Re: [PATCH] mm/mincore: allow for making sys_mincore() privileged
From: Jiri Kosina
Date: Wed Jan 23 2019 - 18:12:53 EST
On Thu, 24 Jan 2019, Linus Torvalds wrote:
> Side note: the inode_permission() addition to can_do_mincore() in that
> patch 0002, seems to be questionable. We do
> +static inline bool can_do_mincore(struct vm_area_struct *vma)
> + return vma_is_anonymous(vma)
> + || (vma->vm_file && (vma->vm_file->f_mode & FMODE_WRITE))
> + || inode_permission(file_inode(vma->vm_file), MAY_WRITE) == 0;
> note how it tests whether vma->vm_file is NULL for the FMODE_WRITE
> test, but not for the inode_permission() test.
> So either we test unnecessarily in the second line, or we don't
> properly test it in the third one.
> I think the "test vm_file" thing may be unnecessary, because a
> non-anonymous mapping should always have a file pointer and an inode.
> But I could imagine some odd case (vdso mapping, anyone?) that
> doesn't have a vm_file, but also isn't anonymous.
Hmm, good point.
So dropping the 'vma->vm_file' test and checking whether given vma is
special mapping should hopefully provide the desired semantics, shouldn't