| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 15 Jul 2011 19:07:15 +1000 From: Benjamin Herrenschmidt <benh@...nel.crashing.org> To: MailingLists <haishan.bai@...il.com> Cc: Peter Zijlstra <a.p.zijlstra@...llo.nl>, paulus@...ba.org, tglx@...utronix.de, walken@...gle.com, dhowells@...hat.com, cmetcalf@...era.com, tony.luck@...el.com, akpm@...ux-foundation.org, linuxppc-dev@...ts.ozlabs.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH 0/1] Fixup write permission of TLB on powerpc e500 core On Fri, 2011-07-15 at 16:38 +0800, MailingLists wrote: > A page could be set to read only by the kernel (supervisor in the > powerpc > literature) on the e500, and that's what the kernel do. Set > SW(supervisor > write) bit in the TLB entry to grant write permission to the kernel on > a > page. > > And further the SW bit is set according to the DIRTY flag of the PTE, > PTE.DIRTY is set in the do_page_fault(), the futex_lock_pi() disabled > page fault, the PTE.DIRTY never can be set, so do the SW bit, > unbreakable > COW occurred, infinite loop followed. That would be it ... the SW dirty and young tracking relies on faults to fixup things in handle_pte_fault(). If the "disable page fault" thingy happens before we get there, then we have a pretty nasty bug. Note that this will hit more than just e500 (and in fact any architecture that relies on SW to do dirty and young tracking). Cheers, Ben. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists