lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <87y3t2zbo0.fsf@e105922-lin.cambridge.arm.com>
Date:   Thu, 08 Jun 2017 17:28:31 +0100
From:   Punit Agrawal <punit.agrawal@....com>
To:     Will Deacon <will.deacon@....com>
Cc:     Catalin Marinas <catalin.marinas@....com>,
        David Woods <dwoods@...lanox.com>, steve.capper@....com,
        tbaicar@...eaurora.org, linux-kernel@...r.kernel.org,
        linux-arm-kernel@...ts.infradead.org, manoj.iyer@...onical.com
Subject: Re: [PATCH v2 1/3] arm64: hugetlb: Fix huge_pte_offset to return poisoned page table entries

Will Deacon <will.deacon@....com> writes:

> On Wed, Jun 07, 2017 at 04:32:28PM +0100, Punit Agrawal wrote:
>> Will Deacon <will.deacon@....com> writes:
>> 
>> > On Wed, Jun 07, 2017 at 03:30:37PM +0100, Catalin Marinas wrote:
>> >> On Wed, Jun 07, 2017 at 02:47:32PM +0100, Will Deacon wrote:
>> >> > On Wed, May 17, 2017 at 04:23:34PM +0100, Punit Agrawal wrote:
>> >> > > --- a/arch/arm64/mm/hugetlbpage.c
>> >> > > +++ b/arch/arm64/mm/hugetlbpage.c
>> >> > > @@ -136,36 +136,27 @@ pte_t *huge_pte_offset(struct mm_struct *mm, unsigned long addr)
>> >> > >  {
>> >> > >  	pgd_t *pgd;
>> >> > >  	pud_t *pud;
>> >> > > -	pmd_t *pmd = NULL;
>> >> > > -	pte_t *pte = NULL;
>> >> > > +	pmd_t *pmd;
>> >> > >  
>> >> > >  	pgd = pgd_offset(mm, addr);
>> >> > >  	pr_debug("%s: addr:0x%lx pgd:%p\n", __func__, addr, pgd);
>> >> > >  	if (!pgd_present(*pgd))
>> >> > >  		return NULL;
>> >> > > +
>> >> > >  	pud = pud_offset(pgd, addr);
>> >> > > -	if (!pud_present(*pud))
>> >> > > +	if (pud_none(*pud))
>> >> > >  		return NULL;
>> >> > 
>> >> > Do you actually need this special case?
>> >> > 
>> >> > > -
>> >> > > -	if (pud_huge(*pud))
>> >> > > +	/* swap or huge page */
>> >> > > +	if (!pud_present(*pud) || pud_huge(*pud))
>> >> > 
>> >> > ... couldn't you just add a '|| pud_none(*pud)' in here?
>> >> > 
>> 
>> I think an earlier version took this approach but...
>> 
>> >> > >  		return (pte_t *)pud;
>> >> 
>> >> But then you no longer return NULL if *pud == 0.
>> >
>> > Does that actually matter? The bits of hugetlb code I looked at will
>> > deferenced the returned pud and handle the huge_pte_none case correctly.
>> 
>> For hugetlb fault handling (hugetlb_fault()), returning NULL vs pointer
>> to the pud/pmd results in different behaviour. If we return the pud when
>> pud_none(), then we lose the resulting hugepage size check we get from
>> huge_pte_alloc().
>
> Ok, so does that mean that many of the huge_pte_none checks in mm/hugetlb.c
> that operate on a huge_ptep_get of non-NULL output from huge_pte_offset are
> actually redundant?

Summarising our offline discussion - the semantics of huge_pte_offset()
are unclear in terms of when a pointer to (p*d) is returned vs when to
return NULL.

As part of enabling contiguous hugepage support[0][1], I have a patch to
add a size argument to huge_pte_offset() that can then help disambiguate
when we have a valid pte* vs when we have an error (NULL).

I'll separately look at clarifying the semantics of the generic version
of huge_pte_offse() and potentially also look at unifying the
huge_pte_offset() implementations across the various architectures.

[0] https://lkml.org/lkml/2017/5/24/463
[1] https://www.spinics.net/lists/arm-kernel/msg583367.html

>
> Will

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ