lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20131008003834.GF25780@bbox>
Date:	Tue, 8 Oct 2013 09:38:34 +0900
From:	Minchan Kim <minchan@...nel.org>
To:	John Stultz <john.stultz@...aro.org>
Cc:	"H. Peter Anvin" <hpa@...or.com>,
	LKML <linux-kernel@...r.kernel.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Android Kernel Team <kernel-team@...roid.com>,
	Robert Love <rlove@...gle.com>, Mel Gorman <mel@....ul.ie>,
	Hugh Dickins <hughd@...gle.com>,
	Dave Hansen <dave.hansen@...el.com>,
	Rik van Riel <riel@...hat.com>,
	Dmitry Adamushko <dmitry.adamushko@...il.com>,
	Dave Chinner <david@...morbit.com>, Neil Brown <neilb@...e.de>,
	Andrea Righi <andrea@...terlinux.com>,
	Andrea Arcangeli <aarcange@...hat.com>,
	"Aneesh Kumar K.V" <aneesh.kumar@...ux.vnet.ibm.com>,
	Mike Hommey <mh@...ndium.org>, Taras Glek <tglek@...illa.com>,
	Dhaval Giani <dhaval.giani@...il.com>, Jan Kara <jack@...e.cz>,
	KOSAKI Motohiro <kosaki.motohiro@...il.com>,
	Michel Lespinasse <walken@...gle.com>,
	Rob Clark <robdclark@...il.com>,
	"linux-mm@...ck.org" <linux-mm@...ck.org>
Subject: Re: [PATCH 05/14] vrange: Add new vrange(2) system call

On Tue, Oct 08, 2013 at 09:34:30AM +0900, Minchan Kim wrote:
> On Mon, Oct 07, 2013 at 05:18:40PM -0700, John Stultz wrote:
> > On 10/07/2013 05:13 PM, Minchan Kim wrote:
> > > Hello Peter,
> > >
> > > On Mon, Oct 07, 2013 at 04:59:40PM -0700, H. Peter Anvin wrote:
> > >> On 10/07/2013 04:54 PM, John Stultz wrote:
> > >>>> And wouldn't this apply to MADV_DONTNEED just as well?  Perhaps what we
> > >>>> should do is an enhanced madvise() call?
> > >>> Well, I think MADV_DONTNEED doesn't *have* do to anything at all. Its
> > >>> advisory after all. So it may immediately wipe out any data, but it may not.
> > >>>
> > >>> Those advisory semantics work fine w/ VRANGE_VOLATILE. However,
> > >>> VRANGE_NONVOLATILE is not quite advisory, its telling the system that it
> > >>> requires the memory at the specified range to not be volatile, and we
> > >>> need to correctly inform userland how much was changed and if any of the
> > >>> memory we did change to non-volatile was purged since being set volatile.
> > >>>
> > >>> In that way it is sort of different from madvise. Some sort of an
> > >>> madvise2 could be done, but then the extra purge state argument would be
> > >>> oddly defined for any other mode.
> > >>>
> > >>> Is your main concern here just wanting to have a zero-fill mode with
> > >>> volatile ranges? Or do you really want to squeeze this in to the madvise
> > >>> call interface?
> > >> The point is that MADV_DONTNEED is very similar in that sense,
> > >> especially if allowed to be lazy.  It makes a lot of sense to permit
> > >> both scrubbing modes orthogonally.
> > >>
> > >> The point you're making has to do with withdrawal of permission to flush
> > >> on demand, which is a result of having the lazy mode (ongoing
> > >> permission) and having to be able to withdraw such permission.
> > > I'm sorry I could not understand what you wanted to say.
> > > Could you elaborate a bit?
> > My understanding of his point is that VRANGE_VOLATILE is like a lazy
> > MADV_DONTNEED (with sigbus, rather then zero fill on fault), suggests
> > that we should find a way to have VRANGE_VOLATILE be something like
> > MADV_DONTNEED|MADV_LAZY|MADV_SIGBUS_FAULT, instead of adding a new
> > syscall.  This would provide more options, since one could instead just
> > do MADV_DONTNEED|MADV_LAZY if they wanted zero-fill faults.
> 
> Hmm, actually, I have thought VRANGE_SIGBUS option because Address/Thread
> sanitizer people wanted it as you know and someone might want it, too.
> 
> I agree it's orthogonal but not sure MADV_LAZY and MADV_SIGBUS_FAULT can be
> used for other combination of advise except MADV_DONTNEED so it might
> confuse userland without benefit.
> 
> > 
> > And indeed, for the VRANGE_VOLATILE case, we could do something like
> > that, but the unresolved problem I see is that that we still need to
> > handle the VRANGE_NONVOLATILE case, and the madvise() interface doesn't
> > seem to accomodate the needed semantics well.
> 
> VRANGE_VOLATILE case could be a problem. In my mind, I had an idea to
> return purged state when we call vrange(VRANGE_VOLATILE) because kernel
> could purge them as soon as vrange(VRANGE_VOLATILE) called if memory is
> really tight so userland can notice "purging" earlier and kernel can
> discard them more efficiently.
> 

And we should return the number of bytes marked but madvise returns error.

-- 
Kind regards,
Minchan Kim
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ