lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 31 Mar 2021 16:49:27 +0200
From:   Michal Hocko <mhocko@...e.com>
To:     akpm@...ux-foundation.org
Cc:     Mike Rapoport <rppt@...nel.org>,
        Bui Quang Minh <minhquangbui99@...il.com>,
        linux-mm@...ck.org, linux-kernel@...r.kernel.org,
        Andrea Arcangeli <aarcange@...hat.com>
Subject: Re: [PATCH] userfaultfd: Write protect when virtual memory range has
 no page table entry

On Mon 22-03-21 14:49:35, Michal Hocko wrote:
> On Mon 22-03-21 15:00:37, Mike Rapoport wrote:
> > On Mon, Mar 22, 2021 at 11:14:37AM +0100, Michal Hocko wrote:
> > > Le'ts Andrea and Mike
> > > 
> > > On Fri 19-03-21 22:24:28, Bui Quang Minh wrote:
> > > > userfaultfd_writeprotect() use change_protection() to clear write bit in
> > > > page table entries (pte/pmd). So, later write to this virtual address
> > > > range causes a page fault, which is then handled by userspace program.
> > > > However, change_protection() has no effect when there is no page table
> > > > entries associated with that virtual memory range (a newly mapped memory
> > > > range). As a result, later access to that memory range causes allocating a
> > > > page table entry with write bit still set (due to VM_WRITE flag in
> > > > vma->vm_flags).
> > > > 
> > > > Add checks for VM_UFFD_WP in vma->vm_flags when allocating new page table
> > > > entry in missing page table entry page fault path.
> > > 
> > > From the above it is not really clear whether this is a usability
> > > problem or a bug of the interface.
> > 
> > I'd say it's usability/documentation clarity issue. 
> > Userspace can register an area with
> > 
> > 	UFFDIO_REGISTER_MODE_MISSING | UFFDIO_REGISTER_MODE_WP
> > 
> > and then it will be notified either when page table has no entry for a
> > virtual address or when there is a write to a write protected address.
> 
> Thanks for the clarification! I have suspected this to be the case but
> I am not really familiar with the interface to have any strong statement
> here. Maybe we want to document this explicitly.

Btw. Andrew the patch still seems to be in mmotm. Do you plan to keep it
there?

-- 
Michal Hocko
SUSE Labs

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ