lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 09 Jan 2023 07:33:45 +0800
From:   "Huang, Ying" <ying.huang@...el.com>
To:     Kees Cook <keescook@...omium.org>
Cc:     Nathan Chancellor <nathan@...nel.org>,
        Andrew Morton <akpm@...ux-foundation.org>, linux-mm@...ck.org,
        linux-kernel@...r.kernel.org, Zi Yan <ziy@...dia.com>,
        Yang Shi <shy828301@...il.com>,
        Baolin Wang <baolin.wang@...ux.alibaba.com>,
        Oscar Salvador <osalvador@...e.de>,
        Matthew Wilcox <willy@...radead.org>,
        Bharata B Rao <bharata@....com>,
        Alistair Popple <apopple@...dia.com>,
        haoxin <xhao@...ux.alibaba.com>
Subject: Re: [PATCH 4/8] migrate_pages: split unmap_and_move() to _unmap()
 and _move()

Kees Cook <keescook@...omium.org> writes:

> On Thu, Jan 05, 2023 at 11:26:55AM -0700, Nathan Chancellor wrote:
>> Hi Ying,
>> 
>> On Tue, Dec 27, 2022 at 08:28:55AM +0800, Huang Ying wrote:
>> > This is a preparation patch to batch the folio unmapping and moving.
>> > 
>> > In this patch, unmap_and_move() is split to migrate_folio_unmap() and
>> > migrate_folio_move().  So, we can batch _unmap() and _move() in
>> > different loops later.  To pass some information between unmap and
>> > move, the original unused dst->mapping and dst->private are used.
>> > 
>> > Signed-off-by: "Huang, Ying" <ying.huang@...el.com>
>> > Cc: Zi Yan <ziy@...dia.com>
>> > Cc: Yang Shi <shy828301@...il.com>
>> > Cc: Baolin Wang <baolin.wang@...ux.alibaba.com>
>> > Cc: Oscar Salvador <osalvador@...e.de>
>> > Cc: Matthew Wilcox <willy@...radead.org>
>> > Cc: Bharata B Rao <bharata@....com>
>> > Cc: Alistair Popple <apopple@...dia.com>
>> > Cc: haoxin <xhao@...ux.alibaba.com>
>> > ---
>> >  include/linux/migrate.h |   1 +
>> >  mm/migrate.c            | 162 +++++++++++++++++++++++++++++-----------
>> >  2 files changed, 121 insertions(+), 42 deletions(-)
>> > 
>> > diff --git a/include/linux/migrate.h b/include/linux/migrate.h
>> > index 3ef77f52a4f0..7376074f2e1e 100644
>> > --- a/include/linux/migrate.h
>> > +++ b/include/linux/migrate.h
>> > @@ -18,6 +18,7 @@ struct migration_target_control;
>> >   * - zero on page migration success;
>> >   */
>> >  #define MIGRATEPAGE_SUCCESS		0
>> > +#define MIGRATEPAGE_UNMAP		1
>> >  
>> >  /**
>> >   * struct movable_operations - Driver page migration
>> > diff --git a/mm/migrate.c b/mm/migrate.c
>> > index 97ea0737ab2b..e2383b430932 100644
>> > --- a/mm/migrate.c
>> > +++ b/mm/migrate.c
>> > @@ -1009,11 +1009,29 @@ static int move_to_new_folio(struct folio *dst, struct folio *src,
>> >  	return rc;
>> >  }
>> >  
>> > -static int __unmap_and_move(struct folio *src, struct folio *dst,
>> > +static void __migrate_folio_record(struct folio *dst,
>> > +				   unsigned long page_was_mapped,
>> > +				   struct anon_vma *anon_vma)
>> > +{
>> > +	dst->mapping = (struct address_space *)anon_vma;
>> > +	dst->private = (void *)page_was_mapped;
>> > +}
>> > +
>> > +static void __migrate_folio_extract(struct folio *dst,
>> > +				   int *page_was_mappedp,
>> > +				   struct anon_vma **anon_vmap)
>> > +{
>> > +	*anon_vmap = (struct anon_vma *)dst->mapping;
>> > +	*page_was_mappedp = (unsigned long)dst->private;
>> > +	dst->mapping = NULL;
>> > +	dst->private = NULL;
>> > +}
>> 
>> This patch as commit 42871c600cad ("migrate_pages: split
>> unmap_and_move() to _unmap() and _move()") in next-20230105 causes the
>> following error with clang when CONFIG_RANDSTRUCT is enabled, which is
>> the case with allmodconfig:
>> 
>>   ../mm/migrate.c:1041:15: error: casting from randomized structure pointer type 'struct address_space *' to 'struct anon_vma *'
>>           *anon_vmap = (struct anon_vma *)dst->mapping;
>>                        ^
>>   1 error generated.
>> 
>> With GCC, there is only a note:
>> 
>>   ../mm/migrate.c: In function '__migrate_folio_extract':
>>   ../mm/migrate.c:1041:20: note: randstruct: casting between randomized structure pointer types (ssa): 'struct anon_vma' and 'struct address_space'
>> 
>>    1041 |         *anon_vmap = (struct anon_vma *)dst->mapping;
>>         |         ~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> 
>> Kees has done fixes for warnings and errors like this in the past (I
>> just ran
>> 
>>   $ git log -p --grep='randomized structure pointer type'
>> 
>> to find them) but I did not see any that would seem appropriate here
>> hence just the report :)
>
> If this struct is literally just a scratch space and the original struct
> layout doesn't matter, it may be possible to silence this cast by using
> "(void *)" instead of the explicit struct type pointer.

It works!  Thank you very much!

Best Regards,
Huang, Ying

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ