lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 05 Oct 2006 19:16:46 +0400
From:	Monakhov Dmitriy <dmonakhov@...nvz.org>
To:	linux-kernel@...r.kernel.org
CC:	linux-mm@...ck.org
Subject: D-cache aliasing issue in __block_prepare_write

It's seems I've found D-cache aliasing issue in fs/buffer.c
 
 1902  static int __block_prepare_write(struct inode *inode, struct page *page,
 1903                  unsigned from, unsigned to, get_block_t *get_block)
......
 1951               kaddr = kmap_atomic(page, KM_USER0);
 1952               if (block_end > to)
 1953                       memset(kaddr+to, 0,
 1954                               block_end-to);
 1955               if (block_start < from)
 1956                       memset(kaddr+block_start,
 1957                               0, from-block_start);
 1958               flush_dcache_page(page);
##### We call flush_dcache_page() due to page was changed 
##### and user space mapping potentially exist.
 1959               kunmap_atomic(kaddr, KM_USER0);
......

 2008                          clear_buffer_new(bh);
 2009                          kaddr = kmap_atomic(page, KM_USER0);
 2010                          memset(kaddr+block_start, 0, bh->b_size);
 2011                          kunmap_atomic(kaddr, KM_USER0);
###### Here we have absolutely identical situation. 
###### D-cache have to be flushed here too.
###### It seems it is just  forgotten here.
 
 2012                          set_buffer_uptodate(bh);
 2013                          mark_buffer_dirty(bh);
 2014                  }
 2015  next_bh:
 2016                  block_start = block_end;
 2017                  bh = bh->b_this_page;
 2018          } while (bh != head);
 2019          return err;
 2020  }


 nobh_commit_write() has analogical issue

 2515          kaddr = kmap_atomic(page, KM_USER0);
 2516          memset(kaddr, 0, PAGE_CACHE_SIZE);
###### flush_dcache_page()  have to called here
###### It seems it is just  forgotten here too.
 2517          kunmap_atomic(kaddr, KM_USER0);
 2518          SetPageUptodate(page);
 2519          set_page_dirty(page);

x86 does not have cache aliasing problems, the problem could
show up only on marginal archs, ia64 is the most frequently used.

Following is the patch against 2.6.18 fix this issue:


View attachment "diff-buffer-flush-dcache-page" of type "text/plain" (625 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ