lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20171005165433.GA4047@arm.com>
Date:   Thu, 5 Oct 2017 17:54:33 +0100
From:   Will Deacon <will.deacon@....com>
To:     Jon Masters <jcm@...hat.com>
Cc:     peterz@...radead.org, paulmck@...ux.vnet.ibm.com,
        kirill.shutemov@...ux.intel.com, linux-kernel@...r.kernel.org,
        ynorov@...iumnetworks.com, rruigrok@...eaurora.org,
        linux-arch@...r.kernel.org, akpm@...ux-foundation.org,
        catalin.marinas@....com, timur@...eaurora.org
Subject: Re: [RFC PATCH 0/2] Missing READ_ONCE in core and arch-specific
 pgtable code leading to crashes

On Tue, Oct 03, 2017 at 02:36:42AM -0400, Jon Masters wrote:
> On 09/29/2017 04:56 AM, Will Deacon wrote:
> 
> > The full fix isn't just cosmetic; it's also addressing the wider problem
> > of unannotated racing page table accesses outside of the specific failure
> > case we've run into.
> 
> Let us know if there are additional tests we should be running on the
> Red Hat end. We've got high hundreds of ARM server systems at this
> point, including pretty much everything out there.

TBH, there's nothing ARM-specific about this issue afaict and it should
be reproducible on x86 if the compiler can keep the initially loaded pmd
live in a GPR for long enough.

As for wider problems, you want to stress anything that does page table
modification concurrently with lockless walkers (although GUP looks mostly
ok modulo the lack of pud_trans_huge support, which I'll try to fix if
I find time).

Will

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ