| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 25 Feb 2021 09:49:07 -0800
From: Axel Rasmussen <axelrasmussen@...gle.com>
To: Mike Kravetz <mike.kravetz@...cle.com>
Cc: Alexander Viro <viro@...iv.linux.org.uk>,
Alexey Dobriyan <adobriyan@...il.com>,
Andrea Arcangeli <aarcange@...hat.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Anshuman Khandual <anshuman.khandual@....com>,
Catalin Marinas <catalin.marinas@....com>,
Chinwen Chang <chinwen.chang@...iatek.com>,
Huang Ying <ying.huang@...el.com>,
Ingo Molnar <mingo@...hat.com>, Jann Horn <jannh@...gle.com>,
Jerome Glisse <jglisse@...hat.com>,
Lokesh Gidra <lokeshgidra@...gle.com>,
"Matthew Wilcox (Oracle)" <willy@...radead.org>,
Michael Ellerman <mpe@...erman.id.au>,
Michal Koutný <mkoutny@...e.com>,
Michel Lespinasse <walken@...gle.com>,
Mike Rapoport <rppt@...ux.vnet.ibm.com>,
Nicholas Piggin <npiggin@...il.com>,
Peter Xu <peterx@...hat.com>, Shaohua Li <shli@...com>,
Shawn Anastasio <shawn@...stas.io>,
Steven Rostedt <rostedt@...dmis.org>,
Steven Price <steven.price@....com>,
Vlastimil Babka <vbabka@...e.cz>,
LKML <linux-kernel@...r.kernel.org>,
linux-fsdevel@...r.kernel.org, Linux MM <linux-mm@...ck.org>,
Adam Ruprecht <ruprecht@...gle.com>,
Cannon Matthews <cannonmatthews@...gle.com>,
"Dr . David Alan Gilbert" <dgilbert@...hat.com>,
David Rientjes <rientjes@...gle.com>,
Mina Almasry <almasrymina@...gle.com>,
Oliver Upton <oupton@...gle.com>
Subject: Re: [PATCH v7 1/6] userfaultfd: add minor fault registration mode
On Wed, Feb 24, 2021 at 4:26 PM Mike Kravetz <mike.kravetz@...cle.com> wrote:
>
> On 2/18/21 4:48 PM, Axel Rasmussen wrote:
> <snip>
> > @@ -401,8 +398,10 @@ vm_fault_t handle_userfault(struct vm_fault *vmf, unsigned long reason)
> >
> > BUG_ON(ctx->mm != mm);
> >
> > - VM_BUG_ON(reason & ~(VM_UFFD_MISSING|VM_UFFD_WP));
> > - VM_BUG_ON(!(reason & VM_UFFD_MISSING) ^ !!(reason & VM_UFFD_WP));
> > + /* Any unrecognized flag is a bug. */
> > + VM_BUG_ON(reason & ~__VM_UFFD_FLAGS);
> > + /* 0 or > 1 flags set is a bug; we expect exactly 1. */
> > + VM_BUG_ON(!reason || !!(reason & (reason - 1)));
>
> I may be confused, but that seems to be checking for a flag value of 1
> as opposed to one flag being set?
(Assuming I implemented it correctly!) It's the logical negation of
this trick: https://graphics.stanford.edu/~seander/bithacks.html#DetermineIfPowerOf2
So, it's "VM_BUG_ON(reason is *not* a power of 2)".
Maybe the double negation makes it overly confusing? It ought to be
equivalent if we remove it and just say:
VM_BUG_ON(!reason || (reason & (reason - 1)));
>
> >
> > if (ctx->features & UFFD_FEATURE_SIGBUS)
> > goto out;
> <snip>
> > diff --git a/mm/hugetlb.c b/mm/hugetlb.c
> > index 3bfba75f6cbd..0388107da4b1 100644
> > --- a/mm/hugetlb.c
> > +++ b/mm/hugetlb.c
> > @@ -4352,6 +4352,38 @@ static vm_fault_t hugetlb_no_page(struct mm_struct *mm,
> > VM_FAULT_SET_HINDEX(hstate_index(h));
> > goto backout_unlocked;
> > }
> > +
> > + /* Check for page in userfault range. */
> > + if (userfaultfd_minor(vma)) {
> > + u32 hash;
> > + struct vm_fault vmf = {
> > + .vma = vma,
> > + .address = haddr,
> > + .flags = flags,
> > + /*
> > + * Hard to debug if it ends up being used by a
> > + * callee that assumes something about the
> > + * other uninitialized fields... same as in
> > + * memory.c
> > + */
> > + };
> > +
> > + unlock_page(page);
> > +
> > + /*
> > + * hugetlb_fault_mutex and i_mmap_rwsem must be dropped
> > + * before handling userfault. Reacquire after handling
> > + * fault to make calling code simpler.
> > + */
> > +
> > + hash = hugetlb_fault_mutex_hash(mapping, idx);
> > + mutex_unlock(&hugetlb_fault_mutex_table[hash]);
> > + i_mmap_unlock_read(mapping);
> > + ret = handle_userfault(&vmf, VM_UFFD_MINOR);
> > + i_mmap_lock_read(mapping);
> > + mutex_lock(&hugetlb_fault_mutex_table[hash]);
> > + goto out;
> > + }
> > }
> >
> > /*
> >
>
> I'm good with the hugetlb.c changes. Since this in nearly identical to
> the other handle_userfault() in this routine, it might be good to create
> a common wrapper. But, that is not required.
Makes sense, I can send a v9 with a helper for this defined. I'll wait
until at least next week to do so, to pick up any other comments v8
may get in the meantime.
Thanks!
> --
> Mike Kravetz
Powered by blists - more mailing lists