lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAJF2gTQ33JmhUZtr6nkAY5mXRxOEA88pXy1CHcU0jNMzcQZz_g@mail.gmail.com>
Date: Fri, 22 Dec 2023 15:20:15 +0800
From: Guo Ren <guoren@...nel.org>
To: Leonardo Bras <leobras@...hat.com>
Cc: linux-kernel@...r.kernel.org, paul.walmsley@...ive.com, palmer@...belt.com, 
	alexghiti@...osinc.com, charlie@...osinc.com, xiao.w.wang@...el.com, 
	david@...hat.com, panqinglin2020@...as.ac.cn, rick.p.edgecombe@...el.com, 
	willy@...radead.org, bjorn@...osinc.com, conor.dooley@...rochip.com, 
	cleger@...osinc.com, linux-riscv@...ts.infradead.org, 
	Guo Ren <guoren@...ux.alibaba.com>, stable@...r.kernel.org
Subject: Re: [PATCH V2 2/4] riscv: mm: Fixup compat arch_get_mmap_end

On Fri, Dec 22, 2023 at 1:28 PM Leonardo Bras <leobras@...hat.com> wrote:
>
> On Fri, Dec 22, 2023 at 12:50:44PM +0800, Guo Ren wrote:
> > On Fri, Dec 22, 2023 at 12:43 PM Leonardo Bras <leobras@...hat.com> wrote:
> > >
> > > On Fri, Dec 22, 2023 at 12:26:19PM +0800, Guo Ren wrote:
> > > > On Fri, Dec 22, 2023 at 11:35 AM Leonardo Bras <leobras@...hat.com> wrote:
> > > > >
> > > > > On Thu, Dec 21, 2023 at 10:46:59AM -0500, guoren@...nel.org wrote:
> > > > > > From: Guo Ren <guoren@...ux.alibaba.com>
> > > > > >
> > > > > > When the task is in COMPAT mode, the arch_get_mmap_end should be 2GB,
> > > > > > not TASK_SIZE_64. The TASK_SIZE has contained is_compat_mode()
> > > > > > detection, so change the definition of STACK_TOP_MAX to TASK_SIZE
> > > > > > directly.
> > > > >
> > > > > ok
> > > > >
> > > > > >
> > > > > > Cc: stable@...r.kernel.org
> > > > > > Fixes: add2cc6b6515 ("RISC-V: mm: Restrict address space for sv39,sv48,sv57")
> > > > > > Signed-off-by: Guo Ren <guoren@...ux.alibaba.com>
> > > > > > Signed-off-by: Guo Ren <guoren@...nel.org>
> > > > > > ---
> > > > > >  arch/riscv/include/asm/processor.h | 6 ++----
> > > > > >  1 file changed, 2 insertions(+), 4 deletions(-)
> > > > > >
> > > > > > diff --git a/arch/riscv/include/asm/processor.h b/arch/riscv/include/asm/processor.h
> > > > > > index f19f861cda54..1f538fc4448d 100644
> > > > > > --- a/arch/riscv/include/asm/processor.h
> > > > > > +++ b/arch/riscv/include/asm/processor.h
> > > > > > @@ -16,15 +16,13 @@
> > > > > >
> > > > > >  #ifdef CONFIG_64BIT
> > > > > >  #define DEFAULT_MAP_WINDOW   (UL(1) << (MMAP_VA_BITS - 1))
> > > > > > -#define STACK_TOP_MAX                TASK_SIZE_64
> > > > > > +#define STACK_TOP_MAX                TASK_SIZE
> > > > >
> > > > > It means STACK_TOP_MAX will be in 64BIT:
> > > > > - TASK_SIZE_32 if compat_mode=y
> > > > > - TASK_SIZE_64 if compat_mode=n
> > > > >
> > > > > Makes sense for me.
> > > > >
> > > > > >
> > > > > >  #define arch_get_mmap_end(addr, len, flags)                  \
> > > > > >  ({                                                           \
> > > > > >       unsigned long mmap_end;                                 \
> > > > > >       typeof(addr) _addr = (addr);                            \
> > > > > > -     if ((_addr) == 0 || (IS_ENABLED(CONFIG_COMPAT) && is_compat_task())) \
> > > > > > -             mmap_end = STACK_TOP_MAX;                       \
> > > > > > -     else if ((_addr) >= VA_USER_SV57)                       \
> > > > > > +     if ((_addr) == 0 || (_addr) >= VA_USER_SV57)            \
> > > > > >               mmap_end = STACK_TOP_MAX;                       \
> > > > > >       else if ((((_addr) >= VA_USER_SV48)) && (VA_BITS >= VA_BITS_SV48)) \
> > > > > >               mmap_end = VA_USER_SV48;                        \
> > > > >
> > > > >
> > > > > I don't think I got this change, or how it's connected to the commit msg.
> > > > The above is just code simplification; if STACK_TOP_MAX is TASK_SIZE, then
> > > >
> > > >      if ((_addr) == 0 || (IS_ENABLED(CONFIG_COMPAT) && is_compat_task())) \
> > > >              mmap_end = STACK_TOP_MAX;                       \
> > > >     else if ((_addr) >= VA_USER_SV57)                       \
> > > >
> > > > is equal to:
> > > >
> > > >      if ((_addr) == 0 || (_addr) >= VA_USER_SV57)            \
> > >
> > > I am failing to understand exactly how are they equal.
> > > I mean, what in your STACK_TOP_MAX change made them equal?
> > #define STACK_TOP_MAX TASK_SIZE
> > #define TASK_SIZE       (is_compat_task() ? TASK_SIZE_32 : TASK_SIZE_64)
> >
>
> yes, I am aware. Let's do a simple test with the new code and
> addr = 2^27 (random 32-bit addr) and compat mode.
>
> if ((_addr) == 0 || (_addr) >= VA_USER_SV57)
>         // Evaluates to false: 2^27 != 0, and is < 2^57
> else if ((((_addr) >= VA_USER_SV48)) && (VA_BITS >= VA_BITS_SV48))
>         // Evaluates to false: 2^27 < 2^48
> else
>         mmap_end = VA_USER_SV39;
>
> mmap_end = VA_USER_SV39, even in compat_mode.
>
> We need the extra is_compat_task() if we want to return 2^32.
Yes, my stupid, I fell into the wrong logic. Sorry for the noisy part,
which should be removed.

>
> Thanks!
> Leo
>
>
> > >
> > > See below, the behavior changed:
> > > >
> > > > >
> > > > > Before:
> > > > > - addr == 0, or addr > 2^57, or compat: mmap_end = STACK_TOP_MAX
> > > > > - 2^48 < addr < 2^57: mmap_end = 2^48
> > > > > - 0 < addr < 2^48 : mmap_end = 2^39
> > > > >
> > > > > Now:
> > > > > - addr == 0, or addr > 2^57: mmap_end = STACK_TOP_MAX
> > > > > - 2^48 < addr < 2^57: mmap_end = 2^48
> > > > > - 0 < addr < 2^48 : mmap_end = 2^39
> > > > >
> > > > > IIUC compat mode addr will be < 2^32, so will always have mmap_end = 2^39
> > > > > if addr != 0. Is that desireable?
> > > > > (if not, above change is unneeded)
> > > > >
> > >
> > > ^
> > >
> > > With your change on STACK_TOP_MAX only (not changing arch_get_mmap_end),
> > > you would have:
> > >
> > > - compat_mode & (0 < addr < 2^32)       -> mmap_end = 2^32
> > compat_mode      -> mmap_end = 2^32
> >
>
> This is correct!
> Yeah, since you changed STACK_TOP_MAX to be 2^32 in compat mode,
> any addr value < 2^32 with compat value will return 2^32.
> (without the change in arch_get_mmap_end(), that is.)
>
> > > - non-compat, addr == 0, or addr > 2^57 -> mmap_end = TASK_SIZE_64
> > > - non-compat, (2^48 < addr < 2^57)      -> mmap_end = 2^48
> > > - non-compat, (0 < addr < 2^48)         -> mmap_end = 2^39
> > >
> > > Which seems more likely, based on Charlie comments.
> > >
> > > Thanks,
> > > Leo
> > >
> > > > > Also, unrelated to the change:
> > > > > - 2^48 < addr < 2^57: mmap_end = 2^48
> > > > > Is the above correct?
> > > > > It looks like it should be 2^57 instead, and a new if clause for
> > > > > 2^32 < addr < 2^48 should have mmap_end = 2^48.
> > > > >
> > > > > Do I get it wrong?
> > > > Maybe I should move this into the optimization part.
> > > >
> > > > >
> > > > > (I will send an RFC 'fixing' the code the way I am whinking it should look
> > > > > like)
> > > > >
> > > > > Thanks,
> > > > > Leo
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > > --
> > > > > > 2.40.1
> > > > > >
> > > > >
> > > >
> > > >
> > > > --
> > > > Best Regards
> > > >  Guo Ren
> > > >
> > >
> >
> >
> > --
> > Best Regards
> >  Guo Ren
> >
>


-- 
Best Regards
 Guo Ren

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ