| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 9 Jan 2023 20:49:28 +0800
From: Baoquan He <bhe@...hat.com>
To: Lorenzo Stoakes <lstoakes@...il.com>
Cc: linux-kernel@...r.kernel.org, linux-mm@...ck.org, urezki@...il.com,
stephen.s.brennan@...cle.com, willy@...radead.org,
akpm@...ux-foundation.org, hch@...radead.org
Subject: Re: [PATCH v2 3/7] mm/vmalloc.c: allow vread() to read out
vm_map_ram areas
On 01/09/23 at 07:12am, Lorenzo Stoakes wrote:
> On Mon, Jan 09, 2023 at 12:35:04PM +0800, Baoquan He wrote:
> > Sorry for late reply, just come back from vacation.
>
> Hope you had a great time! :)
Thanks.
>
> >
> > Lei + mutt sounds like a good idea. I relied too much on mbsync in the
> > past.
> >
>
> Yeah I'm finding it works well,
> https://josefbacik.github.io/kernel/2021/10/18/lei-and-b4.html is a handy guide!
Very helpful, will try.
>
> [snip]
> > > Maybe let me rephrase:-
> > >
> > > - We want to read `count` bytes from `addr` into `buf`
> > > - We iterate over _used_ blocks, placing the start/end of each block in `rs`, `re`
> > > respectively.
> > > - If we hit a block whose start address is above the one in which we are interested then:-
> > > - Place a zero byte in the buffer
> > > - Increment `addr` by 1 byte
> > > - Decrement the `count` by 1 byte
> > > - Carry on
> > >
> > > I am seriously confused as to why we do this? Surely we should be checking
> > > whether the range [addr, addr + count) overlaps this block at all, and only then
> > > copying the relevant region?
> >
> > I guessed this could be your concern, but not very sure. That
> > code block is copied from vread(), and my considerations are:
> > 1) We could starting read from any position of kcore file. /proc/kcore
> > is a elf file logically, it's allowed to read from anywhere, right? We
> > don't have to read the entire file always. So the vmap_block reading is
> > not necessarily page aligned. It's very similar with the empty area
> > filling in vread().
> > 2) memset() is doing the byte by byte reading. We can
> > change code as below. While we don't save the effort very much, and we
> > need introduce an extra local variable to store the value of
> > (start - end).
> >
> > diff --git a/mm/vmalloc.c b/mm/vmalloc.c
> > index b054081aa66b..dce4a843a9e8 100644
> > --- a/mm/vmalloc.c
> > +++ b/mm/vmalloc.c
> > @@ -3576,6 +3576,15 @@ static void vmap_ram_vread(char *buf, char *addr, int count, unsigned long flags
> > + if (addr < start) {
> > + int num = min(count, (start - add));
> > + memset(buf, 0, count);
> > + count -= num;
> > + if (count == 0)
> > + break;
> > + buf -= num;
> > + addr -= num;
> > + }
> > /*it could start reading from the middle of used region*/
> > offset = offset_in_page(addr);
> > n = ((re - rs + 1) << PAGE_SHIFT) - offset;
> >
>
> The difference with vread() is that uses a while loop rather than an if clause
> so operates over the whole region byte-by-byte, your original would only do this
> for 1 byte so now things make a lot more sense!
Oops, that 'if clause' is a code bug, I finally got your point until
now, my dumb head.
>
> This approach makes sense though I'd put the count == 0 check first and nit
> 'add' should be 'addr'.
>
> I am happy with either this or a while loop instead of an if which it seems is
> what the original issue was!
OK, I will think again which one is more appropriate.
>
> > void *memset(void *s, int c, size_t count)
> > {
> > char *xs = s;
> >
> > while (count--)
> > *xs++ = c;
> > return s;
> > }
> >
> > >
> > > It's the fact that blocks are at base page granularity but then this condition
> > > is at byte granularity that is confusing to me (again it's _very_ possible I am
> > > just being dumb here and missing something, just really want to understand this
> > > better :)
> >
> > I like this kind of reviewing with careful checking and deep thinking.
> > For above code block, I think it's a very great point. From my point of
> > view, I like the memset version better, it's easier to understand. If we
> > all agree, we can change it to take memset way. When I made patches,
> > several issues related to patches were hovering in my mind at the same
> > time, I did not consider this one so deeply.
> >
>
> Thanks :) I have a particular interest in vmalloc so am happy to dive in with
> reviews here!
>
> > >
> > > > > > - vm = va->vm;
> > > > > > - vaddr = (char *) vm->addr;
> > > > > > - if (addr >= vaddr + get_vm_area_size(vm))
> > > > > > + vaddr = (char *) va->va_start;
> > > > > > + size = flags ? va_size(va) : get_vm_area_size(vm);
> > > > >
> > > > > For example here, I feel that this ternary should be reversed and based on
> > > > > whether vm is null, unles we expect vm to ever be non-null _and_ flags to be
> > > > > set?
> > > >
> > > > Now only vm_map_ram area sets flags, all other types has vm not null.
> > > > Since those temporary state, e.g vm==NULL, flags==0 case has been
> > > > filtered out. Is below you suggested?
> > > >
> > > > size = (!vm&&flags)? va_size(va) : get_vm_area_size(vm);
> > > > or
> > > > size = (vm&&!flags)? get_vm_area_size(vm):va_size(va);
> > > >
> > >
> > > Sorry I didn't phrase this very well, my point is that the key thing you're
> > > relying on here is whether vm exists in order to use it so I simply meant:-
> > >
> > > size = vm ? get_vm_area_size(vm) : va_size(va);
> > >
> > > This just makes it really explicit that you need vm to be non-NULL, and you've
> > > already done the flags check before so this should suffice.
> >
> > Sounds reasonable, I will copy above line you pasted. Thanks a lot.
Thanks again for careful reviewing and great suggestions and findings.
Powered by blists - more mailing lists