lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 13 Jan 2020 15:20:09 +0530
From:   Anshuman Khandual <anshuman.khandual@....com>
To:     David Hildenbrand <dhildenb@...hat.com>
Cc:     David Hildenbrand <david@...hat.com>, linux-mm@...ck.org,
        linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org,
        akpm@...ux-foundation.org, catalin.marinas@....com,
        will@...nel.org, mark.rutland@....com, cai@....pw,
        logang@...tatee.com, cpandya@...eaurora.org, arunks@...eaurora.org,
        dan.j.williams@...el.com, mgorman@...hsingularity.net,
        osalvador@...e.de, ard.biesheuvel@....com, steve.capper@....com,
        broonie@...nel.org, valentin.schneider@....com,
        robin.murphy@....com, steven.price@....com, suzuki.poulose@....com,
        ira.weiny@...el.com
Subject: Re: [PATCH V11 1/5] mm/hotplug: Introduce arch callback validating
 the hot remove range



On 01/13/2020 02:44 PM, David Hildenbrand wrote:
> 
> 
>> Am 13.01.2020 um 10:10 schrieb Anshuman Khandual <anshuman.khandual@....com>:
>>
>> 
>>
>>> On 01/10/2020 02:12 PM, David Hildenbrand wrote:
>>>> On 10.01.20 04:09, Anshuman Khandual wrote:
>>>> Currently there are two interfaces to initiate memory range hot removal i.e
>>>> remove_memory() and __remove_memory() which then calls try_remove_memory().
>>>> Platform gets called with arch_remove_memory() to tear down required kernel
>>>> page tables and other arch specific procedures. But there are platforms
>>>> like arm64 which might want to prevent removal of certain specific memory
>>>> ranges irrespective of their present usage or movability properties.
>>>
>>> Why? Is this only relevant for boot memory? I hope so, otherwise the
>>> arch code needs fixing IMHO.
>>
>> Right, it is relevant only for the boot memory on arm64 platform. But this
>> new arch callback makes it flexible to reject any given memory range.
>>
>>>
>>> If it's only boot memory, we should disallow offlining instead via a
>>> memory notifier - much cleaner.
>>
>> Dont have much detail understanding of MMU notifier mechanism but from some
>> initial reading, it seems like we need to have a mm_struct for a notifier
>> to monitor various events on the page table. Just wondering how a physical
>> memory range like boot memory can be monitored because it can be used both
>> for for kernel (init_mm) or user space process at same time. Is there some
>> mechanism we could do this ?
>>
>>>
>>>>
>>>> Current arch call back arch_remove_memory() is too late in the process to
>>>> abort memory hot removal as memory block devices and firmware memory map
>>>> entries would have already been removed. Platforms should be able to abort
>>>> the process before taking the mem_hotplug_lock with mem_hotplug_begin().
>>>> This essentially requires a new arch callback for memory range validation.
>>>
>>> I somewhat dislike this very much. Memory removal should never fail if
>>> used sanely. See e.g., __remove_memory(), it will BUG() whenever
>>> something like that would strike.
>>>
>>>>
>>>> This differentiates memory range validation between memory hot add and hot
>>>> remove paths before carving out a new helper check_hotremove_memory_range()
>>>> which incorporates a new arch callback. This call back provides platforms
>>>> an opportunity to refuse memory removal at the very onset. In future the
>>>> same principle can be extended for memory hot add path if required.
>>>>
>>>> Platforms can choose to override this callback in order to reject specific
>>>> memory ranges from removal or can just fallback to a default implementation
>>>> which allows removal of all memory ranges.
>>>
>>> I suspect we want really want to disallow offlining instead. E.g., I
>>
>> If boot memory pages can be prevented from being offlined for sure, then it
>> would indirectly definitely prevent hot remove process as well.
>>
>>> remember s390x does that with certain areas needed for dumping/kexec.
>>
>> Could not find any references to mmu_notifier in arch/s390 or any other arch
>> for that matter apart from KVM (which has an user space component), could you
>> please give some pointers ?
> 
> Memory (hotplug) notifier, not MMU notifier :)

They are so similarly named :)

> 
> Not on my notebook right now, grep for MEM_GOING_OFFLINE, that should be it.
> 

Got it, thanks ! But we will still need boot memory enumeration via MEMBLOCK_BOOT
to reject affected offline requests in the callback.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ