| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 20 Aug 2019 13:17:02 +0000
From: Song Liu <songliubraving@...com>
To: Thomas Gleixner <tglx@...utronix.de>
CC: Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Linux MM <linux-mm@...ck.org>,
Kernel Team <Kernel-team@...com>,
"stable@...r.kernel.org" <stable@...r.kernel.org>,
Joerg Roedel <jroedel@...e.de>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Andy Lutomirski <luto@...nel.org>,
Peter Zijlstra <peterz@...radead.org>
Subject: Re: [PATCH] x86/mm/pti: in pti_clone_pgtable() don't increase addr by
PUD_SIZE
> On Aug 20, 2019, at 2:12 AM, Thomas Gleixner <tglx@...utronix.de> wrote:
>
> On Tue, 20 Aug 2019, Song Liu wrote:
>
>> pti_clone_pgtable() increases addr by PUD_SIZE for pud_none(*pud) case.
>> This is not accurate because addr may not be PUD_SIZE aligned.
>
> You fail to explain how this happened. The code before the 32bit support
> did always increase by PMD_SIZE. The 32bit support broke that.
Will fix.
>
>> In our x86_64 kernel, pti_clone_pgtable() fails to clone 7 PMDs because
>> of this issuse, including PMD for the irq entry table. For a memcache
>> like workload, this introduces about 4.5x more iTLB-load and about 2.5x
>> more iTLB-load-misses on a Skylake CPU.
>
> This information is largely irrelevant. What matters is the fact that this
> got broken and incorrectly forwards the address by PUD_SIZE which is wrong
> if address is not PUD_SIZE aligned.
We started looking into this because we cannot explain the regression in
iTLB miss rate. I guess the patch itself explains it pretty well, so the
original issue doesn't matter that much?
I will remove this part.
>
>> This patch fixes this issue by adding PMD_SIZE to addr for pud_none()
>> case.
>
> git grep 'This patch' Documentation/process/submitting-patches.rst
Will fix.
>> Cc: stable@...r.kernel.org # v4.19+
>> Fixes: 16a3fe634f6a ("x86/mm/pti: Clone kernel-image on PTE level for 32 bit")
>> Signed-off-by: Song Liu <songliubraving@...com>
>> Cc: Joerg Roedel <jroedel@...e.de>
>> Cc: Thomas Gleixner <tglx@...utronix.de>
>> Cc: Dave Hansen <dave.hansen@...ux.intel.com>
>> Cc: Andy Lutomirski <luto@...nel.org>
>> Cc: Peter Zijlstra <peterz@...radead.org>
>> ---
>> arch/x86/mm/pti.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/arch/x86/mm/pti.c b/arch/x86/mm/pti.c
>> index b196524759ec..5a67c3015f59 100644
>> --- a/arch/x86/mm/pti.c
>> +++ b/arch/x86/mm/pti.c
>> @@ -330,7 +330,7 @@ pti_clone_pgtable(unsigned long start, unsigned long end,
>>
>> pud = pud_offset(p4d, addr);
>> if (pud_none(*pud)) {
>> - addr += PUD_SIZE;
>> + addr += PMD_SIZE;
>
> The right fix is to skip forward to the next PUD boundary instead of doing
> this in a loop with PMD_SIZE increments.
Agreed.
Thanks,
Song
Powered by blists - more mailing lists