lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAHk-=whFW+uWOmOtRNh0What_fu8Xo8KF2+EeUH1kn4qFxGAhA@mail.gmail.com>
Date:   Wed, 15 Nov 2023 14:15:46 -0500
From:   Linus Torvalds <torvalds@...ux-foundation.org>
To:     Borislav Petkov <bp@...en8.de>
Cc:     David Howells <dhowells@...hat.com>,
        kernel test robot <oliver.sang@...el.com>,
        oe-lkp@...ts.linux.dev, lkp@...el.com,
        linux-kernel@...r.kernel.org,
        Christian Brauner <brauner@...nel.org>,
        Alexander Viro <viro@...iv.linux.org.uk>,
        Jens Axboe <axboe@...nel.dk>, Christoph Hellwig <hch@....de>,
        Christian Brauner <christian@...uner.io>,
        Matthew Wilcox <willy@...radead.org>,
        David Laight <David.Laight@...lab.com>, ying.huang@...el.com,
        feng.tang@...el.com, fengwei.yin@...el.com
Subject: Re: [linus:master] [iov_iter] c9eec08bac: vm-scalability.throughput
 -16.9% regression

On Wed, 15 Nov 2023 at 14:10, Borislav Petkov <bp@...en8.de> wrote:
>
> Should we define an alternative_memcpy() which is used *only* during
> rewriting so that this becomes a non-issue?

Yeah, I think the instruction rewriting should use something that
explicitly cannot possibility itself need rewriting, and a plain
'memcpy()' is obviously that.

The good news is that at least things like structure copies would
*not* trigger that alternative, so it's only explicit memcpy() calls
that my patch changes. But I would not be surprised if instruction
rewriting does that. I didn't actually check.

> Yours looks simple enough and makes sense. Lemme poke at it a bit in the
> coming days and see what happens.

Note that it has a nasty interaction with fortify-source, which is why
it has that hacky "#undef memcpy" in that unrelated header.

Also note that I was being very very lazy in how I re-used the
"rep_movs_alternative" function that we already have. And it's
actually a bad laziness, because our existing rep_movs_alternative
does the exception handling for user mode faults.

We don't actually want exception handling for 'memcpy()', because it
could hide bugs. If a memcpy() gets a bad pointer, we want the oops,
not a partial copy.

So my patch really is broken. It might happen to work when everything
else goes right, and it's small, but it is very much a "proof of
concept" rather than something that is actually acceptable.

               Linus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ