| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 24 Jun 2014 16:55:41 -0700
From: Andy Lutomirski <luto@...capital.net>
To: "Ren, Qiaowei" <qiaowei.ren@...el.com>
Cc: "Hansen, Dave" <dave.hansen@...el.com>,
"H. Peter Anvin" <hpa@...or.com>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, X86 ML <x86@...nel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Linux MM <linux-mm@...ck.org>
Subject: Re: [PATCH v6 02/10] x86, mpx: add MPX specific mmap interface
On Mon, Jun 23, 2014 at 10:53 PM, Ren, Qiaowei <qiaowei.ren@...el.com> wrote:
> On 2014-06-24, Andy Lutomirski wrote:
>>> On 06/23/2014 01:06 PM, Andy Lutomirski wrote:
>>>> Can the new vm_operation "name" be use for this? The magic "always
>>>> written to core dumps" feature might need to be reconsidered.
>>>
>>> One thing I'd like to avoid is an MPX vma getting merged with a
>>> non-MPX vma. I don't see any code to prevent two VMAs with
>>> different vm_ops->names from getting merged. That seems like a bit
>>> of a design oversight for ->name. Right?
>>
>> AFAIK there are no ->name users that don't also set ->close, for
>> exactly that reason. I'd be okay with adding a check for ->name, too.
>>
>> Hmm. If MPX vmas had a real struct file attached, this would all come
>> for free. Maybe vmas with non-default vm_ops and file != NULL should
>> never be mergeable?
>>
>>>
>>> Thinking out loud a bit... There are also some more complicated but
>>> more performant cleanup mechanisms that I'd like to go after in the future.
>>> Given a page, we might want to figure out if it is an MPX page or not.
>>> I wonder if we'll ever collide with some other user of vm_ops->name.
>>> It looks fairly narrowly used at the moment, but would this keep us
>>> from putting these pages on, say, a tmpfs mount? Doesn't look that
>>> way at the moment.
>>
>> You could always check the vm_ops pointer to see if it's MPX.
>>
>> One feature I've wanted: a way to have special per-process vmas that
>> can be easily found. For example, I want to be able to efficiently
>> find out where the vdso and vvar vmas are. I don't think this is currently supported.
>>
> Andy, if you add a check for ->name to avoid the MPX vmas merged with non-MPX vmas, I guess the work flow should be as follow (use _install_special_mapping to get a new vma):
>
> unsigned long mpx_mmap(unsigned long len)
> {
> ......
> static struct vm_special_mapping mpx_mapping = {
> .name = "[mpx]",
> .pages = no_pages,
> };
>
> .......
> vma = _install_special_mapping(mm, addr, len, vm_flags, &mpx_mapping);
> ......
> }
>
> Then, we could check the ->name to see if the VMA is MPX specific. Right?
Does this actually create a vma backed with real memory? Doesn't this
need to go through anon_vma or something? _install_special_mapping
completely prevents merging.
Possibly silly question: would it make more sense to just create one
giant vma for the MPX tables and only populate pieces of it as needed?
This wouldn't work for 32-bit code, but maybe we don't care. (I see
no reason why it couldn't work for x32, though.)
(I don't really understand how anonymous memory works at all. I'm not
an mm person.)
--Andy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists