| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <48d1282c-e4db-4b55-ab3f-3344af2440c4@redhat.com>
Date: Thu, 21 Mar 2024 23:29:45 +0100
From: David Hildenbrand <david@...hat.com>
To: Peter Xu <peterx@...hat.com>
Cc: linux-kernel@...r.kernel.org, linux-mm@...ck.org,
Christian Borntraeger <borntraeger@...ux.ibm.com>,
Janosch Frank <frankja@...ux.ibm.com>,
Claudio Imbrenda <imbrenda@...ux.ibm.com>, Heiko Carstens
<hca@...ux.ibm.com>, Vasily Gorbik <gor@...ux.ibm.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Alexander Gordeev <agordeev@...ux.ibm.com>,
Sven Schnelle <svens@...ux.ibm.com>,
Gerald Schaefer <gerald.schaefer@...ux.ibm.com>,
Andrea Arcangeli <aarcange@...hat.com>, kvm@...r.kernel.org,
linux-s390@...r.kernel.org
Subject: Re: [PATCH v1 1/2] mm/userfaultfd: don't place zeropages when
zeropages are disallowed
On 21.03.24 23:20, Peter Xu wrote:
> On Thu, Mar 21, 2024 at 10:59:53PM +0100, David Hildenbrand wrote:
>> s390x must disable shared zeropages for processes running VMs, because
>> the VMs could end up making use of "storage keys" or protected
>> virtualization, which are incompatible with shared zeropages.
>>
>> Yet, with userfaultfd it is possible to insert shared zeropages into
>> such processes. Let's fallback to simply allocating a fresh zeroed
>> anonymous folio and insert that instead.
>>
>> mm_forbids_zeropage() was introduced in commit 593befa6ab74 ("mm: introduce
>> mm_forbids_zeropage function"), briefly before userfaultfd went
>> upstream.
>>
>> Note that we don't want to fail the UFFDIO_ZEROPAGE request like we do
>> for hugetlb, it would be rather unexpected. Further, we also
>> cannot really indicated "not supported" to user space ahead of time: it
>> could be that the MM disallows zeropages after userfaultfd was already
>> registered.
>>
>> Fixes: c1a4de99fada ("userfaultfd: mcopy_atomic|mfill_zeropage: UFFDIO_COPY|UFFDIO_ZEROPAGE preparation")
>> Signed-off-by: David Hildenbrand <david@...hat.com>
>
> Reviewed-by: Peter Xu <peterx@...hat.com>
>
> Still, a few comments below.
>
>> ---
>> mm/userfaultfd.c | 35 +++++++++++++++++++++++++++++++++++
>> 1 file changed, 35 insertions(+)
>>
>> diff --git a/mm/userfaultfd.c b/mm/userfaultfd.c
>> index 712160cd41eca..1d1061ccd1dea 100644
>> --- a/mm/userfaultfd.c
>> +++ b/mm/userfaultfd.c
>> @@ -316,6 +316,38 @@ static int mfill_atomic_pte_copy(pmd_t *dst_pmd,
>> goto out;
>> }
>>
>> +static int mfill_atomic_pte_zeroed_folio(pmd_t *dst_pmd,
>> + struct vm_area_struct *dst_vma, unsigned long dst_addr)
>> +{
>> + struct folio *folio;
>> + int ret;
>
> nitpick: we can set -ENOMEM here, then
>
>> +
>> + folio = vma_alloc_zeroed_movable_folio(dst_vma, dst_addr);
>> + if (!folio)
>> + return -ENOMEM;
>
> return ret;
>
>> +
>> + ret = -ENOMEM;
>
> drop.
Sure!
>
>> + if (mem_cgroup_charge(folio, dst_vma->vm_mm, GFP_KERNEL))
>> + goto out_put;
>> +
>> + /*
>> + * The memory barrier inside __folio_mark_uptodate makes sure that
>> + * preceding stores to the page contents become visible before
>> + * the set_pte_at() write.
>> + */
>
> This comment doesn't apply. We can drop it.
>
I thought the same until I spotted that comment (where uffd originally
copied this from I strongly assume) in do_anonymous_page().
"Preceding stores" here are: zeroing out the memory.
Thanks for the fast review!
--
Cheers,
David / dhildenb
Powered by blists - more mailing lists