Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd
From: Fuad Tabba
Date: Tue Oct 04 2022 - 11:40:03 EST
Hi,
On Mon, Oct 3, 2022 at 12:01 PM Kirill A. Shutemov <kirill@xxxxxxxxxxxxx> wrote:
>
> On Mon, Oct 03, 2022 at 08:33:13AM +0100, Fuad Tabba wrote:
> > > I think it is "don't do that" category. inaccessible_register_notifier()
> > > caller has to know what file it operates on, no?
> >
> > The thing is, you could oops the kernel from userspace. For that, all
> > you have to do is a memfd_create without the MFD_INACCESSIBLE,
> > followed by a KVM_SET_USER_MEMORY_REGION using that as the private_fd.
> > I ran into this using my port of this patch series to arm64.
>
> My point is that it has to be handled on a different level. KVM has to
> reject private_fd if it is now inaccessible. It should be trivial by
> checking file->f_inode->i_sb->s_magic.
Yes, that makes sense.
Thanks,
/fuad
> --
> Kiryl Shutsemau / Kirill A. Shutemov