| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 14 May 2018 09:26:03 +0200
From: Ingo Molnar <mingo@...nel.org>
To: Dan Williams <dan.j.williams@...el.com>
Cc: linux-nvdimm <linux-nvdimm@...ts.01.org>,
"Luck, Tony" <tony.luck@...el.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Mike Snitzer <snitzer@...hat.com>,
Peter Zijlstra <peterz@...radead.org>, X86 ML <x86@...nel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Andy Lutomirski <luto@...capital.net>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
Mika Penttilä <mika.penttila@...tfour.com>,
linux-fsdevel <linux-fsdevel@...r.kernel.org>,
Thomas Gleixner <tglx@...utronix.de>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Christoph Hellwig <hch@....de>,
Al Viro <viro@...iv.linux.org.uk>,
Peter Zijlstra <a.p.zijlstra@...llo.nl>
Subject: Re: use memcpy_mcsafe() for copy_to_iter() (was: Re: [PATCH v3 0/9]
Series short description)
* Dan Williams <dan.j.williams@...el.com> wrote:
> Ingo, Thomas, Al, any concerns with this series?
Yeah, so:
"[PATCH v3 0/9] Series short description"
... isn't the catchiest of titles to capture my [all too easily distracted]
attention! ;-)
I have marked it now for -tip processing. Linus was happy with this and acked the
approach, right?
Thanks,
Ingo
>
> On Thu, May 3, 2018 at 5:06 PM, Dan Williams <dan.j.williams@...el.com> wrote:
> > Changes since v2 [1]:
> >
> > * Fix source address increment in mcsafe_handle_tail() (Mika)
> >
> > * Extend the unit test to inject simulated write faults and validate
> > that data is properly transferred.
> >
> > * Rename MCSAFE_DEBUG to MCSAFE_TEST
> >
> > [1]: https://lists.01.org/pipermail/linux-nvdimm/2018-May/015583.html
> >
> > ---
> >
> > Currently memcpy_mcsafe() is only deployed in the pmem driver when
> > reading through a /dev/pmemX block device. However, a filesystem in dax
> > mode mounted on a /dev/pmemX block device will bypass the block layer
> > and the driver for reads. The filesystem-dax (fsdax) read case uses
> > dax_direct_access() and copy_to_iter() to bypass the block layer.
> >
> > The result of the bypass is that the kernel treats machine checks during
> > read as system fatal (reboot) when they could simply be flagged as an
> > I/O error, similar to performing reads through the pmem driver. Prevent
> > this fatal condition by deploying memcpy_mcsafe() in the fsdax read
> > path.
> >
> > The main differences between this copy_to_user_mcsafe() and
> > copy_user_generic_unrolled() are:
> >
> > * Typical tail/residue handling after a fault retries the copy
> > byte-by-byte until the fault happens again. Re-triggering machine
> > checks is potentially fatal so the implementation uses source alignment
> > and poison alignment assumptions to avoid re-triggering machine
> > checks.
> >
> > * SMAP coordination is handled external to the assembly with
> > __uaccess_begin() and __uaccess_end().
> >
> > * ITER_KVEC and ITER_BVEC can now end prematurely with an error.
> >
> > The new MCSAFE_TEST facility is proposed as a way to unit test the
> > exception handling without requiring an ACPI EINJ capable platform.
> >
> > ---
> >
> > Dan Williams (9):
> > x86, memcpy_mcsafe: remove loop unrolling
> > x86, memcpy_mcsafe: add labels for write fault handling
> > x86, memcpy_mcsafe: return bytes remaining
> > x86, memcpy_mcsafe: add write-protection-fault handling
> > x86, memcpy_mcsafe: define copy_to_iter_mcsafe()
> > dax: introduce a ->copy_to_iter dax operation
> > dax: report bytes remaining in dax_iomap_actor()
> > pmem: switch to copy_to_iter_mcsafe()
> > x86, nfit_test: unit test for memcpy_mcsafe()
> >
> >
> > arch/x86/Kconfig | 1
> > arch/x86/Kconfig.debug | 3 +
> > arch/x86/include/asm/mcsafe_test.h | 75 ++++++++++++++++++++++++
> > arch/x86/include/asm/string_64.h | 10 ++-
> > arch/x86/include/asm/uaccess_64.h | 14 +++++
> > arch/x86/lib/memcpy_64.S | 112 +++++++++++++++++-------------------
> > arch/x86/lib/usercopy_64.c | 21 +++++++
> > drivers/dax/super.c | 10 +++
> > drivers/md/dm-linear.c | 16 +++++
> > drivers/md/dm-log-writes.c | 15 +++++
> > drivers/md/dm-stripe.c | 21 +++++++
> > drivers/md/dm.c | 25 ++++++++
> > drivers/nvdimm/claim.c | 3 +
> > drivers/nvdimm/pmem.c | 13 +++-
> > drivers/s390/block/dcssblk.c | 7 ++
> > fs/dax.c | 21 ++++---
> > include/linux/dax.h | 5 ++
> > include/linux/device-mapper.h | 5 +-
> > include/linux/string.h | 4 +
> > include/linux/uio.h | 15 +++++
> > lib/iov_iter.c | 61 ++++++++++++++++++++
> > tools/testing/nvdimm/test/nfit.c | 104 +++++++++++++++++++++++++++++++++
> > 22 files changed, 482 insertions(+), 79 deletions(-)
> > create mode 100644 arch/x86/include/asm/mcsafe_test.h
> > _______________________________________________
> > Linux-nvdimm mailing list
> > Linux-nvdimm@...ts.01.org
> > https://lists.01.org/mailman/listinfo/linux-nvdimm
Powered by blists - more mailing lists