| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20230918175955.w6vowfschshhy6cu@revolver>
Date: Mon, 18 Sep 2023 13:59:55 -0400
From: "Liam R. Howlett" <Liam.Howlett@...cle.com>
To: Peng Zhang <zhangpeng.00@...edance.com>
Cc: corbet@....net, akpm@...ux-foundation.org, willy@...radead.org,
brauner@...nel.org, surenb@...gle.com, michael.christie@...cle.com,
peterz@...radead.org, mathieu.desnoyers@...icios.com,
npiggin@...il.com, avagin@...il.com, linux-mm@...ck.org,
linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-fsdevel@...r.kernel.org
Subject: Re: [PATCH v2 6/6] fork: Use __mt_dup() to duplicate maple tree in
dup_mmap()
* Peng Zhang <zhangpeng.00@...edance.com> [230918 09:15]:
>
>
> 在 2023/9/16 04:00, Liam R. Howlett 写道:
> > * Peng Zhang <zhangpeng.00@...edance.com> [230915 06:57]:
> > >
> > >
> >
> > ...
> >
> > > > > > + if (unlikely(retval))
> > > > > > goto out;
> > > > > > mt_clear_in_rcu(vmi.mas.tree);
> > > > > > - for_each_vma(old_vmi, mpnt) {
> > > > > > + for_each_vma(vmi, mpnt) {
> > > > > > struct file *file;
> > > > > > vma_start_write(mpnt);
> > > > > > if (mpnt->vm_flags & VM_DONTCOPY) {
> > > > > > vm_stat_account(mm, mpnt->vm_flags, -vma_pages(mpnt));
> > > > > > +
> > > > > > + /*
> > > > > > + * Since the new tree is exactly the same as the old one,
> > > > > > + * we need to remove the unneeded VMAs.
> > > > > > + */
> > > > > > + mas_store(&vmi.mas, NULL);
> > > > > > +
> > > > > > + /*
> > > > > > + * Even removing an entry may require memory allocation,
> > > > > > + * and if removal fails, we use XA_ZERO_ENTRY to mark
> > > > > > + * from which VMA it failed. The case of encountering
> > > > > > + * XA_ZERO_ENTRY will be handled in exit_mmap().
> > > > > > + */
> > > > > > + if (unlikely(mas_is_err(&vmi.mas))) {
> > > > > > + retval = xa_err(vmi.mas.node);
> > > > > > + mas_reset(&vmi.mas);
> > > > > > + if (mas_find(&vmi.mas, ULONG_MAX))
> > > > > > + mas_store(&vmi.mas, XA_ZERO_ENTRY);
> > > > > > + goto loop_out;
> > > > > > + }
> > > > > > +
> > > > >
> > > > > Storing NULL may need extra space as you noted, so we need to be careful
> > > > > what happens if we don't have that space. We should have a testcase to
> > > > > test this scenario.
> > > > >
> > > > > mas_store_gfp() should be used with GFP_KERNEL. The VMAs use GFP_KERNEL
> > > > > in this function, see vm_area_dup().
> > > > >
> > > > > Don't use the exit_mmap() path to undo a failed fork. You've added
> > > > > checks and complications to the exit path for all tasks in the very
> > > > > unlikely event that we run out of memory when we hit a very unlikely
> > > > > VM_DONTCOPY flag.
> > > > >
> > > > > I see the issue with having a portion of the tree with new VMAs that are
> > > > > accounted and a portion of the tree that has old VMAs that should not be
> > > > > looked at. It was clever to use the XA_ZERO_ENTRY as a stop point, but
> > > > > we cannot add that complication to the exit path and then there is the
> > > > > OOM race to worry about (maybe, I am not sure since this MM isn't
> > > > > active yet).
> > > > I encountered some errors after implementing the scheme you mentioned
> > > > below.
> >
> > What were the errors? Maybe I missed something or there is another way.
> I found the cause of the problem and fixed it, tested the error path and
> it seems to be working fine now.
>
> The reason is that "free_pgd_range(tlb, addr, vma->vm_end,floor, next?
> next->vm_start: ceiling);" in free_pgtables() does not free all page
> tables due to the existence of the last false VMA. I've fixed it.
> Thanks.
Sounds good.
Please Cc the maple tree mailing (maple-tree@...ts.infradead.org) list
on v3 - we are looking forward to seeing it.
Thanks,
Liam
Powered by blists - more mailing lists