lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Zsz2gGgORfeVkVfG@bombadil.infradead.org>
Date: Mon, 26 Aug 2024 14:41:20 -0700
From: Luis Chamberlain <mcgrof@...nel.org>
To: "Darrick J. Wong" <djwong@...nel.org>
Cc: Christophe Leroy <christophe.leroy@...roup.eu>,
	Mike Rapoport <rppt@...nel.org>, Song Liu <song@...nel.org>,
	Arnd Bergmann <arnd@...db.de>,
	"Pankaj Raghav (Samsung)" <kernel@...kajraghav.com>,
	Stephen Rothwell <sfr@...b.auug.org.au>,
	Christian Brauner <brauner@...nel.org>,
	Pankaj Raghav <p.raghav@...sung.com>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Linux Next Mailing List <linux-next@...r.kernel.org>,
	ritesh.list@...il.com, linuxppc-dev@...ts.ozlabs.org
Subject: Re: linux-next: boot warning after merge of the vfs-brauner tree

On Mon, Aug 26, 2024 at 02:10:49PM -0700, Darrick J. Wong wrote:
> On Mon, Aug 26, 2024 at 01:52:54PM -0700, Luis Chamberlain wrote:
> > On Mon, Aug 26, 2024 at 07:43:20PM +0200, Christophe Leroy wrote:
> > > 
> > > 
> > > Le 26/08/2024 à 17:48, Pankaj Raghav (Samsung) a écrit :
> > > > On Mon, Aug 26, 2024 at 05:59:31PM +1000, Stephen Rothwell wrote:
> > > > > Hi all,
> > > > > 
> > > > > After merging the vfs-brauner tree, today's linux-next boot test (powerpc
> > > > > pseries_le_defconfig) produced this warning:
> > > > 
> > > > iomap dio calls set_memory_ro() on the page that is used for sub block
> > > > zeroing.
> > > > 
> > > > But looking at powerpc code, they don't support set_memory_ro() for
> > > > memory region that belongs to the kernel(LINEAR_MAP_REGION_ID).
> > > > 
> > > > /*
> > > >   * On hash, the linear mapping is not in the Linux page table so
> > > >   * apply_to_existing_page_range() will have no effect. If in the future
> > > >   * the set_memory_* functions are used on the linear map this will need
> > > >   * to be updated.
> > > >   */
> > > > if (!radix_enabled()) {
> > > >          int region = get_region_id(addr);
> > > > 
> > > >          if (WARN_ON_ONCE(region != VMALLOC_REGION_ID && region != IO_REGION_ID))
> > > >                  return -EINVAL;
> > > > }
> > > > 
> > > > We call set_memory_ro() on the zero page as a extra security measure.
> > > > I don't know much about powerpc, but looking at the comment, is it just
> > > > adding the following to support it in powerpc:
> > > > 
> > > > diff --git a/arch/powerpc/mm/pageattr.c b/arch/powerpc/mm/pageattr.c
> > > > index ac22bf28086fa..e6e0b40ba6db4 100644
> > > > --- a/arch/powerpc/mm/pageattr.c
> > > > +++ b/arch/powerpc/mm/pageattr.c
> > > > @@ -94,7 +94,9 @@ int change_memory_attr(unsigned long addr, int numpages, long action)
> > > >          if (!radix_enabled()) {
> > > >                  int region = get_region_id(addr);
> > > > -               if (WARN_ON_ONCE(region != VMALLOC_REGION_ID && region != IO_REGION_ID))
> > > > +               if (WARN_ON_ONCE(region != VMALLOC_REGION_ID &&
> > > > +                                region != IO_REGION_ID &&
> > > > +                                region != LINEAR_MAP_REGION_ID))
> > > >                          return -EINVAL;
> > > >          }
> > > >   #endif
> > > 
> > > By doing this you will just hide the fact that it didn't work.
> > > 
> > > See commit 1f9ad21c3b38 ("powerpc/mm: Implement set_memory() routines") for
> > > details. The linear memory region is not mapped using page tables so
> > > set_memory_ro() will have no effect on it.
> > > 
> > > You can either use vmalloc'ed pages, or do a const static allocation at
> > > buildtime so that it will be allocated in the kernel static rodata area.
> > > 
> > > By the way, your code should check the value returned by set_memory_ro(),
> > > there is some work in progress to make it mandatory, see
> > > https://github.com/KSPP/linux/issues/7
> > 
> > Our users expect contiguous memory [0] and so we use alloc_pages() here,
> > so if we're architecture limitted by this I'd rather we just remove the
> > set_memory_ro() only for PPC, I don't see why other have to skip this.
> 
> Just drop it, then.

OK sent a patch for that.

  Luis

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ