| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 15 Jan 2024 03:55:41 +0800 From: Yangyu Chen <cyy@...self.name> To: linux-riscv@...ts.infradead.org Cc: Charlie Jenkins <charlie@...osinc.com>, Paul Walmsley <paul.walmsley@...ive.com>, Palmer Dabbelt <palmer@...belt.com>, Albert Ou <aou@...s.berkeley.edu>, Guo Ren <guoren@...nel.org>, Andy Chiu <andy.chiu@...ive.com>, Conor Dooley <conor.dooley@...rochip.com>, linux-kernel@...r.kernel.org, Yangyu Chen <cyy@...self.name> Subject: [PATCH 0/3] RISC-V: mm: correct mmap behavior in sv48 address space Previous patch series [1] violates the principle of mmap syscall as it uses hint address as the largest address space to use rather than where to create the mapping, thus broke the possibility to mmap in sv48, sv57 address space without a MAP_FIXED flag. This patchset corrects the behavior of mmap syscall and use the behavior of x86 5-stage-paging as a reference. I first noticed this issue when I was trying to run box64 on a sv48 system with commit previous than [2]. Then I reported this through private communication, then a box64 contributor did some investigation and found that trying to mmap in sv48 address space without MAP_FIXED flag will always return a random address in sv39. I review the changelog with some tests on qemu and found this issue was introduced from [1]. After reviewing the code, tests and docs, I think the original author might misunderstand the meaning of hint address in mmap syscall. Then I did some investigation on other ISAs like x86 which has 5-stage-paging and found that it has addressed the same issue if some userspace software assumes the pointer size should smaller than 47 bits and also solved in kernel by limiting the mmap in maximum 47 bits address space by default. Finally I correct the behavior of mmap syscall as x86 5-stage-paging does, and migreate the documentation from x86-64 kernel to riscv kernel. [1]. https://lore.kernel.org/linux-riscv/20230809232218.849726-1-charlie@rivosinc.com/ [2]. https://github.com/ptitSeb/box64/commit/5b700cb6e6f397d2074c49659f7f9915f4a33c5f Yangyu Chen (3): RISC-V: mm: fix mmap behavior in sv48 address space RISC-V: mm: only test mmap without hint Documentation: riscv: correct sv57 kernel behavior Documentation/arch/riscv/vm-layout.rst | 48 +++++++++++-------- arch/riscv/include/asm/processor.h | 39 ++++----------- .../selftests/riscv/mm/mmap_bottomup.c | 12 ----- .../testing/selftests/riscv/mm/mmap_default.c | 12 ----- tools/testing/selftests/riscv/mm/mmap_test.h | 30 ------------ 5 files changed, 36 insertions(+), 105 deletions(-) -- 2.43.0
Powered by blists - more mailing lists