LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Ram Pai <linuxram@us.ibm.com>
To: Dave Hansen <dave.hansen@intel.com>
Cc: Dave Hansen <dave.hansen@linux.intel.com>,
linux-kernel@vger.kernel.org, linux-mm@kvack.org,
shakeelb@google.com, stable@kernel.org, tglx@linutronix.de,
mpe@ellerman.id.au, mingo@kernel.org, akpm@linux-foundation.org,
shuah@kernel.org
Subject: Re: [PATCH 4/9] x86, pkeys: override pkey when moving away from PROT_EXEC
Date: Mon, 30 Apr 2018 00:51:06 -0700 [thread overview]
Message-ID: <20180430075106.GA5666@ram.oc3035372033.ibm.com> (raw)
In-Reply-To: <aedcb0b6-73f5-f72f-742e-b417131895d3@intel.com>
On Thu, Apr 26, 2018 at 10:57:31AM -0700, Dave Hansen wrote:
> On 04/06/2018 06:09 PM, Ram Pai wrote:
> > Well :). my point is add this code and delete the other
> > code that you add later in that function.
>
> I don't think I'm understanding what your suggestion was. I looked at
> the code and I honestly do not think I can remove any of it.
>
> For the plain (non-explicit pkey_mprotect()) case, there are exactly
> four paths through __arch_override_mprotect_pkey(), resulting in three
> different results.
>
> 1. New prot==PROT_EXEC, no pkey-exec support -> do not override
> 2. New prot!=PROT_EXEC, old VMA not PROT_EXEC-> do not override
> 3. New prot==PROT_EXEC, w/ pkey-exec support -> override to exec pkey
> 4. New prot!=PROT_EXEC, old VMA is PROT_EXEC -> override to default
>
> I don't see any redundancy there, or any code that we can eliminate or
> simplify. It was simpler before, but that's what where bug was.
Your code is fine. But than the following code accomplishes the same
outcome; arguably with a one line change. Its not a big deal. Just
trying to clarify my comment.
int __arch_override_mprotect_pkey(struct vm_area_struct *vma, int prot, int pkey)
{
/*
* Is this an mprotect_pkey() call? If so, never
* override the value that came from the user.
*/
if (pkey != -1)
return pkey;
/*
* Look for a protection-key-drive execute-only mapping
* which is now being given permissions that are not
* execute-only. Move it back to the default pkey.
*/
if (vma_is_pkey_exec_only(vma) && (prot != PROT_EXEC)) <--------
return ARCH_DEFAULT_PKEY;
/*
* The mapping is execute-only. Go try to get the
* execute-only protection key. If we fail to do that,
* fall through as if we do not have execute-only
* support.
*/
if (prot == PROT_EXEC) {
pkey = execute_only_pkey(vma->vm_mm);
if (pkey > 0)
return pkey;
}
/*
* This is a vanilla, non-pkey mprotect (or we failed to
* setup execute-only), inherit the pkey from the VMA we
* are working on.
*/
return vma_pkey(vma);
}
--
Ram Pai
next prev parent reply other threads:[~2018-04-30 7:51 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-26 17:27 [PATCH 0/9] [v2] x86, pkeys: two protection keys bug fixes Dave Hansen
2018-03-26 17:27 ` [PATCH 1/9] x86, pkeys: do not special case protection key 0 Dave Hansen
2018-03-26 17:47 ` Shuah Khan
2018-03-26 17:53 ` Dave Hansen
2018-03-26 17:58 ` Shuah Khan
2018-03-26 17:27 ` [PATCH 2/9] x86, pkeys, selftests: save off 'prot' for allocations Dave Hansen
2018-03-26 17:27 ` [PATCH 3/9] x86, pkeys, selftests: add a test for pkey 0 Dave Hansen
2018-03-26 17:27 ` [PATCH 4/9] x86, pkeys: override pkey when moving away from PROT_EXEC Dave Hansen
2018-04-07 0:09 ` Ram Pai
2018-04-07 0:47 ` Dave Hansen
2018-04-07 1:09 ` Ram Pai
2018-04-26 17:57 ` Dave Hansen
2018-04-30 7:51 ` Ram Pai [this message]
2018-04-30 16:36 ` Dave Hansen
2018-04-25 22:10 ` Shakeel Butt
2018-04-26 8:55 ` Thomas Gleixner
2018-04-26 18:17 ` Dave Hansen
2018-03-26 17:27 ` [PATCH 5/9] x86, pkeys, selftests: fix pointer math Dave Hansen
2018-03-26 17:27 ` [PATCH 6/9] x86, pkeys, selftests: fix pkey exhaustion test off-by-one Dave Hansen
2018-03-26 17:27 ` [PATCH 7/9] x86, pkeys, selftests: factor out "instruction page" Dave Hansen
2018-03-26 17:27 ` [PATCH 8/9] x86, pkeys, selftests: add allow faults on unknown keys Dave Hansen
2018-03-26 17:27 ` [PATCH 9/9] x86, pkeys, selftests: add PROT_EXEC test Dave Hansen
-- strict thread matches above, loose matches on Subject: below --
2018-04-27 17:45 [PATCH 0/9] [v3] x86, pkeys: two protection keys bug fixes Dave Hansen
2018-04-27 17:45 ` [PATCH 4/9] x86, pkeys: override pkey when moving away from PROT_EXEC Dave Hansen
2018-03-23 18:09 [PATCH 0/9] x86, pkeys: two protection keys bug fixes Dave Hansen
2018-03-23 18:09 ` [PATCH 4/9] x86, pkeys: override pkey when moving away from PROT_EXEC Dave Hansen
2018-03-23 19:15 ` Shakeel Butt
2018-03-23 19:23 ` Dave Hansen
2018-03-23 19:27 ` Shakeel Butt
2018-03-23 19:29 ` Dave Hansen
2018-03-23 19:38 ` Thomas Gleixner
2018-03-23 19:45 ` Thomas Gleixner
2018-03-23 19:48 ` Dave Hansen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180430075106.GA5666@ram.oc3035372033.ibm.com \
--to=linuxram@us.ibm.com \
--cc=akpm@linux-foundation.org \
--cc=dave.hansen@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mingo@kernel.org \
--cc=mpe@ellerman.id.au \
--cc=shakeelb@google.com \
--cc=shuah@kernel.org \
--cc=stable@kernel.org \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).