diff mbox series

[v6,17/20] mm/mmap: Use vms accounted pages in mmap_region()

Message ID 20240820235730.2852400-18-Liam.Howlett@oracle.com (mailing list archive)
State New
Headers show
Series Avoid MAP_FIXED gap exposure | expand

Commit Message

Liam R. Howlett Aug. 20, 2024, 11:57 p.m. UTC
From: "Liam R. Howlett" <Liam.Howlett@Oracle.com>

Change from nr_pages variable to vms.nr_accounted for the charged pages
calculation.  This is necessary for a future patch.

This also avoids checking security_vm_enough_memory_mm() if the amount
of memory won't change.

Signed-off-by: Liam R. Howlett <Liam.Howlett@Oracle.com>
Cc: Kees Cook <kees@kernel.org>
Cc: linux-security-module@vger.kernel.org
Reviewed-by: Kees Cook <kees@kernel.org>
Reviewed-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
Reviewed-by: Suren Baghdasaryan <surenb@google.com>
---
 mm/mmap.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

Comments

Paul Moore Aug. 21, 2024, 4:35 p.m. UTC | #1
On Tue, Aug 20, 2024 at 8:02 PM Liam R. Howlett <Liam.Howlett@oracle.com> wrote:
>
> From: "Liam R. Howlett" <Liam.Howlett@Oracle.com>
>
> Change from nr_pages variable to vms.nr_accounted for the charged pages
> calculation.  This is necessary for a future patch.
>
> This also avoids checking security_vm_enough_memory_mm() if the amount
> of memory won't change.
>
> Signed-off-by: Liam R. Howlett <Liam.Howlett@Oracle.com>
> Cc: Kees Cook <kees@kernel.org>
> Cc: linux-security-module@vger.kernel.org
> Reviewed-by: Kees Cook <kees@kernel.org>
> Reviewed-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
> Reviewed-by: Suren Baghdasaryan <surenb@google.com>
> ---
>  mm/mmap.c | 5 +++--
>  1 file changed, 3 insertions(+), 2 deletions(-)

I'm pretty sure I already ACK'd this, but I don't see it above so here
it is again:

Acked-by: Paul Moore <paul@paul-moore.com> (LSM)

> diff --git a/mm/mmap.c b/mm/mmap.c
> index 19dac138f913..2a4f1df96f94 100644
> --- a/mm/mmap.c
> +++ b/mm/mmap.c
> @@ -1413,9 +1413,10 @@ unsigned long mmap_region(struct file *file, unsigned long addr,
>          */
>         if (accountable_mapping(file, vm_flags)) {
>                 charged = pglen;
> -               charged -= nr_accounted;
> -               if (security_vm_enough_memory_mm(mm, charged))
> +               charged -= vms.nr_accounted;
> +               if (charged && security_vm_enough_memory_mm(mm, charged))
>                         goto abort_munmap;
> +
>                 vms.nr_accounted = 0;
>                 vm_flags |= VM_ACCOUNT;
>         }
> --
> 2.43.0
Liam R. Howlett Aug. 21, 2024, 5:15 p.m. UTC | #2
* Paul Moore <paul@paul-moore.com> [240821 12:35]:
> On Tue, Aug 20, 2024 at 8:02 PM Liam R. Howlett <Liam.Howlett@oracle.com> wrote:
> >
> > From: "Liam R. Howlett" <Liam.Howlett@Oracle.com>
> >
> > Change from nr_pages variable to vms.nr_accounted for the charged pages
> > calculation.  This is necessary for a future patch.
> >
> > This also avoids checking security_vm_enough_memory_mm() if the amount
> > of memory won't change.
> >
> > Signed-off-by: Liam R. Howlett <Liam.Howlett@Oracle.com>
> > Cc: Kees Cook <kees@kernel.org>
> > Cc: linux-security-module@vger.kernel.org
> > Reviewed-by: Kees Cook <kees@kernel.org>
> > Reviewed-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
> > Reviewed-by: Suren Baghdasaryan <surenb@google.com>
> > ---
> >  mm/mmap.c | 5 +++--
> >  1 file changed, 3 insertions(+), 2 deletions(-)
> 
> I'm pretty sure I already ACK'd this, but I don't see it above so here
> it is again:
> 
> Acked-by: Paul Moore <paul@paul-moore.com> (LSM)

Sorry for missing that.  It's here now for sure.

Thanks,
Liam

> 
> > diff --git a/mm/mmap.c b/mm/mmap.c
> > index 19dac138f913..2a4f1df96f94 100644
> > --- a/mm/mmap.c
> > +++ b/mm/mmap.c
> > @@ -1413,9 +1413,10 @@ unsigned long mmap_region(struct file *file, unsigned long addr,
> >          */
> >         if (accountable_mapping(file, vm_flags)) {
> >                 charged = pglen;
> > -               charged -= nr_accounted;
> > -               if (security_vm_enough_memory_mm(mm, charged))
> > +               charged -= vms.nr_accounted;
> > +               if (charged && security_vm_enough_memory_mm(mm, charged))
> >                         goto abort_munmap;
> > +
> >                 vms.nr_accounted = 0;
> >                 vm_flags |= VM_ACCOUNT;
> >         }
> > --
> > 2.43.0
> 
> -- 
> paul-moore.com
diff mbox series

Patch

diff --git a/mm/mmap.c b/mm/mmap.c
index 19dac138f913..2a4f1df96f94 100644
--- a/mm/mmap.c
+++ b/mm/mmap.c
@@ -1413,9 +1413,10 @@  unsigned long mmap_region(struct file *file, unsigned long addr,
 	 */
 	if (accountable_mapping(file, vm_flags)) {
 		charged = pglen;
-		charged -= nr_accounted;
-		if (security_vm_enough_memory_mm(mm, charged))
+		charged -= vms.nr_accounted;
+		if (charged && security_vm_enough_memory_mm(mm, charged))
 			goto abort_munmap;
+
 		vms.nr_accounted = 0;
 		vm_flags |= VM_ACCOUNT;
 	}