lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <55fa4f7e-356b-8b41-0e06-efa5a065277a@linux.alibaba.com>
Date:   Thu, 1 Jul 2021 10:44:47 +0800
From:   Yaohui Wang <yaohuiwang@...ux.alibaba.com>
To:     dave.hansen@...ux.intel.com, luto@...nel.org, peterz@...radead.org,
        Thomas Gleixner <tglx@...utronix.de>, mingo@...hat.com,
        bp@...en8.de, x86@...nel.org, hpa@...or.com
Cc:     linux-kernel@...r.kernel.org, yaohuiwang@...ux.alibaba.com
Subject: Re: [PATCH v3 0/2] x86/ioremap: fix boundary calculation and boundary
 judgment issues for ioremap()

Hi, maintainers,

It's been 10 days since I sent the patches at Jun 21st. Would you please
help to review them? Wish to hear your feedbacks, Thanks!


Yaohui

On 2021/6/21 20:34, Yaohui Wang wrote:
> ioremap_xxx() functions should fail if the memory address range contains
> normal RAM. But due to some boundary calculation and boundary judgment
> issues, the RAM check may be omitted for the very start or the very end
> page in the memory range. As a consequence, ioremap_xxx() can be applied
> to normal RAM pages by mistake. This raises the risk of misusing
> ioremap_xxx() functions on normal RAM ranges, and may incur terrible
> performance issues.
> 
> For example, suppose [phys_addr ~ phys_addr + PAGE_SIZE - 1] is a normal
> RAM page. Calling ioremap(phys_addr, PAGE_SIZE-1) will succeed (but it
> should not). This will set the cache flag of the phys_addr's directing
> mapping pte to be PCD. What's worse, iounmap() won't revert this cache
> flag in the directing mapping. So the pte in the directing mapping keeps
> polluted until workarounds are applied (by invoking ioremap_cache() on
> phys_addr) to fix the cache bit. If there is important data/code in the
> polluted page, which is accessed frequently, then the performance of the
> machine will drop terribly.
> 
> These two patches aim to address this issue.
> 
> Yahui Wang (2):
>    x86/ioremap: fix the pfn calculation mistake in __ioremap_check_ram()
>    kernel/resource: fix boundary judgment issues in find_next_iomem_res()
>      and __walk_iomem_res_desc()
> 
>   arch/x86/mm/ioremap.c | 16 ++++++++--------
>   kernel/resource.c     |  4 ++--
>   2 files changed, 10 insertions(+), 10 deletions(-)
> 
> 
> base-commit: 13311e74253fe64329390df80bed3f07314ddd61
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ