Re: [PATCH] hugetlbfs private mappings.

From: William Lee Irwin III
Date: Sun Jul 11 2004 - 19:16:13 EST


On Sun, Jul 11, 2004 at 04:59:38PM +0400, Oleg Nesterov wrote:
> Hugetlbfs silently coerce private mappings of hugetlb files
> into shared ones. So private writable mapping has MAP_SHARED
> semantics. I think, such mappings should be disallowed.
> First, such behavior allows open hugetlbfs file O_RDONLY, and
> overwrite it via mmap(PROT_READ|PROT_WRITE, MAP_PRIVATE), so
> it is security bug.
> Second, private writable mmap() should fail just because kernel
> does not support this.
> I beleive, it is ok to allow private readonly hugetlb mappings,
> sys_mprotect() does not work with hugetlb vmas.
> There is another problem. Hugetlb mapping is always prefaulted,
> pages allocated at mmap() time. So even readonly mapping allows
> to enlarge the size of the hugetlbfs file, and steal huge pages
> without appropriative permissions.
> Patch on top of vm_pgoff fixes, see
> http://marc.theaimsgroup.com/?l=linux-kernel&m=108938233708584

This probably doesn't break anything worth caring about, but it may
make people happier to just force MAP_SHARED on.


-- wli
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/