lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Tue, 7 Oct 2014 15:37:10 +0200
From:	Andrea Arcangeli <>
To:	"Kirill A. Shutemov" <>
Cc:,,,,, Robert Love <>,
	Dave Hansen <>, Jan Kara <>,
	Neil Brown <>,
	Stefan Hajnoczi <>,
	Andrew Jones <>,
	KOSAKI Motohiro <>,
	Michel Lespinasse <>,
	Taras Glek <>,
	Juan Quintela <>,
	Hugh Dickins <>,
	Isaku Yamahata <>,
	Mel Gorman <>,
	Sasha Levin <>,
	Android Kernel Team <>,
	"\\\"Dr. David Alan Gilbert\\\"" <>,
	"Huangpeng (Peter)" <>,
	Andres Lagar-Cavilla <>,
	Christopher Covington <>,
	Anthony Liguori <>,
	Paolo Bonzini <>,
	Keith Packard <>,
	Wenchao Xia <>,
	Andy Lutomirski <>,
	Minchan Kim <>,
	Dmitry Adamushko <>,
	Johannes Weiner <>,
	Mike Hommey <>,
	Andrew Morton <>,
	Linus Torvalds <>,
	Peter Feiner <>
Subject: Re: [Qemu-devel] [PATCH 10/17] mm: rmap preparation for

Hi Kirill,

On Tue, Oct 07, 2014 at 02:10:26PM +0300, Kirill A. Shutemov wrote:
> On Fri, Oct 03, 2014 at 07:08:00PM +0200, Andrea Arcangeli wrote:
> > There's one constraint enforced to allow this simplification: the
> > source pages passed to remap_anon_pages must be mapped only in one
> > vma, but this is not a limitation when used to handle userland page
> > faults with MADV_USERFAULT. The source addresses passed to
> > remap_anon_pages should be set as VM_DONTCOPY with MADV_DONTFORK to
> > avoid any risk of the mapcount of the pages increasing, if fork runs
> > in parallel in another thread, before or while remap_anon_pages runs.
> Have you considered triggering COW instead of adding limitation on
> pages' mapcount? The limitation looks artificial from interface POV.

I haven't considered it, mostly because I see it as a feature that it
returns -EBUSY. I prefer to avoid the risk of userland getting a
successful retval but internally the kernel silently behaving
non-zerocopy by mistake because some userland bug forgot to set
MADV_DONTFORK on the src_vma.

COW would be not zerocopy so it's not ok. We get sub 1msec latency for
userfaults through 10gbit and we don't want to risk wasting CPU

I however considered allowing to extend the strict behavior (i.e. the
feature) later in a backwards compatible way. We could provide a
non-zerocopy beahvior with a RAP_ALLOW_COW flag that would then turn
the -EBUSY error into a copy.

It's also more complex to implement the cow now, so it would make the
code that really matters, harder to review. So it may be preferable to
extend this later in a backwards compatible way with a new

The current handling the flags is already written in a way that should
allow backwards compatible extension with RAP_ALLOW_*:

#define RAP_ALLOW_SRC_HOLES (1UL<<0)

		unsigned long, dst_start, unsigned long, src_start,
		unsigned long, len, unsigned long, flags)
	long err = -EINVAL;
	if (flags & ~RAP_ALLOW_SRC_HOLES)
		return err;
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

Powered by blists - more mailing lists