Re: [PATCH 1/2] mm/mprotect: Call arch_validate_prot under mmap_lock and with length

On 10/15/20 3:05 AM, Catalin Marinas wrote: > On Wed, Oct 14, 2020 at 03:21:16PM -0600, Khalid Aziz wrote: >> What FreeBSD does seems like a reasonable thing to do. Any way first >> thing to do is to update sparc to use arch_validate_flags() and update >> sparc_validate_prot() to not peek into vma

Re: [PATCH 1/2] mm/mprotect: Call arch_validate_prot under mmap_lock and with length

On Wed, Oct 14, 2020 at 03:21:16PM -0600, Khalid Aziz wrote: > On 10/13/20 3:16 AM, Catalin Marinas wrote: > > On Mon, Oct 12, 2020 at 01:14:50PM -0600, Khalid Aziz wrote: > >> On 10/12/20 11:22 AM, Catalin Marinas wrote: > >>> On Mon, Oct 12, 2020 at 11:03:33AM -0600, Khalid Aziz wrote: > On

Re: [PATCH 1/2] mm/mprotect: Call arch_validate_prot under mmap_lock and with length

On 10/13/20 3:16 AM, Catalin Marinas wrote: > On Mon, Oct 12, 2020 at 01:14:50PM -0600, Khalid Aziz wrote: >> On 10/12/20 11:22 AM, Catalin Marinas wrote: >>> On Mon, Oct 12, 2020 at 11:03:33AM -0600, Khalid Aziz wrote: On 10/10/20 5:09 AM, Catalin Marinas wrote: > On Wed, Oct 07, 2020 at

Re: [PATCH 1/2] mm/mprotect: Call arch_validate_prot under mmap_lock and with length

On Mon, Oct 12, 2020 at 01:14:50PM -0600, Khalid Aziz wrote: > On 10/12/20 11:22 AM, Catalin Marinas wrote: > > On Mon, Oct 12, 2020 at 11:03:33AM -0600, Khalid Aziz wrote: > >> On 10/10/20 5:09 AM, Catalin Marinas wrote: > >>> On Wed, Oct 07, 2020 at 02:14:09PM -0600, Khalid Aziz wrote: > On

Re: [PATCH 1/2] mm/mprotect: Call arch_validate_prot under mmap_lock and with length

On 10/12/20 11:22 AM, Catalin Marinas wrote: > On Mon, Oct 12, 2020 at 11:03:33AM -0600, Khalid Aziz wrote: >> On 10/10/20 5:09 AM, Catalin Marinas wrote: >>> On Wed, Oct 07, 2020 at 02:14:09PM -0600, Khalid Aziz wrote: On 10/7/20 1:39 AM, Jann Horn wrote: > arch_validate_prot() is a hook

Re: [PATCH 1/2] mm/mprotect: Call arch_validate_prot under mmap_lock and with length

On Mon, Oct 12, 2020 at 11:03:33AM -0600, Khalid Aziz wrote: > On 10/10/20 5:09 AM, Catalin Marinas wrote: > > On Wed, Oct 07, 2020 at 02:14:09PM -0600, Khalid Aziz wrote: > >> On 10/7/20 1:39 AM, Jann Horn wrote: > >>> arch_validate_prot() is a hook that can validate whether a given set of > >>> p

Re: [PATCH 1/2] mm/mprotect: Call arch_validate_prot under mmap_lock and with length

On 10/10/20 5:09 AM, Catalin Marinas wrote: > Hi Khalid, > > On Wed, Oct 07, 2020 at 02:14:09PM -0600, Khalid Aziz wrote: >> On 10/7/20 1:39 AM, Jann Horn wrote: >>> arch_validate_prot() is a hook that can validate whether a given set of >>> protection flags is valid in an mprotect() operation. It

Re: [PATCH 1/2] mm/mprotect: Call arch_validate_prot under mmap_lock and with length

Hi Khalid, On Wed, Oct 07, 2020 at 02:14:09PM -0600, Khalid Aziz wrote: > On 10/7/20 1:39 AM, Jann Horn wrote: > > arch_validate_prot() is a hook that can validate whether a given set of > > protection flags is valid in an mprotect() operation. It is given the set > > of protection flags and the a

Re: [PATCH 1/2] mm/mprotect: Call arch_validate_prot under mmap_lock and with length

On Thu, Oct 08, 2020 at 09:34:26PM +1100, Michael Ellerman wrote: > Jann Horn writes: > > So while the mprotect() case > > checks the flags and refuses unknown values, the mmap() code just lets > > the architecture figure out which bits are actually valid to set (via > > arch_calc_vm_prot_bits())

Re: [PATCH 1/2] mm/mprotect: Call arch_validate_prot under mmap_lock and with length

Jann Horn writes: > On Wed, Oct 7, 2020 at 2:35 PM Christoph Hellwig wrote: >> On Wed, Oct 07, 2020 at 09:39:31AM +0200, Jann Horn wrote: >> > diff --git a/arch/powerpc/kernel/syscalls.c >> > b/arch/powerpc/kernel/syscalls.c >> > index 078608ec2e92..b1fabb97d138 100644 >> > --- a/arch/powerpc/ke

Re: [PATCH 1/2] mm/mprotect: Call arch_validate_prot under mmap_lock and with length

On Wed, Oct 07, 2020 at 09:39:31AM +0200, Jann Horn wrote: > arch_validate_prot() is a hook that can validate whether a given set of > protection flags is valid in an mprotect() operation. It is given the set > of protection flags and the address being modified. > > However, the address being modi

Re: [PATCH 1/2] mm/mprotect: Call arch_validate_prot under mmap_lock and with length

On Wed, Oct 07, 2020 at 04:42:55PM +0200, Jann Horn wrote: > > > @@ -43,7 +43,7 @@ static inline long do_mmap2(unsigned long addr, size_t > > > len, > > > { > > > long ret = -EINVAL; > > > > > > - if (!arch_validate_prot(prot, addr)) > > > + if (!arch_validate_prot(prot, addr, len))

Re: [PATCH 1/2] mm/mprotect: Call arch_validate_prot under mmap_lock and with length

On 10/7/20 1:39 AM, Jann Horn wrote: > arch_validate_prot() is a hook that can validate whether a given set of > protection flags is valid in an mprotect() operation. It is given the set > of protection flags and the address being modified. > > However, the address being modified can currently not

Re: [PATCH 1/2] mm/mprotect: Call arch_validate_prot under mmap_lock and with length

On Wed, Oct 07, 2020 at 09:39:31AM +0200, Jann Horn wrote: > diff --git a/arch/powerpc/kernel/syscalls.c b/arch/powerpc/kernel/syscalls.c > index 078608ec2e92..b1fabb97d138 100644 > --- a/arch/powerpc/kernel/syscalls.c > +++ b/arch/powerpc/kernel/syscalls.c > @@ -43,7 +43,7 @@ static inline long do