lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <f8e0faafbb56e8ab748cf14c314497501d375529.camel@physik.fu-berlin.de>
Date: Fri, 06 Sep 2024 08:19:17 +0200
From: John Paul Adrian Glaubitz <glaubitz@...sik.fu-berlin.de>
To: Charlie Jenkins <charlie@...osinc.com>, Arnd Bergmann <arnd@...db.de>, 
 Richard Henderson <richard.henderson@...aro.org>, Ivan Kokshaysky
 <ink@...assic.park.msu.ru>, Matt Turner <mattst88@...il.com>, Vineet Gupta
 <vgupta@...nel.org>, Russell King <linux@...linux.org.uk>, Guo Ren
 <guoren@...nel.org>, Huacai Chen <chenhuacai@...nel.org>, WANG Xuerui
 <kernel@...0n.name>, Thomas Bogendoerfer <tsbogend@...ha.franken.de>,
 "James E.J. Bottomley" <James.Bottomley@...senPartnership.com>, Helge
 Deller <deller@....de>,  Michael Ellerman <mpe@...erman.id.au>, Nicholas
 Piggin <npiggin@...il.com>, Christophe Leroy <christophe.leroy@...roup.eu>,
 Naveen N Rao <naveen@...nel.org>, Alexander Gordeev
 <agordeev@...ux.ibm.com>, Gerald Schaefer <gerald.schaefer@...ux.ibm.com>,
 Heiko Carstens <hca@...ux.ibm.com>, Vasily Gorbik <gor@...ux.ibm.com>,
 Christian Borntraeger <borntraeger@...ux.ibm.com>, Sven Schnelle
 <svens@...ux.ibm.com>, Yoshinori Sato <ysato@...rs.sourceforge.jp>, Rich
 Felker <dalias@...c.org>, "David S. Miller" <davem@...emloft.net>, Andreas
 Larsson <andreas@...sler.com>, Thomas Gleixner <tglx@...utronix.de>, Ingo
 Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>, Dave Hansen
 <dave.hansen@...ux.intel.com>, x86@...nel.org, "H. Peter Anvin"
 <hpa@...or.com>, Andy Lutomirski <luto@...nel.org>, Peter Zijlstra
 <peterz@...radead.org>, Muchun Song <muchun.song@...ux.dev>, Andrew Morton
 <akpm@...ux-foundation.org>, "Liam R. Howlett" <Liam.Howlett@...cle.com>, 
 Vlastimil Babka <vbabka@...e.cz>, Lorenzo Stoakes
 <lorenzo.stoakes@...cle.com>, Shuah Khan <shuah@...nel.org>, Christoph
 Hellwig <hch@...radead.org>, Michal Hocko <mhocko@...e.com>, "Kirill A.
 Shutemov" <kirill@...temov.name>, Chris Torek <chris.torek@...il.com>
Cc: linux-arch@...r.kernel.org, linux-kernel@...r.kernel.org, 
 linux-alpha@...r.kernel.org, linux-snps-arc@...ts.infradead.org, 
 linux-arm-kernel@...ts.infradead.org, linux-csky@...r.kernel.org, 
 loongarch@...ts.linux.dev, linux-mips@...r.kernel.org, 
 linux-parisc@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org, 
 linux-s390@...r.kernel.org, linux-sh@...r.kernel.org,
 sparclinux@...r.kernel.org,  linux-mm@...ck.org,
 linux-kselftest@...r.kernel.org,  linux-abi-devel@...ts.sourceforge.net
Subject: Re: [PATCH RFC v3 0/2] mm: Introduce ADDR_LIMIT_47BIT personality
 flag

Hi Charlie,

On Thu, 2024-09-05 at 14:15 -0700, Charlie Jenkins wrote:
> Some applications rely on placing data in free bits addresses allocated
> by mmap. Various architectures (eg. x86, arm64, powerpc) restrict the
> address returned by mmap to be less than the 48-bit address space,
> unless the hint address uses more than 47 bits (the 48th bit is reserved
> for the kernel address space).
> 
> The riscv architecture needs a way to similarly restrict the virtual
> address space. On the riscv port of OpenJDK an error is thrown if
> attempted to run on the 57-bit address space, called sv57 [1].  golang
> has a comment that sv57 support is not complete, but there are some
> workarounds to get it to mostly work [2].
> 
> These applications work on x86 because x86 does an implicit 47-bit
> restriction of mmap() address that contain a hint address that is less
> than 48 bits.
> 
> Instead of implicitly restricting the address space on riscv (or any
> current/future architecture), provide a flag to the personality syscall
> that can be used to ensure an application works in any arbitrary VA
> space. A similar feature has already been implemented by the personality
> syscall in ADDR_LIMIT_32BIT.
> 
> This flag will also allow seemless compatibility between all
> architectures, so applications like Go and OpenJDK that use bits in a
> virtual address can request the exact number of bits they need in a
> generic way. The flag can be checked inside of vm_unmapped_area() so
> that this flag does not have to be handled individually by each
> architecture. 
> 
> Link:
> https://github.com/openjdk/jdk/blob/f080b4bb8a75284db1b6037f8c00ef3b1ef1add1/src/hotspot/cpu/riscv/vm_version_riscv.cpp#L79
> [1]
> Link:
> https://github.com/golang/go/blob/9e8ea567c838574a0f14538c0bbbd83c3215aa55/src/runtime/tagptr_64bit.go#L47
> [2]
> 
> To: Arnd Bergmann <arnd@...db.de>
> To: Richard Henderson <richard.henderson@...aro.org>
> To: Ivan Kokshaysky <ink@...assic.park.msu.ru>
> To: Matt Turner <mattst88@...il.com>
> To: Vineet Gupta <vgupta@...nel.org>
> To: Russell King <linux@...linux.org.uk>
> To: Guo Ren <guoren@...nel.org>
> To: Huacai Chen <chenhuacai@...nel.org>
> To: WANG Xuerui <kernel@...0n.name>
> To: Thomas Bogendoerfer <tsbogend@...ha.franken.de>
> To: James E.J. Bottomley <James.Bottomley@...senPartnership.com>
> To: Helge Deller <deller@....de>
> To: Michael Ellerman <mpe@...erman.id.au>
> To: Nicholas Piggin <npiggin@...il.com>
> To: Christophe Leroy <christophe.leroy@...roup.eu>
> To: Naveen N Rao <naveen@...nel.org>
> To: Alexander Gordeev <agordeev@...ux.ibm.com>
> To: Gerald Schaefer <gerald.schaefer@...ux.ibm.com>
> To: Heiko Carstens <hca@...ux.ibm.com>
> To: Vasily Gorbik <gor@...ux.ibm.com>
> To: Christian Borntraeger <borntraeger@...ux.ibm.com>
> To: Sven Schnelle <svens@...ux.ibm.com>
> To: Yoshinori Sato <ysato@...rs.sourceforge.jp>
> To: Rich Felker <dalias@...c.org>
> To: John Paul Adrian Glaubitz <glaubitz@...sik.fu-berlin.de>
> To: David S. Miller <davem@...emloft.net>
> To: Andreas Larsson <andreas@...sler.com>
> To: Thomas Gleixner <tglx@...utronix.de>
> To: Ingo Molnar <mingo@...hat.com>
> To: Borislav Petkov <bp@...en8.de>
> To: Dave Hansen <dave.hansen@...ux.intel.com>
> To: x86@...nel.org
> To: H. Peter Anvin <hpa@...or.com>
> To: Andy Lutomirski <luto@...nel.org>
> To: Peter Zijlstra <peterz@...radead.org>
> To: Muchun Song <muchun.song@...ux.dev>
> To: Andrew Morton <akpm@...ux-foundation.org>
> To: Liam R. Howlett <Liam.Howlett@...cle.com>
> To: Vlastimil Babka <vbabka@...e.cz>
> To: Lorenzo Stoakes <lorenzo.stoakes@...cle.com>
> To: Shuah Khan <shuah@...nel.org>
> To: Christoph Hellwig <hch@...radead.org>
> To: Michal Hocko <mhocko@...e.com>
> To: "Kirill A. Shutemov" <kirill@...temov.name>
> To: Chris Torek <chris.torek@...il.com>
> Cc: linux-arch@...r.kernel.org
> Cc: linux-kernel@...r.kernel.org
> Cc: linux-alpha@...r.kernel.org
> Cc: linux-snps-arc@...ts.infradead.org
> Cc: linux-arm-kernel@...ts.infradead.org
> Cc: linux-csky@...r.kernel.org
> Cc: loongarch@...ts.linux.dev
> Cc: linux-mips@...r.kernel.org
> Cc: linux-parisc@...r.kernel.org
> Cc: linuxppc-dev@...ts.ozlabs.org
> Cc: linux-s390@...r.kernel.org
> Cc: linux-sh@...r.kernel.org
> Cc: sparclinux@...r.kernel.org
> Cc: linux-mm@...ck.org
> Cc: linux-kselftest@...r.kernel.org
> Cc: linux-abi-devel@...ts.sourceforge.net
> Signed-off-by: Charlie Jenkins <charlie@...osinc.com>
> 
> Changes in v2:
> - Added much greater detail to cover letter
> - Removed all code that touched architecture specific code and was able
>   to factor this out into all generic functions, except for flags that
>   needed to be added to vm_unmapped_area_info
> - Made this an RFC since I have only tested it on riscv and x86
> - Link to v1: https://lore.kernel.org/r/20240827-patches-below_hint_mmap-v1-0-46ff2eb9022d@rivosinc.com
> 
> Changes in v3:
> - Use a personality flag instead of an mmap flag
> - Link to v2: https://lore.kernel.org/r/20240829-patches-below_hint_mmap-v2-0-638a28d9eae0@rivosinc.com
> 
> ---
> Charlie Jenkins (2):
>       mm: Add personality flag to limit address to 47 bits
>       selftests/mm: Create ADDR_LIMIT_47BIT test
> 
>  include/uapi/linux/personality.h                   |  1 +
>  mm/mmap.c                                          |  3 ++
>  tools/testing/selftests/mm/.gitignore              |  1 +
>  tools/testing/selftests/mm/Makefile                |  1 +
>  tools/testing/selftests/mm/map_47bit_personality.c | 34 ++++++++++++++++++++++
>  5 files changed, 40 insertions(+)
> ---
> base-commit: 5be63fc19fcaa4c236b307420483578a56986a37
> change-id: 20240827-patches-below_hint_mmap-b13d79ae1c55

Wow, this issue has been plaguing SPARC users for years already as the architecture
uses a 52-bit virtual address space and Javascript engines such as the one in Firefox
or Webkit have been crashing ever since.

I should definitely give this series a try and see if that fixes Javascript crashes
on SPARC.

Thanks a lot for addressing this nasty long-standing problem!

Adrian

-- 
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer
`. `'   Physicist
  `-    GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ