lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Wed, 27 Jul 2011 14:10:53 -0700
From:	Andrew Morton <akpm@...ux-foundation.org>
To:	"Keith Packard" <keithp@...thp.com>
Cc:	linux-kernel <linux-kernel@...r.kernel.org>
Subject: Re: fault_in_pages_writeable/fault_in_pages_readable don't fault in
 everything

On Sat, 09 Jul 2011 14:01:24 -0700
"Keith Packard" <keithp@...thp.com> wrote:

> 
> fault_in_pages_writeable and fault_in_pages_readable are only willing to
> fault two pages at the most. I can't find any place where this is a good
> idea, and in fact ntfs has replaced fault_in_pages_readable with a
> private version which does the right thing.
> 
> Here's an (untested) patch which makes fault_in_pages_writeable hit
> every page instead of just the first and last. It seems like this might
> improve performance of larger read operations which may now end up
> taking the slow path when an intermediate page is faulted in
> __copy_to_user_inatomic.
> 
> diff --git a/include/linux/pagemap.h b/include/linux/pagemap.h
> index 716875e..f355f29 100644
> --- a/include/linux/pagemap.h
> +++ b/include/linux/pagemap.h
> @@ -418,7 +418,13 @@ static inline int fault_in_pages_writeable(char __user *uaddr, int size)
>  	 * Writing zeroes into userspace here is OK, because we know that if
>  	 * the zero gets there, we'll be overwriting it.
>  	 */
> -	ret = __put_user(0, uaddr);
> +	for (;;) {
> +		ret = __put_user(0, uaddr);
> +		if (size < PAGE_SIZE)
> +			break;
> +		size -= PAGE_SIZE;
> +		uaddr += PAGE_SIZE;
> +	}
>  	if (ret == 0) {
>  		char __user *end = uaddr + size - 1;

I worry a bit about the "Writing zeroes into userspace here is OK,
because we know that if the zero gets there, we'll be overwriting it"
thing.  As we're now dealing with multiple pages I suspect there will
be scenarios in whcih the subsequent copy_to_user() will fail and we'll
be left having written a sprinkle of zeroes into userspace while
falsely telling userspace that the affected memory was unaltered (via a
short return from read()).

Should we alter fault_in_pages_readable() to match?

The functions are getting too large for inlining.  Perhaps make them
non-static inline in filemap.c so the most common callsite inlines it
as well as generating an out-of-line copy.  The compiler might uninline
it anyway in that case without addition of funky compiler options, but
it's a hot path in the read() and write() cases, so effort here is
warranted.

Extra marks for removing the custom code in ntfs.

More extra marks for designing the code in such a way that the
newly-added code gets elided by the compiler in the single-page cases
in filemap.c.

Even more extra marks for testing it ;)
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ