lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Y0WiAgnN5IcQDrez@spud>
Date:   Tue, 11 Oct 2022 18:04:02 +0100
From:   Conor Dooley <conor@...nel.org>
To:     Andrew Bresticker <abrestic@...osinc.com>
Cc:     Palmer Dabbelt <palmer@...belt.com>,
        Paul Walmsley <paul.walmsley@...ive.com>,
        Celeste Liu <coelacanthus@...look.com>,
        dram <dramforever@...e.com>, Ruizhe Pan <c141028@...il.com>,
        Conor.Dooley@...rochip.com, linux-riscv@...ts.infradead.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v4 0/2] Make mmap() with PROT_WRITE imply PROT_READ

Hey Palmer,

On Thu, Sep 15, 2022 at 03:37:00PM -0400, Andrew Bresticker wrote:
> Commit 2139619bcad7 ("riscv: mmap with PROT_WRITE but no PROT_READ is
> invalid") made mmap() reject mappings with only PROT_WRITE set in an
> attempt to fix an observed inconsistency in behavior when attempting
> to read from a PROT_WRITE-only mapping. The root cause of this behavior
> was actually that while RISC-V's protection_map maps VM_WRITE to
> readable PTE permissions (since write-only PTEs are considered reserved
> by the privileged spec), the page fault handler considered loads from
> VM_WRITE-only VMAs illegal accesses. Fix the underlying cause by
> handling faults in VM_WRITE-only VMAs (patch 1) and then re-enable
> use of mmap(PROT_WRITE) (patch 2), making RISC-V's behavior consistent
> with all other architectures that don't support write-only PTEs.
> 
> Both patches are tagged as fixes for the aforementioned commit since that
> commit made a userspace visible change that will break any software relying
> on mmap(PROT_WRITE). (Also cc: stable since the offending commit was
> itself backported to stable).

The patch that these commits fix has hit the distros & manifests as a
userspace breakage for openJDK:
https://lore.kernel.org/linux-riscv/a69ee775-e565-3d72-eb5f-8378616694d3@gmail.com/
https://lore.kernel.org/linux-riscv/d6c9e249-08bd-4439-7dcc-371b32e7b851@canonical.com/

Eva tested these patches and reported that their problem was fixed:
https://lore.kernel.org/linux-riscv/20282242-5cad-42be-ce6c-834b0e7ef269@gmail.com/

I asked them for a T-b but I don't see one on lore etc, but it would be
from Eva Kotova <nyandarknessgirl@...il.com> if you consider their
comments their sufficient for a T-B

Thanks,
Conor.

> 
> v1 -> v2: Allow handling of load faults in VM_WRITE VMAs
> v2 -> v3: Split into two pathces
> v3 -> v4: Fixes tags (+ this cover letter)
> 
> Andrew Bresticker (2):
>   riscv: Make VM_WRITE imply VM_READ
>   riscv: Allow PROT_WRITE-only mmap()
> 
>  arch/riscv/kernel/sys_riscv.c | 3 ---
>  arch/riscv/mm/fault.c         | 3 ++-
>  2 files changed, 2 insertions(+), 4 deletions(-)
> 
> -- 
> 2.25.1
> 
> 
> _______________________________________________
> linux-riscv mailing list
> linux-riscv@...ts.infradead.org
> http://lists.infradead.org/mailman/listinfo/linux-riscv

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ