lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20200414163234.GG5100@ziepe.ca>
Date:   Tue, 14 Apr 2020 13:32:34 -0300
From:   Jason Gunthorpe <jgg@...pe.ca>
To:     Alexander Gordeev <agordeev@...ux.ibm.com>
Cc:     linux-kernel@...r.kernel.org,
        "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
        linux-mm@...ck.org
Subject: Re: [PATCH] mm/gup: dereference page table entry using helper

On Tue, Apr 14, 2020 at 05:10:01PM +0200, Alexander Gordeev wrote:
> Commit 0005d20 ("mm/gup: Move page table entry dereference
> into helper function") wrapped access to page table entries
> larger than sizeof(long) into a race-aware accessor. One of
> the two dereferences in gup_fast path was however overlooked.
> 
> CC: Kirill A. Shutemov <kirill.shutemov@...ux.intel.com>
> CC: linux-mm@...ck.org
> Signed-off-by: Alexander Gordeev <agordeev@...ux.ibm.com>
>  mm/gup.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/mm/gup.c b/mm/gup.c
> index d53f7dd..eceb98b 100644
> +++ b/mm/gup.c
> @@ -2208,7 +2208,7 @@ static int gup_pte_range(pmd_t pmd, unsigned long addr, unsigned long end,
>  		if (!head)
>  			goto pte_unmap;
>  
> -		if (unlikely(pte_val(pte) != pte_val(*ptep))) {
> +		if (unlikely(pte_val(pte) != pte_val(gup_get_pte(ptep)))) {

It doesn't seem like this needs the special helper as it is just
checking that the pte hasn't changed, it doesn't need to be read
exactly.

But it probably should technically still be a READ_ONCE. Although I
think the atomic inside try_grab_compound_head prevents any real
problems.

Jason

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ