Re: [RFC] invalidate_mmap_range() misses remap_file_pages()-affected targets
From: William Lee Irwin III (wli_at_holomorphy.com)
Date: 10/12/03
- Previous message: Edward Macfarlane Smith: "Re: problem mounting CD writer in 2.4.20"
- In reply to: Andrew Morton: "Re: [RFC] invalidate_mmap_range() misses remap_file_pages()-affected targets"
- Next in thread: Rik van Riel: "Re: [RFC] invalidate_mmap_range() misses remap_file_pages()-affected targets"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sun, 12 Oct 2003 12:38:41 -0700 To: Andrew Morton <akpm@osdl.org>
On Sun, Oct 12, 2003 at 04:53:32AM -0700, Andrew Morton wrote:
> I was going to just not bother about this wart. After all, we get to write
> the standard on remap_file_pages(), and we can say "the
> truncate-causes-SIGBUS thing doesn't work". After all, it is not very
> useful.
> But I wonder if this effect could be used maliciously. Say, user A has
> read-only access to user B's file, and uses that access to set up a
> nonlinear mapping thereby causing user B's truncate to not behave
> correctly. But this example is OK, isn't it? User A will just receive an
> anonymous page for his troubles.
> Can you think of any stability or security scenario which says that we
> _should_ implement the conventional truncate behaviour?
At some point we burned a bit of effort to ensure we wiped all the ptes
and all the faulting looped until we finished when we vmtruncate();
not handling is a loophole in that, and if anything assumes it won't
find vmtruncate()'s orphans in-kernel, it will break. Apart from that
it's not so large an issue. I'm not so much attached to coddling
userspace (remap_file_pages() users should not be naive) as to shoring
up invalidate_mmap_range() with its intent (unmapping file offset ranges
instead of virtualspace ranges). Someone else might scream later.
Also, tlb_remove_tlb_entry()'s ordering with ptep_get_and_clear() seems
to be handled on ppc* by not having ptep_get_and_clear() fully clear the
pte, which is disturbing, but a sign ppc* maintainers already handle it.
-- wli
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
- Previous message: Edward Macfarlane Smith: "Re: problem mounting CD writer in 2.4.20"
- In reply to: Andrew Morton: "Re: [RFC] invalidate_mmap_range() misses remap_file_pages()-affected targets"
- Next in thread: Rik van Riel: "Re: [RFC] invalidate_mmap_range() misses remap_file_pages()-affected targets"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
