lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Tue, 25 Jul 2023 15:16:15 -0600
From:   Nico Pache <npache@...hat.com>
To:     Catalin Marinas <catalin.marinas@....com>
Cc:     Anshuman Khandual <anshuman.khandual@....com>,
        linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
        aquini@...hat.com, Andrew Morton <akpm@...ux-foundation.org>,
        David Hildenbrand <david@...hat.com>,
        Gerald Schaefer <gerald.schaefer@...ux.ibm.com>,
        Liu Shixin <liushixin2@...wei.com>,
        Will Deacon <will@...nel.org>, Yu Zhao <yuzhao@...gle.com>
Subject: Re: [RFC] arm64: properly define SOFT_DIRTY for arm64

Hi Catalin,

Thanks for your reply.

>From my understanding only two of the PBHA bits [60:59] are being used
for *_TABLE_<UXN|PXN>.

If that's the case is it safe to assume bits [63:61] are usable
(without considering OOT patches) and are treated similarly to the
software bits [58:55]? or do more considerations need to be made with
regards to using these bits?

There isnt much info in the codebase about PBHA, but from some
external research it seems the PBHA bits are intended to be used by
future SoC hardware but are currently not exposed to allow users to
use them for their intended purpose.

If you think this is a viable solution, I will go ahead and use bit 61
to implement a SOFTWARE_DIRTY bit. But if the goal is to inevitably
expose these bits to the hardware and allow them to use it, then
perhaps introducing this feature would be short lived.

Thanks,
-- Nico

On Sun, Jul 16, 2023 at 9:19 AM Catalin Marinas <catalin.marinas@....com> wrote:
>
> (I noticed Mark already replied in another thread along the same lines)
>
> On Tue, Jul 04, 2023 at 06:08:59AM -0400, Nico Pache wrote:
> > Is it possible to add the same DBM check I'm using
> > (!arch_has_hw_pte_young) in these pte helper functions to only clear
> > it when DBM is not present?
>
> It's not possible since we don't have a way to encode a read-only +
> dirty PTE (e.g. after ptep_set_wrprotect()). The PTE_WRITE/PTE_DBM bit
> in the architecture only tells that the hardware is allowed to clear the
> PTE_RDONLY bit on a write access and that's what we consider hw-dirty.
> When a dirty/writeable PTE is made read-only, we clear PTE_WRITE, set
> PTE_RDONLY _and_ the software PTE_DIRTY bit.
>
> With the permission indirection extensions (PIE, see patches from Joey),
> PTE_RDONLY can be treated as a true !PTE_DIRTY bit but there's no
> hardware around yet.
>
> So if you need software dirty, it can only be done with another software
> PTE bit. The problem is that we are short of such bits (only one left if
> we move PTE_PROT_NONE to a different location). The userfaultfd people
> also want such bit.
>
> Personally I'd reuse the four PBHA bits but I keep hearing that they may
> be used with some out of tree patches.
>
> --
> Catalin
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ