subject: Re: [PATCH v7 3/3] mm: add a field to store names for private anonymous memory
From: "Kirill A. Shutemov" <kirill.shutemov@xxxxxxxxxxxxxxx>
Date: Thu, 3 Sep 2020 16:58:06 +0300
Cc: "Kirill A. Shutemov" <kirill@xxxxxxxxxxxxx>, Sumit Semwal <sumit.semwal@xxxxxxxxxx>, Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>, linux-mm@xxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, Alexey Dobriyan <adobriyan@xxxxxxxxx>, Jonathan Corbet <corbet@xxxxxxx>, Mauro Carvalho Chehab <mchehab+huawei@xxxxxxxxxx>, Kees Cook <keescook@xxxxxxxxxxxx>, Michal Hocko <mhocko@xxxxxxxx>, Colin Cross <ccross@xxxxxxxxxx>, Alexey Gladkov <gladkov.alexey@xxxxxxxxx>, Jason Gunthorpe <jgg@xxxxxxxx>, Michel Lespinasse <walken@xxxxxxxxxx>, Michal Koutný <mkoutny@xxxxxxxx>, Song Liu <songliubraving@xxxxxx>, Huang Ying <ying.huang@xxxxxxxxx>, Vlastimil Babka <vbabka@xxxxxxx>, Yang Shi <yang.shi@xxxxxxxxxxxxxxxxx>, chenqiwu <chenqiwu@xxxxxxxxxx>, Mathieu Desnoyers <mathieu.desnoyers@xxxxxxxxxxxx>, John Hubbard <jhubbard@xxxxxxxxxx>, Mike Christie <mchristi@xxxxxxxxxx>, Bart Van Assche <bvanassche@xxxxxxx>, Amit Pundir <amit.pundir@xxxxxxxxxx>, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, Christian Brauner <christian.brauner@xxxxxxxxxx>, Daniel Jordan <daniel.m.jordan@xxxxxxxxxx>, Adrian Reber <areber@xxxxxxxxxx>, Nicolas Viennot <Nicolas.Viennot@xxxxxxxxxxxx>, Al Viro <viro@xxxxxxxxxxxxxxxxxx>, linux-fsdevel@xxxxxxxxxxxxxxx, John Stultz <john.stultz@xxxxxxxxxx>, Pekka Enberg <penberg@xxxxxxxxxx>, Dave Hansen <dave.hansen@xxxxxxxxx>, Peter Zijlstra <peterz@xxxxxxxxxxxxx>, Ingo Molnar <mingo@xxxxxxxxxx>, Oleg Nesterov <oleg@xxxxxxxxxx>, "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>, Jan Glauber <jan.glauber@xxxxxxxxx>, Rob Landley <rob@xxxxxxxxxxx>, Cyrill Gorcunov <gorcunov@xxxxxxxxxx>, "Serge E. Hallyn" <serge.hallyn@xxxxxxxxxx>, David Rientjes <rientjes@xxxxxxxxxx>, Hugh Dickins <hughd@xxxxxxxxxx>, Rik van Riel <riel@xxxxxxxxxx>, Mel Gorman <mgorman@xxxxxxx>, Tang Chen <tangchen@xxxxxxxxxxxxxx>, Robin Holt <holt@xxxxxxx>, Shaohua Li <shli@xxxxxxxxxxxx>, Sasha Levin <sasha.levin@xxxxxxxxxx>, Johannes Weiner <hannes@xxxxxxxxxxx>, Minchan Kim <minchan@xxxxxxxxxx>
In-reply-to: <20200903134340.GA14765@casper.infradead.org>
References: <20200901161459.11772-1-sumit.semwal@linaro.org> <20200901161459.11772-4-sumit.semwal@linaro.org> <20200903132537.mp5e6o6ptgbkghxe@box> <20200903134340.GA14765@casper.infradead.org>

On Thu, Sep 03, 2020 at 02:43:40PM +0100, Matthew Wilcox wrote:
> On Thu, Sep 03, 2020 at 04:25:37PM +0300, Kirill A. Shutemov wrote:
> > IIUC, it gives userspace direct control of content of /proc/$PID/maps and
> > /proc/$PID/smaps. There's no verification of the given string whatsoever.
> > I'm sure security experts would find clever usage of the feature :P
> 
> What, you think that naming a VMA
> "\n55bc3e0f9000-55bc3e0fb000 r--p 00000000 fd:01 16777285                   /bin/cat" might cause problems?

Something that would cause buffer overrun or out-of-bound access in a
privilaged parser can be even more interesting. :)

> Would it be enough to restrict the characters to isalnum()?

I guess.

But current design stores userspace pointer and there's time-of-check vs.
time-of-use problem.

-- 
 Kirill A. Shutemov

Follow-Ups:
- Re: [PATCH v7 3/3] mm: add a field to store names for private anonymous memory
  - From: Colin Cross

References:
- [PATCH v7 0/3] Anonymous VMA naming patches
  - From: Sumit Semwal
- [PATCH v7 3/3] mm: add a field to store names for private anonymous memory
  - From: Sumit Semwal
- Re: [PATCH v7 3/3] mm: add a field to store names for private anonymous memory
  - From: Kirill A. Shutemov
- Re: [PATCH v7 3/3] mm: add a field to store names for private anonymous memory
  - From: Matthew Wilcox

Prev by Date: [linux-next:pending-fixes] BUILD SUCCESS c41730a9bddceed281f9291e2a0cc077d5dcb697
Next by Date: [PATCH v2] mm/memory_hotplug: drain per-cpu pages again during memory offline
Previous by thread: Re: [PATCH v7 3/3] mm: add a field to store names for private anonymous memory
Next by thread: Re: [PATCH v7 3/3] mm: add a field to store names for private anonymous memory
Index(es):
- Date
- Thread

[Index of Archives] [Linux ARM Kernel] [Linux ARM] [Linux Omap] [Fedora ARM] [IETF Annouce] [Bugtraq] [Linux OMAP] [Linux MIPS] [eCos] [Asterisk Internet PBX] [Linux API]