Message ID | 20240820235730.2852400-18-Liam.Howlett@oracle.com (mailing list archive) |
---|---|
State | New |
Headers | show |
Series | Avoid MAP_FIXED gap exposure | expand |
On Tue, Aug 20, 2024 at 8:02 PM Liam R. Howlett <Liam.Howlett@oracle.com> wrote: > > From: "Liam R. Howlett" <Liam.Howlett@Oracle.com> > > Change from nr_pages variable to vms.nr_accounted for the charged pages > calculation. This is necessary for a future patch. > > This also avoids checking security_vm_enough_memory_mm() if the amount > of memory won't change. > > Signed-off-by: Liam R. Howlett <Liam.Howlett@Oracle.com> > Cc: Kees Cook <kees@kernel.org> > Cc: linux-security-module@vger.kernel.org > Reviewed-by: Kees Cook <kees@kernel.org> > Reviewed-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com> > Reviewed-by: Suren Baghdasaryan <surenb@google.com> > --- > mm/mmap.c | 5 +++-- > 1 file changed, 3 insertions(+), 2 deletions(-) I'm pretty sure I already ACK'd this, but I don't see it above so here it is again: Acked-by: Paul Moore <paul@paul-moore.com> (LSM) > diff --git a/mm/mmap.c b/mm/mmap.c > index 19dac138f913..2a4f1df96f94 100644 > --- a/mm/mmap.c > +++ b/mm/mmap.c > @@ -1413,9 +1413,10 @@ unsigned long mmap_region(struct file *file, unsigned long addr, > */ > if (accountable_mapping(file, vm_flags)) { > charged = pglen; > - charged -= nr_accounted; > - if (security_vm_enough_memory_mm(mm, charged)) > + charged -= vms.nr_accounted; > + if (charged && security_vm_enough_memory_mm(mm, charged)) > goto abort_munmap; > + > vms.nr_accounted = 0; > vm_flags |= VM_ACCOUNT; > } > -- > 2.43.0
* Paul Moore <paul@paul-moore.com> [240821 12:35]: > On Tue, Aug 20, 2024 at 8:02 PM Liam R. Howlett <Liam.Howlett@oracle.com> wrote: > > > > From: "Liam R. Howlett" <Liam.Howlett@Oracle.com> > > > > Change from nr_pages variable to vms.nr_accounted for the charged pages > > calculation. This is necessary for a future patch. > > > > This also avoids checking security_vm_enough_memory_mm() if the amount > > of memory won't change. > > > > Signed-off-by: Liam R. Howlett <Liam.Howlett@Oracle.com> > > Cc: Kees Cook <kees@kernel.org> > > Cc: linux-security-module@vger.kernel.org > > Reviewed-by: Kees Cook <kees@kernel.org> > > Reviewed-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com> > > Reviewed-by: Suren Baghdasaryan <surenb@google.com> > > --- > > mm/mmap.c | 5 +++-- > > 1 file changed, 3 insertions(+), 2 deletions(-) > > I'm pretty sure I already ACK'd this, but I don't see it above so here > it is again: > > Acked-by: Paul Moore <paul@paul-moore.com> (LSM) Sorry for missing that. It's here now for sure. Thanks, Liam > > > diff --git a/mm/mmap.c b/mm/mmap.c > > index 19dac138f913..2a4f1df96f94 100644 > > --- a/mm/mmap.c > > +++ b/mm/mmap.c > > @@ -1413,9 +1413,10 @@ unsigned long mmap_region(struct file *file, unsigned long addr, > > */ > > if (accountable_mapping(file, vm_flags)) { > > charged = pglen; > > - charged -= nr_accounted; > > - if (security_vm_enough_memory_mm(mm, charged)) > > + charged -= vms.nr_accounted; > > + if (charged && security_vm_enough_memory_mm(mm, charged)) > > goto abort_munmap; > > + > > vms.nr_accounted = 0; > > vm_flags |= VM_ACCOUNT; > > } > > -- > > 2.43.0 > > -- > paul-moore.com
diff --git a/mm/mmap.c b/mm/mmap.c index 19dac138f913..2a4f1df96f94 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -1413,9 +1413,10 @@ unsigned long mmap_region(struct file *file, unsigned long addr, */ if (accountable_mapping(file, vm_flags)) { charged = pglen; - charged -= nr_accounted; - if (security_vm_enough_memory_mm(mm, charged)) + charged -= vms.nr_accounted; + if (charged && security_vm_enough_memory_mm(mm, charged)) goto abort_munmap; + vms.nr_accounted = 0; vm_flags |= VM_ACCOUNT; }