| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 9 Dec 2009 13:12:36 +0000 (GMT) From: Hugh Dickins <hugh.dickins@...cali.co.uk> To: Peter Zijlstra <peterz@...radead.org> cc: Al Viro <viro@...IV.linux.org.uk>, David Miller <davem@...emloft.net>, Ollie Wild <aaw@...gle.com>, Rik van Riel <riel@...hat.com>, viro@....linux.org.uk, linux-arch@...r.kernel.org, torvalds@...ux-foundation.org, akpm@...ux-foundation.org, linux-kernel@...r.kernel.org Subject: Re: [RFC][PATCHSET] mremap/mmap mess On Wed, 9 Dec 2009, Peter Zijlstra wrote: > On Wed, 2009-12-09 at 11:43 +0000, Hugh Dickins wrote: > > > > David: Yes, that's one of my fears too - I don't think > > rlimits would pose any new problem, but building up the argv+env below > > sp on the execer's userstack would be in danger of colliding with the > > vma below if the space allowed to that userstack is too small. We can > > say "sorry, you left too little space for your userstack", but it's > > still a regression. My other big fear is this: that it's such a simple > > and obvious way to do it, that it has probably been ruled out for very > > good reasons in the past. > > Vague memories, but here goes.. Thanks! > > /me ponders.. doesn't the binfmt engine cruft need the args in place in > order to execute? Hardly looked, Al will be more up to date with all the grisly details. The "binfmt engine cruft" being search_binary_handler()? I think the args have to be "ready to go" before that, but that's different from the new mm actually being used as an mm before that. It used not to be used early, but from 2.6.23 on it is used early, via get_user_pages. > > That is, IIRC the problem is that you need to have the argc/env in place > for the binfmt engine thing, and need to have ran the binfmt engine > thing before you know the personality. It is a problem that personality is discovered late in the sequence, and that is a considerable part of what Al is up against. > > As to your idea, if that were feasible we could do without the copy and > simply steal the pages directly from the old mm. Perhaps, but I think that would lead to a gradual accumulation of more and more pages pinned in memory by scattered references. I Cc'ed you really because I wasn't much involved in the variable length arg discussions, and don't remember how important swappability was viewed at the time. It is a significant feature of what you and Ollie ended up with, so I'm guessing it was then viewed as essential. That would be my view. But now it's suggested that the TLB+cache effects of using an mm there are counter-productive, and better to forget swappability: well, I want to keep it, and Al is making a brave effort to hold on to it, but I'm wary of the weirdness involved. Hugh -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists