lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ae64285f-5134-4147-7b02-34bb5d519e8c@huawei.com>
Date:   Mon, 2 Sep 2019 13:46:51 +0800
From:   Yunsheng Lin <linyunsheng@...wei.com>
To:     Peter Zijlstra <peterz@...radead.org>
CC:     <dalias@...c.org>, <linux-sh@...r.kernel.org>,
        <catalin.marinas@....com>, <dave.hansen@...ux.intel.com>,
        <heiko.carstens@...ibm.com>, <linuxarm@...wei.com>,
        <jiaxun.yang@...goat.com>, <linux-mips@...r.kernel.org>,
        <mwb@...ux.vnet.ibm.com>, <paulus@...ba.org>, <hpa@...or.com>,
        <sparclinux@...r.kernel.org>, <chenhc@...ote.com>,
        <will@...nel.org>, <cai@....pw>, <linux-s390@...r.kernel.org>,
        <ysato@...rs.sourceforge.jp>, <mpe@...erman.id.au>,
        <x86@...nel.org>, <rppt@...ux.ibm.com>, <borntraeger@...ibm.com>,
        <dledford@...hat.com>, <mingo@...hat.com>,
        <jeffrey.t.kirsher@...el.com>, <benh@...nel.crashing.org>,
        <jhogan@...nel.org>, <nfont@...ux.vnet.ibm.com>,
        <mattst88@...il.com>, <len.brown@...el.com>, <gor@...ux.ibm.com>,
        <anshuman.khandual@....com>, <bp@...en8.de>, <luto@...nel.org>,
        <tglx@...utronix.de>, <naveen.n.rao@...ux.vnet.ibm.com>,
        <linux-arm-kernel@...ts.infradead.org>, <rth@...ddle.net>,
        <axboe@...nel.dk>, <linuxppc-dev@...ts.ozlabs.org>,
        <linux-kernel@...r.kernel.org>, <ralf@...ux-mips.org>,
        <tbogendoerfer@...e.de>, <paul.burton@...s.com>,
        <linux-alpha@...r.kernel.org>, <ink@...assic.park.msu.ru>,
        <akpm@...ux-foundation.org>, <robin.murphy@....com>,
        <davem@...emloft.net>
Subject: Re: [PATCH v2 2/9] x86: numa: check the node id consistently for x86

On 2019/9/1 0:12, Peter Zijlstra wrote:
> On Sat, Aug 31, 2019 at 06:09:39PM +0800, Yunsheng Lin wrote:
>>
>>
>> On 2019/8/31 16:55, Peter Zijlstra wrote:
>>> On Sat, Aug 31, 2019 at 01:58:16PM +0800, Yunsheng Lin wrote:
>>>> According to Section 6.2.14 from ACPI spec 6.3 [1], the setting
>>>> of proximity domain is optional, as below:
>>>>
>>>> This optional object is used to describe proximity domain
>>>> associations within a machine. _PXM evaluates to an integer
>>>> that identifies a device as belonging to a Proximity Domain
>>>> defined in the System Resource Affinity Table (SRAT).
>>>
>>> That's just words.. what does it actually mean?
>>
>> It means the dev_to_node(dev) may return -1 if the bios does not
>> implement the proximity domain feature, user may use that value
>> to call cpumask_of_node and cpumask_of_node does not protect itself
>> from node id being -1, which causes out of bound access.
> 
>>>> @@ -69,6 +69,12 @@ extern const struct cpumask *cpumask_of_node(int node);
>>>>  /* Returns a pointer to the cpumask of CPUs on Node 'node'. */
>>>>  static inline const struct cpumask *cpumask_of_node(int node)
>>>>  {
>>>> +	if (node >= nr_node_ids)
>>>> +		return cpu_none_mask;
>>>> +
>>>> +	if (node < 0 || !node_to_cpumask_map[node])
>>>> +		return cpu_online_mask;
>>>> +
>>>>  	return node_to_cpumask_map[node];
>>>>  }
>>>>  #endif
>>>
>>> I _reallly_ hate this. Users are expected to use valid numa ids. Now
>>> we're adding all this checking to all users. Why do we want to do that?
>>
>> As above, the dev_to_node(dev) may return -1.
>>
>>>
>>> Using '(unsigned)node >= nr_nods_ids' is an error.
>>
>> 'node >= nr_node_ids' can be dropped if all user is expected to not call
>> cpumask_of_node with node id greater or equal to nr_nods_ids.
> 
> you copied my typo :-)

I did note the typo, corrected the first one, but missed the second one :)

> 
>> From what I can see, the problem can be fixed in three place:
>> 1. Make user dev_to_node return a valid node id even when proximity
>>    domain is not set by bios(or node id set by buggy bios is not valid),
>>    which may need info from the numa system to make sure it will return
>>    a valid node.
>>
>> 2. User that call cpumask_of_node should ensure the node id is valid
>>    before calling cpumask_of_node, and user also need some info to
>>    make ensure node id is valid.
>>
>> 3. Make sure cpumask_of_node deal with invalid node id as this patchset.
>>
>> Which one do you prefer to make sure node id is valid, or do you
>> have any better idea?
>>
>> Any detail advice and suggestion will be very helpful, thanks.
> 
> 1) because even it is not set, the device really does belong to a node.
> It is impossible a device will have magic uniform access to memory when
> CPUs cannot.

So it means dev_to_node() will return either NUMA_NO_NODE or a
valid node id?

> 
> 2) is already true today, cpumask_of_node() requires a valid node_id.

Ok, most of the user does check node_id before calling
cpumask_of_node(), but does a little different type of checking:

1) some does " < 0" check;
2) some does "== NUMA_NO_NODE" check;
3) some does ">= MAX_NUMNODES" check;
4) some does "< 0 || >= MAX_NUMNODES || !node_online(node)" check.


> 
> 3) is just wrong and increases overhead for everyone.

Ok, cpumask_of_node() is also used in some critical path such
as scheduling, which may not need those checking, the overhead
is unnecessary.

But for non-critical path such as setup or configuration path,
it better to have consistent checking, and also simplify the
user code that calls cpumask_of_node().

Do you think it is worth the trouble to add a new function
such as cpumask_of_node_check(maybe some other name) to do
consistent checking?

Or caller just simply check if dev_to_node()'s return value is
NUMA_NO_NODE before calling cpumask_of_node()?


> 
> _______________________________________________
> linux-arm-kernel mailing list
> linux-arm-kernel@...ts.infradead.org
> http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
> 
> .
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ