| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 30 Jan 2008 19:25:06 +0100 From: Andrea Arcangeli <andrea@...ranet.com> To: Robin Holt <holt@....com> Cc: Christoph Lameter <clameter@....com>, Avi Kivity <avi@...ranet.com>, Izik Eidus <izike@...ranet.com>, Nick Piggin <npiggin@...e.de>, kvm-devel@...ts.sourceforge.net, Benjamin Herrenschmidt <benh@...nel.crashing.org>, Peter Zijlstra <a.p.zijlstra@...llo.nl>, steiner@....com, linux-kernel@...r.kernel.org, linux-mm@...ck.org, daniel.blueman@...drics.com, Hugh Dickins <hugh@...itas.com> Subject: Re: [patch 2/6] mmu_notifier: Callbacks to invalidate address ranges On Wed, Jan 30, 2008 at 11:30:09AM -0600, Robin Holt wrote: > I don't think I saw the answer to my original question. I assume your > original patch, extended in a way similar to what Christoph has done, > can be made to work to cover both the KVM and GRU (Jack's) case. Yes, I think so. > XPMEM, however, does not look to be solvable due to the three simultaneous > issues above. To address that, I think I am coming to the conclusion > that we need an accompanying but seperate pair of callouts. The first The mmu_rmap_notifiers are already one separate pair of callouts and we can add more of them of course. > will ensure the remote page tables and TLBs are cleared and all page > information is returned back to the process that is granting access to > its address space. That will include an implicit block on the address > range so no further faults will be satisfied by the remote accessor > (forgot the KVM name for this, sorry). Any faults will be held off > and only the processes page tables/TLBs are in play. Once the normal Good, this "block" is how you close the race condition, and you need the second callout to "unblock" (this is why it could hardly work well before with a single invalidate_range). > processing of the kernel is complete, an unlock callout would be made > for the range and then faulting may occur on behalf of the process again. This sounds good. > Currently, this is the only direct solution that I can see as a > possibility. My question is two fold. Does this seem like a reasonable > means to solve the three simultaneous issues above and if so, does it > seem like the most reasonable means? Yes. KVM can deal with both invalidate_page (atomic) and invalidate_range (sleepy) GRU can only deal with invalidate_page (atomic) XPMEM requires with invalidate_range (sleepy) + before_invalidate_range (sleepy). invalidate_all should also be called before_release (both sleepy). It sounds we need full overlap of information provided by invalidate_page and invalidate_range to fit all three models (the opposite of the zero objective that current V3 is taking). And the swap will be handled only by invalidate_page either through linux rmap or external rmap (with the latter that can sleep so it's ok for you, the former not). GRU can safely use the either the linux rmap notifier or the external rmap notifier equally well, because when try_to_unmap is called the page is locked and obviously pinned by the VM itself. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists