lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 29 Jan 2016 11:02:53 +0000
From:	Mark Rutland <mark.rutland@....com>
To:	Xishi Qiu <qiuxishi@...wei.com>
Cc:	Ard Biesheuvel <ard.biesheuvel@...aro.org>,
	Laura Abbott <labbott@...oraproject.org>,
	Catalin Marinas <catalin.marinas@....com>,
	Will Deacon <will.deacon@....com>,
	Kees Cook <keescook@...omium.com>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"linux-arm-kernel@...ts.infradead.org" 
	<linux-arm-kernel@...ts.infradead.org>,
	zhong jiang <zhongjiang@...wei.com>, steve.capper@....com
Subject: Re: [PATCH] arm64: Allow vmalloc regions to be set with set_memory_*

On Fri, Jan 29, 2016 at 09:21:40AM +0800, Xishi Qiu wrote:
> On 2016/1/28 22:27, Mark Rutland wrote:
> > On Thu, Jan 28, 2016 at 07:47:09PM +0800, Xishi Qiu wrote:
> >> Hi Mark,
> >>
> >> Is it safe in the following path?
> >>
> >> alloc the whole linear map section
> > 
> > I don't understand what you mean by this, you will need to elaborate.
> > The terms "alloc" and "section" can mean a number of different things in
> > this context.
> > 
> >> cpu A write something on it
> >> cpu B write something on it
> >> cpu C set read only flag and call flush_tlb_kernel_range()
> > 
> > If you want to modify a portion of the linear map, this will not work.
> > Modfiying the linear map in this manner is not safe.
> > 
> > If you want an alias of the linear map which was mapped using pages, and
> > you wanted to change that alias, that could work.
> > 
> 
> Hi Mark,
> 
> I mean I change the whole section(maybe 1G?) in linear map.

If you mean something that was mapped with a section (i.e. a block entry
in some level of page table), then no. The linear map is not open to
this kind of change, as portions of the region may be in use elsewhere
within Linux.

> In our software, kernel create mapping(linear map) on special memory,
> and
> it is separated from buddy system, the service manage the special memory itself.

This is not what the linear map is for. What exactly is this "special
memory"?

Is it some persistent memory?

Is it normal memory that you wish to use for some communication with
other agents and/or DMA?

Is it normal memory that you simply have a special use-case for?

> And the service alloc/free the memory based on the physical address, so if 
> the service want to change the prot dynamically, vmalloc doesn't work, and
> fixmap is a little complex.

Without further explanation of your use-case, this doesn't make sense to
me. I don't understand why the physical address matters -- that implies
you have other agents accessing this memory. If that's the case, I don't
see what changing the permissions buys you.

Regardless, it sounds like either we're missing some infrastructure, or
you are mis-using existing APIs.

> I think if I create the spacial memory in 4kb, then the service could
> use set_memory_ro() directly, right?

Perhaps. If it's a vmalloc'd area, then yes (once Ard's patch to allow
that is in). I have more general concerns with your approach, in that I
still do not understand the problem you are trying to solve.

Thanks,
Mark.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ