lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 16 Sep 2014 08:06:23 +0000
From:	"Ren, Qiaowei" <qiaowei.ren@...el.com>
To:	"Hansen, Dave" <dave.hansen@...el.com>,
	"H. Peter Anvin" <hpa@...or.com>,
	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>
CC:	"x86@...nel.org" <x86@...nel.org>,
	"linux-mm@...ck.org" <linux-mm@...ck.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: RE: [PATCH v8 09/10] x86, mpx: cleanup unused bound tables



On 2014-09-16, Hansen, Dave wrote:
> On 09/11/2014 01:46 AM, Qiaowei Ren wrote:
>> +/*
>> + * Free the backing physical pages of bounds table 'bt_addr'.
>> + * Assume start...end is within that bounds table.
>> + */
>> +static int __must_check zap_bt_entries(struct mm_struct *mm,
>> +		unsigned long bt_addr,
>> +		unsigned long start, unsigned long end) {
>> +	struct vm_area_struct *vma;
>> +
>> +	/* Find the vma which overlaps this bounds table */
>> +	vma = find_vma(mm, bt_addr);
>> +	/*
>> +	 * The table entry comes from userspace and could be
>> +	 * pointing anywhere, so make sure it is at least
>> +	 * pointing to valid memory.
>> +	 */
>> +	if (!vma || !(vma->vm_flags & VM_MPX) ||
>> +			vma->vm_start > bt_addr ||
>> +			vma->vm_end < bt_addr+MPX_BT_SIZE_BYTES)
>> +		return -EINVAL;
> 
> If someone did *ANYTHING* to split the VMA, this check would fail.  I
> think that's a little draconian, considering that somebody could do a
> NUMA policy on part of a VM_MPX VMA and cause it to be split.
> 
> This check should look across the entire 'bt_addr ->
> bt_addr+MPX_BT_SIZE_BYTES' range, find all of the VM_MPX VMAs, and zap
> only those.
> 
> If we encounter a non-VM_MPX vma, it should be ignored.
>
Ok.

>> +	if (ret == -EFAULT)
>> +		return ret;
>> +
>> +	/*
>> +	 * unmap those bounds table which are entirely covered in this
>> +	 * virtual address region.
>> +	 */
> 
> Entirely covered *AND* not at the edges, right?
> 
Yes.

>> +	bde_start = mm->bd_addr + MPX_GET_BD_ENTRY_OFFSET(start);
>> +	bde_end = mm->bd_addr + MPX_GET_BD_ENTRY_OFFSET(end-1);
>> +	for (bd_entry = bde_start + 1; bd_entry < bde_end; bd_entry++) {
> 
> This needs a big fat comment that it is only freeing the bounds tables that are 1.
> fully covered 2. not at the edges of the mapping, even if full aligned
> 
> Does this get any nicer if we have unmap_side_bts() *ONLY* go after
> bounds tables that are partially owned by the region being unmapped?
> 
> It seems like we really should do this:
> 
> 	for (each bt fully owned)
> 		unmap_single_bt()
> 	if (start edge unaligned)
> 		free start edge
> 	if (end edge unaligned)
> 		free end edge
> 
> I bet the unmap_side_bts() code gets simpler if we do that, too.
> 
Maybe. I will try this.

Thanks,
Qiaowei
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ