lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAHk-=wh0J7HotWcjP5nL4pZZLZN31SMid5rpf3pvmv-7Yi2W1A@mail.gmail.com>
Date:   Tue, 5 Sep 2023 17:16:01 -0700
From:   Linus Torvalds <torvalds@...ux-foundation.org>
To:     Mateusz Guzik <mjguzik@...il.com>
Cc:     Ingo Molnar <mingo@...nel.org>, linux-kernel@...r.kernel.org,
        linux-arch@...r.kernel.org, bp@...en8.de
Subject: Re: [PATCH v2] x86: bring back rep movsq for user access on CPUs
 without ERMS

On Tue, 5 Sept 2023 at 13:41, Mateusz Guzik <mjguzik@...il.com> wrote:
>
> @@ -312,7 +314,15 @@ int vfs_fstatat(int dfd, const char __user *filename,
>         struct filename *name;
>
>         name = getname_flags(filename,
> getname_statx_lookup_flags(statx_flags), NULL);
> -       ret = vfs_statx(dfd, name, statx_flags, stat, STATX_BASIC_STATS);
> +       /*
> +        * Hack: ugliness below damage controls glibc which reimplemented fstat
> +        * on top of newfstatat(fd, "", buf, AT_EMPTY_PATH). We still pay for
> +        * kmalloc and user access, but elide lockref.
> +        */
> +       if (name->name[0] == '\0' && flags == AT_EMPTY_PATH && dfd >= 0)
> +               ret = vfs_fstat(dfd, stat);
> +       else
> +               ret = vfs_statx(dfd, name, statx_flags, stat,
> STATX_BASIC_STATS);
>         putname(name);

I actually think I might prefer the earlier hacky thing, because it
avoids the whole nasty pathname allocation thing (ie the __getname()
dance in getname_flags(), and the addition of the pathname to the
audit records etc).

I suspect your "there are no real loads that combine AT_EMPTY_PATH
with a path" comment is true.

So if we have this short-circuit of the code, let's go all hog on it,
and avoid not just the RCU lookup (with lockref etc), but the pathname
allocation too.

                  Linus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ