lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20100121142106.c13c2bbf.kamezawa.hiroyu@jp.fujitsu.com>
Date:	Thu, 21 Jan 2010 14:21:06 +0900
From:	KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com>
To:	Wu Fengguang <fengguang.wu@...el.com>
Cc:	Nick Piggin <npiggin@...e.de>,
	Andrew Morton <akpm@...ux-foundation.org>,
	LKML <linux-kernel@...r.kernel.org>, Tejun Heo <tj@...nel.org>,
	Ingo Molnar <mingo@...e.hu>, Andi Kleen <andi@...stfloor.org>,
	Hugh Dickins <hugh.dickins@...cali.co.uk>,
	Christoph Lameter <cl@...ux-foundation.org>,
	Linux Memory Management List <linux-mm@...ck.org>
Subject: Re: [PATCH 5/8] vmalloc: simplify vread()/vwrite()

On Thu, 21 Jan 2010 13:05:21 +0800
Wu Fengguang <fengguang.wu@...el.com> wrote:

> On Mon, Jan 18, 2010 at 07:23:43PM -0700, KAMEZAWA Hiroyuki wrote:
> > On Tue, 19 Jan 2010 09:33:03 +0800
> > Wu Fengguang <fengguang.wu@...el.com> wrote:
> > > > The whole thing looks stupid though, apparently kmap is used to avoid "the
> > > > lock". But the lock is already held. We should just use the vmap
> > > > address.
> > > 
> > > Yes. I wonder why Kame introduced kmap_atomic() in d0107eb07 -- given
> > > that he at the same time fixed the order of removing vm_struct and
> > > vmap in dd32c279983b.
> > > 
> > Hmm...I must check my thinking again before answering..
> > 
> > vmalloc/vmap is constructed by 2 layer.
> > 	- vmalloc layer....guarded by vmlist_lock.
> > 	- vmap layer   ....gurderd by purge_lock. etc.
> > 
> > Now, let's see how vmalloc() works. It does job in 2 steps.
> > vmalloc():
> >   - allocate vmalloc area to the list under vmlist_lock.
> > 	- map pages.
> > vfree()
> >   - free vmalloc area from the list under vmlist_lock.
> > 	- unmap pages under purge_lock.
> > 
> > Now. vread(), vwrite() just take vmlist_lock, doesn't take purge_lock().
> > It walks page table and find pte entry, page, kmap and access it.
> > 
> > Oh, yes. It seems it's safe without kmap. But My concern is percpu allocator.
> > 
> > It uses get_vm_area() and controls mapped pages by themselves and
> > map/unmap pages by with their own logic. vmalloc.c is just used for
> > alloc/free virtual address. 
> > 
> > Now, vread()/vwrite() just holds vmlist_lock() and walk page table
> > without no guarantee that the found page is stably mapped. So, I used kmap.
> > 
> > If I miss something, I'm very sorry to add such kmap.
> 
> Ah Thanks for explanation!
> 
> I did some audit and find that
> 
> - set_memory_uc(), set_memory_array_uc(), set_pages_uc(),
>   set_pages_array_uc() are called EFI code and various video drivers,
>   all of them don't touch HIGHMEM RAM
> 
> - Kame: ioremap() won't allow remap of physical RAM
> 
> So kmap_atomic() is safe.  Let's just settle on this patch?
> 
I recommend you to keep check on VM_IOREMAP. That was checked far before
I started to see Linux. Some _unknown_ driver can call get_vm_area() and
map arbitrary pages there.

I'm sorry I coundn't track discussion correctly.

Thanks,
-Kame




--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ