lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20180508105101.GB8209@rodete-desktop-imager.corp.google.com>
Date:   Tue, 8 May 2018 19:51:01 +0900
From:   Minchan Kim <minchan@...nel.org>
To:     Joel Fernandes <joel@...lfernandes.org>
Cc:     LKML <linux-kernel@...r.kernel.org>,
        Ganesh Mahendran <opensource.ganesh@...il.com>,
        Joe Perches <joe@...ches.com>,
        Arve Hjønnevåg <arve@...roid.com>,
        Todd Kjos <tkjos@...gle.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Martijn Coenen <maco@...roid.com>
Subject: Re: [PATCH v6] ANDROID: binder: change down_write to down_read

On Mon, May 07, 2018 at 10:28:29AM -0700, Joel Fernandes wrote:
> On Mon, May 07, 2018 at 11:15:37PM +0900, Minchan Kim wrote:
> > binder_update_page_range needs down_write of mmap_sem because
> > vm_insert_page need to change vma->vm_flags to VM_MIXEDMAP unless
> > it is set. However, when I profile binder working, it seems
> > every binder buffers should be mapped in advance by binder_mmap.
> > It means we could set VM_MIXEDMAP in binder_mmap time which is
> > already hold a mmap_sem as down_write so binder_update_page_range
> > doesn't need to hold a mmap_sem as down_write.
> > Please use proper API down_read. It would help mmap_sem contention
> > problem as well as fixing down_write abuse.
> > 
> > Ganesh Mahendran tested app launching and binder throughput test
> > and he said he couldn't find any problem and I did binder latency
> > test per Greg KH request(Thanks Martijn to teach me how I can do)
> > I cannot find any problem, too.
> > 
> > Cc: Ganesh Mahendran <opensource.ganesh@...il.com>
> > Cc: Joe Perches <joe@...ches.com>
> > Cc: Arve Hjønnevåg <arve@...roid.com>
> > Cc: Todd Kjos <tkjos@...gle.com>
> > Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
> > Reviewed-by: Martijn Coenen <maco@...roid.com>
> > Signed-off-by: Minchan Kim <minchan@...nel.org>
> > ---
> >  drivers/android/binder.c       | 4 +++-
> >  drivers/android/binder_alloc.c | 6 +++---
> >  2 files changed, 6 insertions(+), 4 deletions(-)
> > 
> > diff --git a/drivers/android/binder.c b/drivers/android/binder.c
> > index 4eab5be3d00f..7b8e96f60719 100644
> > --- a/drivers/android/binder.c
> > +++ b/drivers/android/binder.c
> > @@ -4730,7 +4730,9 @@ static int binder_mmap(struct file *filp, struct vm_area_struct *vma)
> >  		failure_string = "bad vm_flags";
> >  		goto err_bad_arg;
> >  	}
> > -	vma->vm_flags = (vma->vm_flags | VM_DONTCOPY) & ~VM_MAYWRITE;
> > +	vma->vm_flags |= VM_DONTCOPY | VM_MIXEDMAP;
> > +	vma->vm_flags &= ~VM_MAYWRITE;
> > +
> >  	vma->vm_ops = &binder_vm_ops;
> >  	vma->vm_private_data = proc;
> >  
> > diff --git a/drivers/android/binder_alloc.c b/drivers/android/binder_alloc.c
> > index 5a426c877dfb..4f382d51def1 100644
> > --- a/drivers/android/binder_alloc.c
> > +++ b/drivers/android/binder_alloc.c
> > @@ -219,7 +219,7 @@ static int binder_update_page_range(struct binder_alloc *alloc, int allocate,
> >  		mm = alloc->vma_vm_mm;
> >  
> >  	if (mm) {
> > -		down_write(&mm->mmap_sem);
> > +		down_read(&mm->mmap_sem);
> 
> 
> Nice. Is there a need to hold the reader-lock at all here? Just curious what
> else is it protecting (here or in vm_insert_page).

It should protect vm_area_struct. IOW, when we try insert page into virtual address area,
vma shouldn't be changed(ie, unmap/collapse/split).

> 
> Otherwise looks good to me:
> Reviewed-by: Joel Fernandes (Google) <joel@...lfernandes.org>

Thanks, Joel!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ