lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAHbLzkorHGOK-h5vxOYFuXVNWRBYBMARwYO_f2osSjFtvZCj8w@mail.gmail.com>
Date:   Wed, 15 Sep 2021 10:28:38 -0700
From:   Yang Shi <shy828301@...il.com>
To:     "Kirill A. Shutemov" <kirill@...temov.name>
Cc:     HORIGUCHI NAOYA(堀口 直也) 
        <naoya.horiguchi@....com>, Hugh Dickins <hughd@...gle.com>,
        "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
        Matthew Wilcox <willy@...radead.org>,
        Oscar Salvador <osalvador@...e.de>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Linux MM <linux-mm@...ck.org>,
        Linux FS-devel Mailing List <linux-fsdevel@...r.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 1/4] mm: filemap: check if any subpage is hwpoisoned for
 PMD page fault

On Wed, Sep 15, 2021 at 4:46 AM Kirill A. Shutemov <kirill@...temov.name> wrote:
>
> On Tue, Sep 14, 2021 at 11:37:15AM -0700, Yang Shi wrote:
> > diff --git a/mm/memory.c b/mm/memory.c
> > index 25fc46e87214..1765bf72ed16 100644
> > --- a/mm/memory.c
> > +++ b/mm/memory.c
> > @@ -3920,8 +3920,17 @@ vm_fault_t do_set_pmd(struct vm_fault *vmf, struct page *page)
> >       if (unlikely(!pmd_none(*vmf->pmd)))
> >               goto out;
> >
> > -     for (i = 0; i < HPAGE_PMD_NR; i++)
> > +     for (i = 0; i < HPAGE_PMD_NR; i++) {
> > +             /*
> > +              * Just backoff if any subpage of a THP is corrupted otherwise
> > +              * the corrupted page may mapped by PMD silently to escape the
> > +              * check.  This kind of THP just can be PTE mapped.  Access to
> > +              * the corrupted subpage should trigger SIGBUS as expected.
> > +              */
> > +             if (PageHWPoison(page + i))
> > +                     goto out;
> >               flush_icache_page(vma, page + i);
> > +     }
>
> This is somewhat costly.
>
> flush_icache_page() is empty on most archs so compiler makes the loop go
> away before the change. Also page->flags for most of the pages will not
> necessary be hot.

Yeah, good point.

>
> I wounder if we should consider making PG_hwpoison to cover full compound
> page. On marking page hwpoison we try to split it and mark relevant base
> page, if split fails -- mark full compound page.

We need extra bits to record exactly which subpage(s) are poisoned so
that the right page can be isolated when splitting.

>
> As alternative we can have one more flag that indicates that the compound
> page contains at least one hwpoisoned base page. We should have enough
> space in the first tail page.

Yes, actually I was thinking about the same thing too when debugging
this problem. I think this approach is more feasible. We could add a
new flag in the first tail page just like doublemap which indicates
there is/are poisoned subpage(s). It could be cleared when splitting.

I will try to implement this in the next version. Thanks a lot for the
suggestion.

>
> --
>  Kirill A. Shutemov

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ