lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20180403230336.GH5935@redhat.com>
Date:   Tue, 3 Apr 2018 19:03:36 -0400
From:   Jerome Glisse <jglisse@...hat.com>
To:     Andrew Morton <akpm@...ux-foundation.org>
Cc:     linux-mm@...ck.org, linux-kernel@...r.kernel.org,
        Ralph Campbell <rcampbell@...dia.com>
Subject: Re: [PATCH] mm/migrate: properly preserve write attribute in special
 migrate entry

On Tue, Apr 03, 2018 at 03:30:46PM -0700, Andrew Morton wrote:
> On Sun,  1 Apr 2018 22:35:06 -0400 jglisse@...hat.com wrote:
> 
> > From: Ralph Campbell <rcampbell@...dia.com>
> > 
> > Use of pte_write(pte) is only valid for present pte, the common code
> > which set the migration entry can be reach for both valid present
> > pte and special swap entry (for device memory). Fix the code to use
> > the mpfn value which properly handle both cases.
> > 
> > On x86 this did not have any bad side effect because pte write bit
> > is below PAGE_BIT_GLOBAL and thus special swap entry have it set to
> > 0 which in turn means we were always creating read only special
> > migration entry.
> 
> Does this mean that the patch only affects behaviour of non-x86 systems?

No it affect x86 as explained below (ie it forces a second page fault).

> 
> > So once migration did finish we always write protected the CPU page
> > table entry (moreover this is only an issue when migrating from device
> > memory to system memory). End effect is that CPU write access would
> > fault again and restore write permission.
> 
> That sounds a bit serious.  Was a -stable backport considered?

Like discuss previously with Michal, for lack of upstream user yet
(and PowerPC users of this code are not upstream either yet AFAIK).

Once i get HMM inside nouveau upstream, i will evaluate if people
wants all fixes to be back ported to stable.

Finaly this one isn't too bad, it just burn CPU cycles by forcing
CPU to take a second fault on write access ie double fault the same
address. There is no corruption or incorrect states (it behave as
a COWed page from a fork with a mapcount of 1).


Do you still want me to be more aggressive with stable backport ?
I don't mind either way. I expect to get HMM nouveau upstream over
next couple release cycle.

Cheers,
Jérôme

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ