lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 19 Feb 2009 19:44:09 -0800 (PST) From: Linus Torvalds <torvalds@...ux-foundation.org> To: Steven Rostedt <rostedt@...dmis.org>, Huang Ying <ying.huang@...el.com>, Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...e.hu> cc: Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Andrew Morton <akpm@...ux-foundation.org>, Peter Zijlstra <peterz@...radead.org>, Frederic Weisbecker <fweisbec@...il.com>, Arjan van de Ven <arjan@...radead.org>, Rusty Russell <rusty@...tcorp.com.au>, Mathieu Desnoyers <mathieu.desnoyers@...ymtl.ca>, "H. Peter Anvin" <hpa@...or.com> Subject: Re: [git pull] changes for tip, and a nasty x86 page table bug On Thu, 19 Feb 2009, Steven Rostedt wrote: > > > > How do we ever have a PMD that is read-only? That sounds like a bug to > > begin with. There's no reason to ever do that. > > Patch 2/6 explains how this happened, and supplies the fix. I think your fix is for a real bug, but I think it's still bogus. That whole "ref_prot" code is SH*T. When we do a set_pmd(), the old huge-page protections do not matter AT ALL for the new pmd. It matters for the new _leaf_ entries (the "ref_prot" 20 lines higher up), but not for the upper level. That should have all bits set. So the whole ref_prot = pte_pgprot(pte_mkexec(pte_clrhuge(*kpte))); pgprot_val(ref_prot) |= _PAGE_PRESENT; __set_pmd_pte(kpte, address, mk_pte(base, ref_prot)); sequence is utter crap, I think. The whole "ref_prot" there should be just _pgprot(_KERNPG_TABLE), I think. I don't think there is any other valid value. So I would argue that the comment above that piece of code is total and utter crap (all the protection info _and_ all the PAT bits are now in the pte, and trying to move them into the pmd is *buggy*), and the three lines should basically be __set_pmd_pte(kpte, address, mk_pte(base, _pgprot(_KERNPG_TABLE))); but let's see if somebody can tell me why I'm wrong. "git blame" attributes this all to Ying Huang and Thomas. And looking at the commit that introduced the pte_mkexec(), I really think the code was confused and people never thought about it deeply. Comments? Linus -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists