lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <fc4e3b6e-90fc-cd9f-75ad-452b060250d6@suse.cz>
Date:   Fri, 6 Dec 2019 15:32:09 +0100
From:   Vlastimil Babka <vbabka@...e.cz>
To:     Ajay Kaher <akaher@...are.com>,
        "stable@...r.kernel.org" <stable@...r.kernel.org>
Cc:     "linux-mm@...ck.org" <linux-mm@...ck.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Jann Horn <jannh@...gle.com>,
        Matthew Wilcox <willy@...radead.org>,
        "stable@...nel.org" <stable@...nel.org>,
        Srivatsa Bhat <srivatsab@...are.com>,
        "srivatsa@...il.mit.edu" <srivatsa@...il.mit.edu>,
        Vasavi Sirnapalli <vsirnapalli@...are.com>,
        "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>
Subject: Re: [PATCH STABLE 4.4 5/8] mm: prevent get_user_pages() from
 overflowing page refcount

On 12/6/19 5:15 AM, Ajay Kaher wrote:
> 
> 
> On 03/12/19, 6:28 PM, "Vlastimil Babka" <vbabka@...e.cz> wrote:
>>>>    
>>>> [ 4.4 backport: there's get_page_foll(), so add try_get_page()-like checks
>>>>                 in there, enabled by a new parameter, which is false where
>>>>                 upstream patch doesn't replace get_page() with try_get_page()
>>>>                 (the THP and hugetlb callers).
>>>
>>> Could we have try_get_page_foll(), as in:
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flore.kernel.org%2Fstable%2F1570581863-12090-3-git-send-email-akaher%40vmware.com%2F&amp;data=02%7C01%7Cakaher%40vmware.com%7Cb6592f0fbec040aa045f08d777f06a9f%7Cb39138ca3cee4b4aa4d6cd83d9dd62f0%7C0%7C0%7C637109746821395444&amp;sdata=cYBj3SvEikPbiHsVZj3zCys8t9ISLiHKzAlsSqiZRW8%3D&amp;reserved=0
>>>
>>> + Code will be in sync as we have try_get_page()
>>> + No need to add extra argument to try_get_page()
>>> + No need to modify the callers of try_get_page()
> 
> Any reason for not using try_get_page_foll().

Ah, sorry, I missed that previously. It's certainly possible to do it
that way, I just didn't care so strongly to rewrite the existing SLES
patch. It's a stable backport for a rather old LTS, not a codebase for
further development.

>>>> 		In gup_pte_range(), we don't expect tail pages, so just check
>>>>                 page ref count instead of try_get_compound_head()
>>>
>>> Technically it's fine. If you want to keep the code of stable versions in sync
>>> with latest versions then this could be done in following ways (without any
>>> modification in upstream patch for gup_pte_range()):
>>>
>>> Apply 7aef4172c7957d7e65fc172be4c99becaef855d4 before applying
>>> 8fde12ca79aff9b5ba951fce1a2641901b8d8e64, as done here:
>>> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flore.kernel.org%2Fstable%2F1570581863-12090-4-git-send-email-akaher%40vmware.com%2F&amp;data=02%7C01%7Cakaher%40vmware.com%7Cb6592f0fbec040aa045f08d777f06a9f%7Cb39138ca3cee4b4aa4d6cd83d9dd62f0%7C0%7C0%7C637109746821395444&amp;sdata=gTJMJ3Yx6G0ng46TQsBzCS2DowwP7YtIjluKJuqvN6o%3D&amp;reserved=0
>     
>> Yup, I have considered that, and deliberately didn't add that commit
>> 7aef4172c795 ("mm: handle PTE-mapped tail pages in gerneric fast gup
>> implementaiton") as it's part of a large THP refcount rework. In 4.4 we
>> don't expect to GUP tail pages so I wanted to keep it that way -
>> minimally, the compound_head() operation is a unnecessary added cost,
>> although it would also work.
>     
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ