| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 13 Feb 2024 10:25:26 -0800 From: Suren Baghdasaryan <surenb@...gle.com> To: Lokesh Gidra <lokeshgidra@...gle.com> Cc: "Liam R. Howlett" <Liam.Howlett@...cle.com>, akpm@...ux-foundation.org, linux-fsdevel@...r.kernel.org, linux-mm@...ck.org, linux-kernel@...r.kernel.org, selinux@...r.kernel.org, kernel-team@...roid.com, aarcange@...hat.com, peterx@...hat.com, david@...hat.com, axelrasmussen@...gle.com, bgeffon@...gle.com, willy@...radead.org, jannh@...gle.com, kaleshsingh@...gle.com, ngeoffray@...gle.com, timmurray@...gle.com, rppt@...nel.org Subject: Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations On Tue, Feb 13, 2024 at 10:14 AM Lokesh Gidra <lokeshgidra@...gle.com> wrote: > > On Tue, Feb 13, 2024 at 9:06 AM Liam R. Howlett <Liam.Howlett@...cle.com> wrote: > > > > * Lokesh Gidra <lokeshgidra@...gle.com> [240213 06:25]: > > > On Mon, Feb 12, 2024 at 7:33 PM Liam R. Howlett <Liam.Howlett@...cle.com> wrote: > > > > > > > > * Lokesh Gidra <lokeshgidra@...gle.com> [240212 19:19]: > > > > > All userfaultfd operations, except write-protect, opportunistically use > > > > > per-vma locks to lock vmas. On failure, attempt again inside mmap_lock > > > > > critical section. > > > > > > > > > > Write-protect operation requires mmap_lock as it iterates over multiple > > > > > vmas. > > > > > > > > > > Signed-off-by: Lokesh Gidra <lokeshgidra@...gle.com> > > > > > --- > > > > > fs/userfaultfd.c | 13 +- > > > > > include/linux/userfaultfd_k.h | 5 +- > > > > > mm/userfaultfd.c | 392 ++++++++++++++++++++++++++-------- > > > > > 3 files changed, 312 insertions(+), 98 deletions(-) > > > > > > > > > ... > > > > I just remembered an issue with the mmap tree that exists today that you > > needs to be accounted for in this change. > > > > If you hit a NULL VMA, you need to fall back to the mmap_lock() scenario > > today. > > Unless I'm missing something, isn't that already handled in the patch? > We get the VMA outside mmap_lock critical section only via > lock_vma_under_rcu() (in lock_vma() and find_and_lock_vmas()) and in > both cases if we get NULL in return, we retry in mmap_lock critical > section with vma_lookup(). Wouldn't that suffice? I think that case is handled correctly by lock_vma(). Sorry for coming back a bit late. The overall patch looks quite good but the all these #ifdef CONFIG_PER_VMA_LOCK seem unnecessary to me. Why find_and_lock_vmas() and lock_mm_and_find_vmas() be called the same name (find_and_lock_vmas()) and in one case it would lock only the VMA and in the other case it takes mmap_lock? Similarly unlock_vma() would in one case unlock the VMA and in the other drop the mmap_lock? That would remove all these #ifdefs from the code. Maybe this was already discussed? > > > > This is a necessity to avoid a race of removal/replacement of a VMA in > > the mmap(MAP_FIXED) case. In this case, we munmap() prior to mmap()'ing > > an area - which means you could see a NULL when there never should have > > been a null. > > > > Although this would be exceedingly rare, you need to handle this case. > > > > Sorry I missed this earlier, > > Liam
Powered by blists - more mailing lists