On Wed, Oct 16, 2024 at 03:16:29PM GMT, Andrii Nakryiko wrote: > From memfd_secret(2) manpage: > > The memory areas backing the file created with memfd_secret(2) are > visible only to the processes that have access to the file descriptor. > The memory region is removed from the kernel page tables and only the > page tables of the processes holding the file descriptor map the > corresponding physical memory. (Thus, the pages in the region can't be > accessed by the kernel itself, so that, for example, pointers to the > region can't be passed to system calls.) > > So folios backed by such secretmem files are not mapped into kernel > address space and shouldn't be accessed, in general. > > To make this a bit more generic of a fix and prevent regression in the > future for similar special mappings, do a generic check of whether the > folio we got is mapped with kernel_page_present(), as suggested in [1]. > This will handle secretmem, and any future special cases that use > a similar approach. > > Original report and repro can be found in [0]. > > [0] https://lore.kernel.org/bpf/ZwyG8Uro%2FSyTXAni@ly-workstation/ > [1] https://lore.kernel.org/bpf/CAJD7tkbpEMx-eC4A-z8Jm1ikrY_KJVjWO+mhhz1_fni4x+COKw@xxxxxxxxxxxxxx/ > > Reported-by: Yi Lai <yi1.lai@xxxxxxxxx> > Suggested-by: Yosry Ahmed <yosryahmed@xxxxxxxxxx> > Fixes: de3ec364c3c3 ("lib/buildid: add single folio-based file reader abstraction") > Signed-off-by: Andrii Nakryiko <andrii@xxxxxxxxxx> Acked-by: Shakeel Butt <shakeel.butt@xxxxxxxxx>
