Re: [PATCH v1 06/11] mm: support GUP-triggered unsharing via FAULT_FLAG_UNSHARE (!hugetlb)

[Jan Kara]

On Wed 22-12-21 10:40:18, Linus Torvalds wrote:
> On Wed, Dec 22, 2021 at 8:08 AM Jan Kara <jack@xxxxxxx> wrote:
> >
> > Well, but O_DIRECT reads must use FOLL_PIN in any case because they modify
> > page data (and so we need to detect them both for COW and filesystem needs).
> 
> Well, O_DIRECT reads do, but not necessarily writes.

I agree.

> And hey, even reads have been dodgy in the past when we didn't really
> have the pinning logic - there's been a lot of users that just wanted
> it to work for their particular use-case rather than in general and in
> all situations..

Yes, but currently a malicious user can take the system down (BUG_ON) or
cause DIF/DIX failures if he is nasty and tries hard enough with O_DIRECT
reads (practically, the window is small so I haven't really seen a report
that I could trace to O_DIRECT reads but in principle the problem is the
same as with pinning & dirtying done e.g. by video capture drivers and
there we've seen these problem happen). So forcing pinning for O_DIRECT
reads is IMO mandatory.

								Honza

-- 
Jan Kara <jack@xxxxxxxx>
SUSE Labs, CR