| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZqLUjQb2BjedihOx@x1n>
Date: Thu, 25 Jul 2024 18:41:17 -0400
From: Peter Xu <peterx@...hat.com>
To: James Houghton <jthoughton@...gle.com>
Cc: linux-mm@...ck.org, linux-kernel@...r.kernel.org,
Dave Jiang <dave.jiang@...el.com>, Rik van Riel <riel@...riel.com>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Michael Ellerman <mpe@...erman.id.au>,
linuxppc-dev@...ts.ozlabs.org, Matthew Wilcox <willy@...radead.org>,
Rick P Edgecombe <rick.p.edgecombe@...el.com>,
Oscar Salvador <osalvador@...e.de>,
Mel Gorman <mgorman@...hsingularity.net>,
Andrew Morton <akpm@...ux-foundation.org>,
Borislav Petkov <bp@...en8.de>,
Christophe Leroy <christophe.leroy@...roup.eu>,
Huang Ying <ying.huang@...el.com>,
"Kirill A . Shutemov" <kirill@...temov.name>,
"Aneesh Kumar K . V" <aneesh.kumar@...ux.ibm.com>,
Dan Williams <dan.j.williams@...el.com>,
Thomas Gleixner <tglx@...utronix.de>,
Hugh Dickins <hughd@...gle.com>, x86@...nel.org,
Nicholas Piggin <npiggin@...il.com>,
Vlastimil Babka <vbabka@...e.cz>, Ingo Molnar <mingo@...hat.com>
Subject: Re: [PATCH v3 8/8] mm/mprotect: fix dax pud handlings
On Thu, Jul 25, 2024 at 11:29:49AM -0700, James Houghton wrote:
> > - pages += change_pmd_range(tlb, vma, pud, addr, next, newprot,
> > +
> > + if (pud_leaf(pud)) {
> > + if ((next - addr != PUD_SIZE) ||
> > + pgtable_split_needed(vma, cp_flags)) {
> > + __split_huge_pud(vma, pudp, addr);
> > + goto again;
>
> IIUC, most of the time, we're just going to end up clearing the PUD in
> this case. __split_huge_pud() will just clear it, then we goto again
> and `continue` to the next pudp. Is that ok?
>
> (I think it's ok as long as: you never map an anonymous page with a
> PUD,
I think this is true.
> and that uffd-wp is not usable with non-hugetlb PUD mappings of
> user memory (which I think is only DAX?).
Uffd-wp has the async mode that can even work with dax puds.. even though I
don't think anyone should be using it. Just like I'm more sure that nobody
is using mprotect() too with dax pud, and it further justifies why nobody
cared this much..
What uffd-wp would do in this case is it'll make pgtable_split_needed()
returns true on this PUD, the PUD got wiped out, goto again, then
change_prepare() will populate this pud with a pgtable page. Then it goes
downwards, install PMD pgtable, then probably start installing pte markers
ultimately if it's a wr-protect operation.
> So it seems ok today...?)
Yes I think it's ok so far, unless you think it's not. :)
>
> Also, does the comment in pgtable_split_needed() need updating?
/*
* Return true if we want to split THPs into PTE mappings in change
* protection procedure, false otherwise.
*/
It looks to me it's ok for now to me? THP can represents PUD in dax, and we
indeed want to break THPs (no matter PUD/PMD) finally into PTE mappings.
>
> Somewhat related question: change_huge_pmd() is very careful not to
> clear the PMD before writing the new value. Yet change_pmd_range(),
> when it calls into __split_huge_pmd(), will totally clear the PMD and
> then populate the PTEs underneath (in some cases at least), seemingly
> reintroducing the MADV_DONTNEED concern. But your PUD version, because
> it never re-populates the PUD (or PMDs/PTEs underneath) does not have
> this issue. WDYT?
Could you elaborate more on the DONTNEED issue you're mentioning here?
>
> Thanks for this series!
Thanks for reviewing it, James.
--
Peter Xu
Powered by blists - more mailing lists