lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1aa1f09a-1210-d0bc-86ac-9674828bff49@redhat.com>
Date:   Mon, 21 Oct 2019 11:40:39 +0200
From:   David Hildenbrand <david@...hat.com>
To:     Oscar Salvador <osalvador@...e.de>, n-horiguchi@...jp.nec.com
Cc:     mhocko@...nel.org, mike.kravetz@...cle.com, linux-mm@...ck.org,
        linux-kernel@...r.kernel.org
Subject: Re: [RFC PATCH v2 15/16] mm/hwpoison-inject: Rip off duplicated
 checks

On 17.10.19 16:21, Oscar Salvador wrote:
> memory_failure() already performs the same checks, so leave it
> to the main routine.
> 
> Signed-off-by: Oscar Salvador <osalvador@...e.de>
> ---
>   mm/hwpoison-inject.c | 33 +++------------------------------
>   1 file changed, 3 insertions(+), 30 deletions(-)
> 
> diff --git a/mm/hwpoison-inject.c b/mm/hwpoison-inject.c
> index 0c8cdb80fd7d..fdcca3df4283 100644
> --- a/mm/hwpoison-inject.c
> +++ b/mm/hwpoison-inject.c
> @@ -14,49 +14,22 @@ static struct dentry *hwpoison_dir;
>   static int hwpoison_inject(void *data, u64 val)
>   {
>   	unsigned long pfn = val;
> -	struct page *p;
> -	struct page *hpage;
> -	int err;
>   
>   	if (!capable(CAP_SYS_ADMIN))
>   		return -EPERM;
>   
> -	if (!pfn_valid(pfn))
> -		return -ENXIO;
> -
> -	p = pfn_to_page(pfn);
> -	hpage = compound_head(p);
> -
> -	if (!hwpoison_filter_enable)
> -		goto inject;
> -
> -	shake_page(hpage, 0);
> -	/*
> -	 * This implies unable to support non-LRU pages.
> -	 */
> -	if (!PageLRU(hpage) && !PageHuge(p))
> -		return 0;
> -
> -	/*
> -	 * do a racy check to make sure PG_hwpoison will only be set for
> -	 * the targeted owner (or on a free page).
> -	 * memory_failure() will redo the check reliably inside page lock.
> -	 */
> -	err = hwpoison_filter(hpage);
> -	if (err)
> -		return 0;
> -
> -inject:
>   	pr_info("Injecting memory failure at pfn %#lx\n", pfn);
>   	return memory_failure(pfn, 0);
>   }
>   

I explored somewhere already why this code was added:


commit 31d3d3484f9bd263925ecaa341500ac2df3a5d9b
Author: Wu Fengguang <fengguang.wu@...el.com>
Date:   Wed Dec 16 12:19:59 2009 +0100

    HWPOISON: limit hwpoison injector to known page types
    
    __memory_failure()'s workflow is
    
            set PG_hwpoison
            //...
            unset PG_hwpoison if didn't pass hwpoison filter
    
    That could kill unrelated process if it happens to page fault on the
    page with the (temporary) PG_hwpoison. The race should be big enough to
    appear in stress tests.
    
    Fix it by grabbing the page and checking filter at inject time.  This
    also avoids the very noisy "Injecting memory failure..." messages.
    
    - we don't touch madvise() based injection, because the filters are
      generally not necessary for it.
    - if we want to apply the filters to h/w aided injection, we'd better to
      rearrange the logic in __memory_failure() instead of this patch.
    
    AK: fix documentation, use drain all, cleanups


You should justify why it is okay to do rip that code out now.
It's not just duplicate checks.

Was the documented race fixed?
Will we fix the race within memory_failure() later?
Don't we care?

Also, you should add that this fixes the access of uninitialized memmaps
now and makes the interface work correctly with devmem.

-- 

Thanks,

David / dhildenb

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ