lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <13c0caee-82e9-c295-b1b4-6d2bff132b72@redhat.com>
Date:   Wed, 2 Nov 2022 10:14:34 +0100
From:   David Hildenbrand <david@...hat.com>
To:     Jason Gunthorpe <jgg@...dia.com>
Cc:     linux-kernel@...r.kernel.org, linux-mm@...ck.org,
        Andrew Morton <akpm@...ux-foundation.org>,
        Mike Kravetz <mike.kravetz@...cle.com>,
        Peter Xu <peterx@...hat.com>,
        John Hubbard <jhubbard@...dia.com>,
        syzbot+f0b97304ef90f0d0b1dc@...kaller.appspotmail.com
Subject: Re: [PATCH v1] mm/gup: disallow FOLL_FORCE|FOLL_WRITE on hugetlb
 mappings

On 31.10.22 17:14, Jason Gunthorpe wrote:
> On Mon, Oct 31, 2022 at 04:25:24PM +0100, David Hildenbrand wrote:
>> Cc: Andrew Morton <akpm@...ux-foundation.org>
>> Cc: Mike Kravetz <mike.kravetz@...cle.com>
>> Cc: Peter Xu <peterx@...hat.com>
>> Cc: John Hubbard <jhubbard@...dia.com>
>> Cc: Jason Gunthorpe <jgg@...dia.com>
>> Reported-by: syzbot+f0b97304ef90f0d0b1dc@...kaller.appspotmail.com
>> Signed-off-by: David Hildenbrand <david@...hat.com>
>> ---
>>
>> I assume this has been broken at least since 2014, when mm/gup.c came to
>> life. I failed to come up with a suitable Fixes tag quickly.
> 
> I'm worried this would break RDMA over hugetlbfs maps - which is a
> real thing people do.
> 
> MikeK do you have test cases?

This patch here only silences the warning. The warning+failing is 
already in 6.0, and so far nobody (besides syzbot) complained.

RDMA (due to FOLL_FORCE) would now fail (instead of doing something 
wrong) on MAP_PRIVATE hugetlb mappings that are R/O. Do we have any 
actual examples of such RDMA usage? I was able to understand why this 
case (MAP_PRIVATE, PROT_READ) is important for !hugetlb, but I don't 
immediately see under which situations this would apply to hugetlb.

While we could implement FOLL_FORCE for hugetlb, at least for RDMA we 
will be moving away from FOLL_FORCE instead --- I'll be posting these 
patches shortly.

So considering upcoming changes, at least RDMA is rather a bad excuse 
for more widespread FOLL_FORCE support.

-- 
Thanks,

David / dhildenb

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ