lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Thu, 22 May 2014 13:50:22 +0400
From:	Konstantin Khlebnikov <>
To:	Andrew Morton <>
Cc:	Naoya Horiguchi <>,
	Linux Kernel Mailing List <>,
	"" <>,
	Wu Fengguang <>,
	Arnaldo Carvalho de Melo <>,
	Borislav Petkov <>,
	Cyrill Gorcunov <>
Subject: Re: [PATCH 0/4] pagecache scanning with /proc/kpagecache

On Thu, May 22, 2014 at 6:33 AM, Andrew Morton
<> wrote:
> On Wed, 21 May 2014 22:19:55 -0400 Naoya Horiguchi <> wrote:
>> > A much nicer interface would be for us to (finally!) implement
>> > fincore(), perhaps with an enhanced per-present-page payload which
>> > presents the info which you need (although we don't actually know what
>> > that info is!).
>> page/pfn of each page slot and its page cache tag as shown in patch 4/4.
>> > This would require open() - it appears to be a requirement that the
>> > caller not open the file, but no reason was given for this.
>> >
>> > Requiring open() would address some of the obvious security concerns,
>> > but it will still be possible for processes to poke around and get some
>> > understanding of the behaviour of other processes.  Careful attention
>> > should be paid to this aspect of any such patchset.
>> Sorry if I missed your point, but this interface defines fixed mapping
>> between file position in /proc/kpagecache and in-file page offset of
>> the target file. So we do not need to use seq_file mechanism, that's
>> why open() is not defined and default one is used.
>> The same thing is true for /proc/{kpagecount,kpageflags}, from which
>> I copied/pasted some basic code.
> I think you did miss my point ;) Please do a web search for fincore -
> it's a syscall similar to mincore(), only it queries pagecache:
> fincore(int fd, loff_t offset, ...).  In its simplest form it queries
> just for present/absent, but we could increase the query payload to
> incorporate additional per-page info.
> It would take a lot of thought and discussion to nail down the
> fincore() interface (we've already tried a couple of times).  But
> unfortunately, fincore() is probably going to be implemented one day
> and it will (or at least could) make /proc/kpagecache obsolete.

It seems fincore() also might obsolete /proc/kpageflags and /proc/pid/pagemap.
because it might be implemented for /dev/mem and /proc/pid/mem as well
as for normal files.

Something like this:
int fincore(int fd, u64 *kpf, u64 *pfn, size_t length, off_t offset)

It reports PFN and page-flags in KPF_* notation. PFN array is optional.
KFP_NOPAGE reports hole, otherwise this is present page, but probably
KFP_SOFTDIRTY already here.

Also we need new flag KFP_SWAPENTRY for vm/shmem to report swap-entry
instead of pfn.
Probably this is redundant, we cannot report pfn and swap-entry
togerher if page present and in swap-cache.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

Powered by blists - more mailing lists