| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <a73c78be-8cdc-4f0e-b72f-e5255c906a5f@redhat.com>
Date: Thu, 7 Mar 2024 13:09:28 +0100
From: David Hildenbrand <david@...hat.com>
To: Richard Weinberger <richard@....at>
Cc: linux-mm <linux-mm@...ck.org>,
linux-fsdevel <linux-fsdevel@...r.kernel.org>,
linux-kernel <linux-kernel@...r.kernel.org>,
Linux Doc Mailing List <linux-doc@...r.kernel.org>,
upstream+pagemap <upstream+pagemap@...ma-star.at>,
adobriyan <adobriyan@...il.com>, wangkefeng wang
<wangkefeng.wang@...wei.com>, ryan roberts <ryan.roberts@....com>,
hughd <hughd@...gle.com>, peterx <peterx@...hat.com>,
avagin <avagin@...gle.com>, lstoakes <lstoakes@...il.com>,
vbabka <vbabka@...e.cz>, Andrew Morton <akpm@...ux-foundation.org>,
usama anjum <usama.anjum@...labora.com>, Jonathan Corbet <corbet@....net>
Subject: Re: [PATCH 1/2] [RFC] proc: pagemap: Expose whether a PTE is writable
On 07.03.24 12:59, David Hildenbrand wrote:
> On 07.03.24 12:51, Richard Weinberger wrote:
>> ----- Ursprüngliche Mail -----
>>> Von: "David Hildenbrand" <david@...hat.com>
>>>> I'm currently investigating why a real-time application faces unexpected
>>>> page faults. Page faults are usually fatal for real-time work loads because
>>>> the latency constraints are no longer met.
>>>
>>> Are you concerned about any type of page fault, or are things like a
>>> simple remapping of the same page from "read-only to writable"
>>> acceptable? ("very minor fault")
>>
>> Any page fault has to be avoided.
>> To give you more background, the real time application runs on Xenomai,
>> a real time extension for Linux.
>> Xenomai applies already many tweaks to the kernel to trigger pre-faulting of
>> memory areas. But sometimes the application does not use the Xenomai API
>> correctly or there is an bug in Xenomai it self.
>> Currently I'm suspecting the latter.
>>
>
> Thanks for the details!
>
>>>>
>>>> So, I wrote a small tool to inspect the memory mappings of a process to find
>>>> areas which are not correctly pre-faulted. While doing so I noticed that
>>>> there is currently no way to detect CoW mappings.
>>>> Exposing the writable property of a PTE seemed like a good start to me.
>>>
>>> Is it just about "detection" for debugging purposes or about "fixup" in
>>> running applications?
>>
>> It's only about debugging. If an application fails a test I want to have
>> a tool which tells me what memory mappings are wonky or could cause a fault
>> at runtime.
>
> One destructive way to find out in a writable mapping if the page would
> actually get remapped:
>
> a) Read the PFN of a virtual address using pagemap
> b) Write to the virtual address using /proc/pid/mem
> c) Read the PFN of a virtual address using pagemap to see if it changed
>
> If the application can be paused, you could read+write a single byte,
> turning it non-destructive.
>
> But that would still "hide" the remap-writable-type faults.
>
>>
>> I fully understand that my use case is a corner case and anything but mainline.
>> While developing my debug tool I thought that improving the pagemap interface
>> might help others too.
>
> I'm fine with this (can be a helpful debugging tool for some other cases
> as well, and IIRC we don't have another interface to introspect this),
> as long as we properly document the corner case that there could still
> be writefaults on some architectures when the page would not be
> accessed/dirty yet.
>
[and I just recall, there are some other corner cases. For example,
pages in a shadow stack can be pte_write(), but they can only be written
by HW indirectly when modifying the stack, and ordinary write access
would still fault]
--
Cheers,
David / dhildenb
Powered by blists - more mailing lists