Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd

From: Kirill A. Shutemov
Date: Mon Oct 03 2022 - 07:01:48 EST

Next message: Sakari Ailus: "Re: [PATCH v2 1/5] device property: Keep dev_fwnode() and dev_fwnode_const() separate"
Previous message: Ibrahim Tilki: "[PATCH v8 3/3] Documentation: ABI: testing: add max11410 doc"
In reply to: Fuad Tabba: "Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd"
Next in thread: Fuad Tabba: "Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Oct 03, 2022 at 08:33:13AM +0100, Fuad Tabba wrote:
> > I think it is "don't do that" category. inaccessible_register_notifier()
> > caller has to know what file it operates on, no?
>
> The thing is, you could oops the kernel from userspace. For that, all
> you have to do is a memfd_create without the MFD_INACCESSIBLE,
> followed by a KVM_SET_USER_MEMORY_REGION using that as the private_fd.
> I ran into this using my port of this patch series to arm64.

My point is that it has to be handled on a different level. KVM has to
reject private_fd if it is now inaccessible. It should be trivial by
checking file->f_inode->i_sb->s_magic.

--
Kiryl Shutsemau / Kirill A. Shutemov

Next message: Sakari Ailus: "Re: [PATCH v2 1/5] device property: Keep dev_fwnode() and dev_fwnode_const() separate"
Previous message: Ibrahim Tilki: "[PATCH v8 3/3] Documentation: ABI: testing: add max11410 doc"
In reply to: Fuad Tabba: "Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd"
Next in thread: Fuad Tabba: "Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]