| Message ID | 20230719075127.47736-1-wangkefeng.wang@huawei.com |
|---|---|
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:c923:0:b0:3e4:2afc:c1 with SMTP id j3csp2274658vqt;
Wed, 19 Jul 2023 01:03:14 -0700 (PDT)
X-Google-Smtp-Source:
APBJJlEKEHVPpqWw8w8Aboh6XMx40f9wb8uIeBnkhx/tlMy0pJSoU9kxF7xzSLBR8/oSA6Q2QfkP
X-Received: by 2002:a17:90a:d250:b0:263:f3d0:7ea2 with SMTP id
o16-20020a17090ad25000b00263f3d07ea2mr1952013pjw.8.1689753794310;
Wed, 19 Jul 2023 01:03:14 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1689753794; cv=none;
d=google.com; s=arc-20160816;
b=S4L+7aBAp+HVtALG5ENsYO/sxWa9lK9An2YNcAHmw45yg/gEfzX7vYAQTfHmQV6KEj
obNl6FOU8/sevsqiBZf5fR4oOgTmMF6PDDs2R7io4rxpyYQhVW7a1B/2NohH1dhl7Rr6
H6P9077Pz7vg/zmWGmjc0b17EywQSebNMZqngWmXyHgVVd/rdQTGXv1cbTbjAOCqBgp0
a3ySTWmurgOLskMoMPpA1D6xJ6MOY3dncLrz32UhlQUCgPXgUlnSqe1X+/gVDcybdc+x
kPRXjjZVVMyDwK6VcgWJKsUHHGzghc/bjaQGZCzvCX7YM8oe1Sm1ZaWRLSlo9BEbr+nY
x85g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:message-id:date:subject:cc:to:from;
bh=FQLRJXgV60ajiUrnsrtbH43Bc3wb3+EorjdQnI9ybck=;
fh=FRon72YwFeIVU/LlfmPNxuVFiduvQKfa+Ydvnh8xLfc=;
b=dIuE0Dgb1Rlwyw5XEjVM9qDz/9Uyd/w2P13HvF6nQv5oM1hlIwmekjjMZ/OKssCE7j
SninNN06dGjTMTrBQIsRJ3hZbZWzj59QV5eqOS9s6/9AFKkYkFauM4XkCx/LPePzA9ns
qY4wrJwejC6RaAj/w+hrBMC1E0y/YRCAGosq5RC2OYiuTHg9lAlDRUOBlwZ5yoUWVyJB
ENs/JDWZeX/iXyqmmysr3/xfj0K9JTShMjmP6Er8A0QQcAuGmbFLfPey+omQiW+QC3z7
9mWIybcfSjYuEwlEy/9M9Hl4PPkpEs+OMMjb+I9GoyzPdhwYnAvbVvK9+pFtYqXaY+DA
to2g==
ARC-Authentication-Results: i=1; mx.google.com;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
e9-20020a17090ac20900b0025baa49fa95si998026pjt.1.2023.07.19.01.03.00;
Wed, 19 Jul 2023 01:03:14 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S229826AbjGSHkN (ORCPT <rfc822;assdfgzxcv4@gmail.com>
+ 99 others); Wed, 19 Jul 2023 03:40:13 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37102 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S229714AbjGSHkH (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Wed, 19 Jul 2023 03:40:07 -0400
Received: from szxga01-in.huawei.com (szxga01-in.huawei.com [45.249.212.187])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 837AF1BDC;
Wed, 19 Jul 2023 00:40:05 -0700 (PDT)
Received: from dggpemm500001.china.huawei.com (unknown [172.30.72.56])
by szxga01-in.huawei.com (SkyGuard) with ESMTP id 4R5SPf3rLczrRnl;
Wed, 19 Jul 2023 15:39:18 +0800 (CST)
Received: from localhost.localdomain.localdomain (10.175.113.25) by
dggpemm500001.china.huawei.com (7.185.36.107) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2507.27; Wed, 19 Jul 2023 15:40:02 +0800
From: Kefeng Wang <wangkefeng.wang@huawei.com>
To: Andrew Morton <akpm@linux-foundation.org>
CC: <amd-gfx@lists.freedesktop.org>, <dri-devel@lists.freedesktop.org>,
<linux-kernel@vger.kernel.org>, <linux-fsdevel@vger.kernel.org>,
<linux-mm@kvack.org>, <linux-perf-users@vger.kernel.org>,
<selinux@vger.kernel.org>, Kefeng Wang <wangkefeng.wang@huawei.com>
Subject: [PATCH v2 0/4] mm: convert to vma_is_initial_heap/stack()
Date: Wed, 19 Jul 2023 15:51:10 +0800
Message-ID: <20230719075127.47736-1-wangkefeng.wang@huawei.com>
X-Mailer: git-send-email 2.41.0
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
X-Originating-IP: [10.175.113.25]
X-ClientProxiedBy: dggems706-chm.china.huawei.com (10.3.19.183) To
dggpemm500001.china.huawei.com (7.185.36.107)
X-CFilter-Loop: Reflected
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,
RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H5,RCVD_IN_MSPIKE_WL,
SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham
autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1771835274827121718
X-GMAIL-MSGID: 1771835274827121718
|
| Series |
mm: convert to vma_is_initial_heap/stack()
|
|
Message
Kefeng Wang
July 19, 2023, 7:51 a.m. UTC
Add vma_is_initial_stack() and vma_is_initial_heap() helper and use them to simplify code. v2: - address comments per David Hildenbrand and Christian Göttsche - fix selinux build Kefeng Wang (4): mm: factor out VMA stack and heap checks drm/amdkfd: use vma_is_initial_stack() and vma_is_initial_heap() selinux: use vma_is_initial_stack() and vma_is_initial_heap() perf/core: use vma_is_initial_stack() and vma_is_initial_heap() drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 5 +---- fs/proc/task_mmu.c | 24 ++++-------------------- fs/proc/task_nommu.c | 15 +-------------- include/linux/mm.h | 21 +++++++++++++++++++++ kernel/events/core.c | 22 +++++++--------------- security/selinux/hooks.c | 7 ++----- 6 files changed, 36 insertions(+), 58 deletions(-)
Comments
On 19.07.23 09:51, Kefeng Wang wrote: > Use the helpers to simplify code. > > Cc: Felix Kuehling <Felix.Kuehling@amd.com> > Cc: Alex Deucher <alexander.deucher@amd.com> > Cc: "Christian König" <christian.koenig@amd.com> > Cc: "Pan, Xinhui" <Xinhui.Pan@amd.com> > Cc: David Airlie <airlied@gmail.com> > Cc: Daniel Vetter <daniel@ffwll.ch> > Signed-off-by: Kefeng Wang <wangkefeng.wang@huawei.com> > --- > drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 5 +---- > 1 file changed, 1 insertion(+), 4 deletions(-) > > diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_svm.c b/drivers/gpu/drm/amd/amdkfd/kfd_svm.c > index 5ff1a5a89d96..0b7bfbd0cb66 100644 > --- a/drivers/gpu/drm/amd/amdkfd/kfd_svm.c > +++ b/drivers/gpu/drm/amd/amdkfd/kfd_svm.c > @@ -2621,10 +2621,7 @@ svm_range_get_range_boundaries(struct kfd_process *p, int64_t addr, > return -EFAULT; > } > > - *is_heap_stack = (vma->vm_start <= vma->vm_mm->brk && > - vma->vm_end >= vma->vm_mm->start_brk) || > - (vma->vm_start <= vma->vm_mm->start_stack && > - vma->vm_end >= vma->vm_mm->start_stack); > + *is_heap_stack = vma_is_initial_heap(vma) || vma_is_initial_stack(vma); > > start_limit = max(vma->vm_start >> PAGE_SHIFT, > (unsigned long)ALIGN_DOWN(addr, 2UL << 8)); Certainly a valid refactoring, although questionable if such code should care about that. Reviewed-by: David Hildenbrand <david@redhat.com>
On 19.07.23 09:51, Kefeng Wang wrote: > Use the helpers to simplify code. > > Cc: Paul Moore <paul@paul-moore.com> > Cc: Stephen Smalley <stephen.smalley.work@gmail.com> > Cc: Eric Paris <eparis@parisplace.org> > Acked-by: Paul Moore <paul@paul-moore.com> > Signed-off-by: Kefeng Wang <wangkefeng.wang@huawei.com> > --- > security/selinux/hooks.c | 7 ++----- > 1 file changed, 2 insertions(+), 5 deletions(-) > > diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c > index d06e350fedee..ee8575540a8e 100644 > --- a/security/selinux/hooks.c > +++ b/security/selinux/hooks.c > @@ -3762,13 +3762,10 @@ static int selinux_file_mprotect(struct vm_area_struct *vma, > if (default_noexec && > (prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) { > int rc = 0; > - if (vma->vm_start >= vma->vm_mm->start_brk && > - vma->vm_end <= vma->vm_mm->brk) { > + if (vma_is_initial_heap(vma)) { > rc = avc_has_perm(sid, sid, SECCLASS_PROCESS, > PROCESS__EXECHEAP, NULL); > - } else if (!vma->vm_file && > - ((vma->vm_start <= vma->vm_mm->start_stack && > - vma->vm_end >= vma->vm_mm->start_stack) || > + } else if (!vma->vm_file && (vma_is_initial_stack(vma) || > vma_is_stack_for_current(vma))) { > rc = avc_has_perm(sid, sid, SECCLASS_PROCESS, > PROCESS__EXECSTACK, NULL); Reviewed-by: David Hildenbrand <david@redhat.com>
On Wed, 19 Jul 2023 at 09:40, Kefeng Wang <wangkefeng.wang@huawei.com> wrote: > > Use the helpers to simplify code. > > Cc: Paul Moore <paul@paul-moore.com> > Cc: Stephen Smalley <stephen.smalley.work@gmail.com> > Cc: Eric Paris <eparis@parisplace.org> > Acked-by: Paul Moore <paul@paul-moore.com> > Signed-off-by: Kefeng Wang <wangkefeng.wang@huawei.com> > --- > security/selinux/hooks.c | 7 ++----- > 1 file changed, 2 insertions(+), 5 deletions(-) > > diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c > index d06e350fedee..ee8575540a8e 100644 > --- a/security/selinux/hooks.c > +++ b/security/selinux/hooks.c > @@ -3762,13 +3762,10 @@ static int selinux_file_mprotect(struct vm_area_struct *vma, > if (default_noexec && > (prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) { > int rc = 0; > - if (vma->vm_start >= vma->vm_mm->start_brk && > - vma->vm_end <= vma->vm_mm->brk) { > + if (vma_is_initial_heap(vma)) { This seems to change the condition from vma->vm_start >= vma->vm_mm->start_brk && vma->vm_end <= vma->vm_mm->brk to vma->vm_start <= vma->vm_mm->brk && vma->vm_end >= vma->vm_mm->start_brk (or AND arguments swapped) vma->vm_end >= vma->vm_mm->start_brk && vma->vm_start <= vma->vm_mm->brk Is this intended? > rc = avc_has_perm(sid, sid, SECCLASS_PROCESS, > PROCESS__EXECHEAP, NULL); > - } else if (!vma->vm_file && > - ((vma->vm_start <= vma->vm_mm->start_stack && > - vma->vm_end >= vma->vm_mm->start_stack) || > + } else if (!vma->vm_file && (vma_is_initial_stack(vma) || > vma_is_stack_for_current(vma))) { > rc = avc_has_perm(sid, sid, SECCLASS_PROCESS, > PROCESS__EXECSTACK, NULL); > -- > 2.27.0 >
Am 2023-07-19 um 03:51 schrieb Kefeng Wang: > Use the helpers to simplify code. > > Cc: Felix Kuehling <Felix.Kuehling@amd.com> > Cc: Alex Deucher <alexander.deucher@amd.com> > Cc: "Christian König" <christian.koenig@amd.com> > Cc: "Pan, Xinhui" <Xinhui.Pan@amd.com> > Cc: David Airlie <airlied@gmail.com> > Cc: Daniel Vetter <daniel@ffwll.ch> > Signed-off-by: Kefeng Wang <wangkefeng.wang@huawei.com> Reviewed-by: Felix Kuehling <Felix.Kuehling@amd.com> > --- > drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 5 +---- > 1 file changed, 1 insertion(+), 4 deletions(-) > > diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_svm.c b/drivers/gpu/drm/amd/amdkfd/kfd_svm.c > index 5ff1a5a89d96..0b7bfbd0cb66 100644 > --- a/drivers/gpu/drm/amd/amdkfd/kfd_svm.c > +++ b/drivers/gpu/drm/amd/amdkfd/kfd_svm.c > @@ -2621,10 +2621,7 @@ svm_range_get_range_boundaries(struct kfd_process *p, int64_t addr, > return -EFAULT; > } > > - *is_heap_stack = (vma->vm_start <= vma->vm_mm->brk && > - vma->vm_end >= vma->vm_mm->start_brk) || > - (vma->vm_start <= vma->vm_mm->start_stack && > - vma->vm_end >= vma->vm_mm->start_stack); > + *is_heap_stack = vma_is_initial_heap(vma) || vma_is_initial_stack(vma); > > start_limit = max(vma->vm_start >> PAGE_SHIFT, > (unsigned long)ALIGN_DOWN(addr, 2UL << 8));
On Wed, Jul 19, 2023 at 6:23 AM Kefeng Wang <wangkefeng.wang@huawei.com> wrote: > On 2023/7/19 17:02, Christian Göttsche wrote: > > On Wed, 19 Jul 2023 at 09:40, Kefeng Wang <wangkefeng.wang@huawei.com> wrote: > >> > >> Use the helpers to simplify code. > >> > >> Cc: Paul Moore <paul@paul-moore.com> > >> Cc: Stephen Smalley <stephen.smalley.work@gmail.com> > >> Cc: Eric Paris <eparis@parisplace.org> > >> Acked-by: Paul Moore <paul@paul-moore.com> > >> Signed-off-by: Kefeng Wang <wangkefeng.wang@huawei.com> > >> --- > >> security/selinux/hooks.c | 7 ++----- > >> 1 file changed, 2 insertions(+), 5 deletions(-) > >> > >> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c > >> index d06e350fedee..ee8575540a8e 100644 > >> --- a/security/selinux/hooks.c > >> +++ b/security/selinux/hooks.c > >> @@ -3762,13 +3762,10 @@ static int selinux_file_mprotect(struct vm_area_struct *vma, > >> if (default_noexec && > >> (prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) { > >> int rc = 0; > >> - if (vma->vm_start >= vma->vm_mm->start_brk && > >> - vma->vm_end <= vma->vm_mm->brk) { > >> + if (vma_is_initial_heap(vma)) { > > > > This seems to change the condition from > > > > vma->vm_start >= vma->vm_mm->start_brk && vma->vm_end <= vma->vm_mm->brk > > > > to > > > > vma->vm_start <= vma->vm_mm->brk && vma->vm_end >= vma->vm_mm->start_brk > > > > (or AND arguments swapped) > > > > vma->vm_end >= vma->vm_mm->start_brk && vma->vm_start <= vma->vm_mm->brk > > > > Is this intended? > > The new condition is to check whether there is intersection between > [startbrk,brk] and [vm_start,vm_end], it contains orignal check, so > I think it is ok, but for selinux check, I am not sure if there is > some other problem. This particular SELinux vma check is see if the vma falls within the heap; can you confirm that this change preserves this?
On Thu, Jul 20, 2023 at 4:28 AM Kefeng Wang <wangkefeng.wang@huawei.com> wrote: > On 2023/7/19 23:25, Paul Moore wrote: > > On Wed, Jul 19, 2023 at 6:23 AM Kefeng Wang <wangkefeng.wang@huawei.com> wrote: > >> On 2023/7/19 17:02, Christian Göttsche wrote: > >>> On Wed, 19 Jul 2023 at 09:40, Kefeng Wang <wangkefeng.wang@huawei.com> wrote: > >>>> > >>>> Use the helpers to simplify code. > >>>> > >>>> Cc: Paul Moore <paul@paul-moore.com> > >>>> Cc: Stephen Smalley <stephen.smalley.work@gmail.com> > >>>> Cc: Eric Paris <eparis@parisplace.org> > >>>> Acked-by: Paul Moore <paul@paul-moore.com> > >>>> Signed-off-by: Kefeng Wang <wangkefeng.wang@huawei.com> > >>>> --- > >>>> security/selinux/hooks.c | 7 ++----- > >>>> 1 file changed, 2 insertions(+), 5 deletions(-) > >>>> > >>>> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c > >>>> index d06e350fedee..ee8575540a8e 100644 > >>>> --- a/security/selinux/hooks.c > >>>> +++ b/security/selinux/hooks.c > >>>> @@ -3762,13 +3762,10 @@ static int selinux_file_mprotect(struct vm_area_struct *vma, > >>>> if (default_noexec && > >>>> (prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) { > >>>> int rc = 0; > >>>> - if (vma->vm_start >= vma->vm_mm->start_brk && > >>>> - vma->vm_end <= vma->vm_mm->brk) { > >>>> + if (vma_is_initial_heap(vma)) { > >>> > >>> This seems to change the condition from > >>> > >>> vma->vm_start >= vma->vm_mm->start_brk && vma->vm_end <= vma->vm_mm->brk > >>> > >>> to > >>> > >>> vma->vm_start <= vma->vm_mm->brk && vma->vm_end >= vma->vm_mm->start_brk > >>> > >>> (or AND arguments swapped) > >>> > >>> vma->vm_end >= vma->vm_mm->start_brk && vma->vm_start <= vma->vm_mm->brk > >>> > >>> Is this intended? > >> > >> The new condition is to check whether there is intersection between > >> [startbrk,brk] and [vm_start,vm_end], it contains orignal check, so > >> I think it is ok, but for selinux check, I am not sure if there is > >> some other problem. > > > > This particular SELinux vma check is see if the vma falls within the > > heap; can you confirm that this change preserves this? > > Yes, within is one case of new vma scope check. Thanks for the confirmation.