Re: [PATCH v3 0/6] vdso/datastore: Allow prefaulting by mlockall()
From: Thomas Weißschuh
Date: Wed Jun 03 2026 - 08:49:41 EST
On Wed, Jun 03, 2026 at 01:35:19PM +0200, David Hildenbrand (Arm) wrote:
> On 6/3/26 12:10, Thomas Weißschuh wrote:
> > On Tue, Jun 02, 2026 at 08:41:31PM +0200, David Hildenbrand (Arm) wrote:
> >> On 5/18/26 11:49, Thomas Weißschuh wrote:
(...)
> >> IIRC, we want to disallow read/write access that could have side effects through
> >> ptrace, including process_vm_*(). For memory-mapped I/O that might certainly the
> >> case.
> >
> > There are no side-effects, this is just global shared memory.
> > (But as mentioned before, writes can not be allowed)
> > Accesses from other tasks need to be prevented, which is what
> > patch 4 tries to do based on FAULT_FLAG_REMOTE.
> >
> > The only data in these pages which is not globally shared and accessible
> > are the time namespace offsets. But /proc/$PID/timens_offsets is
> > world-readable anyways.
> >
> >> With your change, you'd also unlock get_dump_page() on vdso pages.
> >
> > We use VM_DONTDUMP on the VMA, shouldn't that prevent dumping?
> > Dumping these pages is not a (security) issue, just pointless.
>
> Ah, right.
>
> So we still have
>
> VM_READ | VM_MAYREAD | VM_DONTDUMP | VM_MIXEDMAP ...
>
> So even FOLL_FORCE cannot write to it.
>
> It might be good to document the change (pages can not be GUP'ed, including
> being read by ptrace etc). But I agree that it should likely be fine.
Should this "not" have been a "now"?
I'll extend the descriptions and will resend the patches next cycle.
Thanks for taking a look!
Thomas