lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20230708180850.bc938ab49fbfb38b83c367c8@linux-foundation.org>
Date:   Sat, 8 Jul 2023 18:08:50 -0700
From:   Andrew Morton <akpm@...ux-foundation.org>
To:     Axel Rasmussen <axelrasmussen@...gle.com>
Cc:     Alexander Viro <viro@...iv.linux.org.uk>,
        Brian Geffon <bgeffon@...gle.com>,
        Christian Brauner <brauner@...nel.org>,
        David Hildenbrand <david@...hat.com>,
        Gaosheng Cui <cuigaosheng1@...wei.com>,
        Huang Ying <ying.huang@...el.com>,
        Hugh Dickins <hughd@...gle.com>,
        James Houghton <jthoughton@...gle.com>,
        "Jan Alexander Steffens (heftig)" <heftig@...hlinux.org>,
        Jiaqi Yan <jiaqiyan@...gle.com>,
        Jonathan Corbet <corbet@....net>,
        Kefeng Wang <wangkefeng.wang@...wei.com>,
        "Liam R. Howlett" <Liam.Howlett@...cle.com>,
        Miaohe Lin <linmiaohe@...wei.com>,
        Mike Kravetz <mike.kravetz@...cle.com>,
        "Mike Rapoport (IBM)" <rppt@...nel.org>,
        Muchun Song <muchun.song@...ux.dev>,
        Nadav Amit <namit@...are.com>,
        Naoya Horiguchi <naoya.horiguchi@....com>,
        Peter Xu <peterx@...hat.com>,
        Ryan Roberts <ryan.roberts@....com>,
        Shuah Khan <shuah@...nel.org>,
        Suleiman Souhlal <suleiman@...gle.com>,
        Suren Baghdasaryan <surenb@...gle.com>,
        "T.J. Alumbaugh" <talumbau@...gle.com>,
        Yu Zhao <yuzhao@...gle.com>,
        ZhangPeng <zhangpeng362@...wei.com>, linux-doc@...r.kernel.org,
        linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
        linux-mm@...ck.org, linux-kselftest@...r.kernel.org
Subject: Re: [PATCH v4 1/8] mm: make PTE_MARKER_SWAPIN_ERROR more general

On Fri,  7 Jul 2023 14:55:33 -0700 Axel Rasmussen <axelrasmussen@...gle.com> wrote:

> Future patches will re-use PTE_MARKER_SWAPIN_ERROR to implement
> UFFDIO_POISON, so make some various preparations for that:
> 
> First, rename it to just PTE_MARKER_POISONED. The "SWAPIN" can be
> confusing since we're going to re-use it for something not really
> related to swap. This can be particularly confusing for things like
> hugetlbfs, which doesn't support swap whatsoever. Also rename some
> various helper functions.
> 
> Next, fix pte marker copying for hugetlbfs. Previously, it would WARN on
> seeing a PTE_MARKER_SWAPIN_ERROR, since hugetlbfs doesn't support swap.
> But, since we're going to re-use it, we want it to go ahead and copy it
> just like non-hugetlbfs memory does today. Since the code to do this is
> more complicated now, pull it out into a helper which can be re-used in
> both places. While we're at it, also make it slightly more explicit in
> its handling of e.g. uffd wp markers.
> 
> For non-hugetlbfs page faults, instead of returning VM_FAULT_SIGBUS for
> an error entry, return VM_FAULT_HWPOISON. For most cases this change
> doesn't matter, e.g. a userspace program would receive a SIGBUS either
> way. But for UFFDIO_POISON, this change will let KVM guests get an MCE
> out of the box, instead of giving a SIGBUS to the hypervisor and
> requiring it to somehow inject an MCE.
> 
> Finally, for hugetlbfs faults, handle PTE_MARKER_POISONED, and return
> VM_FAULT_HWPOISON_LARGE in such cases. Note that this can't happen today
> because the lack of swap support means we'll never end up with such a
> PTE anyway, but this behavior will be needed once such entries *can*
> show up via UFFDIO_POISON.
> 
> --- a/include/linux/mm_inline.h
> +++ b/include/linux/mm_inline.h
> @@ -523,6 +523,25 @@ static inline bool mm_tlb_flush_nested(struct mm_struct *mm)
>  	return atomic_read(&mm->tlb_flush_pending) > 1;
>  }
>  
> +/*
> + * Computes the pte marker to copy from the given source entry into dst_vma.
> + * If no marker should be copied, returns 0.
> + * The caller should insert a new pte created with make_pte_marker().
> + */
> +static inline pte_marker copy_pte_marker(
> +		swp_entry_t entry, struct vm_area_struct *dst_vma)
> +{
> +	pte_marker srcm = pte_marker_get(entry);
> +	/* Always copy error entries. */
> +	pte_marker dstm = srcm & PTE_MARKER_POISONED;
> +
> +	/* Only copy PTE markers if UFFD register matches. */
> +	if ((srcm & PTE_MARKER_UFFD_WP) && userfaultfd_wp(dst_vma))
> +		dstm |= PTE_MARKER_UFFD_WP;
> +
> +	return dstm;
> +}

Breaks the build with CONFIG_MMU=n (arm allnoconfig).  pte_marker isn't
defined.

I'll slap #ifdef CONFIG_MMU around this function, but probably somethng more
fine-grained could be used, like CONFIG_PTE_MARKER_UFFD_WP.  Please
consider.

btw, both copy_pte_marker() and pte_install_uffd_wp_if_needed() look
far too large to justify inlining.  Please review the desirability of
this.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ