[1/9] x86: vdso: Introduce asm/vdso/mman.h

Message ID	20240903151437.1002990-2-vincenzo.frascino@arm.com (mailing list archive)
State	New
Headers	show Return-Path: <owner-linux-mm@kvack.org> From: Vincenzo Frascino <vincenzo.frascino@arm.com> To: linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, linux-mm@kvack.org Cc: Vincenzo Frascino <vincenzo.frascino@arm.com>, Andy Lutomirski <luto@kernel.org>, Thomas Gleixner <tglx@linutronix.de>, "Jason A . Donenfeld" <Jason@zx2c4.com>, Christophe Leroy <christophe.leroy@csgroup.eu>, Michael Ellerman <mpe@ellerman.id.au>, Nicholas Piggin <npiggin@gmail.com>, Naveen N Rao <naveen@kernel.org>, Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>, Dave Hansen <dave.hansen@linux.intel.com>, "H . Peter Anvin" <hpa@zytor.com>, Theodore Ts'o <tytso@mit.edu>, Arnd Bergmann <arnd@arndb.de>, Andrew Morton <akpm@linux-foundation.org>, Steven Rostedt <rostedt@goodmis.org>, Masami Hiramatsu <mhiramat@kernel.org>, Mathieu Desnoyers <mathieu.desnoyers@efficios.com> Subject: [PATCH 1/9] x86: vdso: Introduce asm/vdso/mman.h Date: Tue, 3 Sep 2024 16:14:29 +0100 Message-Id: <20240903151437.1002990-2-vincenzo.frascino@arm.com> In-Reply-To: <20240903151437.1002990-1-vincenzo.frascino@arm.com> References: <20240903151437.1002990-1-vincenzo.frascino@arm.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: owner-linux-mm@kvack.org Precedence: bulk
Series	vdso: Use only headers from the vdso/ namespace \| expand [0/9] vdso: Use only headers from the vdso/ namespace [1/9] x86: vdso: Introduce asm/vdso/mman.h [2/9] vdso: Introduce vdso/mman.h [3/9] x86: vdso: Introduce asm/vdso/page.h [4/9] vdso: Introduce vdso/page.h [5/9] vdso: Split linux/minmax.h [6/9] vdso: Split linux/array_size.h [7/9] x86: vdso: Modify asm/vdso/getrandom.h to include datapage [8/9] vdso: Modify vdso/getrandom.h to include the asm header [9/9] vdso: Modify getrandom to include the correct namespace

Message ID

20240903151437.1002990-2-vincenzo.frascino@arm.com (mailing list archive)

State

New

Headers

From: Vincenzo Frascino <vincenzo.frascino@arm.com>
To: linux-kernel@vger.kernel.org,
	linux-arch@vger.kernel.org,
	linux-mm@kvack.org
Cc: Vincenzo Frascino <vincenzo.frascino@arm.com>,
	Andy Lutomirski <luto@kernel.org>,
	Thomas Gleixner <tglx@linutronix.de>,
	"Jason A . Donenfeld" <Jason@zx2c4.com>,
	Christophe Leroy <christophe.leroy@csgroup.eu>,
	Michael Ellerman <mpe@ellerman.id.au>,
	Nicholas Piggin <npiggin@gmail.com>,
	Naveen N Rao <naveen@kernel.org>,
	Ingo Molnar <mingo@redhat.com>,
	Borislav Petkov <bp@alien8.de>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	"H . Peter Anvin" <hpa@zytor.com>,
	Theodore Ts'o <tytso@mit.edu>,
	Arnd Bergmann <arnd@arndb.de>,
	Andrew Morton <akpm@linux-foundation.org>,
	Steven Rostedt <rostedt@goodmis.org>,
	Masami Hiramatsu <mhiramat@kernel.org>,
	Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Subject: [PATCH 1/9] x86: vdso: Introduce asm/vdso/mman.h
Date: Tue,  3 Sep 2024 16:14:29 +0100
Message-Id: <20240903151437.1002990-2-vincenzo.frascino@arm.com>
In-Reply-To: <20240903151437.1002990-1-vincenzo.frascino@arm.com>
References: <20240903151437.1002990-1-vincenzo.frascino@arm.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: owner-linux-mm@kvack.org
Precedence: bulk

Series

vdso: Use only headers from the vdso/ namespace | expand

Commit Message

Vincenzo Frascino Sept. 3, 2024, 3:14 p.m. UTC

The VDSO implementation includes headers from outside of the
vdso/ namespace.

Introduce asm/vdso/mman.h to make sure that the generic library
uses only the allowed namespace.

Cc: Andy Lutomirski <luto@kernel.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Vincenzo Frascino <vincenzo.frascino@arm.com>
---
 arch/x86/include/asm/vdso/mman.h | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 arch/x86/include/asm/vdso/mman.h

Comments

Jason A. Donenfeld Sept. 3, 2024, 3:16 p.m. UTC | #1

Christophe explained the issue with this in
https://lore.kernel.org/all/85efc7c5-40c8-4c89-b65f-dd13536fb8c7@cs-soprasteria.com/

Vincenzo Frascino Sept. 3, 2024, 3:23 p.m. UTC | #2

On 03/09/2024 16:16, Jason A. Donenfeld wrote:
> Christophe explained the issue with this in
> https://lore.kernel.org/all/85efc7c5-40c8-4c89-b65f-dd13536fb8c7@cs-soprasteria.com/

And I think I replied to Christophe here:
https://lore.kernel.org/all/632b8da1-c165-4d17-804f-4edf1438d55a@arm.com/

Can you please explain what you are referring to explicitly?

Christophe Leroy Sept. 4, 2024, 4:56 p.m. UTC | #3

Le 03/09/2024 à 17:14, Vincenzo Frascino a écrit :
> The VDSO implementation includes headers from outside of the
> vdso/ namespace.
> 
> Introduce asm/vdso/mman.h to make sure that the generic library
> uses only the allowed namespace.
> 
> Cc: Andy Lutomirski <luto@kernel.org>
> Cc: Thomas Gleixner <tglx@linutronix.de>
> Cc: Jason A. Donenfeld <Jason@zx2c4.com>
> Signed-off-by: Vincenzo Frascino <vincenzo.frascino@arm.com>
> ---
>   arch/x86/include/asm/vdso/mman.h | 15 +++++++++++++++
>   1 file changed, 15 insertions(+)
>   create mode 100644 arch/x86/include/asm/vdso/mman.h
> 
> diff --git a/arch/x86/include/asm/vdso/mman.h b/arch/x86/include/asm/vdso/mman.h
> new file mode 100644
> index 000000000000..4c936c9d11ab
> --- /dev/null
> +++ b/arch/x86/include/asm/vdso/mman.h
> @@ -0,0 +1,15 @@
> +
> +/* SPDX-License-Identifier: GPL-2.0 */
> +#ifndef __ASM_VDSO_MMAN_H
> +#define __ASM_VDSO_MMAN_H
> +
> +#ifndef __ASSEMBLY__
> +
> +#include <uapi/linux/mman.h>
> +
> +#define VDSO_MMAP_PROT	PROT_READ | PROT_WRITE
> +#define VDSO_MMAP_FLAGS	MAP_DROPPABLE | MAP_ANONYMOUS

I still can't see the benefit of duplicating those two defines in every 
arch.

I understand your point that some arch might in the future want to use 
different flags, but unless we already have one such architecture in 
mind we shouldn't make things more complicated than needed.

In case such an architecture is already identified it should be said in 
the commit message

> +
> +#endif /* !__ASSEMBLY__ */
> +
> +#endif /* __ASM_VDSO_MMAN_H */

Vincenzo Frascino Sept. 6, 2024, 10:55 a.m. UTC | #4

Hi Christophe,

Thank you for your review.

On 04/09/2024 17:56, Christophe Leroy wrote:
> 
> 
> Le 03/09/2024 à 17:14, Vincenzo Frascino a écrit :
...

>> +/* SPDX-License-Identifier: GPL-2.0 */
>> +#ifndef __ASM_VDSO_MMAN_H
>> +#define __ASM_VDSO_MMAN_H
>> +
>> +#ifndef __ASSEMBLY__
>> +
>> +#include <uapi/linux/mman.h>
>> +
>> +#define VDSO_MMAP_PROT    PROT_READ | PROT_WRITE
>> +#define VDSO_MMAP_FLAGS    MAP_DROPPABLE | MAP_ANONYMOUS
> 
> I still can't see the benefit of duplicating those two defines in every arch.
> 
> I understand your point that some arch might in the future want to use different
> flags, but unless we already have one such architecture in mind we shouldn't
> make things more complicated than needed.
> 
> In case such an architecture is already identified it should be said in the
> commit message
> 

I do not have such an architecture in mind, hence I did not add it to the commit
message.

Apart being future proof the real problem here is to handle the mman.h header.
As Arnd was saying [1] (and I agree), including it on some architectures might
be problematic if they change it in a way that is incompatible with compat vdso.

In this way we make sure that the each architecture that decides to include it
specifically validates it for this purpose. I am not a fan of complicating code
either but this seems the lesser evil. I am open to any solution you can come up
that is better then this one.

The other issue I see is that being these defines in a uapi header that is
included directly by userspace splitting it requires some validation to make
sure we do not break the status quo.

[1]
https://lore.kernel.org/lkml/cb66b582-ba63-4a5a-9df8-b07288f1f66d@app.fastmail.com/

>> +
>> +#endif /* !__ASSEMBLY__ */
>> +
>> +#endif /* __ASM_VDSO_MMAN_H */

diff --git a/arch/x86/include/asm/vdso/mman.h b/arch/x86/include/asm/vdso/mman.h
new file mode 100644
index 000000000000..4c936c9d11ab
--- /dev/null
+++ b/arch/x86/include/asm/vdso/mman.h
@@ -0,0 +1,15 @@ 
+
+/* SPDX-License-Identifier: GPL-2.0 */
+#ifndef __ASM_VDSO_MMAN_H
+#define __ASM_VDSO_MMAN_H
+
+#ifndef __ASSEMBLY__
+
+#include <uapi/linux/mman.h>
+
+#define VDSO_MMAP_PROT	PROT_READ | PROT_WRITE
+#define VDSO_MMAP_FLAGS	MAP_DROPPABLE | MAP_ANONYMOUS
+
+#endif /* !__ASSEMBLY__ */
+
+#endif /* __ASM_VDSO_MMAN_H */

[1/9] x86: vdso: Introduce asm/vdso/mman.h

Commit Message

Comments

Patch